Privacy Policy

Version 1.0
Last Updated: 2025-09-22

Welcome to our comprehensive Privacy Policy! We've designed this document to be transparent, comprehensive, and easy to understand while ensuring full compliance with Australian privacy law.

1. Introduction

Lapine Studios, located in Brisbane, Queensland, Australia ("Lapine Studios," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you use our "Assets" software-as-a-service (SaaS) application ("Service").

By using the Service, you agree to the collection and use of information in accordance with this policy and our Terms of Service. This Privacy Policy should be read in conjunction with our Terms of Service, which govern your use of the Service.

We are bound by the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs) contained within it.

2. Information We Collect

We may collect personal information from you in several ways, including:

Account and Registration Information: When you sign up for the Service, we collect information such as your name, company name, email address, phone number, billing address, and payment details.

User-Generated Content: As you use the Service, you will create and upload data about your assets, which may include text descriptions, labels, serial numbers, locations, values, and other administrative details. This data is stored securely within the Service and remains your property.

Usage and Technical Data: We automatically collect information about how you interact with the Service. This may include your IP address, browser type, operating system, device information, access times, pages viewed, and activity logs. We use this data to analyse trends, administer the Service, and improve its functionality.

API Usage Data: If you use our API services, we collect information about API requests, including request frequency, endpoints accessed, response times, error logs, and authentication data for system monitoring, security, and billing purposes.

Communication Data: We collect information when you contact us for support, including email correspondence, support tickets, and any information you choose to provide.

Cookies and Tracking Data: We use cookies and similar technologies to enhance your experience, remember your preferences, and analyse Service usage.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide and maintain the Service, including managing your account and providing customer support
  • To process payments for your subscription to the Service and manage billing
  • To communicate with you about your account, service updates, security alerts, and support messages
  • To send you marketing information about our services (with your consent, and you may opt-out at any time)
  • To monitor and analyse the use of the Service to improve its performance, features, and security
  • To detect, prevent, and address technical issues, security breaches, and fraudulent activity
  • To comply with legal obligations and enforce our Terms of Service
  • To personalise your experience and provide tailored content and recommendations
  • To maintain system security and prevent unauthorised access

4. Legal Basis for Processing (Australia)

Under Australian privacy law, we process your personal information:

  • With your consent (for marketing communications and certain optional features)
  • To fulfill our contractual obligations to provide the Service
  • To comply with our legal obligations under Australian law
  • For our legitimate business interests (service improvement, security, fraud prevention)

5. Disclosure of Your Information

We may share your personal information with third parties only in the following circumstances:

Service Providers: We may use trusted third-party companies and individuals to facilitate our Service, provide the Service on our behalf, process payments, or assist us in analysing how our Service is used. These third parties have access to your information only to perform these tasks and are contractually obligated not to disclose or use it for any other purpose.

Legal Requirements: We may disclose your personal information if required to do so by law or in response to valid requests by public authorities (e.g., a court, government agency, or regulatory body).

Business Transfers: If Lapine Studios is involved in a merger, acquisition, or asset sale, your personal information may be transferred as a business asset. We will provide notice before your personal information becomes subject to a different privacy policy.

Consent: We may share your information with your explicit consent for specific purposes not covered above.

No International Transfers: All personal information is processed and stored within Australia in SOC 2 compliant data centers. We do not transfer your personal information outside of Australia without your explicit consent, except where required by law.

6. Data Security

The security of your data is paramount to us. We implement industry-standard security measures to protect your personal information from unauthorised access, use, disclosure, modification, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and monitoring
  • Access controls and authentication requirements
  • SOC 2 compliant data hosting infrastructure
  • Regular staff security training

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security. We will notify you of any security breaches as required by Australian law.

7. Data Breach Notification

In the event of a data breach that is likely to result in serious harm to affected individuals, we will:

  • Notify affected users as soon as practicable, typically within 72 hours of becoming aware of the breach
  • Notify the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme
  • Take immediate steps to contain the breach and prevent further unauthorised access
  • Provide clear information about what happened, what information was involved, and what steps we are taking

8. Your Rights Under Australian Law

Under Australian privacy law, you have the following rights regarding your personal information:

Access: Request a copy of the personal information we hold about you, including details about how it is used and disclosed.

Correction: Ask us to correct any inaccurate, incomplete, or out-of-date information.

Deletion: Request that we delete your personal information in certain circumstances, such as when it is no longer needed for the original purpose.

Data Portability: Request your data in a commonly used, machine-readable format for transfer to another service provider.

Marketing Opt-out: Unsubscribe from marketing communications at any time using the unsubscribe link in emails or by contacting us directly.

Complaint: Lodge a complaint with us or directly with the Office of the Australian Information Commissioner if you believe we have breached your privacy rights.

To exercise any of these rights, please contact us using the details provided at the end of this policy. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

9. Data Retention

We retain your personal information for as long as your account is active and as necessary to provide the Service. Specifically:

  • Account Data: Retained for the duration of your account plus 30 days after termination
  • User-Generated Content: Deleted within 30 days of account termination unless you request earlier deletion
  • Usage and Technical Data: Retained for up to 2 years for security and service improvement purposes
  • Payment Information: Retained for up to 7 years to comply with taxation and accounting requirements
  • Support Communications: Retained for up to 3 years for quality assurance and legal compliance

We may retain aggregated, anonymised usage statistics indefinitely for service improvement purposes. If you request deletion of specific information, we will comply unless we have a legal obligation to retain it.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Remember your login status and preferences
  • analyse Service usage and performance
  • Provide personalised content and features
  • Enhance security and prevent fraud

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of the Service.

Types of Cookies We Use:

  • Essential Cookies: Necessary for the Service to function properly
  • Analytics Cookies: Help us understand how users interact with the Service
  • Preference Cookies: Remember your settings and preferences
  • Security Cookies: Help protect against fraudulent activity

11. Third-Party Links and Services

Our Service may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those external sites or services. We encourage you to read the privacy policies of any third-party services you use.

12. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can take appropriate action.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Service features. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending an email notification to your registered email address
  • Providing notice through the Service interface

Changes will take effect 30 days after notification, unless otherwise required by law. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

14. International Users

While our Service is primarily designed for Australian users and all data is stored in Australia, if you access our Service from outside Australia, please note that your information will be transferred to and processed in Australia. By using the Service, you consent to this transfer and processing.

15. Contact Information

Privacy Officer
Lapine Studios
Email: legal@assets.lapine.studio