1. Information We Collect
We collect only the minimum information necessary to provide the fax transmission service. This includes:
• Recipient fax number: the number you enter for fax delivery
• Document: the file you upload for transmission
• IP address: collected automatically from the network request for security and fraud prevention
• Geographic location: your approximate country, determined from network headers, used for service analytics and fraud detection
• Email address: used to send delivery confirmation and proof of receipt
• Payment details: processed by our third-party payment provider, Square AU Pty Ltd (ABN 38 167 106 176)
We do not require you to create a user account or provide government-issued identification. We do not knowingly collect information from children under the age of 16.
2. How We Use Your Information
Your information is used to transmit your fax, process your payment, confirm delivery, and maintain the security and reliability of our service. We do not use your data for marketing, profiling, or any unrelated purpose.
3. Legal Basis for Processing
In Australia, we handle personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), to the extent applicable. For individuals in the European Union and EEA, we process personal data under the following legal bases as defined by Article 6 of the General Data Protection Regulation (GDPR):
• Contract performance (Art. 6(1)(b)). Processing necessary to deliver the fax transmission service you requested and to process your payment
• Legitimate interest (Art. 6(1)(f)). Collecting IP addresses and geographic location data for fraud prevention, security monitoring, and service reliability
• Consent (Art. 6(1)(a)). Analytics cookies for visitors in the European Union are activated only after affirmative consent is provided through our cookie banner
Where we rely on legitimate interest, we have assessed that our interests do not override your fundamental rights and freedoms. You may object to processing based on legitimate interest at any time by contacting us at support@unofax.com.
4. Document Handling
Uploaded documents are encrypted during transfer and stored temporarily on secure servers. All documents are automatically and permanently deleted 7 days after transmission. Your documents are processed automatically by our systems for the sole purpose of conversion and transmission, and shared with GoFax Pty Ltd to complete the fax delivery. No human at unofax reads, reviews, or manually accesses the content of your documents unless required by law or legal process.
5. Cover Sheet Data
unofax offers an optional cover sheet feature that allows you to enter sender details, recipient details, a subject line, and a message. This information is not stored in any database as structured data. It is used to render the cover sheet page that is prepended to your fax document at the time of transmission.
Once the cover sheet has been generated and merged into the final transmitted document, the individual field values you entered are discarded. Your cover sheet information persists as part of the transmitted document file stored on our servers, and is subject to the same automatic deletion policy described in Section 4 above (deleted 7 days after transmission).
6. Payment Data
Card payment processing is handled by Square AU Pty Ltd. unofax does not store your credit card numbers, CVV, or any sensitive payment credentials. All payment data is processed in accordance with PCI DSS standards.
7. Analytics
We use Google Analytics, a service provided by Google Australia Pty Ltd (ABN 33 102 417 032), to collect pseudonymised, aggregated usage data such as pages visited, time on site, and approximate geographic region. We also track pseudonymised interaction events. Such as file uploads, fax submissions, preview views, and FAQ interactions. To understand how the service is used and to identify areas for improvement. IP addresses are not stored in identifiable form. You may opt out by installing the Google Analytics Opt-out Browser Add-on. For details on how analytics cookies work and how to manage your consent, see our Cookie Policy.
8. Local Storage
We use your browser's local storage to save your language preference, theme setting (light or dark mode), fax sending history, and a payment session marker that prevents duplicate charges. This data is stored only on your device and is never transmitted to our servers. You can clear this data at any time from the home page or through your browser settings.
9. Data Sharing
We do not sell, rent, or share your personal information with third parties. Data is shared only with the third-party service providers listed in Section 10 below, as strictly required to deliver the service.
Your data is processed and stored in Australia on servers hosted by Amazon Web Services in the Sydney region. International transfers of data to Australia are supported by standard contractual clauses where required by applicable law. Where standard contractual clauses do not apply, such transfers are necessary for the performance of the service you have requested (GDPR Art. 49(1)(b)).
10. Third-Party Service Providers
Due to the nature of operating a fax transmission service, certain information must be shared with third-party providers to complete your transaction. We use the following service providers to deliver the Service:
• Amazon Web Services (AWS) (acting as a data processor under our instructions). Our infrastructure is hosted in the AWS Sydney region (ap-southeast-2). All data collected by unofax, including uploaded documents, transaction metadata, IP addresses, and geographic location. Is stored and processed on encrypted AWS servers within Australia. AWS is ISO 27001 and SOC 1/2/3 certified. For more information, see the AWS Privacy Notice.
• GoFax Pty Ltd (ABN 24 092 744 571) (acting as a data processor under our instructions). An Australian-owned fax gateway provider used to transmit your fax documents. GoFax is ISO 27001 certified and HIPAA compliant. To complete the fax transmission, we share your document content, recipient fax number, and sender identification (your email address) with GoFax. GoFax may also receive metadata such as transmission status, timestamps, and page count as part of the delivery process. For more information, see the GoFax Terms & Conditions, GoFax Privacy Policy, and GoFax Security & Compliance page.
• Google Australia Pty Ltd (ABN 33 102 417 032) (acting as an independent data controller for its own purposes). Our analytics provider. For details on what data is collected and how to opt out, see Section 7 (Analytics) above.
• Square AU Pty Ltd (ABN 38 167 106 176) (acting as a data processor under our instructions). Our payment processor. Your payment card details and billing information are handled by Square. See Section 6 (Payment Data) above for details.
11. Data Retention
Document content, including any cover sheet data merged into the transmitted document. Is automatically and permanently deleted 7 days after transmission. Transaction metadata, including fax number, timestamp, delivery status, cost, IP address, and geographic location. Is retained for up to 100 days after transmission to support billing dispute resolution and service reliability purposes, after which it is permanently deleted.
12. Your Rights
You may request deletion of any data associated with your transactions by contacting us at support@unofax.com. As we collect minimal data and do not require accounts, most information is automatically deleted as described above.
Additional rights for residents of the European Union and EEA:
Under the General Data Protection Regulation (GDPR), you have the right to:
• Access: request a copy of the personal data we hold about you
• Rectification: request correction of any inaccurate data
• Erasure: request deletion of your personal data (“right to be forgotten”)
• Restriction: request that we limit how we process your data
• Data portability: request your data in a structured, machine-readable format
• Object: object to the processing of your data for specific purposes
• Lodge a complaint: lodge a complaint with a data protection supervisory authority in the EU Member State of your habitual residence, place of work, or place of the alleged infringement
To exercise any of these rights, please send an email to support@unofax.com with the subject line “GDPR Data Request” and include the following information so we can locate your records:
• The approximate date and time of your transaction
• The recipient fax number used
• Your email address
We will respond to all verified requests within 30 days. If we require additional time, we will notify you of the reason and the expected timeframe. There is no charge for exercising these rights.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of the Service after changes constitutes acceptance of the updated policy.
14. Contact
The data controller responsible for your personal information is AWS, CYY & Co. Pty Ltd (ACN 686 116 245) as Trustee for Mumu, Lulu & Co. (ABN 54 837 123 965), trading as unofax, located in Melbourne, Victoria, Australia.
If you have questions about this Privacy Policy, please contact us at support@unofax.com.
This Privacy Policy is drafted in English. In the event of any conflict between a translated version and the English version, the English version shall prevail.