Privacy Policy

Planet Sense Pty Ltd ("Planet Sense", "we", "us", "our") operates NudgePro (nudgepro.com.au). We are committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use NudgePro. By using the Service, you consent to the practices described in this policy.

Information you provide directly:

• Account registration details: name, business email address, company name, and password
• Billing information: processed securely via Stripe (we do not store card numbers)
• Australian Business Number (ABN) for vendor verification
• Purchase order data you create or import into NudgePro
• Vendor contact information (name, email, phone) you add to the platform
• Support communications you send to us

Information collected automatically:

• Log data: IP address, browser type, pages visited, timestamps, and error reports
• Usage data: features used, nudge activity, and interaction patterns to improve the Service
• Cookies and similar tracking technologies (see Section 8)

Information from third-party integrations:

• Xero: purchase order details, vendor data, and contact information from your connected Xero organisation
• Vendor portal responses: ETAs, confirmations, and status updates submitted by your vendors

We use your information to:

• Provide, operate, and improve the NudgePro service
• Send automated follow-up nudges to your vendors on your behalf
• Process payments and manage your subscription
• Verify Australian Business Numbers via the ABR API
• Classify vendor responses using AI (Anthropic Claude) to identify ETAs and action items
• Send transactional emails including nudge confirmations, system alerts, and account notifications
• Respond to support enquiries and resolve disputes
• Comply with legal obligations
• Monitor for fraud, security threats, and abuse
• Aggregate and anonymise data for product analytics (no personally identifiable information is shared)

We will not use your personal information for direct marketing purposes without your explicit consent, in accordance with the Spam Act 2003 (Cth).

All NudgePro data is stored in Australia in the AWS Sydney region (ap-southeast-2), supporting Australian data sovereignty requirements. We use Supabase for database hosting with Row Level Security enabled on all tables.

We implement industry-standard security measures including:

• TLS encryption for all data in transit
• AES-256 encryption at rest
• Access controls limiting data access to authorised personnel
• Regular security monitoring via Sentry error tracking

While we take reasonable steps to protect your information, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials.

We do not sell, rent, or trade your personal information. We may share your information in the following limited circumstances:

Service providers: We engage trusted third-party providers who process data on our behalf under strict confidentiality obligations:

• Supabase — database and authentication (AWS Sydney)
• Stripe — payment processing (PCI DSS compliant)
• Resend — transactional email delivery
• Anthropic — AI-powered vendor response classification (data processed under zero data retention agreement)
• Sentry — error monitoring and performance tracking
• Vercel — application hosting and deployment

Legal requirements: We may disclose information if required by law, court order, or to protect the rights, property, or safety of Planet Sense, our users, or the public.

Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to equivalent privacy protections.

NudgePro sends automated emails to your vendors on your behalf. The vendors' email addresses and contact details you provide are used solely to deliver nudges and receive portal responses in connection with your purchase orders.

You are responsible for ensuring you have a legitimate business basis to contact your vendors by email and that doing so complies with the Spam Act 2003 (Cth). All nudge emails include an opt-out mechanism to allow vendors to stop receiving automated follow-ups.

We retain your account and purchase order data for the duration of your subscription plus 90 days following termination or cancellation, after which it is deleted from our systems. You may request early deletion of your data by contacting us at privacy@nudgepro.com.au.

Aggregated, anonymised analytics data may be retained indefinitely as it cannot identify any individual. Billing records may be retained for up to 7 years as required by Australian tax law.

Under the Australian Privacy Principles, you have the right to:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Complaint: Lodge a complaint if you believe we have mishandled your personal information

To exercise any of these rights, contact us at privacy@nudgepro.com.au. We will respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

NudgePro uses cookies and similar technologies to operate the Service, maintain your session, and remember your preferences (such as your selected theme). We do not use third-party advertising cookies or tracking pixels.

You can control cookies through your browser settings; however, disabling cookies may prevent some features of the Service from functioning correctly.

NudgePro is a business-to-business service intended for use by adults in a professional capacity. We do not knowingly collect personal information from individuals under 18 years of age.

We may update this Privacy Policy from time to time. We will notify you of material changes via email at least 14 days before they take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

For any privacy-related questions, requests, or complaints, please contact our Privacy Officer: