Privacy Policy

1. Introduction

This policy explains how ClarityIntel Pty Ltd, an Australian company (ABN 54 697 254 596), trading as SMEInspect (we, us, our), collects, uses, stores and discloses personal information when you use the SMEInspect website, applications and related services (the Service).

ClarityIntel Pty Ltd is a single Australian entity that offers the Service in Australia and, where available, cross-border to users in the United Kingdom and United States. We do not currently operate a separate UK or US entity. This policy focuses on our Australian operations; separate or supplementary notices apply when we publish them for other markets.

2. The law that applies

We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where the Service is used by individuals in Australia, those laws apply to our collection and handling of their personal information.

3. What we collect & why

We may collect the following categories of information:

• Account and contact details — name, email address and sign-in identifiers — to create your account, deliver Reports and communicate about your orders.
• Transaction data — order history, payment status and acceptance records — to fulfil paid Reports and meet record-keeping obligations. Card details are processed by our payment provider; we do not store full card numbers.
• Uploaded documents and inputs — financial statements, contracts and other materials you provide about a target business — to generate your Report and SMEInspect Estimate.
• Public-registry and target-business data — information about the target business and its officers retrieved from public registers — to produce your Report.
• Technical and usage data — IP address, browser type, device information and interaction logs — to secure the Service, diagnose faults and understand aggregate usage.
• Communications — support enquiries and feedback — to respond and improve the Service.

We collect personal information directly from you unless it is unreasonable or impracticable to do so. We do not knowingly collect information from children under 18.

4. Lawful bases

Under the APPs, we collect personal information by lawful and fair means and only where it is reasonably necessary for our functions and activities. Our bases for handling personal information include:

• performing the contract and providing the Service you request;
• our legitimate functions in operating, securing and improving the Service, balanced against your interests;
• complying with legal and record-keeping obligations;
• your consent, where required — for example, optional marketing communications.

5. Automated processing, AI & sub-processors

Outputs are generated by automated means, including AI/LLM inference run by a sub-processor on our behalf. We engage the following categories of sub-processor, each under contracts requiring appropriate safeguards:

• Hosting and infrastructure — to store data and run the Service;
• Inspection and AI engine — to process your documents and generate Reports and Estimates, including AI/LLM inference;
• Payments — to process transactions;
• Email and communications — to deliver service messages and Reports;
• Analytics — to understand aggregate usage and improve the Service.

We do not use your documents or other Content to train AI or machine-learning models, and we require our sub-processors not to train on your Content. No decision producing legal or similarly significant effects is made about you by solely automated means; Outputs are decision-support for you.

6. How we use & disclose

We use personal information to:

• provide, operate and improve the Service;
• generate and deliver the Reports and Estimates you request;
• process payments and prevent fraud;
• send service-related messages (not marketing, unless you have opted in);
• comply with legal obligations and enforce our Terms.

We may disclose information to:

• trusted sub-processors and service providers (hosting, storage, the inspection/AI engine, payments, email, analytics) under contracts requiring appropriate safeguards;
• professional advisers where reasonably necessary;
• regulators, courts or law enforcement where required or authorised by law.

We do not sell personal information. We do not disclose your uploaded documents to the seller, broker or other parties involved in a transaction you are evaluating.

7. Third-party & registry data

To produce your Report, we process data about the target business and its officers obtained from public registers and other third-party sources (for example, company and business registers). This may include personal information about individuals connected to the target business. We handle that information in accordance with the APPs and use it only to generate your Report and operate the Service.

8. Cookies

We use essential cookies necessary to operate the Service (for example, to keep you signed in and secure your session). We may also use analytics cookies to understand aggregate usage. Where consent is required, we will seek it, and you can manage non-essential cookies through your browser or our cookie controls.

9. Marketing

We send marketing communications only where you have consented or where otherwise permitted by law. Every marketing message includes an easy way to unsubscribe, and you can opt out at any time by contacting privacy@clarityintel.ai. Opting out of marketing does not affect service-related messages about your account or orders.

10. Storage, security & retention

Personal information and uploaded documents are stored in Australia (AWS Asia Pacific (Sydney), ap-southeast-2), encrypted in transit and at rest, with access limited to personnel and systems that need it to operate the Service.

We retain personal information only for as long as needed for the purposes in this policy, including:

• active account and order data — for the life of your account plus a reasonable period after closure;
• uploaded documents — for 12 months after Report delivery, unless you request earlier deletion or a longer period is required by law;
• transaction and tax records — for 7 years, as required by Australian law;
• deletion requests — actioned within 30 days, after which some information may persist in encrypted backups for a limited period before being overwritten.

We securely delete or de-identify information when retention is no longer required.

11. Overseas / international transfers

Our primary storage is in Australia. Some sub-processors — including the AI/LLM inference engine, payments, email and analytics providers — may process personal information outside Australia. Before disclosing personal information to an overseas recipient, we take reasonable steps under APP 8 to ensure the recipient handles it consistently with the APPs, including through contractual protections. By using the Service, where required, you consent to these overseas disclosures.

12. Your rights

Under the APPs you may request access to the personal information we hold about you, and ask us to correct information that is inaccurate, out of date, incomplete, irrelevant or misleading.

You may also request deletion of your account and associated buyer data, subject to legal retention requirements (for example, tax and transaction records). Deletion requests are actioned within 30 days. To make a request, contact us using the details below. We may need to verify your identity before responding.

13. Complaints

If you believe we have breached the APPs or mishandled your personal information, contact us first at privacy@clarityintel.ai. We will acknowledge your complaint and aim to resolve it within a reasonable period.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

14. Children

The Service is intended for users aged 18 and over. We do not knowingly collect personal information from children under 18. If you believe a child has provided us with personal information, contact us and we will take reasonable steps to delete it.

15. Changes

We may update this policy from time to time. Material changes will be posted at /privacy-policy with a revised version label and date. We encourage you to review this policy periodically.

16. Contact

Privacy enquiries and requests: privacy@clarityintel.ai · post: PO Box 4127, Balgowlah Heights NSW 2093, Australia.

Privacy officer: our Privacy Officer (privacy@clarityintel.ai). ClarityIntel Pty Ltd, ABN 54 697 254 596, trading as SMEInspect. See also our Terms of Use.