Last Updated: 25 March 2026
This Privacy Policy describes how Carreb Pty Ltd (ABN: 13 686 120 892) ("Carreb", "we", "us") collects, uses, discloses, and protects personal information. It complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
Carreb provides informational tools that produce calculated estimates of vehicle cost of ownership, emissions performance, and potential savings for new vehicles. Our outputs are estimates only and are not financial, legal, environmental, or valuation advice.
This policy applies to our website (www.carreb.com.au), applications, and related services (the "Services").
We use personal information for the following purposes:
Under the APPs, we collect and use personal information where it is reasonably necessary for our functions and activities, where you have consented, or where otherwise required or authorised by law.
We compile vehicle data from public, manufacturer, and reputable government and industry datasets. We apply our own proven calculation methods to present estimated results.
We are independent. Third-party names, logos, or marks are used solely for factual identification of vehicles, brands, or services. No endorsement or affiliation is implied.
The availability and accuracy of third-party data can change. We may recalibrate or withdraw outputs where validation fails or source data is updated.
See also: Terms of Service, Sections 24 and 29.
Cookies are small text files placed on your device when you visit a website. Similar technologies include web beacons, pixels, and local storage.
Essential/Functional Cookies: Required for core functionality (e.g., maintaining your login session, remembering MyGarage settings). These cannot be disabled without affecting the Services.
Analytics and Performance Cookies: Help us understand how users interact with the Services, measure engagement, and identify areas for improvement. We may use third-party analytics platforms (e.g., Google Analytics or similar).
Preference Cookies: Remember your settings and choices (e.g., CORE™ Dial configuration, region selection).
You can control cookies through your browser settings. Blocking some cookies may impact the functionality of the Services. We do not currently use cookies for targeted advertising. If this changes, we will update this policy and provide appropriate notice and controls.
We may use tracking pixels for analytics and performance measurement. These are subject to the same privacy protections as cookies. We do not use tracking pixels for cross-site behavioural advertising.
Our workflow may include AI-assisted retrieval, summarisation, analysis, or modelling. We apply validation checks and human oversight, but AI outputs can occasionally reflect outdated, incomplete, or contextually inaccurate information. Important decisions should be independently verified.
AI processing of your MyGarage data is used solely to operate and improve the Services. We do not use your personal information to train external AI models.
See also: Terms of Service, Section 25.
We may disclose personal information to:
We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.
We do not sell vehicles or broker sales. When you follow a "BUY" link, you leave our Services and the third party's terms and privacy policy apply. We do not control their data handling practices.
See also: Terms of Service, Section 26.
Some of our service providers may process personal information outside Australia. Where this occurs, we take reasonable steps to ensure the overseas recipient handles your information in a manner consistent with the APPs, including through contractual obligations, recognised certification mechanisms, or other appropriate safeguards.
By using the Services, you consent to the transfer of your personal information to overseas recipients in accordance with this policy and the APPs.
We use administrative, technical, and physical safeguards appropriate to the sensitivity of the information we hold. These include encryption of data in transit and at rest, access controls, regular security reviews, and incident response procedures.
No method of electronic storage or transmission is completely secure. While we take reasonable steps to protect your information, we cannot guarantee absolute security. You are responsible for keeping your login credentials confidential and for using strong passwords.
In the event of an eligible data breach (as defined under Part IIIC of the Privacy Act 1988), we will comply with the Notifiable Data Breaches (NDB) scheme, including notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by law.
Access and Correction. You may request access to, or correction of, your personal information at any time in accordance with APPs 12 and 13. Submit your request via the Contact Us page. We will respond within 30 days (or such other period as required by law). We may verify your identity before processing your request. In limited circumstances, we may refuse access or correction as permitted by law and will provide reasons if we do.
Right to Reply. For public-facing data points, estimates, or ratings you believe are inaccurate or misleading, you may submit a Right to Reply request with supporting evidence. We will review submissions in good faith and correct confirmed material errors as soon as reasonably practicable.
See also: Terms of Service, Section 23.
We retain personal information for as long as reasonably necessary to provide the Services, comply with our legal obligations, resolve disputes, and enforce our agreements. When personal information is no longer needed, we will take reasonable steps to destroy or de-identify it.
You may request deletion of your account and associated personal information via the Contact Us page. We will process your request in accordance with our legal obligations and inform you if any information must be retained for legal or compliance purposes.
The Services are not directed at children under 16. We do not knowingly collect personal information from children under 16. Users aged 16–17 may use free features only with a parent or guardian's consent (see Terms of Service, Section 2). If we become aware that we have collected personal information from a child under 16 without appropriate consent, we will take steps to delete it.
We may update this policy from time to time to reflect legal, technical, or business changes. We also improve our data pipelines and models over time. Significant changes will be notified by an in-product notice, email, or prominent website posting. The "Last Updated" date at the top of this page indicates the most recent revision.
See also: Terms of Service, Section 29.
Under the Australian Privacy Principles, you have the right to:
To contact us, make a privacy enquiry, or lodge a complaint about how we handle personal information, use the Contact Us page on our website.
We will acknowledge your complaint within 5 business days and aim to resolve it promptly. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC):
Nothing in this Privacy Policy excludes, restricts, or modifies your rights under the Australian Consumer Law or the Privacy Act 1988 (Cth).