Privacy Policy

AI Point Pty Ltd ("we", "our", "us")
ABN 32667971388
ACN: 667971388
Location: Sydney, New South Wales, Australia
Last Updated: 2nd January 2026

1. Our Commitment to Privacy

We respect your privacy and are committed to protecting your personal information in accordance with:

  • Privacy Act 1988 (Cth)
  • Australian Privacy Principles (APPs)
  • Spam Act 2003 (Cth)
  • Australian Consumer Law

This Policy applies to:

  • Website visitors
  • AI sales automation clients (AI SDR, Voice AI Agent)
  • AI Growth Workshop and training cohort participants
  • Data enrichment and outreach service clients

2. What Personal Information We Collect

2.1 Information You Provide

We collect personal information you give us directly, including:

  • Name, email address, phone number
  • Business name, role/title, and company information
  • Payment and billing information
  • Communications and interactions with our platform
  • LinkedIn profile information (when you engage with our outreach)
  • Marketing preferences and communication history

2.2 Information We Collect Automatically

When you use our services, we automatically collect:

  • IP address, browser type, and device information
  • Usage data (pages visited, time on site, links clicked)
  • Cookies and analytics data

2.3 Lawful Basis for Collection

We collect your personal information for these reasons:

  • Consent: You've given permission (e.g., submitting a form, signing up for a course)
  • Contract: We need it to deliver services you've requested
  • Legal obligation: Tax, regulatory, or accounting requirements
  • Legitimate interest: Improving our services, conducting marketing, or analytics

Providing information is generally optional. However, if you don't provide certain details, we may be unable to deliver some or all of our services.

3. When We Process Data on Your Behalf

3.1 Data Controller vs. Data Processor

When you engage us for data enrichment, analytics, or automation services:

  • You are the data controller (responsible for the data)
  • We are the data processor (handling data according to your instructions)

You remain responsible for:

  • Having legal rights to provide data to us
  • Obtaining consent from individuals whose data you provide
  • Compliance with the Privacy Act 1988 (Cth) and Spam Act 2003 (Cth)

3.2 Data Processing Agreement (DPA)

For all data processing engagements, we will execute a Data Processing Agreement that specifies:

  • Scope and duration of data processing
  • Security measures and compliance obligations
  • How long we retain data
  • When and how we delete or return your data
  • Your rights and our obligations as processor
  • Sub-processor arrangements (third-party tools we use)

This agreement is legally binding and protects both you and us.

3.3 Data Enrichment and Third-Party Sources

When we enrich your data using third-party sources:

We use commercially available data providers (such as Apollo.io, Clay.com, and others) to enhance your customer records with additional information from public records, business directories, and commercial databases.

Your Responsibilities:

Before using enriched data, you must:

  • Validate enriched data for accuracy and duplicates
  • Obtain fresh consent from individuals before marketing to them
  • Ensure enriched data complies with the Spam Act 2003 (Cth) and Privacy Act
  • Test enriched data in small batches before full-scale deployment

What We're Not Liable For:

We are not responsible for:

  • Inaccurate or incomplete enriched data from third-party sources
  • Your failure to validate data before use
  • Regulatory violations resulting from your use of enriched data
  • Bounce rates, spam complaints, or account suspension from enriched contacts

3.4 Data Retention and Deletion

During engagement: We retain data as necessary to provide services

After engagement: We securely delete your customer data within 30 days unless a written agreement states otherwise

Exceptions: We may retain aggregated, anonymized data for service improvement purposes

Your request: You can request deletion of your personal data anytime. We will confirm deletion within 30 days or explain why deletion isn't possible (e.g., legal or accounting requirements).

3.5 Voice AI Agent Services

When we provide Voice AI agent services:

  • Call recordings and transcripts are processed through AI providers (ElevenLabs, etc.)
  • Voice data is used only for the specific service purpose (lead qualification, meeting booking)
  • We do not retain call recordings beyond the service period unless required for billing disputes or legal compliance
  • You warrant that call recipients have appropriate consent for AI-based calling where required by law

4. How We Use Your Information

We use your personal information to:

  • Deliver, operate, and improve our AI automation, data enrichment, and analytics services
  • Build and optimize marketing campaigns and workflows for your business
  • Enrich marketing databases and customer profiles (with your instruction)
  • Provide marketing analytics and insights
  • Respond to inquiries and provide customer support
  • Process payments and manage subscriptions
  • Send service-related and marketing communications (with appropriate consent)
  • Perform analytics and research to improve our services
  • Manage community membership and deliver training programs
  • Comply with legal and regulatory obligations

5. Sensitive Information

We do not intentionally collect sensitive personal information (such as health, biometric, political, or religious data).

If a specific service requires sensitive information, we will:

  • Request explicit written consent before collection
  • Inform you how we'll protect that information
  • Handle it with enhanced security measures

6. AI Services and Data Processing

6.1 AI Service Providers

We use artificial intelligence services (Anthropic Claude, OpenAI, ElevenLabs, Vapi, and other AI service providers) to provide automation, analytics, and enrichment services.

How Your Data Is Used:

Data sent to AI providers for processing is subject to their terms and privacy policies. We use enterprise tiers with enhanced privacy protections where available.

Important: Data sent to AI providers is typically not retained by them for model training (check their terms for confirmation). We do not use your data to train AI Point's own systems.

We may use aggregated, anonymized, de-identified data to improve our services, but this cannot identify you or your business.

6.2 Automated Decision-Making

If we use AI to make automated decisions that significantly affect you or your customers, we will:

  • Inform you about the automated processing
  • Provide human review and appeal options where required

If you use our AI recommendations to make decisions affecting individuals, you must ensure compliance with the Privacy Act.

6.3 AI Limitations

You acknowledge that:

  • AI-generated outputs may contain inaccuracies, biases, or errors
  • You must independently verify AI outputs before critical business decisions
  • AI is not a substitute for professional advice (legal, financial, medical, tax)
  • AI recommendations are suggestions only, not guaranteed outcomes

7. LinkedIn Data

7.1 LinkedIn Data Collection and Use

If our services involve LinkedIn profile data:

You warrant that:

  • Your use complies with LinkedIn's Terms of Service and Data Policy
  • Data is used only for purposes permitted by LinkedIn

You agree that:

  • Data will not be re-scraped, re-sold, or combined with other data without LinkedIn consent
  • You will immediately notify us if LinkedIn issues a cease-and-desist notice

We are not liable for:

  • LinkedIn policy violations or changes
  • Account suspension or bans resulting from data use

8. Third-Party Services and Integrations

Our services integrate with third-party platforms including:

  • Cloud infrastructure (AWS, Azure, Google Cloud)
  • AI services (Anthropic, OpenAI, others)
  • Data enrichment tools (Apollo.io, Clay.com, etc.)
  • Automation platforms (n8n, Make.com, Zapier)
  • Community platform (Skool)
  • Analytics tools (Google Analytics, etc.)

Important:

Your use of these services is subject to their respective terms and privacy policies. We are not responsible for third-party service failures, data breaches, or policy changes.

You are responsible for reviewing third-party terms before using integrated services.

9. Cookies & Analytics

We use cookies and analytics tools (Google Analytics, Segment, etc.) to:

  • Understand user behavior and site usage
  • Improve our website and services
  • Personalize your experience

Your Choices:

10. Marketing Communications

10.1 Marketing Emails

We may send you marketing emails about our services, courses, community, and industry insights.

You can opt out at any time by:

  • Clicking the "unsubscribe" link in any email
  • Updating preferences in your account settings
  • Contacting us directly

We will continue to send transactional emails (receipts, invoices) and service-related communications (important updates, security notices) regardless of your marketing preference.

10.2 Spam Act Compliance

All marketing communications comply with the Spam Act 2003 (Cth):

  • We include clear identification of our business
  • We include valid contact information
  • We honor unsubscribe requests within 5 business days

11. Your Rights

11.1 Access and Correction

You have the right to access and correct personal information we hold about you.

To request access or correction:

  • Contact us via our contact page
  • We may verify your identity before providing access
  • We will respond within 30 days (or explain why we need more time)
  • We may charge a small administrative fee where permitted by law

11.2 Right to Delete

You may request deletion of your personal data at any time.

Important:

  • Some data may be retained in backup systems for a limited period
  • We may retain aggregated, de-identified data
  • Legal, accounting, or regulatory requirements may require retention of certain records
  • We will confirm deletion within 30 days or explain why deletion isn't possible

12. Data Security

We take reasonable steps to protect your personal information using:

  • Encrypted communications (HTTPS, SSL/TLS)
  • Access controls and authentication mechanisms
  • Secure cloud infrastructure (AWS with security best practices)
  • Regular security assessments and updates
  • Staff training on privacy and security
  • Secure deletion and disposal procedures

Important: No method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we maintain industry best practices to protect your information.

13. Data Breach Notification

13.1 If a Data Breach Occurs

If we experience a data breach that's likely to cause serious harm to you:

  • We will notify you as soon as practicable and without undue delay
  • We will take steps to remediate the breach and prevent recurrence
  • If required, we will notify the Office of the Australian Information Commissioner (OAIC)

This complies with the Notifiable Data Breaches scheme under the Privacy Act.

13.2 If a Third-Party Tool Is Breached

If a third-party service provider (AWS, n8n, Apollo.io, etc.) experiences a breach:

  • We will notify you as soon as we become aware
  • We will provide guidance on steps to take
  • We are not liable for third-party breaches beyond our control

14. Your Consent and Warranties

If you provide us with personal data of third parties, you warrant that:

  • You have legal authority to provide this data to us
  • Individuals have consented to our use, OR you have another lawful basis under the Privacy Act
  • The data is accurate and current
  • You've informed individuals about our data processing (by referencing this Privacy Policy)
  • You will promptly notify us if individuals withdraw consent

You indemnify us against claims that data provision violates privacy law or individuals' rights.

15. Children's Privacy

Our services are not directed to individuals under 18 years old. We do not knowingly collect personal information from children.

If we become aware we've collected information from a child, we will delete it promptly.

16. Data Retention

We retain personal data only as long as needed to:

  • Fulfill the purposes for which it was collected
  • Comply with legal obligations (typically 7 years for financial records)

Our Retention Periods:

  • Marketing list data: 3 years (or until you unsubscribe + 6 months)
  • Client project data: Duration of engagement + 30 days
  • Financial records: 7 years (tax and accounting requirements)
  • Course access data: 2 years after course completion
  • Community data: Until membership cancellation + 1 year

Once no longer needed, data is securely destroyed or de-identified.

17. Changes to This Policy

We may update this Privacy Policy to reflect changes in legal obligations, new technology, or changes to our business.

How we'll notify you:

  • Material changes will be posted on our website
  • We'll send email notification for significant changes
  • The "Last Updated" date at the top will be revised

Continued use of our services after changes indicates your acceptance of the updated policy.

18. Contact Us

If you have questions about this Privacy Policy or our privacy practices:

AI Point Pty Ltd
Sydney, NSW 2085, Australia
ABN: 32 667 971 388

Contact us here.

19. Complaints and Escalation

If you have concerns about how we handle your personal information:

Step 1: Contact Us

  • Email us with your complaint and what happened
  • We will investigate and respond within 30 days
  • If resolved, no further action needed

Step 2: Escalate to OAIC (if not satisfied)

If you're not satisfied with our response, you may lodge a complaint with:

Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au
Phone: 1300 363 992
Email: enquiries@oaic.gov.au

20. Governing Law

This Privacy Policy is governed by the laws of New South Wales, Australia, and the Privacy Act 1988 (Cth).

By using AI Point's services, you acknowledge that you have read and understood this Privacy Policy and agree to our data practices.