Privacy Policy

1. Introduction

VALIDATA PTY LTD ("Validata", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, AI readiness assessment tools, and generated reports (collectively, the "Services"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the services.

2. Information We Collect

We may collect information about you in a variety of ways. The information we may collect via the Services includes:

• Personal Data: Personally identifiable information, such as your name, email address, role, and sector, that you voluntarily give to us when you register for the Services or when you choose to participate in various activities related to the Services, such as our surveys.
• Survey Data: Information and responses you provide when completing our AI readiness assessments. This data is used to generate your assessment reports and may be aggregated and anonymized for research and service improvement purposes.
• Derivative Data: Information our servers automatically collect when you access the Services, such as your IP address, your browser type, your operating system, your access times, and the pages you have viewed directly before and after accessing the Services. This may also include device name and type, your country, and other interactions with the application and other users via server log files.
• Financial Data: Financial information, such as data related to your payment method (e.g., valid credit card number, card brand, expiration date) that we may collect when you purchase, order, return, or exchange access to premium features of our Services. We store only very limited, if any, financial information that we collect. Otherwise, all financial information is stored by our payment processor, Stripe, and you are encouraged to review their privacy policy and contact them directly for responses to your questions.
• Data from Third-Party Services: We may collect information from third-party services, such as Google (if you sign in via Google), in accordance with their authorization procedures. This may include your name and email address.

3. How We Use Your Information

Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the Services to:

• Create and manage your account.
• Provide and deliver the Services you request, process transactions, and send you related information, including confirmations and invoices.
• Generate personalized AI readiness assessment reports.
• Email you regarding your account or order.
• Respond to your comments, questions, and customer service requests.
• Monitor and analyze usage and trends to improve your experience with the Services and to improve the Services' functionality.
• Develop new products, services, features, and functionality.
• Send you technical notices, updates, security alerts, and support and administrative messages.
• Communicate with you about products, services, offers, promotions, rewards, and events offered by Validata and others, and provide news and information we think will be of interest to you (with your consent, where required by law).
• Prevent fraudulent transactions, monitor against theft, and protect against criminal activity.
• Comply with legal obligations and enforce our terms and policies.
• Anonymize and aggregate data for research, statistical analysis, and business intelligence purposes to improve our Services.

4. Disclosure of Your Information

We may share information we have collected about you in certain situations. Your information may be disclosed as follows:

• By Law or to Protect Rights: If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation.
• Third-Party Service Providers: We may share your information with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing (Stripe), data analysis (potentially, in aggregated/anonymized form), email delivery (Azure Mail for contact forms, Firebase for auth emails), hosting services (Firebase/Google Cloud), and customer service. These third parties are obligated to protect your data.
• Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
• Aggregated or Anonymized Data: We may share aggregated or anonymized information that does not directly identify you with third parties for research, marketing, analytics, and other purposes.
• With Your Consent: We may disclose your personal information for any other purpose with your consent.

We do not sell your personal information to third parties.

5. Security of Your Information

We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Please see our Data Security Statement for more details.

6. Your Data Protection Rights

Depending on your location and applicable data protection laws, you may have certain rights regarding your personal information, such as:

• The right to access – You have the right to request copies of your personal data.
• The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
• The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you wish to exercise any of these rights, please contact us.

7. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

8. Children's Privacy

Our Services are not intended for use by children under the age of 16 (or other age as required by local law), and we do not knowingly collect personal information from children under this age. If we learn that we have collected personal information from a child under the relevant age without verification of parental consent, we will take steps to delete that information.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us using the details provided on our Contact Us page.