Overview
This Privacy Policy explains how Infigure (ABN 19 637 114 439, trading as Infigure) collects, uses, discloses, and protects personal information when you use our products and services (the "Service").
We collect the minimum information needed to operate the Service, process billing, keep accounts secure, and support customers.
For account and billing information, we act as the data controller. For data you connect from your own sources, we act as a processor on your instructions — see "Your connected data" below.
What we collect
Account information, such as your name, email address, and authentication details.
Usage and technical information, such as feature usage, device and browser details, and service logs.
Billing information, collected and processed by our payment provider, Stripe, on our behalf.
Connection credentials for linked data sources, stored encrypted at rest and used only to establish your connections.
Source data and files you upload, connect, or create using the Service, which we store on your behalf so you can access, edit, and publish your documents.
How we use it
We use this information to provide and maintain the Service, process payments, respond to support requests, secure accounts against unauthorized access, and improve the Service over time.
We don't sell personal information, and we don't use your connected source data to train machine learning models.
Your connected data
You retain ownership of your source data and the content you create.
The Service stores your source data and files so you can access, edit, and publish them. Some data processing, such as querying connected sources, runs client-side in your browser; the resulting data and documents are then stored on our infrastructure so they persist across sessions and devices.
For your source data and files, we act as your processor: we store and process this content only to provide the Service, on your instructions, and not for any other purpose.
Retention
We retain account information, source data, and files for as long as your account is active, and for up to 30 days after closure to allow for export and recovery, unless a longer period is required by law or you request earlier deletion.
Billing records are retained as required by tax and accounting law.
Security
We apply technical and organizational measures to protect information in transit and at rest, including encryption of connection credentials and access controls on sensitive systems.
No system is completely secure. If we become aware of a data breach likely to result in serious harm, we'll notify affected individuals and, where required, the Office of the Australian Information Commissioner, in line with our legal obligations.
Your rights
If you're in Australia, you may have rights under the Privacy Act 1988 (Cth) to access and correct your personal information, and to complain to us or the OAIC about how we handle it.
If you're in the EEA or UK, you may have rights under the GDPR/UK GDPR to access, correct, delete, or port your personal information, to object to or restrict certain processing, and to lodge a complaint with your local supervisory authority.
Wherever you are, you can request access, correction, or deletion of your personal information, and disconnect linked data sources at any time from your account settings. Contact info@infigured.com to exercise these rights.
Younger users
The Service is available to users aged 13 and over, including students using it to learn analytics through school or university.
If you're under 18, a parent, guardian, or your school or institution should be aware of your use of the Service. We don't knowingly collect personal information from anyone under 13.
If you're in the European Economic Area or UK and under 16, local law may require a parent or guardian's consent before you can use services like ours — please check with them first.
Changes to this policy
We may update this Privacy Policy from time to time. We'll update the effective date below and, for material changes, provide reasonable notice.