Privacy Policy

Last Updated: 14/06/2026

We are bound by the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs). This policy explains how and why we collect, use, hold, store and disclose your personal information.

We”, “us” and “our” means GreenLens Analytics (ABN 73 865 697 346).

1. What is personal information?

Personal information is any information or an opinion about an identified individual or an individual who can be reasonably identified from the information or opinion. Information or an opinion may be personal information regardless of whether it is true.

2. What personal information do we collect and hold?

(a)

We collect information about you and your interactions with us, for example, when you create an account, use our analytics platform or services, request a demo, contact support, submit an enquiry, interact with any chat or support functionality, or otherwise visit our website. The information we collect from you may include your name, business contact details, employer, account credentials, subscription and billing information, details of your use of our products and services, and details of enquiries, support requests or complaints you make.

(b)

We may collect information about how you access, use and interact with the website and our platform. We do this by using cookies, analytics tools, server logs and similar technologies. This information may include:

(i)

the location from which you have come to the site and the pages you have visited; and

(ii)

technical data, which may include IP address, the types of devices you are using to access the website, device attributes, browser type, language and operating system; and

(iii)

usage data, including dates and times of access, pages and features viewed, clickstream data, approximate location derived from IP address, referring URLs and error logs.

(c)

We use cookies and similar technologies on the website and, where applicable, our platform. A cookie is a small text file that the website may place on your device to store information. We may use persistent cookies (which remain on your computer even after you close your browser) to store information that may speed up your use of our website or platform for any of your future visits. We may also use session cookies (which no longer remain after you end your browsing session) to help manage authentication, security, display, performance and the presentation of information on the website or platform. You may refuse to use cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of the website or platform.

(d)

Where you or your organisation use our services, we may also collect and hold personal information contained in data sets, files, records, prompts, inputs and other content submitted to, ingested by, or generated through the platform, including where that information is analysed using automated tools or AI-enabled features to provide analytics, insights, summaries, classifications, recommendations or other service outputs.

(e)

Where you purchase a subscription or otherwise make a payment to us, your payment is processed by our third-party payment gateway provider, Stripe, via secure payment links. We do not process, collect or store complete payment card numbers or transaction details on our website. These are collected and processed directly by Stripe in accordance with applicable Payment Card Industry Data Security Standards (PCI DSS). We may receive limited billing and transaction information (such as the last four digits of your card, the payment method type, billing name and transaction status) from Stripe to administer your subscription and account.

3. Why do we collect, hold and use your personal information?

We collect, hold and use your personal information so that we can:

(a)

provide, operate, secure and improve our products and services, administer accounts and subscriptions, onboard users, provide customer support, and manage our relationship with you;

(b)

contact you, for example, to respond to your queries or complaints, provide technical and customer support, send service-related, administrative or security communications, or if we need to tell you something important;

(c)

comply with our legal obligations, protect our lawful interests, enforce our terms, and assist government and law enforcement agencies or regulators; or

(d)

analyse data, generate insights and reports, develop and improve our analytics, automation and AI-enabled features, and maintain the performance, functionality and security of our website and platform.

4. How do we collect your personal information?

(a)

We will collect your personal information directly from you whenever you interact with us, including when you use our website or platform, create or administer an account, communicate with us, request information, sign up for updates, or use our services.

(b)

We may collect information from third parties such as our customers and their authorised users, identity and access management providers, payment processors, cloud and hosting providers, analytics providers, integration partners, publicly available sources, and other service providers or contractors that support our business and platform.

(c)

If you do not provide us with your personal information, we may not be able to provide you with our services, communicate with you or respond to your enquiries.

5. How do we store and hold personal information?

(a)

We store most information about you in computer systems, databases and cloud-based environments operated by either us or our external service providers. Some information about you may also be recorded in paper files that we store securely.

(b)

We implement and maintain technical and organisational measures to protect personal information that we hold from interference or loss, and from unauthorised access, modification or disclosure.

(c)

These processes and systems include the following:

(i)

the use of identity and access management technologies to control access to systems on which information is processed and stored;

(ii)

monitoring and regularly reviewing our practices against our own policies and, where appropriate, industry practice; and

(iii)

the use of access controls, authentication measures, network and endpoint protections, logging, backups, and encryption or similar safeguards where appropriate in the circumstances.

(d)

We will also take reasonable steps to destroy or de-identify personal information once we no longer require it for the purposes for which it was collected or for any secondary purpose permitted under the APPs, subject to any legal, accounting, reporting or legitimate business retention requirements.

6. Who do we disclose your personal information to, and why?

(a)

We may disclose personal information to external service providers, contractors and sub-processors so that they may perform services for us or on our behalf, including hosting, infrastructure, storage, analytics, customer support, communications, security, payment processing and other operational services. These currently include Supabase (database and hosting), Vercel (application hosting), Cloudflare (content delivery and security), Anthropic (AI-enabled features) and Stripe (payment processing).

(b)

We may also disclose your personal information to others where:

(i)

we are required or authorised by law to do so;

(ii)

you may have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances; or

(iii)

we are otherwise permitted to disclose the information under the Privacy Act.

(c)

If the ownership or control of all or part of our business changes, we may transfer your personal information to the new owner.

7. Do we disclose personal information to overseas recipients?

(a)

We may disclose your personal information to recipients that are located outside Australia.

(b)

The personal information of our customers and the data submitted to our platform, together with our website, is hosted in data centres located in Sydney, Australia. We may, however, disclose personal information to recipients located in the United States of America, including Anthropic, whose API provides the data analytics and financial analysis features that operate behind our dashboard, as well as other countries in which our service providers or contractors operate.

8. Do we use your personal information for marketing?

(a)

We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to. These products and services may be offered by us, our related companies, our other business partners or our service providers.

(b)

Where you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt-out instructions provided in the communication.

9. Access to and correction of your personal information

(a)

You may access or request correction of the personal information that we hold about you by contacting us. Our contact details are set out below. There are some circumstances in which we are not required to give you access to your personal information.

(b)

There is no charge for requesting access to your personal information, but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs or costs for time spent on collating large amounts of material).

(c)

We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the personal information we hold about you remains accurate, up to date, complete, relevant and not misleading.

10. Complaints

(a)

If you have a complaint about the way in which we have handled any privacy issue, including your request for access or correction of your personal information, you should contact us. Our contact details are set out below.

(b)

We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.

(c)

If you remain unsatisfied with the way in which we have handled a privacy issue, you may approach an independent adviser or contact the Office of the Australian Information Commissioner (OAIC) (www.oaic.gov.au) for guidance on alternative courses of action that may be available.

11. Contact details

If you have any questions, comments, requests or concerns, please contact us at contact@greenlensanalytics.com.

12. Changes to this policy

(a)

From time to time, we may change our policy on how we handle personal information or the types of personal information that we hold. Any changes to our policy will be published on our website.

(b)

You may obtain a copy of our current policy from our website or by contacting us at the contact details above.