Youi

Comprehensive scope statement covering 13 different user types, clear definitions section, specific contact information including privacy officer details, current version date, and informal introductory tone. Strong coverage of key transparency elements.

Clear enumeration of 14 specific primary purposes, detailed marketing purposes with opt-out mechanism, and explicit commitment to only use information for permitted/lawful reasons. Good purpose specificity but secondary use disclosure could be more detailed.

Clear version tracking with last updated date, designated privacy officer with contact details, policy update notification mechanism, and specific acceptance triggers. Good governance framework but lacks specific review frequency commitments.

Detailed enumeration of specific data types collected including technical data, comprehensive list of indirect collection sources, clear disclosure of sensitive information collection, and specific automated collection technologies. Good granularity beyond broad categories.

Extensive list of third-party categories and specific sharing purposes, clear government disclosure provisions, and overseas disclosure with named countries. However, lacks specific named recipients and relies on broad policy consent rather than granular consent mechanisms.

General security commitment referencing 'generally accepted standards' and reasonable precautions, but lacks specific technical measures like encryption details or certifications. Includes employee access controls and credit card protection but overall quite generic.

Named specific countries (South Africa, USA), clear disclosure of contractual safeguards with service providers, compliance commitment to Privacy Act, and acknowledgment that countries may vary over time. Good specificity with stated protections.

Comprehensive coverage including access rights with fee structure, correction rights, marketing opt-out mechanism, EU-specific rights (deletion, portability, processing restriction), clear internal complaint process, and OAIC escalation with specific timeframes and contact details.

No explicit disclosure of automated decision-making processes despite clear evidence of automated pricing, underwriting, and behavioral profiling. Limited to marketing opt-out with no human review rights or algorithmic transparency disclosed.

No relevant claims found in policy.

No specific findings.