For information about our security measures, infrastructure, and compliance programs, please see our Data Security page.
Data Collection and Processing
We only collect and process the minimum amount of customer data necessary to deliver and improve our services. This includes:Account Information
Details you provide when registering or maintaining an account, such as:- Your name
- Company/organisation name
- Email address
- Billing information
Service Usage Data
Information related to your use of our platform, including:- Login activity
- Usage analytics
- Log files and metadata
Customer Content
Any files, documents, client records, or other data that you upload to or store in our system as part of using our service. This content is considered confidential and is treated with the utmost care. Your content is yours alone. We do not use your uploaded data for any purpose other than providing you with our service. We do not sell, share, rent, or distribute your customer content to any third party.Communications
Correspondence you send to us, such as:- Emails or support tickets
- Feedback or survey responses
How We Use Your Data
Adviseraide uses the data we collect strictly to provide, maintain, and enhance our services. The main purposes for which we use your data include:Providing Services
To operate the Adviseraide platform and deliver the features you expect, such as storing your documents, running analyses, or managing your client information as you direct.Support and Communication
To communicate with you about your account, provide customer support, send important updates or security alerts, and respond to your questions or feedback.Improvement and Analytics
To analyze how the platform is used (such as which features are accessed, page load times, and system performance) so we can improve functionality, reliability, and user experience. Important: These analytics focus solely on platform usage patterns - NOT on the content you store. We do not analyze, read, or mine the actual client records, documents, or files you upload. Analytics are mostly aggregate data about how users interact with the platform interface.Security and Fraud Prevention
To monitor for suspicious activities, enforce our terms of service, prevent unauthorized access, and maintain the overall security of our platform.Data Ownership and Storage
Your Data Belongs to You. Adviseraide acts as a custodian or data processor on your behalf. This means that all the information, documents, and content you upload into our system are owned by you or your organization. We do not claim ownership over your data. You have full control over it, including adding, editing, or deleting it as needed.Storage Location
We store all customer data securely on industry-leading cloud servers located in Australia. Specifically, our primary infrastructure is hosted with Microsoft Azure and AWS in their data center regions throughout Australia. Storing data in Australia ensures that your information remains within a stable legal jurisdiction known for strong data protection laws, and it also offers low-latency access for our Australasian and New Zealand customers.Data Sharing and Disclosure
Adviseraide maintains a strict policy against sharing personal or business data with third parties, except in very limited circumstances necessary to operate our service or meet legal obligations:No Selling of Data
We never sell your information to any third party. We do not monetize your personal or client data in any way.No Unapproved Sharing
We do not share your data with any third parties for their own purposes. Your client information, documents, and personal details are not accessible to any outside person or organization.Service Providers (Sub-Processors)
We may share certain data with trusted third-party service providers only to the extent necessary to run our platform. For example:- We use Microsoft Azure and Amazon AWS as our cloud infrastructure providers, which means their systems will hold the data you store with us
- We use email services to send you notifications
- We use payment processors to handle billing information
Customer Responsibilities
While Adviseraide works hard to protect your data, data privacy and security is a partnership between us and you. We ask our customers to also take steps to safeguard their accounts and any personal data they handle.Protecting Your Account Credentials
- Keep your username and password secure
- Do not share your login details with any unauthorized persons
- Use a strong, unique password for your Adviseraide account
- Update your password periodically
- If you suspect your password has been compromised, change it immediately and contact our support team
Managing Internal Access
If you have multiple users or team members on your Adviseraide account:- Use the built-in permission controls to give each person the appropriate level of access
- Regularly review who has access to what data
- Promptly remove access for people who no longer need it or who have left your organization
Data Accuracy
Keep the data you store with us accurate and up-to-date. If you discover any inaccuracies in your personal information or client data, correct them promptly. This helps ensure that we can reach you with important notices and that the data you hold meets any accuracy obligations under privacy laws.Data Retention and Deletion
We retain customer data only for as long as it is necessary to fulfill the purposes outlined in this policy or as required by law.Active Accounts
For as long as you have an active account with Adviseraide, we will retain the data you store on our platform so that we can provide the service to you. This includes:- All your uploaded documents and records
- Account information
- Transaction records
- Support communications and other interactions
Inactive Accounts
If your account becomes inactive (for example, if your subscription expires or you stop using the service), we may retain your data for a 6 month period in case you reactivate your account. We do this to make it easier for you to continue where you left off. However, we will eventually delete or anonymize data from long-inactive accounts after this 6 month retention period.Customer Control of Data
You have control over your data at all times. You can delete individual pieces of data (such as a document or a client entry) from within the platform whenever you want, and this will remove that data from our active databases.Deleted data might still exist in our encrypted backups for a short period until those backups are rotated out, but we have processes to ensure that backup data is also purged in due course.
Data Deletion on Request (Right to Erasure)
You have the right to request deletion of all your personal data from our systems (sometimes called the “right to be forgotten”), as well as deletion of any client data you have stored with us. How to request deletion:- Submit a Request: Contact our support team at support@adviseraide.com with a deletion request
- Verification: For security, we will verify that the request is coming from the authorized account owner (we may ask you to send the request from your registered email or complete a verification step)
- Export Your Data: Once verified, we will work with you to export your data if you need a copy for your records
- Permanent Deletion: We will permanently delete your data from our systems within one to two weeks of confirming your request
Account Cancellation or Termination
If you choose to cancel your Adviseraide account (or if it is terminated due to inactivity or other reasons):- We will first allow you to download any data you want to keep
- We can assist you with exporting your data in a common, readable format (CSV, JSON, or original file formats)
- After you have retrieved what you need, we will delete your stored data from our platform
- Data removal is typically completed within two weeks after account cancellation is confirmed
Confirmation of Deletion
Upon completing a full account deletion or data removal request, we can provide written confirmation that your data has been purged from our systems. This can be useful for your own record-keeping or compliance needs.Your Rights and Access to Your Data
We believe you should have full transparency and control when it comes to your personal data. Under privacy laws and our own commitment to user rights, you have the following rights:Right to Access
You have the right to know what personal data we hold about you and to access that data. You can view and manage most of your information directly through your Adviseraide account settings.Right to Data Portability
You have the right to obtain your data in a portable format. We will assist you in exporting your data:- Structured records in CSV or JSON format
- Documents in their original file formats
- This allows you to transfer your data to another service if you wish
Right to Correction
If any of your personal information is incorrect or outdated, you have the right to correct or update it:- Much of your basic account information can be edited directly in your account settings
- For information you cannot update yourself, contact us and we will make the correction promptly
Right to Deletion
As detailed in the section above, you have the right to have your data deleted from our platform. This can be:- Specific deletion: Deleting certain documents or records you’ve stored with us
- Complete deletion: Closing your account and removing all associated data
Right to Withdraw Consent
In cases where our processing of your data is based on your consent (for example, if you opted in to receive marketing emails or agreed to participate in a beta feature), you have the right to withdraw that consent at any time:- We make it easy to unsubscribe from any non-essential communications
- Withdrawing consent will not affect your access to the core services we provide
Right to Object
You have the right to object to certain types of data processing, such as processing for direct marketing purposes. You can exercise this right by contacting us at support@adviseraide.com.Right to Restrict Processing
You have the right to request that we restrict how we process your personal data in certain circumstances, such as while we investigate a complaint you’ve made about the accuracy of your data.Compliance with Privacy Laws and Industry Standards
Adviseraide is designed with privacy compliance in mind. We adhere to the New Zealand Privacy Act 2020 and its Information Privacy Principles when handling personal data. For clients or end-users located in other jurisdictions, we also strive to meet the requirements of those regions:- GDPR for users in the European Union
- Australian Privacy Principles for Australian data subjects
- Other applicable privacy laws where our customers operate
SOC 2 Compliance
AdviserAide maintains SOC 2 compliance, which includes independent third-party auditing of our privacy practices. Our SOC 2 certification covers the Privacy Trust Services Criterion, meaning an external auditor verifies that we handle personal information appropriately throughout its lifecycle - from collection and use to retention and disposal. You can view our current compliance status and detailed security controls at our Trust Center. We perform regular internal reviews and annual independent audits of our privacy and security practices to ensure we remain compliant with evolving laws and standards. If there are significant changes in privacy regulations that affect our service or your rights, we will update our practices and this policy accordingly, and inform you of the changes.International Data Transfers
While our primary data storage is in Australia, some of our service providers may be located in other countries. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable privacy laws. For users in the European Economic Area (EEA), any international data transfers are made in compliance with GDPR requirements, including the use of standard contractual clauses or other approved transfer mechanisms.Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, technology, legal obligations, or other factors. If we make significant changes:- We will post the updated policy on our website
- For major changes, we will send a notice to the primary email address associated with your account
- The updated policy will indicate the date it was last revised