⚠️ DRAFT - REQUIRES LEGAL REVIEW BEFORE PUBLISHING

This document is a template based on the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). Have a qualified Australian lawyer review and customise it for your specific data handling practices before making it live.

1. Introduction

This Privacy Policy explains how Klarr ("we", "us", or "our") collects, uses, discloses, and protects your personal information when you use our inventory and business management platform ("Service").

We are committed to protecting your privacy and handling your personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and other applicable privacy laws.

By using our Service, you consent to the collection and use of your information as described in this Privacy Policy.

2. What Personal Information We Collect

2.1 Information You Provide Directly

Account Information:

Name
Email address
Business name
Phone number
Billing address
Password (encrypted)

Payment Information:

Credit card details (processed by our payment provider)
Billing history
ABN (for invoicing)

Business Data:

Customer and supplier information you enter into the Service
Product and inventory data
Order and transaction records
Notes and communications stored in the Service

2.2 Information Collected Automatically

Technical Information:

IP address
Browser type and version
Device type and operating system
Time zone and location (general)

Usage Information:

Pages visited and features used
Time spent on the Service
Clickstream data
Error logs and diagnostic data

Cookies and Similar Technologies:

Session cookies (essential for Service operation)
Analytics cookies (to understand Service usage)
Preference cookies (to remember your settings)

See our Cookie Policy for more information.

2.3 Information from Third Parties

We may receive information from:

Payment processors (transaction confirmations)
Third-party integrations you connect (such as Shopify, Amazon, accounting software)
Publicly available sources (for business verification)

3. How We Use Your Personal Information

We collect and use your personal information for the following purposes:

3.1 To Provide the Service

Creating and managing your account
Processing transactions and payments
Delivering the features and functionality you request
Syncing data with third-party integrations you authorise

3.2 To Communicate with You

Responding to your enquiries and support requests
Sending service-related notifications (outages, updates, security alerts)
Providing onboarding and training assistance

3.3 To Improve the Service

Analysing usage patterns to improve features
Identifying and fixing technical issues
Developing new features and functionality

3.4 For Billing and Administration

Processing subscription payments
Sending invoices and payment reminders
Managing account status

3.5 For Marketing (with Your Consent)

Sending product updates and newsletters
Informing you about new features or services
Sharing relevant industry content

You can opt out of marketing communications at any time (see Section 7).

3.6 For Legal and Safety Purposes

Complying with legal obligations
Protecting our rights and property
Preventing fraud and abuse
Responding to legal requests

4. Legal Basis for Processing

We process your personal information where:

Necessary for contract performance: To provide the Service you have subscribed to
Legitimate interests: To improve our Service, prevent fraud, and communicate with you about your account
Consent: For marketing communications and optional analytics
Legal obligation: To comply with applicable laws

5. How We Share Your Personal Information

We do not sell your personal information. We may share your information with:

5.1 Service Providers

We engage trusted third parties to help operate our Service, including:

Cloud hosting providers (for data storage)
Payment processors (for billing)
Email service providers (for communications)
Analytics providers (for usage insights)
Customer support tools

These providers are contractually bound to protect your information and use it only for the purposes we specify.

5.2 Third-Party Integrations

When you connect third-party services (such as Shopify, Amazon, Xero), we share data as necessary to enable the integration. Your use of third-party services is subject to their privacy policies.

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your personal information.

5.4 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Klarr, our users, or the public.

5.5 With Your Consent

We may share your information for other purposes with your explicit consent.

6. Data Storage and Security

6.1 Data Location

Your data is stored on secure servers. We ensure appropriate safeguards are in place for all data storage locations.

6.2 Security Measures

We implement industry-standard security measures to protect your information, including:

Encryption of data in transit (TLS/SSL) and at rest
Access controls and authentication requirements
Regular security assessments and monitoring
Employee training on data protection

6.3 Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. After account termination:

Account and business data: Retained for 30 days for export, then deleted
Billing records: Retained for 7 years to comply with tax obligations
Anonymised usage data: May be retained indefinitely for analytics

6.4 Data Breach Response

In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by the Notifiable Data Breaches scheme.

7. Your Privacy Rights

Under the Australian Privacy Principles, you have the right to:

Access Your Information

You may request access to the personal information we hold about you. We will respond to access requests within a reasonable timeframe (usually 30 days).

Correct Your Information

You may request correction of any personal information that is inaccurate, incomplete, out-of-date, or misleading.

Delete Your Information

You may request deletion of your personal information, subject to our legal obligations to retain certain records.

Data Portability

You may export your data using our built-in export features at any time.

Opt Out of Marketing

You can opt out of marketing communications by:

Clicking the "unsubscribe" link in any marketing email
Updating your communication preferences in your account settings
Contacting us directly

To exercise any of these rights, contact us at: privacy@klarr.com

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

Posting a notice on our website
Sending an email to your registered address
Displaying a notification in the Service

The "Last Updated" date at the top indicates when the policy was last revised. Continued use of the Service after changes take effect constitutes acceptance of the updated Privacy Policy.

9. How to Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Privacy Officer

Klarr

Email: privacy@klarr.com

10. Complaints

If you believe we have breached the Australian Privacy Principles or mishandled your personal information, you may lodge a complaint with us. We will:

Acknowledge your complaint within 5 business days
Investigate and respond within 30 days
Work with you to resolve the issue

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

Office of the Australian Information Commissioner

Website: www.oaic.gov.au

Phone: 1300 363 992

Email: enquiries@oaic.gov.au

GPO Box 5218, Sydney NSW 2001

Privacy Policy