Information We Collect
Personal Information You Provide
When you register for our financial management communication services, we collect information that you voluntarily provide to us. This includes your name, email address, phone number, and business details necessary for account creation and service delivery.
We collect only the information necessary to provide our services effectively. You have control over what personal information you share with us.
Automatically Collected Information
Our systems automatically collect certain technical information when you access our platform:
- Device information including browser type, operating system, and screen resolution
- Usage patterns such as pages visited, time spent on different sections, and feature utilisation
- Network information including IP address and approximate geographic location
- Performance metrics to help us identify and resolve technical issues
Financial Communication Data
As part of our core service offering, we process financial communication data that you upload or create within our platform. This may include financial reports, communication templates, client correspondence, and related business documents that you choose to store or process through our systems.
How We Use Your Information
| Purpose | Information Used | Legal Basis |
|---|---|---|
| Service Delivery | Account details, usage data, communication preferences | Contract performance |
| Platform Improvement | Usage patterns, technical metrics, user feedback | Legitimate interest |
| Customer Support | Contact information, account history, technical logs | Contract performance |
| Security Monitoring | Access logs, device information, usage anomalies | Legitimate interest |
We process your personal information primarily to deliver our financial management communication services. This includes maintaining your account, providing customer support, and ensuring platform security. We also analyse usage patterns to improve our services, but this analysis focuses on aggregated trends rather than individual user behaviour.
Information Sharing and Disclosure
Service Providers
We work with carefully selected third-party service providers who assist us in delivering our services. These partners have access to personal information only as needed to perform their specific functions and are contractually bound to protect your data according to our standards.
Our current service providers include cloud infrastructure providers, email delivery services, and payment processors. All providers are evaluated for their data protection practices before engagement.
Legal Requirements
We may disclose personal information when required by Australian law or when we believe disclosure is necessary to protect our rights, comply with legal proceedings, or respond to government requests. In such cases, we limit disclosure to the minimum information required.
We do not sell, rent, or trade your personal information to third parties for marketing purposes. Your data is used solely to provide and improve our services.
Business Transfers
In the event of a merger, acquisition, or sale of assets, personal information may be transferred as part of the business transaction. We would notify affected users and ensure any receiving organisation maintains equivalent privacy protections.
Your Privacy Rights
Access Your Information
Request a copy of the personal information we hold about you. We'll provide this in a structured, commonly used format within 30 days of your request.
Correct Inaccuracies
Update or correct any personal information that is incomplete or inaccurate. You can make many changes directly through your account settings.
Delete Your Data
Request deletion of your personal information, subject to certain legal and operational limitations. Account closure results in data deletion within 90 days.
Data Portability
Receive your personal information in a machine-readable format or request transfer to another service provider where technically feasible.
Restrict Processing
Limit how we process your personal information in specific circumstances, such as while we verify data accuracy or assess legitimate interests.
Withdraw Consent
Withdraw consent for processing activities that rely on your consent, such as marketing communications or certain data analytics features.
Exercising Your Rights
To exercise any of these rights, contact our privacy team at privacy@calentiora.com or use the contact information provided below. We'll verify your identity and respond to your request within the timeframes required by applicable privacy laws.
If you're not satisfied with our response to your privacy request, you have the right to lodge a complaint with the Australian Privacy Commissioner or your local data protection authority.
Data Security Measures
Technical Safeguards
We implement multiple layers of security to protect your personal information from unauthorised access, alteration, or destruction. Our security measures include industry-standard encryption, secure data centres, and regular security assessments.
- Data encryption in transit using TLS 1.3 and at rest using AES-256 encryption
- Multi-factor authentication for account access and administrative functions
- Regular security monitoring and automated threat detection systems
- Secure cloud infrastructure with geographically distributed backups
- Regular penetration testing and security audits by independent firms
Organisational Measures
Beyond technical security, we maintain strict organisational policies to protect your data. Our team receives regular privacy and security training, and we limit data access to employees who need it for their role.
We have established incident response procedures to quickly identify and address any potential security issues. In the unlikely event of a data breach, we'll notify affected users and relevant authorities as required by law.
While we implement robust security measures, remember that internet transmission carries inherent risks. We recommend using strong passwords and keeping your login credentials confidential.
Data Retention and Deletion
Retention Periods
We retain personal information only as long as necessary to provide our services and comply with legal obligations. Different types of information have different retention periods based on their purpose and legal requirements.
Account information is retained while your account remains active. After account closure, most personal information is deleted within 90 days, though some records may be retained longer for legal compliance, such as financial records required by Australian taxation laws.
Automated Deletion
We've implemented automated systems to ensure data is deleted according to our retention schedules. This includes regular purging of temporary files, expired session data, and logs that contain personal information.
If you'd like to know the specific retention period for different types of your personal information, or if you want to request early deletion of your data, please contact our privacy team.
International Data Transfers
Our primary data processing occurs within Australia, but some of our service providers operate internationally. When we transfer personal information outside Australia, we ensure appropriate safeguards are in place to protect your data.
We only transfer data to countries with adequate privacy protections or use contractual measures to ensure your information receives equivalent protection. Our cloud infrastructure providers maintain data centres in Australia and other approved jurisdictions.
Cross-Border Processing
Some processing activities may involve temporary transfer of data for technical purposes, such as content delivery networks or backup systems. These transfers are limited to what's necessary for service delivery and are protected by appropriate technical and contractual safeguards.
You have the right to know about international transfers of your personal information and to object to such transfers in certain circumstances.
Changes to This Policy
We may update this privacy policy to reflect changes in our practices, legal requirements, or service offerings. When we make significant changes, we'll notify users through email or prominent notices on our platform.
We encourage you to review this policy periodically to stay informed about how we protect your personal information. The "Last Updated" date at the top of this document indicates when the policy was most recently revised.
If you have questions about privacy policy changes or how they might affect you, our privacy team is available to provide clarification and assistance.