Privacy Policy
Last Updated: January 15, 2026
At nivolarento, we respect your privacy and understand the importance of protecting your personal information. This privacy policy explains what data we collect, why we need it, and how we handle it throughout our relationship with you.
We've written this in plain English because legal jargon helps nobody. If something's unclear, reach out and we'll explain it better.
Information We Collect
Running a financial analysis platform means we handle several types of information. Here's what we collect and why each piece matters for the service we provide.
Personal Details You Provide
When you sign up or contact us, we ask for basic information that helps us deliver our service properly. This includes your name, email address, phone number, and business details. We also collect your company name and position when relevant to understanding your financial analysis needs.
If you're setting up payment methods, we'll need billing information. However, we don't store complete credit card numbers on our servers – that's handled by our payment processor who maintains PCI DSS compliance standards.
Usage Information
Like most web platforms, we automatically collect certain technical data when you use our service. This includes IP addresses, browser type, device information, and how you interact with our platform. We track which features you use most, how long you spend on different sections, and what reports you generate.
This isn't about surveillance. It helps us understand which tools are actually useful and which ones might need improvement. If everyone's struggling with a particular feature, that's valuable feedback we need to see.
Business Data You Upload
The financial data you upload for analysis stays yours. We process it to provide the reports and insights you've requested, but we don't claim ownership or sell this information to third parties. Your business numbers, projections, and strategic data remain confidential.
How We Use Your Information
Every piece of data we collect serves a specific purpose. We're not building profiles to sell or hoarding information for undefined future uses.
Service Delivery: We use your information to provide the financial analysis tools you signed up for. This includes generating reports, creating visualizations, and providing insights based on your business data.
Account Management: Your contact details help us manage your account, process payments, and handle support requests. When you email us with a question, we need your information to respond appropriately.
Platform Improvement: Usage data shows us what works and what doesn't. If a feature gets used heavily, we know it's valuable. If something's rarely touched, maybe it needs rethinking.
Security and Fraud Prevention: We monitor for unusual activity patterns that might indicate security issues or unauthorized access attempts.
Marketing Communications
We'll send you relevant updates about new features, platform changes, or educational content related to financial analysis. You can opt out anytime – there's an unsubscribe link in every email. We won't bombard you with daily promotions or sell your email address to other companies.
Legal Basis for Processing (Australian Privacy Principles)
Under Australian privacy law, we need legitimate grounds for processing your personal information. Here's our legal basis for different types of data handling.
- Contract Performance: We process data necessary to deliver the services you've contracted for
- Consent: For marketing communications and optional features, we rely on your explicit consent
- Legitimate Interests: We process certain data for business operations, fraud prevention, and service improvement
- Legal Obligations: Some data processing is required to comply with Australian tax, business, and financial regulations
The Privacy Act 1988 (including the Australian Privacy Principles) governs how we handle personal information. We've structured our practices to align with these requirements while maintaining practical service delivery.
Data Sharing and Third Parties
We don't sell your personal information. Period. But running a web platform means working with certain service providers who help us deliver our service.
Service Providers We Work With
| Service Type | Purpose | Data Shared |
|---|---|---|
| Cloud Hosting | Platform infrastructure and data storage | All platform data necessary for service operation |
| Payment Processing | Handling subscription payments securely | Billing details and transaction information |
| Email Services | Sending notifications and communications | Email addresses and communication preferences |
| Analytics Tools | Understanding platform usage patterns | Anonymized usage data and technical information |
| Customer Support | Managing help requests and inquiries | Contact details and support conversation history |
These providers operate under strict data processing agreements. They can only use your information for the specific services they provide to us, and they're contractually bound to protect it appropriately.
Legal Requirements
Sometimes we're legally required to share information with government authorities, regulatory bodies, or law enforcement. This happens when we receive valid legal requests, need to comply with Australian regulations, or must respond to court orders. We'll always verify the legitimacy of such requests before disclosing any data.
Your Privacy Rights
Australian privacy law gives you several rights regarding your personal information. These aren't just theoretical – they're practical tools you can actually use.
Access Your Data
You can request a copy of all personal information we hold about you. We'll provide it in a readable format within 30 days of your request.
Correct Inaccuracies
If we've got something wrong, let us know and we'll fix it promptly. You can update most information directly through your account settings.
Request Deletion
You can ask us to delete your personal information. We'll comply unless we have legal obligations to retain certain records for tax or regulatory purposes.
Object to Processing
You can object to certain types of data processing, particularly for marketing purposes. We'll respect your preferences and adjust accordingly.
Data Portability
You can request your data in a structured, commonly used format that allows you to transfer it to another service provider.
Withdraw Consent
For processing based on consent, you can withdraw that consent anytime. This won't affect the lawfulness of processing done before withdrawal.
How to Exercise These Rights
Email us at support@nivolarento.com with your request. We'll verify your identity (to prevent unauthorized access) and respond within 30 days. There's no fee for most requests, though we might charge reasonable costs for excessive or repetitive requests.
Data Security Measures
Security isn't just a checkbox for us. Financial data requires serious protection, and we've built multiple layers of security into our platform.
Technical Safeguards
We use industry-standard encryption for data in transit and at rest. All connections to our platform use TLS encryption. Our databases are encrypted, and access is restricted to authorized personnel only. We maintain regular security audits and penetration testing to identify potential vulnerabilities.
Our infrastructure includes firewalls, intrusion detection systems, and automated monitoring for suspicious activity. We log all access to sensitive data and review these logs regularly.
Access Controls
Not everyone on our team can access everything. We use role-based access controls that limit data access based on job requirements. Support staff can see what they need to help you, but they can't access financial data they don't need for their role.
We require strong authentication for staff access, including multi-factor authentication for systems containing sensitive data.
Incident Response
Despite best efforts, security incidents can happen. We maintain an incident response plan that includes immediate containment, investigation, notification of affected users, and reporting to relevant authorities when required by law.
Under Australian privacy law, we're required to notify you and the Office of the Australian Information Commissioner if a data breach is likely to result in serious harm. We take this obligation seriously and have procedures in place to detect and respond to breaches quickly.
Data Retention and Deletion
We don't keep your data forever. Different types of information have different retention periods based on practical needs and legal requirements.
Active Account Data
While your account is active, we retain your personal information and business data to provide ongoing service. Your financial analysis history remains accessible so you can review past reports and track trends over time.
After Account Closure
When you close your account, we begin a deletion process. Some data gets removed immediately, while other information stays for limited periods due to legal requirements. Tax records, for example, must be retained for five years under Australian law.
| Data Type | Retention Period |
|---|---|
| Account profile information | 90 days after account closure |
| Business financial data | Deleted immediately upon request or 30 days after closure |
| Transaction and billing records | 7 years (Australian tax law requirement) |
| Support correspondence | 3 years (for service quality and legal purposes) |
| Usage logs and analytics | 18 months (anonymized after 90 days) |
If you want specific data deleted earlier than our standard schedule, contact us and we'll accommodate your request wherever legally possible.
Cookies and Tracking Technologies
Our platform uses cookies and similar technologies. These are small text files that help the website remember your preferences and understand how you use the service.
Essential Cookies
Some cookies are necessary for the platform to function. These handle authentication, remember your session, and maintain security. You can't opt out of these while using the service, but they don't track you across other websites.
Analytics Cookies
We use analytics tools to understand how people use our platform. This data is aggregated and anonymized – we're looking at patterns, not tracking individuals. These cookies help us identify which features work well and which need improvement.
Preference Cookies
These remember your choices, like display settings or notification preferences. They make your experience more convenient but aren't strictly necessary.
You can control cookie settings through your browser. Most browsers allow you to block or delete cookies, though this might affect platform functionality. Check your browser's help section for specific instructions.
International Data Transfers
Our primary infrastructure is located in Australia, but some service providers operate globally. This means your data might be processed or stored outside Australia.
When we transfer data internationally, we ensure appropriate safeguards are in place. This includes standard contractual clauses, adequacy decisions recognizing equivalent privacy protections, or other mechanisms approved under Australian privacy law.
Our major service providers operate in regions with strong data protection frameworks, including the European Union and jurisdictions deemed adequate by Australian authorities.
Children's Privacy
Our service is designed for business use and isn't intended for children under 18. We don't knowingly collect information from minors. If we discover we've inadvertently collected data from someone under 18, we'll delete it promptly.
If you're a parent or guardian and believe your child has provided us with personal information, contact us immediately so we can remove it.
Changes to This Policy
Privacy practices evolve as technology and regulations change. We'll update this policy periodically to reflect changes in our practices or legal requirements.
When we make significant changes, we'll notify you by email and update the "Last Updated" date at the top of this page. We encourage you to review this policy occasionally to stay informed about how we protect your information.
Continued use of our service after policy changes constitutes acceptance of the updated terms. If you disagree with changes, you can close your account before they take effect.
Complaints and Disputes
If you're unhappy with how we've handled your personal information, we want to know about it. Contact us first and we'll work to resolve your concerns directly.
If you're not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner. They're the regulatory body overseeing privacy compliance in Australia.
You also have the right to pursue the matter through legal channels if other resolution methods don't address your concerns adequately.
Privacy Questions?
If something in this policy is unclear or you have specific questions about how we handle your data, reach out to us.
Email: support@nivolarento.com
Phone: +61 2 4925 2505
Mail: 168 Summer St, Orange NSW 2800, Australia
We're here to help and take your privacy seriously.