Your data, your call.

The School of Play Pty Ltd, trading as The Better Us Project, is an Australian company. BetterUs Workplace is one of four products in The Better Us Project ecosystem (alongside Schools, Families and Children apps). We're the data controller for everything described in this policy.

Contact: hello@thebetterusproject.com

Account data — your name, work email, your workspace name and join code.

Wellbeing signal — daily check-ins (mood, free- text reflections), recognitions sent and received, sparks earned, streak history, badges, the pillars you log activity in.

Usage telemetry — pages opened, features used, app open times, device/OS for compatibility. We do not run a third-party analytics SDK. We do not run advertising trackers.

Billing — handled by Stripe. We see plan, status, invoice ID. We never see your card details.

• Your individual mood readings — your manager only ever sees workspace aggregates.
• Free-text reflections — only you see them. They're encrypted at rest.
• Anonymous feedback content — admins see only the message, never who sent it.
• Location, contacts, microphone, camera. None of it.
• Health data outside what you voluntarily share in a check-in.

Just you — your individual mood, your free-text reflections, your wrap-up notes, your trust-lab journals, your dream-goal contents.

Your pack lead / admin — workspace-level aggregates: average mood across the whole pack, trust score, culture signals, total recognitions, total sparks. Admins see identifiable info only when you explicitly send a recognition, earn a public badge, or post in a moment.

Other packmates — only what you publish to them (recognitions, moments, public reactions).

Us — engineering staff have access to logs and support data only when needed to fix a bug or respond to a help request. Access is logged.

Application data is stored in Australia and the United States via our hosting providers (Vercel, Replit, Firebase). Stripe holds billing records on its own infrastructure.

Data in transit is TLS-encrypted. Data at rest is AES-256 encrypted at the storage layer. Free-text reflection content is additionally encrypted at the application layer.

You can, at any time:

• Export everything we have on you — CSV or JSON, from your profile page. One click. Includes check-ins, recognitions, sparks, badges, the lot.
• Deleteyour account and all associated data. Requests are processed within 24 hours; backups are purged within 30 days; we email you a confirmation when it's done.
• Correct any inaccuracy in your account profile, directly in-app.
• Objectto specific processing — email us and we'll work it out.
• Lodge a complaint with the Office of the Australian Information Commissioner (oaic.gov.au) or your local data protection authority if you're in the EU/UK.

While your account is active, we keep your data so the product works. After you delete your account, we erase identifiable data within 30 days. Aggregated, fully anonymised stats (e.g. “average mood across all workspaces”) may be retained indefinitely for product research — this contains nothing traceable to a person.

Billing records are kept for 7 years to satisfy Australian tax law.

• Vercel — application hosting (US/EU regions).
• Replit — backend API hosting.
• Firebase (Google) — real-time multiplayer infrastructure for live team games.
• Stripe — billing and subscription management.
• Resend — transactional email delivery.

We'll update this list before adding any new subprocessor. For Enterprise customers we provide a Data Processing Agreement (DPA) covering all of the above — request a DPA.

We use a small number of essential cookies — for keeping you signed in, remembering your dark-mode preference, and keeping your session secure. We don't set advertising or third-party analytics cookies. Stripe sets its own cookies during checkout for fraud prevention (their privacy policy applies on checkout pages).

BetterUs Workplace is for adults at work. It's not intended for under-16s. The Better Us Project Children app is built separately under stricter rules and isn't part of this policy.

We'll email all admin users at least 30 days before any material change. Routine clarifications get a “Last updated” bump above and a note at the bottom.

Questions? Concerns? Want to talk through how we handle a specific scenario in your workspace? We answer every email ourselves — hello@thebetterusproject.com.