Privacy Policy

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide to us, including:

• Contact Information: Name, email address, phone number, company name, job title
• Communication Data: Information contained in any communications you send to us, including inquiry details and preferences
• Consultation Information: Details about your organization's AI governance needs, challenges, and requirements
• Service Engagement Data: Information related to consulting engagements, including project details and deliverables

1.2 Automatically Collected Information

When you visit our website, we may automatically collect:

• Technical Data: IP address, browser type and version, operating system, device information
• Usage Data: Pages visited, time spent on pages, navigation paths, referral sources
• Location Data: Approximate geographic location based on IP address for regional content delivery
• Cookie Data: Information collected through cookies and similar tracking technologies (see Section 3)

2. How We Use Your Information

We use your personal information for the following purposes:

• Service Delivery: To provide consulting services, respond to inquiries, and manage client relationships
• Communication: To contact you about services, respond to requests, and provide updates
• Website Functionality: To operate and improve our website, including regional content delivery
• Analytics: To understand how visitors use our website and improve user experience
• Marketing: To send you relevant information about our services (with your consent where required)
• Legal Compliance: To comply with legal obligations and protect our rights
• Business Operations: To maintain records, conduct business analysis, and improve our services

3. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities. Cookies are small data files stored on your device.

3.1 Types of Cookies We Use

• Essential Cookies: Required for website functionality, including region selection and navigation
• Analytics Cookies: Help us understand how visitors interact with our website
• Preference Cookies: Remember your settings and preferences (e.g., region selection)

3.2 Managing Cookies

You can control cookies through your browser settings. However, disabling cookies may affect website functionality. Most browsers allow you to refuse or delete cookies. Please note that essential cookies cannot be disabled as they are necessary for the website to function.

4. How We Share Your Information

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party vendors who assist with website hosting, email delivery, analytics, and customer support
• Professional Advisors: Lawyers, accountants, and other professional advisors as needed
• Legal Requirements: Government authorities, regulators, or courts when required by law
• Business Transfers: In connection with a merger, acquisition, or sale of assets

All third-party service providers are contractually required to protect your personal information and use it only for the purposes we specify.

5. International Data Transfers

Your personal information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by relevant data protection authorities
• Adequacy decisions recognizing equivalent data protection standards
• Appropriate technical and organizational security measures

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Access controls and authentication mechanisms
• Regular security assessments and updates
• Employee training on data protection
• Incident response procedures

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including:

• Duration of our business relationship and for a reasonable period thereafter
• Compliance with legal, regulatory, tax, or accounting requirements
• Establishment, exercise, or defense of legal claims
• Resolution of disputes and enforcement of agreements

Typically, we retain client data for 7 years after the end of a consulting engagement, and inquiry data for 3 years if no engagement results.

8. Your Rights and Choices

8.1 Australian Privacy Principles (APPs)

If you are in Australia, you have the following rights under the Privacy Act 1988:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate or incomplete information
• Erasure: Request deletion of your personal information in certain circumstances
• Complaint: Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)
• Automated Decision-Making: Be informed about automated decision-making and request human review (effective December 2026)

8.2 New Zealand Privacy Act 2020

If you are in New Zealand, you have the following rights:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion in certain circumstances
• Complaint: Lodge a complaint with the Office of the Privacy Commissioner
• Withdrawal of Consent: Withdraw consent for data processing where consent is the legal basis

8.3 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@polygovern.ai. We will respond to your request within 30 days.

9. Marketing Communications

With your consent, we may send you marketing communications about our services. You can opt out at any time by:

• Clicking the "unsubscribe" link in any marketing email
• Contacting us at privacy@polygovern.ai
• Updating your communication preferences in your account settings (if applicable)

10. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Data Breach Notification

In the event of a data breach that is likely to result in serious harm to you, we will notify you and relevant authorities as required by applicable law. Under Australian law, we will notify the OAIC within the required timeframe. Under New Zealand law, we will notify the Privacy Commissioner where required.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending an email notification for significant changes (where we have your email address)

Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Regulatory Authorities

You have the right to lodge a complaint with the relevant data protection authority: