Privacy Policy

At xylentora, we collect information that helps us provide better business planning services and maintain secure, personalised experiences. Here's what we gather and why:

• Personal Information: Name, email address, phone number, business address, and professional title when you register or contact us
• Business Data: Company details, industry sector, business goals, and financial planning requirements you share during consultations
• Technical Information: IP address, browser type, device information, and website usage patterns through cookies and analytics tools
• Communication Records: Emails, phone call notes, meeting summaries, and support ticket details to maintain service continuity
• Financial Information: Business revenue data, growth projections, and budget parameters you provide for our planning services

We don't collect sensitive personal information unless specifically required for our business planning services and with your explicit consent.

Your information helps us deliver effective business planning services and maintain professional relationships. We use collected data for these specific purposes:

We process your personal information only when we have a lawful basis under Australian Privacy Principles and won't use your data for purposes beyond what we've outlined without obtaining your consent first.

We take data sharing seriously and only work with trusted partners who meet our privacy standards. Your information may be shared in these specific circumstances:

• Service Providers: Third-party professionals like accountants, legal advisors, or technology providers who assist with business plan development, but only with the minimum data necessary
• Professional Partners: Industry specialists we collaborate with for complex business planning projects, always with your prior knowledge and consent
• Legal Requirements: Government agencies or regulatory bodies when required by Australian law, court orders, or legitimate legal processes
• Business Transfers: In the unlikely event of a business sale or merger, your data would transfer to the new entity with the same privacy protections

All third parties we work with sign data protection agreements ensuring they handle your information with the same care and security standards we maintain.

Under Australian privacy legislation, you have several important rights regarding your personal information. Here's what you can request and how to exercise these rights:

To exercise any of these rights, contact our privacy team using the details below. We'll respond within 30 days and may need to verify your identity to protect your information.

We implement comprehensive security measures to protect your information from unauthorised access, alteration, or disclosure. Our security framework includes:

• Technical Safeguards: Firewalls, secure servers, encrypted databases, and regular software updates to prevent unauthorised access
• Administrative Controls: Employee background checks, confidentiality agreements, and role-based access to personal information
• Physical Security: Secure office facilities, locked filing systems, and controlled access to areas containing personal information
• Incident Response: Established procedures for detecting, reporting, and responding to potential data breaches within required timeframes

While we maintain robust security measures, no system is completely invulnerable. We regularly review and update our security practices to address emerging threats and technological developments.

We retain personal information only as long as necessary for business purposes or legal compliance. Our retention periods vary based on information type and usage:

When retention periods expire, we securely delete or anonymise personal information using industry-standard data destruction methods. You can request early deletion of your information, subject to our legal obligations.

Our website uses cookies and similar technologies to enhance user experience and gather usage insights. We're transparent about what we collect and give you control over these settings:

• Essential Cookies: Required for basic website functionality, security, and user authentication - these cannot be disabled
• Analytics Cookies: Help us understand how visitors interact with our site to improve content and navigation
• Preference Cookies: Remember your settings and choices to personalise your experience on return visits
• Marketing Cookies: Used to show relevant content and measure effectiveness of our communications

You can manage cookie preferences through your browser settings or our website cookie banner. Disabling certain cookies may affect website functionality and your user experience.

We use Google Analytics with IP anonymisation enabled and have configured data retention settings to align with our privacy practices. This helps us understand website performance while protecting visitor privacy.

Occasionally, we may need to transfer your personal information outside Australia to provide our services effectively. When this occurs, we ensure appropriate safeguards are in place:

• Adequacy Decisions: Transfers only to countries recognised by Australian authorities as providing adequate privacy protection
• Contractual Safeguards: Standard contractual clauses with international service providers to ensure privacy protection equivalent to Australian standards
• Certification Programs: Working with providers who participate in recognised privacy frameworks and certification schemes
• Ongoing Monitoring: Regular assessment of international partners' privacy practices and compliance with our requirements

Any international transfers occur only when necessary for service delivery, with your interests and privacy rights protected throughout the process. We maintain records of all international transfers and can provide details upon request.

We review and update this privacy policy regularly to reflect changes in our practices, services, or legal requirements. Here's how we handle policy updates:

• Notification Process: Email notification to registered users about significant changes affecting their privacy rights or our data handling practices
• Website Updates: Updated policy posted on our website with clear indication of revision date and summary of key changes
• Transition Period: Reasonable notice period for substantial changes, allowing you to review new terms and exercise your rights if needed
• Version History: Previous policy versions available upon request for reference and transparency

Continued use of our services after policy updates constitutes acceptance of new terms. However, we'll seek explicit consent for significant changes that affect how we process your personal information.

We recommend reviewing this policy periodically to stay informed about how we protect your privacy and what rights you have regarding your personal information.