Privacy Policy

1. Introduction

ANZSCO AI ("we", "us", or "our") is operated by ANZSCO AI. We respect your privacy and are committed to protecting the personal information you share with us.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit anzsco.ai and use our platform at app.anzsco.ai (collectively, the "Service"). This policy is governed by the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

Account Information

When you create an account, we collect your name and email address. If you sign in via a third-party provider (e.g. Google), we receive the profile information you authorise.

Usage Data

We automatically collect information about how you interact with the Service, including search queries, pages viewed, features used, session duration, browser type, device information, and IP address.

Payment Information

Payments are processed securely by Stripe. We do not store your credit card number, CVV, or full card details on our servers. Stripe provides us with a tokenised reference and basic billing details (last four digits, card brand, expiry) for your records.

Cookies

We use cookies for authentication, analytics, and preferences. See our Cookie Policy for full details.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service
• Personalise your experience and deliver relevant search results
• Process payments and manage your subscription
• Send transactional emails (receipts, account notifications, security alerts)
• Improve the platform based on aggregated usage patterns
• Run anonymised product analytics to inform feature development
• Detect, prevent, and address technical issues or fraud
• Comply with legal obligations under Australian law

We do not use your information for advertising or sell it to third-party advertisers.

4. Data Sharing

We do not sell your personal data. We share information only with the following service providers, each bound by data processing agreements (DPAs):

• Stripe — payment processing and billing
• Amazon Web Services (AWS) — transactional email delivery via AWS SES
• PostHog — anonymised product analytics
• Vercel — application hosting and edge delivery

We may also disclose information if required by law, regulation, or legal process, or to protect the rights, safety, or property of ANZSCO AI or others.

5. Data Storage & Security

Your data is stored in Australia on secure, managed PostgreSQL infrastructure databases hosted on AWS in the ap-southeast-2 (Sydney) region. All data is encrypted at rest (AES-256) and in transit (TLS 1.2+).

We conduct regular security audits and follow industry best practices for access control, authentication, and infrastructure hardening. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Your Rights

Under the Australian Privacy Act 1988 and the APPs, you have the right to:

• Access the personal information we hold about you
• Correct any inaccurate or out-of-date information
• Delete your account and associated data
• Data portability — request an export of your data in a machine-readable format
• Withdraw consent for optional data processing (e.g. analytics)
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

7. Cookies

We use essential, analytics, and preference cookies to operate and improve the Service. For comprehensive information about the cookies we use and how to manage them, please see our Cookie Policy.

8. Third-Party Services

The Service integrates with the following third-party providers. Each has their own privacy policy governing data they process:

• Stripe — payment processing (privacy policy)
• PostHog — product analytics (privacy policy)
• Vercel — hosting (privacy policy)
• AWS SES — transactional email delivery (privacy policy)

9. Children's Privacy

The Service is not directed at individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify registered users via email at least 14 days before the changes take effect. We will also update the "Last updated" date at the top of this page.

Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

11. Contact

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Email: [email protected]