Information We Collect

Running a budgeting platform means we handle financial data. But we only collect what's necessary to provide our services effectively. Here's what that looks like:

Account Information

When you sign up, we collect basic details like your name, email address, phone number, and company information. This helps us set up your account and communicate with you about important updates or issues.

Financial and Budget Data

Our platform handles departmental budget information, transaction records, spending patterns, and approval workflows. We store this data securely so you can access your budgets, generate reports, and track spending across your organization.

Usage Information

We track how you use our platform – which features you access, how often you log in, and what actions you take. This helps us understand what's working and what needs improvement. Think of it as feedback that helps us build better tools.

• Device information (browser type, operating system, IP address)
• Log data (timestamps, clicked elements, page views)
• Cookies and similar tracking technologies
• Communication preferences and interaction history

How We Use Your Information

We don't sell your data. Never have, never will. Here's what we actually do with the information we collect:

• Provide our services: Process budgets, generate reports, manage user access, and keep your financial data organized and accessible
• Improve our platform: Analyze usage patterns to identify bugs, optimize performance, and develop new features that actually help
• Communicate with you: Send important updates about your account, respond to support requests, and share relevant information about our services
• Security and compliance: Detect fraud, prevent unauthorized access, and comply with Australian privacy regulations
• Business operations: Process payments, manage subscriptions, and handle billing inquiries

Data Sharing and Third Parties

We limit data sharing to what's necessary. When we do share information, it's with trusted partners who help us run our services:

All our partners sign agreements that require them to protect your data and use it only for specified purposes. We vet these companies carefully and review their security practices regularly.

Legal Requirements

Sometimes we're legally required to share information – with courts, law enforcement, or regulatory bodies. We only do this when legally obligated and will notify you unless prohibited by law.

Data Security Measures

Protecting financial data is fundamental to what we do. Here's how we keep your information secure:

• Encryption: Data is encrypted both in transit (TLS 1.3) and at rest (AES-256)
• Access controls: Role-based permissions ensure employees only access data they need for their jobs
• Regular audits: Quarterly security assessments and penetration testing to identify vulnerabilities
• Secure infrastructure: Australian-based data centers with physical security and redundancy
• Monitoring: 24/7 system monitoring to detect and respond to security incidents
• Employee training: Regular security training for all staff who handle customer data

No system is completely foolproof, but we invest heavily in security and stay current with industry best practices. If a breach occurs, we'll notify affected users within 72 hours and work with authorities as required under Australian law.

Your Privacy Rights

Australian privacy law gives you significant control over your personal information. Here's what you can do:

Access Your Data

You can request a copy of all personal information we hold about you. We'll provide this in a structured, commonly used format within 30 days.

Correct Inaccurate Information

If your data is wrong or outdated, let us know. You can update most information directly in your account settings, or contact us for help with other corrections.

Delete Your Data

You can request deletion of your personal information. We'll honor this unless we're legally required to keep certain records (like transaction history for tax purposes). Budget data you've created will be permanently deleted after account closure.

Export Your Data

Need to move to another platform? We'll provide your budget data in CSV or JSON format so you can take it with you.

Opt Out of Marketing

Unsubscribe from promotional emails anytime. You'll still receive essential account notifications and security alerts.

Data Retention

We don't keep data longer than necessary. Here's our retention schedule:

• Active account data: Retained while your account is active and for legitimate business purposes
• Budget and transaction records: Kept for 7 years after account closure to comply with Australian tax and accounting regulations
• Support communications: Retained for 3 years to help with ongoing support and quality improvement
• Marketing data: Deleted immediately upon unsubscribe or account closure
• Usage logs: Kept for 12 months for security monitoring and platform improvement

After retention periods expire, we securely delete data using industry-standard methods. Backups are overwritten within 90 days of deletion from primary systems.

Cookies and Tracking Technologies

We use cookies to make our platform work properly and understand how it's being used. Here's the breakdown:

Essential Cookies

These keep you logged in, remember your preferences, and ensure the platform functions correctly. You can't opt out of these – they're necessary for the service to work.

Analytics Cookies

Help us understand which features people use and where they run into problems. This data is anonymized and helps us improve the platform.

Performance Cookies

Track loading times and technical performance so we can identify and fix slowdowns.

You can control cookie settings through your browser, though disabling essential cookies will affect platform functionality. We don't use advertising cookies or sell tracking data to third parties.

International Data Transfers

Your data is stored on servers located in Australia. If we need to transfer data internationally (for example, to global service providers), we ensure:

• The recipient country has adequate privacy protections recognized by Australian law
• We use standard contractual clauses approved by the OAIC
• Data is encrypted during transfer and at rest
• We conduct due diligence on international partners' security practices

We minimize international transfers and prioritize Australian-based service providers whenever possible.

Children's Privacy

Our services are designed for business use and aren't directed at children under 18. We don't knowingly collect information from minors. If we discover we've inadvertently collected data from someone under 18, we'll delete it promptly.

Changes to This Policy

We update this policy occasionally to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you via email and post the updated policy with a new "Last Updated" date.

Continued use of our services after changes take effect means you accept the updated policy. If you disagree with changes, you can close your account.

Complaints and Concerns

If you're unhappy with how we've handled your personal information, we want to know. Contact us first – we'll investigate and respond within 30 days.

If you're not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

• Online: www.oaic.gov.au
• Phone: 1300 363 992
• Mail: GPO Box 5218, Sydney NSW 2001