Privacy Policy
At FirstLine AI, we take your privacy seriously. This Privacy Policy explains how Firstline Corporation Pty Ltd trading as FirstLine AI (ABN: 90 086 391 157) collects, uses, discloses, and protects your personal information when you use our AI chatbot services and website. This Privacy Policy complies with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1. Information We Collect
1.1 Information You Provide Directly When you use FirstLine AI services, we collect information you provide to us, including: Account Information: • Full name and business name • Email address • Phone number • Business address • Payment information (credit card details, billing address) • Company size and industry Chatbot Configuration Data: • Business information you provide for chatbot training • FAQs and knowledge base content • Custom responses and conversation flows • Branding assets (logos, colors, fonts) Communications: • Messages you send us via email, contact forms, or support tickets • Feedback and survey responses • Phone call recordings (with your consent) 1.2 Information Collected Automatically When you visit our website or use our services, we automatically collect: Usage Data: • Pages visited and features used • Time spent on pages • Click patterns and navigation paths • Search queries within our platform • Device information (browser type, operating system, device model) • IP address and approximate location (city/state level) Chatbot Interaction Data: • Conversations between your chatbot and your website visitors • Conversation timestamps and duration • Lead capture information (names, emails, phone numbers collected by your chatbot) • User satisfaction ratings and feedback • Conversation analytics (topics, intent, sentiment) Technical Data: • Cookies and similar tracking technologies • Log files and server data • Error reports and diagnostic information 1.3 Information from Third Parties We may receive information about you from: • Payment processors (transaction confirmations, payment status) • CRM systems you integrate with our service • Marketing platforms and analytics providers • Social media platforms (if you connect your accounts) • Publicly available business directories
2. How We Use Your Information
We use your personal information for the following purposes: 2.1 Service Delivery • Provide and maintain FirstLine AI chatbot services • Process your subscription and payments • Configure and customize your AI chatbot • Train AI models on your business-specific data • Deliver customer support and respond to inquiries • Send service-related notifications and updates 2.2 Service Improvement • Analyze usage patterns to improve our platform • Develop new features and functionality • Conduct research and testing • Optimize chatbot performance and accuracy • Identify and fix technical issues 2.3 Business Operations • Manage your account and subscription • Process billing and collect payments • Prevent fraud and unauthorized access • Comply with legal obligations • Enforce our Terms of Service • Resolve disputes and provide customer support 2.4 Marketing and Communications • Send promotional emails about new features and services (with your consent) • Provide personalized recommendations • Conduct surveys and request feedback • Send newsletters and industry insights • Invite you to webinars and events You can opt out of marketing communications at any time by clicking “unsubscribe” in our emails or contacting support@firstlineai.au. 2.5 Analytics and Reporting • Generate usage reports and analytics dashboards • Create aggregated, anonymized statistics • Measure chatbot performance and ROI • Benchmark against industry standards
3. Legal Basis for Processing (GDPR Compliance)
For users in the European Economic Area (EEA), we process your personal information based on: • Contract Performance: Processing necessary to provide our services under our Terms of Service • Legitimate Interests: Improving our services, preventing fraud, and conducting business operations • Consent: Marketing communications and optional features (you can withdraw consent anytime) • Legal Obligations: Compliance with tax, accounting, and regulatory requirements
4. How We Share Your Information
We do not sell your personal information. We share your information only in the following circumstances: 4.1 Service Providers We share information with trusted third-party service providers who help us operate our business: • Cloud Hosting: AWS, Google Cloud (data storage and processing) • Payment Processing: Stripe, PayPal (secure payment handling) • Email Services: SendGrid, Mailchimp (transactional and marketing emails) • Analytics: Google Analytics, Mixpanel (usage analytics) • Customer Support: Zendesk, Intercom (support ticket management) • CRM Integration Partners: Salesforce, HubSpot, Zoho (when you enable integrations) All service providers are contractually obligated to protect your data and use it only for specified purposes. 4.2 Business Transfers If FirstLine AI is involved in a merger, acquisition, or sale of assets, your information may be transferred to the new owner. We will notify you before your information is transferred and becomes subject to a different privacy policy. 4.3 Legal Requirements We may disclose your information if required by law or in response to: • Court orders, subpoenas, or legal processes • Government or regulatory investigations • Requests from law enforcement agencies • Protection of our legal rights and property • Prevention of fraud or illegal activities • Protection of safety and security 4.4 With Your Consent We may share your information with other parties when you explicitly consent, such as: • Integrations you enable with third-party services • Case studies or testimonials (with your permission) • Partner programs or referrals
5. Data Storage and Security
5.1 Data Location Your data is primarily stored on secure servers located in Australia. Some data may be processed by service providers in other countries (USA, EU) that provide adequate data protection. 5.2 Security Measures We implement industry-standard security measures to protect your information: • Encryption: 256-bit SSL/TLS encryption for data in transit, AES-256 encryption for data at rest • Access Controls: Role-based access, multi-factor authentication, and strict authorization policies • Network Security: Firewalls, intrusion detection systems, and regular security audits • Data Backups: Automated daily backups with 30-day retention • Employee Training: Regular security awareness training for all staff • Vulnerability Management: Regular security assessments and penetration testing • Incident Response: Documented procedures for data breach response 5.3 Data Retention We retain your personal information for as long as necessary to: • Provide our services to you • Comply with legal obligations (typically 7 years for financial records) • Resolve disputes and enforce agreements Specific retention periods: • Account data: Duration of subscription + 30 days after cancellation • Conversation data: 12 months (or as specified in your plan) • Billing records: 7 years (Australian tax law requirement) • Marketing data: Until you unsubscribe or request deletion • Support tickets: 3 years You can request deletion of your data at any time (subject to legal retention requirements).
6. Your Privacy Rights
Under Australian privacy law and GDPR (for EU users), you have the following rights: 6.1 Access and Portability • Request a copy of your personal information • Receive your data in a structured, machine-readable format • Transfer your data to another service provider 6.2 Correction and Update • Correct inaccurate or incomplete information • Update your account details at any time 6.3 Deletion (Right to be Forgotten) • Request deletion of your personal information • We will delete your data within 30 days (subject to legal retention requirements) 6.4 Restriction and Objection • Restrict processing of your information • Object to processing based on legitimate interests • Opt out of marketing communications 6.5 Withdraw Consent • Withdraw consent for optional processing activities • Unsubscribe from marketing emails 6.6 Lodge a Complaint • File a complaint with the Office of the Australian Information Commissioner (OAIC) • Contact: oaic.gov.au or 1300 363 992 To exercise your rights, contact us at: Email: legal@firstlineai.au Phone: +61 412 210998 We will respond to your request within 30 days.
7. Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your experience. See our Cookie Policy at firstlineai.au/cookie-policy for detailed information. Types of cookies we use: • Essential Cookies: Required for website functionality (login, security) • Analytics Cookies: Help us understand how you use our site (Google Analytics) • Functional Cookies: Remember your preferences and settings • Marketing Cookies: Track effectiveness of our advertising campaigns You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.
8. Third-Party Links and Services
Our website and services may contain links to third-party websites, plugins, or integrations. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information. Third-party services we integrate with: • CRM platforms (Salesforce, HubSpot, Zoho) • Email marketing tools (Mailchimp, ActiveCampaign) • Calendar systems (Google Calendar, Outlook) • Payment processors (Stripe, PayPal) Each integration is subject to the third party’s privacy policy and terms of service.
9. Children’s Privacy
FirstLine AI services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at legal@firstlineai.au, and we will delete it promptly.
10. International Data Transfers
If you are located outside Australia, your information may be transferred to and processed in Australia or other countries where our service providers operate. We ensure adequate safeguards are in place through: • Standard Contractual Clauses (SCCs) approved by the European Commission • Privacy Shield certification (where applicable) • Adequacy decisions by relevant authorities
11. Your Customers’ Data
11.1 You as Data Controller When you use FirstLine AI chatbots on your website, you are the data controller for information collected from your website visitors. You are responsible for: • Providing privacy notices to your customers • Obtaining necessary consents for data collection • Complying with applicable privacy laws • Responding to data subject requests from your customers • Ensuring lawful processing of customer data 11.2 FirstLine AI as Data Processor FirstLine AI acts as a data processor for customer conversation data. We: • Process data only according to your instructions • Implement appropriate security measures • Assist with data subject requests when required • Notify you of any data breaches affecting customer data • Delete or return data upon termination of services 11.3 Data Processing Agreement Enterprise customers receive a Data Processing Agreement (DPA) that outlines our responsibilities as a data processor. Contact legal@firstlineai.au to request a DPA.
12. Data Breach Notification
In the event of a data breach that affects your personal information, we will: • Notify you within 72 hours of becoming aware of the breach • Describe the nature and scope of the breach • Explain the potential consequences • Outline steps we’re taking to address the breach • Provide recommendations to protect your information • Notify relevant authorities as required by law
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. How we notify you of changes: • Post the updated policy on our website with a new “Last Updated” date • Send email notification for material changes • Provide 30 days’ notice before changes take effect Continued use of our services after changes constitutes acceptance of the updated Privacy Policy.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: Firstline Corporation Pty Ltd trading as FirstLine AI Privacy Officer Email: legal@firstlineai.au Phone: +61 412 210998 Address: Suite 821, 585 Little Collins Street, Melbourne VIC 3000 ABN: 90 086 391 157 For privacy complaints or concerns: 1. Contact us first at legal@firstlineai.au 2. We will investigate and respond within 30 days 3. If unsatisfied, you may contact the Office of the Australian Information Commissioner (OAIC): – Website: oaic.gov.au – Phone: 1300 363 992 – Email: enquiries@oaic.gov.au
15. Definitions
• Personal Information: Information that identifies or can reasonably identify an individual • Data Controller: Entity that determines the purposes and means of processing personal data • Data Processor: Entity that processes personal data on behalf of the data controller • Processing: Any operation performed on personal data (collection, storage, use, disclosure, deletion) • Cookies: Small text files stored on your device to track and remember information
16. Acknowledgment
BY USING FIRSTLINE AI SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND AGREE TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS DESCRIBED HEREIN.