Legal

Privacy policy

Last updated: 18 April 2026

Who we are

CampWatch (“we”, “us”, “our”) operates campwatch.com.au, an SMS alert service that notifies you when campground and caravan park sites become available. We are based in Australia and operate under the Australian Privacy Act 1988 and the Spam Act 2003.

What we collect

We collect the minimum information needed to provide the service:

  • Phone number — your Australian mobile number, stored in E.164 format (+614xxxxxxxx). This is your sole identity on CampWatch; we do not require an account or password.
  • Campground preferences — the campground, dates, and party size you select when creating an alert.
  • SMS verification codes — a 6-digit code sent to verify your phone number. Codes are SHA-256 hashed before storage and expire after 10 minutes.
  • Email address (optional) — only if you subscribe to expansion updates or include it with feedback.
  • Feedback content — if you use the feedback form, we collect your message, the page you were on, your IP address, and browser user-agent. Feedback is forwarded by email and not stored in our database.

Our website does not use cookies, analytics trackers, or advertising pixels. Additional information collected by the CampWatch mobile apps (iOS and Android) is described in the Mobile applications section below.

How we use your information

  • Phone number — to send SMS alerts when a campsite matching your preferences becomes available, to send verification codes, and to send reminder or expiry notifications about your active watches.
  • Campground preferences — to check availability on campground booking systems on your behalf.
  • Email address — to notify you when CampWatch expands to new parks or states, or to reply to your feedback.

We will never sell, rent, or share your personal information with third parties for marketing purposes.

Third-party services

We use the following third-party services to operate CampWatch:

  • Twilio — to send and receive SMS messages. Your phone number and message content pass through Twilio's infrastructure. See Twilio's privacy policy.
  • Resend — to forward feedback submissions via email. See Resend's privacy policy.
  • Railway — our hosting provider. See Railway's privacy policy.
  • Sentry — used by the CampWatch mobile apps to receive crash reports that help us fix bugs. Reports include device model, OS version, app version, and a stack trace. They do not include your phone number or alert content. See Sentry's privacy policy.
  • PostHog — used by the CampWatch mobile apps for product analytics (screen views, button taps). Events are keyed on our internal anonymous id, not your phone number or any device-level advertising id. See PostHog's privacy policy.
  • Apple Push Notification service (APNs) and Firebase Cloud Messaging (FCM) — used to deliver push notifications from the CampWatch mobile apps to your device. The payload contains the alert title and the campground name; we do not include your phone number in push payloads.

SMS consent and opt-out

You must give explicit consent before we send you SMS alerts. You can stop receiving messages at any time by:

  • Replying STOP to any message from us.
  • Clicking the stop link included in every alert SMS.

To resume alerts after opting out, text START to our number.

Mobile applications

The CampWatch iOS and Android apps collect a few things the website does not, because the native platforms require them to deliver push alerts and diagnose problems.

What the mobile apps collect:

  • Push notification token — issued by APNs (iOS) or FCM (Android) so we can send you alerts. The token identifies your device, not you personally.
  • Device information — platform (iOS/Android), OS version, app version, runtime version, locale, and a model identifier (e.g. “iPhone”). We use this to debug device-specific issues and to target force-upgrade prompts.
  • Session id — a random identifier generated when you verify your phone. It is stored in the device's secure keychain (iOS) or encrypted storage (Android).
  • Crash reports — via Sentry, covering device model, OS version, app version, and a stack trace. These help us fix bugs. They do not contain your phone number or the contents of any alert.
  • Analytics events — via PostHog, covering which screens you visit and which buttons you tap. Events are keyed on our internal anonymous id, not your phone number.
  • Approximate location — only if you tap a “near me” search in the Explore tab and grant the OS permission. We request coarse location only; we never ask for precise coordinates.

What the mobile apps do NOT collect:

  • Your contacts, photos, camera, microphone, calendar, or files. The apps do not request these permissions.
  • Your precise location. We request coarse location only, and only when you actively use a nearby-campgrounds feature.
  • Any device-level advertising identifier (IDFA on iOS, AAID on Android) for tracking across other apps. Because of this, the iOS app does not show an App Tracking Transparency prompt — it has nothing to track across.

Deleting your mobile account: you can delete your CampWatch account at any time by replying STOP to any SMS from us and then emailing hello@campwatch.com.au with “Delete my account” and your mobile number. We remove your phone record, watches, sessions, and device tokens within 30 days.

Data retention

  • Active watches are kept while they are running and for a short period after they stop or expire, then deleted.
  • Phone records are removed when all associated watches are deleted.
  • Verification codes expire after 10 minutes and are periodically purged.
  • Expansion interest emails are kept until we send the relevant update, then deleted.
  • Mobile sessions and device tokens expire after extended inactivity and are purged. You can delete your mobile account, along with any stored tokens, at any time by emailing us (see Mobile applications).

Security

We take reasonable steps to protect your information. Verification codes are hashed before storage. All connections use HTTPS. Access to the database is restricted to the application.

Your rights

Under the Australian Privacy Act, you can request access to or correction of the personal information we hold about you. To make a request or ask a question about your data, use the feedback form on our site or contact us via SMS.

Changes

We may update this policy from time to time. Changes will be posted on this page with a revised “last updated” date. We will not reduce your rights under this policy without your consent.