Privacy Policy

Effective: 10 September 2025

Privacy at a glance

Your privacy matters. Here’s a quick summary of how we handle your information:

• What we collect: Information you provide (e.g. account details, project content), information collected automatically (e.g. device details, usage data), and information from third parties (e.g. integrations, social media).

• How we use it: To deliver and improve our services, personalise your experience, provide customer support, keep services secure, and communicate with you. We may also use it for marketing (you can opt out).

• How we share it: With other users for collaboration, with trusted service providers, and where legally required. We do not sell personal information.

• Global compliance: We comply with the Australian Privacy Act 1988 (Cth) and Australian Privacy Principles (APPs), as well as GDPR (EU/UK) and CCPA/CPRA (California) where applicable.

• Your choices: You can access, update, delete, or restrict use of your information, opt out of marketing, and request portability of your data.

• Data security: We use industry-standard safeguards, and comply with the Notifiable Data Breach (NDB) scheme in Australia and GDPR’s notification rules.

• Complaints: If you are not satisfied, you can contact the OAIC in Australia or your local data protection authority.

• Children: Our services are not intended for children under 16 (or under 13 in the US).

For full details, please read the policy below.

What this policy covers

This Privacy Policy covers the information collected when you use our suite of software tools, features, and functionalities that enable users to manage projects, tasks, teams, and related activities ("Application" or "Services"). This includes, but is not limited to, the web and mobile applications, software, and any associated services such as customer support, data storage, integrations with third-party applications, updates, and other related functionalities that Proseeq offers to its users, or otherwise interact with us unless a different policy is displayed.

Compliance Statement

This Privacy Policy is designed to comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where applicable, it also incorporates requirements under international data protection laws including the EU/UK General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA/CPRA).

If you do not agree with this policy, do not access or use our Application.

Where we provide the Application under contract with an organisation (for example, your employer) that organisation controls the information processed by the Application. This policy does not apply to the extent we process personal information in the role of a processor on behalf of such organisations.

Information collected

We collect information about you when you provide it to us, when you use our Application, and when other sources provide it to us.

Information you provide to us

We collect information about you when you input it into the Application or otherwise provide it directly to us.

Account and Profile Information: We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the Application. For example, you provide your contact information and, in some cases, billing information, when you register for the Services. You may also have the option of adding a display name, profile photo, job title, and other details to your profile information to be displayed in our Application. We keep track of your preferences when you select settings within the Application.

Content you provide through our products: Examples of content we collect and store include: the name added to a project, risks added to a project, actions related to a risk. Content also includes any links you upload to the Application.

Information we collect automatically when you use the Application

We collect information about you when you use our Application, including browsing our websites and taking certain actions within the Application.

Your use of the Application: We keep track of certain information about you when you visit and interact with any of our Application. This information includes the features you use; the links you click on; frequently used search terms.

Device and Connection Information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Application experience.

Information we receive from other sources

We may receive information about you from other Service users, from third-party services, from our related companies, social media platforms, public databases, and from our business and channel partners. We may combine this information with information we collect through other means described above. This helps us to update and improve our records, identify new customers, create more personalised advertising and suggest services that may be of interest to you.

Other users of the Services: Other users of our Services may provide information about you when they submit content through the Services. For example, you may be mentioned in an action created by someone else. We may also receive your email address from other Service users when they provide it in order to invite you to the Services. Similarly, an administrator may provide your contact information when they designate you as the billing or technical contact on your company's account or when they designate you as an administrator.

Other services you link to your account: We receive information about you when you or your administrator integrate third-party apps or link a third-party service with our Services. For example, if you create an account or log into the Services using your Google credentials, we receive your name and email address as permitted by your Google profile settings in order to authenticate you. You or your administrator may also integrate our Services with other services you use, such as to allow you to access, store, share and edit certain content from a third-party through our Services. For example, you may authorise our Services to access, display and store files from a third-party document-sharing service within the Services interface. Or you may authorise our Services to connect with a third-party calendaring service or to sync a contact list or address book so that your meetings and connections are available to you through the Services, so you can invite others to collaborate with you on our Services or so your organisation can limit access to certain users. Your administrator may also authorise our Services to connect with a third party reporting service so your organisation can review how the Services are being used. The information we receive when you link or integrate our Services with a third-party service depends on the settings, permissions and privacy policy controlled by that third-party service. You should always check the privacy settings and notices in these third-party services to understand what data may be disclosed to us or shared with our Services.

Third Party Providers: We may receive information about you from third party providers of business information and publicly available sources (like social media platforms), including physical mail addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), IP addresses and social media profiles, for the purposes of targeted advertising of products that may interest you, delivering personalised communications, event promotion, and profiling.

How we use information we collect

How we use the information we collect depends on which Services you use, how you use them, and your preferences.

In the EU/UK, our lawful bases for processing personal data include: (a) performance of a contract, (b) compliance with legal obligations, (c) our legitimate business interests, (d) your consent where required, and (e) protection of vital interests.

For California residents, we do not sell personal information. Where we share data with third parties, you have the right to opt out of such sharing.

To provide the Services and personalise your experience: We use information about you to provide the Services to you, including to process transactions with you, authenticate you when you log in, provide customer support, and operate, maintain, and improve the Services. For example, we may use the name and picture you provide in your account to identify you to other Service users. Our Services also include tailored features that personalise your experience, enhance your productivity, and improve your ability to collaborate effectively with others by automatically analysing the activities of your team to provide search results, activity feeds, notifications, connections and recommendations that are most relevant for you and your team. For example, we may use your stated job title and activity to return search results we think are relevant to your job function. We may also use information about you to connect you with other team members seeking your subject matter expertise. We may use your email domain to infer your affiliation with a particular organisation or industry to personalise the content and experience you receive on our websites. Where you use multiple Services, we combine information about you and your activities to provide an integrated experience, such as to allow you to find information from one Service while searching from another or to present relevant product information as you travel across our websites. Based on your interactions with different products and advertisements, we will personalise your experience and tailor our communications and offers to you.

For research and development: We are always looking for ways to make our Services smarter, faster, secure, integrated, and useful. We use information and collective learnings (including feedback) about how people use our Services to troubleshoot, to identify trends, usage, activity patterns, and areas for integration and to improve our Services and to develop new products, features and technologies that benefit our users and the public. We automatically analyse and aggregate frequently used search terms to improve the accuracy and relevance of suggested topics that auto-populate when you use the search feature. In some cases, we apply these learnings across our Services to improve and develop similar features, to better integrate the Services you use, or to provide you with insights based on how others use our Services. We also test and analyse certain new features with some users before rolling the feature out to all users.

To communicate with you about the Services: We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. We send you email notifications when you or others interact with you on the Services, for example, when an action is assigned to you, or when you are added to a project. We also provide tailored communications based on your activity and interactions with us. We also send you communications as you onboard to a particular Service to help you become more proficient in using that Service. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings.

To market, promote and drive engagement with the Services: We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email and by displaying Proseeq Pty Ltd ads on other companies' websites and applications. These communications may be informed by audits of interactions (like counting ad impressions), and are aimed at driving engagement and maximising what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new Services, product offers, promotions, and contests. You can control whether you receive these communications as described below under "Opt-out of communications."

Customer support: We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyse crash information, and to repair and improve the Services. Where you give us express permission to do so, we share information with a third party expert for the purpose of responding to support-related requests.

For safety and security: We use information about you and your Service use to verify accounts and activity, to detect, prevent, and respond to potential or actual security incidents and to monitor and protect against other malicious, deceptive, fraudulent or illegal activity, including violations of Service policies.

To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.

With your consent: We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.

Where required by law: We need to process your data to comply with a legal obligation.

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.

How we share information we collect

We share information we collect about you in the ways discussed below, including in connection with possible business transfers. We are not in the business of selling information about you to advertisers or other third parties.

We may transfer personal information outside Australia. Where we do so, we will take reasonable steps to ensure that overseas recipients comply with the APPs or are otherwise subject to laws that provide comparable safeguards.

We make collaboration tools, and we want them to work well for you. This means sharing information through the Services and with certain third parties. We share information we collect about you in the ways discussed below, including in connection with possible business transfers. We are not in the business of selling information about you to advertisers or other third parties.

Sharing with other Service users

When you use the Services, we share certain information about you with other Service users.

For collaboration: You can create content, which may contain information about you, and grant permission to others to see, share, edit, copy and download that content based on settings you or your administrator (if applicable) select. Some of the collaboration features of the Services display some or all of your profile information to other Service users when you share or interact with specific content.

Managed accounts and administrators: If you register or access the Services using an email address with a domain that is owned by your employer or organisation or associate that email address with your existing account, and such organisation wishes to establish an account or site, certain information about you including your name, profile picture, contact info, content and past use of your account may become accessible to that organisation’s administrator and other Service users sharing the same domain. If you are an administrator for a particular site or group of users within the Services, we may share your contact information with current or past Service users, for the purpose of facilitating Service-related requests.

Sharing with third parties

We share information with third parties that help us operate, provide, improve, integrate, customise, support and market our Services.

Service Providers: We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including appropriate security and confidentiality procedures designed to protect your information.

Third Party Applications: You, your administrator or other Service users may choose to add new functionality or change the behavior of the Services by installing third party applications within the Services. Doing so may give third-party applications access to your account and information about you like your name and email address, and any content you choose to use in connection with those applications. If you are an administrator, or a technical or billing contact listed on an account, we share your details with the third-party app provider upon installation. Third-party application policies and procedures are not controlled by us, and this privacy policy does not cover how third-party applications use your information. We encourage you to review the privacy policies of third parties before connecting to or using their applications or services to learn more about their privacy and information handling practices. If you object to information about you being shared with these third parties, please uninstall the Application.

Links to Third Party Sites: The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. If you submit information to any of those third party sites, your information is governed by their privacy policies, not this one. We encourage you to carefully read the privacy policy of any website you visit.

Third Party Services: We may offer you the ability to interact with or share information with third parties through the Services. For example, we may offer users the ability to log in to the Services via a third-party service like Google. When you intentionally interact with these third parties, we may share certain information with those third parties or receive information with those third parties, consistent with your privacy settings on the third-party service. Such information may include contact information, identification, and demographic information, and device information and identifiers. You should always check the privacy settings and notices in these third-party services to understand how those third-parties may use your information.

With your consent: We share information about you with third parties when you give us consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your consent, we may post your name alongside the testimonial.

Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our products and services, (d) protect the Company, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.

Sharing with affiliated companies

We share information we collect with affiliated companies and, in some cases, with prospective affiliates. Affiliated companies are companies owned or operated by us. The protections of this privacy policy apply to the information we share in these circumstances.

Proseeq Pty Ltd companies: We share information we have about you with other Proseeq Pty Ltd corporate affiliates in order to operate and improve products and services and to offer other services to you. This includes companies that own or operate the Services listed here.

Business Transfers: We may share or transfer information we collect under this privacy policy in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the Services if a transaction takes place, as well as any choices you may have regarding your information.

How we store and secure information we collect

Information storage and security

We use industry standard technical measures to secure the information we store.

If your personal information is involved in a data breach that is likely to result in serious harm, we will comply with our obligations under the Notifiable Data Breach (NDB) scheme in Australia, and where applicable, under GDPR’s 72-hour notification rule.

If you use our server or data centre Services, responsibility for securing storage and access to the information you put into the Services rests with you and not Proseeq Pty Ltd. We strongly recommend that server or data centre users configure SSL to prevent interception of information transmitted over networks and to restrict access to the databases and other storage points used.

How long we keep information

How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or de-identify your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

Account information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyse personal characteristics about you.

Information you share on the Services: If your account is deactivated or disabled, some of your information and the content you have provided will remain in order to allow your team members or other users to make full use of the Services. For example, we continue to display messages you sent to the users that received them and continue to display content you provided, but when requested details that can identify you will be removed.

Managed accounts: If the Services are made available to you through an organisation (e.g., your employer), we retain your information as long as required by the administrator of your account. For more information, see "Managed accounts and administrators" above.

Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

How to access and control your information

You have the right to request a copy of your information, object to our use, request deletion, restriction, or portability. Some requests may be limited by law or legitimate interests.

If you are located in the European Union or United Kingdom, you also have the right to lodge a complaint with your local supervisory authority if you believe we have infringed your rights.

If you are in Australia and are not satisfied with our response to a privacy complaint, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) (www.oaic.gov.au).

Other important privacy information

Children’s Data

Our Services are not directed to children under the age of 16 (or under 13 in the United States). We do not knowingly collect personal information from children. If you believe we have collected such information in error, please contact us and we will delete it.

International Representative

Where required by law, we will appoint an EU/UK representative to act as a point of contact for supervisory authorities and individuals located in those jurisdictions.

Notice to End Users

Many of our products are intended for use by organisations. Where the Services are made available to you through an organisation (e.g. your employer), that organisation is the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organisation's policies. We are not responsible for the privacy or security practices of an administrator's organisation, which may be different than this policy.

Administrators are able to:

• require you to reset your account password;

• restrict, suspend or terminate your access to the Services;

• access information in and about your account;

• access or retain information stored as part of your account;

• install or uninstall third-party apps or other integrations

In some cases, administrators can also:

• restrict, suspend or terminate your account access;

• change the email address associated with your account;

• change your information, including profile information;

• restrict your ability to edit, restrict, modify or delete information

Even if the Services are not currently administered to you by an organisation if you use an email address provided by an organisation (such as your work email address) to access the Services, then the owner of the domain associated with your email address (e.g. your employer) may assert administrative control over your account and use of the Services at a later date. You will be notified if this happens.

If you do not want an administrator to be able to assert control over your account or use of the Services, you should deactivate your membership with the relevant enterprise, or use your personal email address to register for or access the Services. If an administrator has not already asserted control over your account or access to the Services, you can update the email address associated with your account through your account settings in your profile. Once an administrator asserts control over your account or use of the Services, you will no longer be able to change the email address associated with your account without administrator approval.

Please contact your organisation or refer to your administrator’s organisational policies for more information.

Contact us

If you have questions or concerns about how your information is handled, or to exercise your rights, please contact us at:

Proseeq Pty Ltd
15 Ludstone Street, Hampton VIC 3188, Australia
admin@proseeq.com

If you are not satisfied with our response, you may escalate your complaint to the OAIC (Australia) or your relevant data protection authority (EU/UK).