Privacy Policy
Your privacy is important to us. This policy explains how PinPole collects, uses, and protects your personal information.
Last Updated: March 2026
1. Introduction
PinPole Pty Ltd (ABN 75 631 505 694) ("PinPole", "we", "us", or "our") is committed to protecting the privacy of individuals who visit our website, use our services, or otherwise interact with us. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
By accessing our website or using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services.
2. Information We Collect
2.1 Information You Provide
We may collect personal information that you voluntarily provide to us, including:
- Contact Information: Name, email address, phone number, business address, and company name
- Account Information: Username, password, and account preferences
- Communication Data: Information contained in correspondence you send to us, including enquiries, feedback, and support requests
- Professional Information: Job title, industry, and professional affiliations
- Payment Information: Billing details and transaction records (payment card details are processed by secure third-party payment providers)
2.2 Information Collected Automatically
When you visit our website or use our services, we may automatically collect:
- Device Information: Device type, operating system, browser type and version
- Usage Data: Pages visited, time spent on pages, clicks, and navigation patterns
- Log Data: IP address, access times, referring URLs, and error logs
- Location Data: General geographic location based on IP address
2.3 Information from Third Parties
We may receive information about you from third-party sources, including:
- Business partners and service providers
- Publicly available sources
- Social media platforms (where you interact with us through these channels)
3. How We Use Your Information
We use the information we collect for the following purposes:
- Service Delivery: To provide, maintain, and improve our AI-powered cloud architecture simulation and advisory services
- Communication: To respond to your enquiries, provide support, and send service-related communications
- Personalisation: To tailor our services and content to your preferences and needs
- Analytics: To analyse usage patterns and improve our website and services
- Marketing: To send promotional communications (with your consent where required)
- Security: To protect against fraud, unauthorised access, and other security risks
- Legal Compliance: To comply with applicable laws, regulations, and legal processes
- Business Operations: To manage our business, including billing, accounting, and administrative purposes
AI and Machine Learning: As an AI technology company, we may use aggregated and anonymised data to improve our machine learning models and simulation capabilities. Individual personal information is not used for model training without explicit consent.
4. Legal Basis for Processing
Under the Australian Privacy Principles, we process your personal information on the following bases:
- Consent: Where you have given clear consent for us to process your personal information for specific purposes
- Contract Performance: Where processing is necessary to fulfil our contractual obligations to you
- Legal Obligation: Where we need to comply with a legal or regulatory requirement
- Legitimate Interests: Where processing is necessary for our legitimate business interests, provided these do not override your rights and interests
5. Sharing Your Information
We may share your personal information with:
5.1 Service Providers
Third-party vendors who assist us in operating our business, including cloud hosting providers, payment processors, analytics services, and customer support tools. These providers are contractually obligated to protect your information.
5.2 Business Partners
Partners with whom we collaborate to deliver services, such as cloud consultants and solution architects using our platform.
5.3 Legal Requirements
We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to:
- Protect our rights, property, or safety
- Prevent fraud or other illegal activities
- Respond to a lawful request from public authorities
5.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity.
We Do Not Sell Your Data: PinPole does not sell, rent, or trade your personal information to third parties for their marketing purposes.
6. Data Security
We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit and at rest
- Secure access controls and authentication mechanisms
- Regular security assessments and vulnerability testing
- Employee training on data protection and privacy
- Incident response procedures for potential data breaches
6.1 Internal Access Controls
Access to customer data — including architecture inputs, simulation outputs, and account information — is strictly limited on a need-to-know basis. Specifically:
- Automated Systems: Architecture simulation and analysis is performed entirely by automated systems. No human reviews your submitted architecture data as part of normal service operation.
- Engineering Team: Access to production data is restricted to senior engineers for the purposes of debugging, incident response, and platform stability. All such access is logged and audited.
- Support Staff: Customer support personnel may access account metadata (name, subscription status, usage logs) to resolve support requests, but do not have access to architecture content or simulation outputs without your explicit permission.
- Leadership: Founders and management may access aggregated, anonymised usage analytics but do not have standing access to individual customer data.
Architecture Data: We treat your submitted cloud architecture designs as confidential. This data is never shared with other customers, used in marketing materials, or disclosed to third parties outside of the service providers listed in Section 5.1.
While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining industry best practices.
7. Data Retention
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. The specific retention periods we apply are:
- Account & Profile Data: Retained for the duration of your active account, and deleted within 90 days of account closure or a verified deletion request.
- Architecture & Simulation Data: Retained for the duration of your active subscription. Deleted within 30 days of account closure unless you request earlier deletion.
- Billing & Transaction Records: Retained for 7 years from the date of the transaction to satisfy Australian taxation and accounting obligations.
- Support & Communication Records: Retained for 2 years from the date of last contact, to assist with ongoing support and dispute resolution.
- System & Access Logs: Retained for 12 months, then automatically purged.
- Anonymised Usage Analytics: May be retained indefinitely, as no personal information is recoverable from this data.
When personal information is no longer required, we will securely delete or anonymise it in accordance with these schedules. You may request early deletion at any time by contacting us at privacy@pinpole.cloud, subject to our legal obligations to retain certain records.
8. Your Rights
Under the Australian Privacy Act and APPs, you have the right to:
- Access: Request access to the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information (subject to legal obligations)
- Opt-out: Unsubscribe from marketing communications at any time
- Complaint: Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached
To exercise any of these rights, please contact us using the details provided in Section 14. We will respond to your request within a reasonable timeframe and in accordance with applicable laws.
9. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance your experience and analyse website traffic. Types of cookies we use include:
- Essential Cookies: Required for the website to function properly
- Analytics Cookies: Help us understand how visitors interact with our website
- Functional Cookies: Remember your preferences and settings
- Marketing Cookies: Used to deliver relevant advertisements (where applicable)
You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of our website.
10. Data Storage Location & International Transfers
PinPole's primary infrastructure is hosted on Amazon Web Services (AWS) in the Asia Pacific (Sydney) region (ap-southeast-2). Your data is stored and processed in Australia by default.
Certain ancillary service providers — including analytics, support tooling, and payment processing — may process data in other regions. When we transfer your data internationally, we ensure appropriate safeguards are in place, including:
- Data processing agreements with standard contractual clauses
- Verification that recipients comply with privacy standards equivalent to Australian requirements
- Encryption and secure transfer protocols
Architecture Data Locality: Your submitted cloud architecture designs and simulation outputs are stored exclusively within the AWS ap-southeast-2 (Sydney) region and are not replicated to international infrastructure.
11. Third-Party Links
Our website may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to those third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access.
12. Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child, we will take steps to delete such information promptly.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. We encourage you to review this policy periodically.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
If you are not satisfied with our response to your privacy concern, you may contact the Office of the Australian Information Commissioner (OAIC):
- Website: www.oaic.gov.au
- Phone: 1300 363 992