Privacy Policy

Backableai Pty Ltd ("The Analyst", "Backable", "Backable.ai", "we", "us", or "our") respects your privacy and is bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose, store, and secure your personal information when you use our website, products, and services (collectively, the "Services").

If you have any questions about this Policy or the way we handle your personal information, please contact our Privacy Officer at privacy@theanalyst.io.

1. What personal information we collect

We may collect the following categories of information:

• Identity & contact – name, job title, business name, ABN, email address, phone number, postal address.
• Account & billing – login credentials, subscription tier, payment method details (processed by secure third-party gateways; we do not store full card numbers).
• Usage & device – IP address, browser type, device identifiers, time zone, pages viewed, interactions, error logs.
• Business data you upload – files, text, financial figures, scripts, or other content you choose to input into the platform ("Customer Data").
• Support & feedback – correspondence, survey responses, feature requests, beta feedback.

We do not intentionally collect sensitive information (e.g. health data) and ask that you do not provide it.

2. How we collect personal information

• Directly from you when you create an account, subscribe, fill in forms, upload data, or communicate with us.
• Automatically via cookies, pixels, and similar technologies when you browse our website or use the app.
• From integrations you authorise (e.g. connecting an accounting platform or CRM).

You may disable cookies via your browser; however, core features may not function correctly.

3. Purposes for which we use personal information

We use your information to:

• Provide, operate, and maintain the Backable.AI Services.
• Process payments and manage subscriptions.
• Personalise your experience and deliver Suggestions.
• Monitor, analyse, and improve platform performance and security.
• Develop new products, services, and machine-learning models (see Section 6).
• Communicate updates, newsletters, and promotional offers (you may opt out at any time).
• Comply with legal obligations and resolve disputes.

4. Disclosure of personal information

We may disclose personal information to:

• Cloud & infrastructure providers – Microsoft Azure, Google Cloud Platform, Firebase, AWS (backup), and content-delivery networks.
• AI model providers – OpenAI, Anthropic, Gemini, Mistral, or similar third-party LLM hosts engaged to process text, images, documents and generate outputs.
• Payment processors – Stripe, PayPal, or Australian acquiring banks.
• Professional advisers – accountants, auditors, insurers, lawyers.
• Government agencies or regulators where required by law or to protect our rights.
• Related bodies corporate within the Backable group.

4.1 Cross-border disclosure

Our service providers' servers are located in Australia, the United States, Europe (Ireland & Germany), Singapore, and Japan. Before disclosing overseas, we take reasonable steps to ensure recipients will comply with the APPs or are subject to comparable safeguards.

5. Third-party links & services

Our website may contain links to external sites or widgets we do not control. Your use of those services is governed by their own privacy policies and terms. We are not responsible for their handling of your information.

6. Machine-learning & analytics

We may anonymise and aggregate Customer Data and usage logs to train and evaluate our Backable Proprietary Intelligence Layer and other AI models. Aggregation removes direct identifiers. You can opt out of your data being retained for model-training by emailing privacy@theanalyst.io.

7. Security

We employ administrative, technical, and physical safeguards, including:

• TLS 1.2+ encryption in transit and AES-256 encryption at rest.
• Role-based access controls and MFA for staff accounts.
• Regular penetration testing and vulnerability scanning.
• Secure development lifecycle with code review and dependency monitoring.

Despite our efforts, no system is 100% secure. You are responsible for keeping your credentials confidential.

8. Data retention & destruction

We retain personal information only as long as necessary:

• Account data – while the account is active and for 7 years after closure to meet taxation and record-keeping laws.
• Customer Data – until you delete it or 90 days after subscription expiry, whichever is earlier, unless required for legal defence.
• Back-ups – encrypted back-ups are automatically purged on a 30-day rolling basis.

When data is no longer needed, we securely destroy or de-identify it.

9. Access & correction

You may request access to or correction of your personal information by contacting privacy@theanalyst.io. We will respond within 7 days. If we refuse your request, we will explain why and how to complain.

10. Notifiable Data Breaches (NDB) scheme

If we experience a data breach that is likely to result in serious harm, we will promptly:

• Contain the breach and assess impact;
• Notify the Office of the Australian Information Commissioner (OAIC); and
• Notify affected individuals with recommended steps.

11. Marketing communications

We may send you emails about product updates or promotions. You can opt out at any time by clicking "unsubscribe" in the message or contacting privacy@theanalyst.io.

12. Complaints

If you believe we have breached the APPs you may lodge a written complaint to privacy@theanalyst.io. We will acknowledge receipt within 5 business days and aim to resolve the complaint within 30 days.

If you are not satisfied, you may refer the complaint to the Office of the Australian Information Commissioner (OAIC) (oaic.gov.au).

13. Changes to this Privacy Policy

We may update this Policy periodically. We will post the new version on our website and, where material changes are made, provide 30 days' notice via email or in-app alert.

14. Contact us

Backableai Pty Ltd
ABN 16 684 654 886
Email: privacy@theanalyst.io