FuelOracle is a self-hosted Australian fuel planning application. This policy describes how we collect, use, and protect personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
When you register an account we collect your email address and a display name. Your display name is encrypted at rest encrypted. Your email address is stored in plaintext as it is required for login lookups and account communications.
If you choose to save a home address, the address text and GPS coordinates are stored encrypted. This is entirely optional and is used only to pre-fill your trip start and end points. You can delete it at any time.
Vehicle details you create - including name, fuel type, tank size, fuel economy, and cruise speed - are stored to perform route planning calculations.
Trips you create - including title, waypoints, GPS coordinates, dates, notes, and fuel stop details - are stored to provide the planning service. Trip data is not shared with any third party.
If you mark a fuel stop as completed, the actual price paid, litres filled, and optionally your odometer reading are stored to track trip costs and fuel economy over time.
If you share a trip via a public link, view counts are recorded against the share. Viewer IP addresses are stored only as a one-way hash and cannot be used to identify individuals. Email addresses you enter to send share link invitations are used once to deliver the email and are not retained.
If you register a passkey, only the WebAuthn public credential is stored. Your private key never leaves your device.
When you sign in, the IP address of the login attempt is recorded. If IP geolocation is enabled on the server, the IP address is used to derive an approximate city and country for display in your account activity log and to detect anomalous login patterns (for example, logins from two locations that are physically impossible within the time between them).
The IP address and any derived location data are automatically deleted after 7 days. No IP address data is transmitted to any external service - geolocation is performed entirely on our own infrastructure using a locally stored database.
When you log in, a session cookie named refresh_token is set. It is
HTTP-only, Secure, and scoped to the /api/auth path. It contains a
cryptographic token (not your password or any personal data), expires after 7 days,
and is deleted when you log out. It is used solely to maintain your login session.
Standard web server access logs may record IP addresses, request paths, and timestamps for operational and security purposes. Logs are retained for up to 90 days.
| Data | Purpose |
|---|---|
| Email, password hash | Account authentication and account-related communications (verification, password reset) |
| Display name, avatar | Displayed within the app and to users you share trips with |
| Home location | Optional convenience - pre-fills trip start and end |
| Vehicle profiles | Fuel consumption and range calculations for trip planning |
| Trip data, waypoints, fuel stops | Core planning service - route optimisation and cost estimation |
| Actual fill records | Trip cost tracking and fuel economy monitoring |
| Login IP and location | Account security - detecting suspicious or anomalous login patterns |
| Session cookie | Maintaining your authenticated session between page loads |
| Server logs | Operational monitoring, debugging, and security incident investigation |
| Data | Retention |
|---|---|
| Account data (email, name, preferences, vehicles) | Retained until you delete your account. On deletion, all personal data is permanently removed. |
| Trip data, fuel stops, completions | Retained until you delete the trip or your account. |
| Login IP addresses and location | 7 days - automatically purged daily. |
| Session cookie (refresh_token) | 7 days from last login, or until you log out. |
| Server access logs | Up to 90 days. |
| Route and geocoding cache (server-side) | 7–30 days depending on data type. Cache entries contain no personally identifiable information. |
| Invite tokens (used) | Anonymised after use - the inviter's identity is retained but recipient information is removed. |
We do not sell or share your personal information. The following third-party services receive data as part of delivering the app's functionality. All requests are made server-side - no third-party scripts run in your browser other than Google Fonts.
Route calculations may be performed using a third-party routing API. For routing requests, trip waypoint coordinates (GPS coordinates, not personal details) are transmitted to the routing service. Results are cached server-side to minimise repeat transmissions.
When you search for a location or waypoint, your search query and any resulting coordinates may be transmitted to a third-party geocoding API. Search queries are processed on our servers before being forwarded - no identifying account information is included in geocoding requests. Results are cached server-side.
Station names, phone numbers, and trading hours may be enriched using a third-party places API. Only fuel station GPS coordinates are transmitted - no user data.
To improve fuel consumption estimates, route elevation and wind data may be fetched from external weather and mapping services. Only route coordinates (no user identity) are transmitted. Results are cached server-side.
Live fuel prices are fetched from official Australian state government APIs including NSW FuelCheck, VIC Fuel Price, QLD FuelPricesQLD, SA FuelPricingSA, and WA FuelWatch. No user data is transmitted to these services.
Map tiles are served from our own infrastructure using OpenStreetMap data. No map requests are sent to third-party tile servers. OpenStreetMap data is © OpenStreetMap contributors, available under the Open Database Licence (ODbL).
Transactional emails (account verification, password reset, trip share invitations) are sent via a configured SMTP provider. Your email address is transmitted to the SMTP service for delivery purposes only.
Both the app and this marketing site load fonts from Google Fonts
(fonts.googleapis.com, fonts.gstatic.com). This is a standard
font delivery request and does not include any personal or account data.
FuelOracle does not collect, store, or process payment card details. All payments are handled by Stripe, Inc., a PCI-DSS compliant payment processor. When you subscribe, you are directed to a Stripe-hosted checkout page. FuelOracle receives only a subscription status confirmation from Stripe - your card number, CVV, and banking details are never transmitted to or stored on FuelOracle servers.
Stripe's privacy policy is available at stripe.com/au/privacy.
Under the Australian Privacy Principles you have the right to:
You can exercise most of these rights directly within the app:
For requests you cannot complete within the app, contact us at the address below.
For privacy enquiries, access requests, or complaints, contact:
FuelOracle (ABN 34 167 661 354)
Email: support@fueloracle.com.au
If you are not satisfied with our response to a privacy complaint, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
This policy may be updated from time to time. The effective date at the top of this page will reflect the date of the most recent revision. Continued use of FuelOracle after changes are published constitutes acceptance of the updated policy.