Privacy Policy
Last updated: February 2026
1. Introduction
Sunaiva Digital Pty Ltd (ABN pending) ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and disclose personal information in connection with the Sunaiva Talking Website Widget ("Service"), in compliance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), as well as the EU General Data Protection Regulation (GDPR) where applicable.
2. Information We Collect
2.1 Account Information
When you sign up for the Service, we collect:
- Name and email address
- Business name and website URL(s)
- Payment information (processed and stored by Stripe; we do not store full card details)
2.2 Website Content
We scrape and process publicly available content from the website URL(s) you provide in order to train your AI voice assistant. This may include text, product details, FAQs, pricing, and other published business information.
2.3 Call and Interaction Data
When visitors interact with your voice widget, we collect:
- Call recordings and transcripts of voice conversations
- Visitor interaction metadata (timestamps, duration, pages visited)
- Lead information voluntarily provided by visitors during conversations (e.g., name, phone number, enquiry details)
2.4 Technical Data
We automatically collect limited technical data including browser type, IP address (anonymised), and device type for service performance and security purposes.
3. How We Use Your Information
We use collected information to:
- Provide, operate, and maintain the Service
- Train and improve your AI voice assistant using your website content
- Process payments and manage your subscription
- Deliver call recordings, analytics, and lead capture data to you
- Communicate with you about your account, service updates, and support
- Comply with legal obligations
We do not sell your personal information to third parties. We do not use your data for targeted advertising.
4. Third-Party Service Providers
We share information with the following third parties, solely for the purpose of delivering the Service:
| Provider | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Payment card details, billing address, email |
| Telnyx | Voice call infrastructure | Call audio, phone numbers, call metadata |
| Google Cloud | AI processing and speech services | Voice audio for transcription, website content for AI training |
Each provider is contractually obligated to protect your data and use it only for the stated purposes. We encourage you to review their respective privacy policies.
5. Data Retention
- Account data (name, email, business details): Retained while your account is active and for 30 days after cancellation.
- Call recordings and transcripts: Retained for 90 days, then automatically deleted. You may download recordings before deletion.
- Payment records: Retained as required by Australian tax law (generally 5 years).
- Website training data: Deleted within 30 days of account cancellation.
You may request earlier deletion of your data at any time (see Section 7).
6. Cookies and Tracking
We use a minimal cookie approach:
- Authentication tokens: Essential cookies to keep you logged into your dashboard. These are strictly necessary for the Service to function.
- No tracking cookies: We do not use third-party advertising cookies, analytics tracking pixels, or cross-site tracking of any kind.
The voice widget embedded on your website does not set cookies on your visitors' browsers.
7. Your Rights
Under the Australian Privacy Act and the GDPR (where applicable), you have the right to:
- Access the personal information we hold about you.
- Correct inaccurate or incomplete personal information.
- Delete your personal information (subject to legal retention requirements).
- Export your data in a portable format.
- Object to processing of your data in certain circumstances.
- Withdraw consent at any time where processing is based on consent.
To exercise any of these rights, contact us at support@sunaivadigital.com. We will respond within 30 days.
8. Data Security
We implement appropriate technical and organisational measures to protect your personal information, including:
- Encryption of data in transit (TLS/SSL) and at rest
- Access controls limiting data access to authorised personnel
- Regular security assessments of our infrastructure
- Secure hosting on enterprise-grade cloud infrastructure
While we take reasonable steps to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
9. International Data Transfers
Your data may be processed in countries outside Australia, including the United States, where our cloud infrastructure providers operate. Where data is transferred internationally, we ensure appropriate safeguards are in place, including standard contractual clauses and compliance with applicable data protection frameworks.
10. Children's Privacy
The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or through the Service dashboard. The "Last updated" date at the top of this page indicates when this policy was last revised.
12. Complaints
If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us first at support@sunaivadigital.com. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
13. Contact
For any privacy-related questions or requests, contact us at:
Sunaiva Digital Pty Ltd
Email: support@sunaivadigital.com