Privacy Policy

Information you provide directly

• Identity and contact data: name, email, phone number, job title, company name, ABN if relevant, and address.
• Project and consulting data: business requirements, process descriptions, data samples which you have the right to share, and feedback on AI models or automations.
• Payment and billing information: processed securely via third-party payment gateways such as Stripe or Pin Payments. We do not store full card details.
• Communications: records of emails, chat messages, or meeting notes.

Information collected automatically

• Usage data: IP address, browser type, operating system, pages visited, time on site, and referring URLs.
• Cookies and tracking: we use Google Analytics 4 analytics cookies and similar technologies to understand website usage and improve our website.
• AI interaction logs: when you test or use our automation tools, we may log inputs, outputs, and performance metrics to improve our models.

We do not collect sensitive information, such as health information, political opinions, or criminal records, unless you provide it voluntarily and we obtain your consent.

• Directly from you, such as via web forms, email, phone, or meetings.
• Automatically through your use of our website or automation tools.
• From third parties, such as LinkedIn if you inquire there, or a referral partner. If unsolicited, we will handle it in accordance with APP 4.

• To deliver AI consulting and automation services, including building models, automating workflows, and providing support.
• To improve our AI solutions using anonymised or aggregated data to train or enhance algorithms. We do not use your proprietary business data to train models for other clients without your explicit consent.
• To communicate with you, including sending invoices, project updates, service notices, and, with your opt-in, marketing about our services.
• To ensure security and compliance, including detecting fraud, enforcing our terms, and complying with Australian law such as tax record-keeping.
• For analytics, including measuring website performance and user behaviour.

If we wish to use your information for any other purpose, we will obtain your consent unless the new purpose is related to the primary purpose and you would reasonably expect it.

• Service providers, including cloud hosting, payment processors, CRM platforms, and support tools.
• Professional advisers, such as lawyers, accountants, or auditors.
• Legal or regulatory bodies when required by law, court order, or to prevent harm.
• Business transferees in the event of a merger, acquisition, or sale of assets, with notice to you.

Overseas disclosure

Some service providers, such as AI model hosting and analytics platforms including Google Analytics 4, may store or process data outside Australia, including in the USA, Singapore, or the EU. Before disclosing information overseas, we take reasonable steps to ensure the recipient complies with the APPs, or we will obtain your explicit consent. By using our services, you acknowledge this possibility.

• Encryption, including TLS for data in transit and AES-256 for data at rest.
• Access controls and staff training.
• Regular security assessments.

However, no data transmission over the internet is 100% secure. You are responsible for safeguarding any API keys or credentials you use with our automation tools.

We retain your personal information only as long as necessary for the purposes set out in this policy or as required by Australian law, such as tax records for 5 to 7 years. When no longer needed, we securely destroy or de-identify it.

• Access: request access to the personal information we hold about you under APP 12.
• Correction: request that we correct inaccurate, out-of-date, or incomplete information under APP 13.

To make a request, contact us at [email protected]. We will respond within a reasonable time, usually 30 days. We may charge a reasonable fee for access requests where permitted by law.

If we refuse your request, we will provide a written explanation and information about how to make a complaint.

• Analyse website traffic and user behaviour using Google Analytics 4, including pages viewed, approximate location, device and browser information, referring URLs, and interactions with our website.
• Remember your preferences.

Google Analytics 4 may set cookies or collect pseudonymous identifiers to help us measure website performance. You can disable cookies through your browser settings, use browser privacy controls, or use Google Analytics opt-out tools. Some website features may not function properly if cookies are disabled. We do not currently use cookies for cross-site tracking or behavioural advertising without your consent.

• You have consented by opting in.
• It is within your reasonable expectations, such as where you are an existing client, and we provide a simple way to opt out.

Every marketing email will include an unsubscribe link. You can also opt out at any time by emailing [email protected].

• Take immediate steps to contain the breach.
• Conduct a reasonable assessment within 30 days.
• Notify affected individuals and the Office of the Australian Information Commissioner as required by the Privacy Amendment (Notifiable Data Breaches) Act 2017.

Internal dispute resolution

If you have a complaint about our handling of your personal information, please contact us in writing.

• Email: [email protected]
• Address: LunaWorkX, 13/15 Station Avenue, McKinnon, VIC 3204, Australia
• Phone: 0432899723

We will acknowledge your complaint within 7 days and aim to resolve it within 30 days. If we need more time, we will let you know.

External recourse

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner.

• Online: www.oaic.gov.au
• Phone: 1300 363 992
• Mail: GPO Box 5218, Sydney NSW 2001