Clause & Effect

Last updated: 1 April 2026

This Privacy Policy explains how personal information is collected, used, stored and disclosed in connection with the Clause & Effect platform, website, software and related services.

By accessing or using the platform, submitting information, creating an account, requesting access, or otherwise interacting with the service, you acknowledge this Privacy Policy.

1. Scope

1.1 This Privacy Policy applies to personal information collected through or in connection with the Clause & Effect platform, website, software, communications, billing workflows, support processes and related services.

1.2 This Privacy Policy does not apply to third-party websites, services or platforms that may be linked to or integrated with the service. Those providers operate under their own terms and privacy practices.

2. Who This Policy Applies To

This Privacy Policy applies to personal information relating to: (a) users of the platform; (b) account holders and Authorised Users; (c) prospective customers, pilot users and trial users; (d) people who contact the service for support, licence, DPA, security or commercial enquiries; (e) billing contacts and payment-related contacts; and (f) representatives of organisations using or assessing the service.

3. What Personal Information May Be Collected

Depending on the nature of the interaction, the following types of personal information may be collected:

3.1 Identity and contact details — This may include name, work email address, phone number, organisation name, job title and account credentials.

3.2 Account and access information — This may include login details, account status, user role, access history, acceptance records, IP address, browser type, device information and session data.

3.3 Commercial and billing information — This may include billing contact details, subscription status, payment status, transaction references, invoices and limited payment-related metadata. Full card details are typically processed by third-party payment providers and not stored directly by the service.

3.4 Usage and technical information — This may include feature usage, clicks, prompts, outputs generated, service logs, analytics, diagnostics, error logs, timestamps, performance data and support records.

3.5 Communications and enquiry information — This may include emails, contact form submissions, licence requests, support requests, DPA requests, security questionnaires and related correspondence.

3.6 Uploaded or submitted content — Information submitted through prompts, forms, files or workflows may be collected where necessary to operate the service. Users must not upload personal information, confidential production data, contract numbers, payroll extracts, supplier IDs or sensitive material unless a signed DPA and appropriate internal approval are in place.

4. How Personal Information Is Collected

Personal information may be collected when: (a) an account is created; (b) a user logs in or uses the platform; (c) a trial, pilot, demo or paid seat is requested or activated; (d) a form is completed or an enquiry is submitted; (e) a payment is made or attempted; (f) support is requested; (g) content, prompts, files or inputs are submitted; (h) usage data is generated through interaction with the platform; or (i) information is provided in the course of a commercial, technical or legal discussion.

Information may also be collected through cookies, logs, analytics tools and service providers supporting the platform.

5. Why Personal Information Is Collected

Personal information may be collected, held, used and disclosed for the following purposes: (a) to provide access to the platform and its features; (b) to create and manage accounts; (c) to authenticate users and manage permissions; (d) to process payments, billing and subscription administration; (e) to provide support, respond to enquiries and manage requests; (f) to operate, maintain, secure and improve the platform; (g) to monitor usage, enforce licence limits and investigate misuse; (h) to keep records of acceptance of terms, billing consent and related actions; (i) to communicate about the service, updates, incidents, support and administration; (j) to comply with legal, regulatory, security and contractual obligations; and (k) to protect rights, systems, users and the service from misuse, fraud, abuse or security threats.

6. Basis of Use

Personal information is handled because it is reasonably necessary to operate the service, manage accounts and subscriptions, maintain security, respond to requests, keep records, enforce terms, meet legal obligations and support legitimate business operations.

Where consent is required by law for a particular activity, that consent will be relied upon.

7. Data Restrictions

7.1 The platform is not intended, by default, for the submission of personal information, confidential production data, contract numbers, payroll extracts, supplier identifiers or other sensitive operational data.

7.2 Users are expected to use anonymised, placeholder or de-identified information unless a signed DPA or other written agreement expressly permits otherwise.

7.3 Each user and customer remains responsible for ensuring that any information submitted to the platform is lawful to share and appropriate for the use case.

7.4 The service operator may suspend or restrict access where data is submitted in breach of platform rules, contractual restrictions, security requirements or applicable law.

8. Disclosure of Personal Information

Personal information may be disclosed to third parties where reasonably necessary for the operation of the service, including to: (a) hosting and cloud infrastructure providers; (b) software vendors and technical service providers; (c) analytics and diagnostics providers; (d) payment processors and billing providers; (e) professional advisers, contractors and administrative service providers; (f) legal, regulatory or governmental bodies where required by law; and (g) parties involved in a business restructure, sale, transfer or assignment of the service or related assets.

Personal information will not be sold as a standalone data asset.

9. Overseas Disclosure

Some service providers may store or process information outside Australia.

By using the platform, users acknowledge that information may be transferred to or accessed from jurisdictions outside Australia where service providers or infrastructure providers operate.

Reasonable steps may be taken to use reputable providers and appropriate contractual protections where applicable, but no representation is made that every overseas jurisdiction has privacy laws equivalent to Australia.

10. Cookies, Analytics and Logs

The platform and related website may use cookies, analytics tools, log files and similar technologies to: (a) keep users signed in; (b) remember settings and preferences; (c) understand usage patterns; (d) monitor service performance; (e) improve usability and reliability; (f) detect suspicious or unauthorised activity; and (g) support billing, licensing and compliance records.

Users may be able to control cookies through browser settings, though some functionality may be affected.

11. Data Security

11.1 Reasonable steps may be taken to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure.

11.2 These steps may include access controls, authentication controls, platform monitoring, provider-level security measures, logging, restricted permissions and administrative safeguards.

11.3 No online environment is completely secure. To the maximum extent permitted by law, no guarantee is given that information will be free from unauthorised access, loss, misuse or cyber incident.

12. Data Retention

12.1 Personal information may be retained for as long as reasonably necessary for the purposes described in this Privacy Policy, including for account administration, billing, support, compliance, security, dispute resolution and legal recordkeeping.

12.2 Where information is no longer reasonably required, it may be deleted, de-identified or securely destroyed, subject to legal, operational or evidentiary requirements.

12.3 Backup copies and system logs may persist for a period after deletion in line with normal technical processes.

13. Access and Correction

13.1 A person may request access to personal information held about them, or request correction of information that is inaccurate, incomplete or out of date.

13.2 Requests may be refused where permitted by law, including where the request is unreasonable, prejudices legal rights, affects the privacy of others, or cannot be satisfied without disproportionate effort.

13.3 Requests should be made using the contact details set out in clause 18.

14. Marketing and Communications

14.1 Service-related communications may be sent where reasonably necessary for account management, billing, legal updates, security, support, or administration.

14.2 Commercial updates, launch news or promotional communications may also be sent where permitted by law.

14.3 Recipients may opt out of non-essential promotional communications using the unsubscribe function or by contacting the service.

15. Children

The platform is not directed to children and is intended for business and professional use.

16. Changes to This Policy

This Privacy Policy may be updated from time to time. The current version will apply from the date it is published or otherwise notified, unless a later date is stated. Continued use of the platform after that date constitutes acknowledgement of the updated policy.

17. Privacy Complaints

17.1 A person who has a privacy concern or complaint may contact the service using the contact details in clause 18.

17.2 Complaints will be reviewed and responded to within a reasonable period.

17.3 If a person is not satisfied with the response, they may have the right to raise the matter with the Office of the Australian Information Commissioner.

18. Contact and Operator Identity

18.1 The operator of the Clause & Effect service for the purposes of this Privacy Policy is:

Cordelle Reid trading as Clause & Effect

18.2 Privacy requests, access requests, correction requests, complaints and related enquiries should be sent to: [email protected]

See also: Terms & Conditions