Effective Date: [16th August, 2024]
At ClarifyMe.ai, we are committed to protecting your privacy and ensuring that your personal information is handled in accordance with Australian laws, including the Privacy Act 1988 and Australian Privacy Principles (APPs). This Data Collection Practices statement outlines how we collect, use, disclose, and protect your personal data when you use our AI-driven software service.
1. Types of Data We Collect
- Personal Information: When you create an account or use our Service, we collect personal information such as your name, email address, phone number, and billing details.
- Usage Data: We collect data related to your use of our Service, including interaction logs, usage statistics, and system diagnostics.
- Content Data: We collect and process the data you input into our Service, including interview notes, summaries, and other related content.
- Technical Data: This includes IP addresses, browser types, operating systems, and other technical information about your device and connection.
2. Purpose of Data Collection
We collect and use your personal data for the following purposes:
- Service Provision: To provide, maintain, and improve our AI-driven software service, including processing and storing your transcripts and summaries.
- Account Management: To manage your account, process subscriptions, handle billing, and communicate with you regarding your account status.
- Support: To offer customer support, respond to inquiries, and resolve issues related to the Service.
- Compliance and Security: To ensure the security of our Service, prevent fraud, and comply with legal obligations.
- Research and Development: To enhance our Service and develop new features based on usage patterns and feedback.
3. Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Contractual Necessity: To fulfill our contractual obligations to you as described in our Terms of Service.
- Consent: Where required, we will obtain your consent before collecting or processing your personal data.
- Legitimate Interests: To pursue legitimate interests such as improving our Service, ensuring its security, and conducting business operations.
4. Data Sharing, Storage and Disclosure
We may disclose your personal data in the following circumstances:
- Service Providers: To third-party service providers who assist us in operating our Service, such as payment processors, cloud storage providers, and customer support tools. These providers are contractually bound to protect your data and use it only for the purposes specified by us.
- Legal Requirements: When required by law or in response to legal requests, such as court orders or subpoenas.
- Business Transfers: In connection with any merger, acquisition, or sale of all or a portion of our business, where your data may be transferred as part of the transaction.
- Location: Your data may be stored on servers located within Australia or internationally. We ensure that any international transfers of your data comply with applicable privacy laws and that appropriate safeguards are in place.
- Data Retention: We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including providing our Service, complying with legal obligations, and enforcing our agreements. Data retention periods are determined based on the nature of the data and regulatory requirements.
5. Data Security Measures
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, use, alteration, or disclosure. However, no system can be completely secure, and we cannot guarantee the absolute security of your data.
- Encryption: Data is encrypted in transit using secure protocols (e.g., HTTPS) and, where applicable, encrypted at rest to protect it from unauthorized access.
- Access Controls: Access to personal data is restricted to authorized personnel only, based on their roles and responsibilities. We use authentication and authorization mechanisms to control access.
- Data Segregation: Personal data is segregated from other types of data to minimize the risk of unauthorized access and ensure data integrity.
- Regular Audits: We conduct regular security audits and vulnerability assessments to identify and address potential security risks.
6. Data Retention and Protection
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Data retention periods may vary based on the type of data and legal requirements.
Incident Response: In the event of a data breach or security incident, we have procedures in place to promptly address the situation, mitigate any potential harm, and notify affected individuals and relevant authorities as required by law.
Backup and Recovery: We maintain regular backups of your data to ensure its availability and integrity in case of data loss or system failures. Backup data is securely stored and protected.
7. Your Rights
Under Australian law, you have certain rights regarding your personal data, including:
- Access: You may request access to the personal data we hold about you.
- Correction: You may request corrections to inaccurate or incomplete data.
- Deletion: You may request the deletion of your personal data under certain circumstances.
- Objection: You may object to certain processing activities, such as direct marketing.
To exercise these rights, please contact us using the details provided below.
8. International Data Transfers
If we transfer your personal data outside of Australia, we will ensure that appropriate safeguards are in place to protect your data in accordance with Australian privacy laws.
9. Third-Party Service Providers
- Contracts and Compliance: We may engage third-party service providers to assist with data storage and processing. We ensure that these providers are contractually obligated to comply with applicable data protection laws and maintain the security of your data.
- Due Diligence: We perform due diligence to verify that our service providers adhere to our data protection standards and practices.
10. Changes to This Statement
We may update this Data Collection Practices statement from time to time. Any changes will be posted on our website, and your continued use of the Service constitutes your acceptance of the updated practices.
11. Contact Us
If you have any questions or concerns about our data collection practices or wish to exercise your rights, please contact us at support@clarifyme.ai or through our website’s contact form.