Get Started

Privacy Policy

CompliTech Pty Ltd – Privacy Policy

Effective Date: 20 November 2025
Applies To: All products and services provided by CompliTech Pty Ltd.

CompliTech Pty Ltd (“CompliTech”, “we”, “our”, “us”) is committed to protecting your privacy and maintaining strong data security practices. This Privacy Policy explains how we collect, use, store, protect, and disclose personal information and uploaded files across all CompliTech platforms, applications, and digital services (“Services”), including any current or future products we develop.

1. Information We Collect

1.1 Account Information

We collect basic information needed to create and manage your account:

  • Name
  • Email address
  • Company or organisation
  • Country, role, and job title
  • Profile details
  • Billing details (processed by secure payment providers — we do not store card numbers)

1.2 Uploaded Files & Documents

When you use our Services, you may upload files for processing or analysis. We collect:

  • The files you upload
  • Generated reports or system outputs
  • File metadata (filename, size, MIME type, upload timestamp)

1.3 Usage & Technical Data

We collect non-sensitive operational metadata, including:

  • Login timestamps
  • Number of validations or actions performed
  • Credit usage (where applicable)
  • Performance and request logs
  • Access audit logs (who accessed which file, when, and from where)
  • Browser or device type (non-identifying)

1.4 Support & Communication Data

Information provided via:

  • Email
  • Support requests
  • Feedback forms
  • Customer conversations

We do not collect sensitive personal information unless you explicitly provide it and it is required for your own compliance context.

2. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain our Services
  • Process document analysis, validation, or other workflow requests
  • Generate results, analytics, or outputs required for your use
  • Improve performance, accuracy, and reliability
  • Offer support and communicate important updates
  • Enforce security measures and maintain audit logs
  • Comply with legal, taxation, and regulatory obligations

We do not use your files or personal information to train AI models.

3. AI Processing (OpenAI – Only Provider Used)

CompliTech uses only OpenAI’s paid API for AI-based processing.

When you upload a file:

  1. The file is securely processed in our Render backend.
  2. Extracted text or structured content is sent securely to OpenAI’s paid API.
  3. OpenAI returns the analysis or output needed to complete your request.

OpenAI Paid API Data Policy

  • Your data is not used to train OpenAI models
  • Inputs/outputs may be temporarily retained for up to 30 days solely for fraud/abuse monitoring
  • After that period, OpenAI deletes them
  • Optional enterprise “Zero Data Retention” can be enabled if you upgrade in the future

Only the minimum required content is transmitted.
We do not send:

  • Unrelated stored files
  • Audit logs
  • Credentials
  • API keys
  • User profile data

4. Hosting & Infrastructure

CompliTech uses the following infrastructure providers:

4.1 Vercel (Frontend Hosting)

Used for delivering the user interface only.
No long-term file storage occurs on Vercel.

4.2 Render (Backend Hosting & Processing)

Used for backend computation and temporary file handling.
Uploaded files are processed securely and removed after analysis.

4.3 Persistent Storage (If Used)

If your account or plan enables persistent file storage, files may be stored in:

  • Render-managed storage, or
  • AWS Sydney (ap-southeast-2), depending on configuration

4.4 Security Controls

We implement:

  • TLS/HTTPS encryption
  • Secure secrets management
  • Isolated compute environments
  • Role-based and least-privilege access
  • Strict internal access limits
  • No storage of user files on employee devices
  • Continuous monitoring and audit logging

5. Data Retention & Deletion

5.1 File Retention

Uploaded files remain stored only until:

  • You delete them
  • You request deletion
  • Your account or access expires (if applicable)

5.2 Metadata After Deletion

We retain only minimal operational metadata such as:

  • Job ID
  • Anonymised or hashed filename
  • File size and type
  • Processing timestamps
  • Credit usage metrics
  • Audit references

This metadata cannot be used to recreate your original file.

5.3 Audit Logs

Kept for up to 12 months for security and compliance.

5.4 OpenAI Retention

Up to 30 days (for abuse monitoring only).
Your content is never used for training.

6. Data Security

To protect your data, we implement:

  • End-to-end encryption (TLS/HTTPS)
  • Secure, isolated compute environments
  • File-level access controls
  • No unauthorised internal access
  • Comprehensive audit trails
  • Continuous security monitoring
  • No persistent storage of AI prompts/responses unless needed to display your output

While no system is 100% immune to security risk, we follow industry best practices and maintain strong security standards.

7. International Data Transfers

Your persistent data is stored within the infrastructure used by CompliTech.

However, when processing with OpenAI:

  • Some data may be processed temporarily in OpenAI global regions
  • Processing is transient and governed by OpenAI’s paid API security guarantees

By using our Services, you consent to this limited processing.

8. Cookies & Analytics

Essential Cookies

Used for:

  • Authentication
  • Session management
  • Security
  • Interface preferences

Optional Analytics

If enabled, analytics use anonymous, non-personal data.

9. Your Rights

You may request:

  • Access to your personal information
  • Correction of inaccurate information
  • Deletion of your uploaded files
  • An audit activity summary
  • Information about our data practices

To exercise these rights, contact:

support@complitech.com.au

10. Complaints

If you believe your privacy has been compromised:

  1. Contact our Privacy Officer via the support email.
  2. If unresolved, you may contact the Office of the Australian Information Commissioner (OAIC).

11. Updates to This Privacy Policy

We may update this policy when:

  • Services evolve
  • Hosting providers change
  • Regulations are updated
  • Internal processes are improved

The latest version will always include a new effective date.

12. Contact Information

CompliTech Pty Ltd
Email: info@complitech.com.au
Support: support@complitech.com.au
Address: 81 Campbell Street, Surry Hills NSW 2010, Australia

 

Linkedin Twitter Youtube

Copyright © 2025 Complitech. All rights reserved.

81 Campbell Street, Surry Hills NSW 2010, Australia