Legal

Privacy Policy

Effective date: July 4, 2026

Overview

This Privacy Policy explains how Infigure (ABN 19 637 114 439, trading as Infigure) collects, uses, discloses, and protects personal information when you use our products and services (the "Service").

We collect the minimum information needed to operate the Service, process billing, keep accounts secure, and support customers.

For account and billing information, we act as the data controller. For data you connect from your own sources, we act as a processor on your instructions — see "Your connected data" below.

What we collect

Account information, such as your name, email address, and authentication details.

Usage and technical information, such as feature usage, device and browser details, and service logs.

Billing information, collected and processed by our payment provider, Stripe, on our behalf.

Connection credentials for linked data sources, stored encrypted at rest and used only to establish your connections.

Source data and files you upload, connect, or create using the Service, which we store on your behalf so you can access, edit, and publish your documents.

How we use it

We use this information to provide and maintain the Service, process payments, respond to support requests, secure accounts against unauthorized access, and improve the Service over time.

We don't sell personal information, and we don't use your connected source data to train machine learning models.

Your connected data

You retain ownership of your source data and the content you create.

The Service stores your source data and files so you can access, edit, and publish them. Some data processing, such as querying connected sources, runs client-side in your browser; the resulting data and documents are then stored on our infrastructure so they persist across sessions and devices.

For your source data and files, we act as your processor: we store and process this content only to provide the Service, on your instructions, and not for any other purpose.

Cookies and tracking

Our marketing site and application use cookies for authentication and essential functionality, and, where enabled, for analytics.

You can control non-essential cookies through your browser settings or, where available, our cookie preferences.

Sharing and international transfers

We share information with service providers who help us run the Service: Supabase for database and infrastructure hosting, Stripe for payment processing, and Resend for transactional email. These providers may only use information as needed to provide their service to us.

Information may be processed or stored outside Australia, including in the United States. Where this happens, we take steps to ensure appropriate protections are in place.

Retention

We retain account information, source data, and files for as long as your account is active, and for up to 30 days after closure to allow for export and recovery, unless a longer period is required by law or you request earlier deletion.

Billing records are retained as required by tax and accounting law.

Security

We apply technical and organizational measures to protect information in transit and at rest, including encryption of connection credentials and access controls on sensitive systems.

No system is completely secure. If we become aware of a data breach likely to result in serious harm, we'll notify affected individuals and, where required, the Office of the Australian Information Commissioner, in line with our legal obligations.

Your rights

If you're in Australia, you may have rights under the Privacy Act 1988 (Cth) to access and correct your personal information, and to complain to us or the OAIC about how we handle it.

If you're in the EEA or UK, you may have rights under the GDPR/UK GDPR to access, correct, delete, or port your personal information, to object to or restrict certain processing, and to lodge a complaint with your local supervisory authority.

Wherever you are, you can request access, correction, or deletion of your personal information, and disconnect linked data sources at any time from your account settings. Contact info@infigured.com to exercise these rights.

Younger users

The Service is available to users aged 13 and over, including students using it to learn analytics through school or university.

If you're under 18, a parent, guardian, or your school or institution should be aware of your use of the Service. We don't knowingly collect personal information from anyone under 13.

If you're in the European Economic Area or UK and under 16, local law may require a parent or guardian's consent before you can use services like ours — please check with them first.

Changes to this policy

We may update this Privacy Policy from time to time. We'll update the effective date below and, for material changes, provide reasonable notice.