Privacy

Privacy Policy.

This policy explains how AI Cloud Solutions Pty Ltd trading as Contract Cloud handles personal information for the website, demos, subscriptions, support and the Contract Cloud SaaS platform.

Last updated

27 May 2026

  • Australian owned and operated
  • Production Subscriber Data at rest in Australia
  • Privacy contact: info@contractcloud.com.au

Overview

Clear handling of website, account, support and platform information.

This Privacy Policy is intended to be read with any applicable Order Form, SaaS Agreement, Data Processing Terms and service notices.

EntityAI Cloud Solutions Pty Ltd trading as Contract Cloud
ABN48 679 002 316
Contactinfo@contractcloud.com.au

1. Who this policy covers

In this policy, Contract Cloud, we, us and our mean AI Cloud Solutions Pty Ltd trading as Contract Cloud.

This policy applies to personal information we handle when you visit this website, enquire about Contract Cloud, book a demo, communicate with us, use the Contract Cloud SaaS platform, receive support, or act as an Authorised User for a Subscriber.

Where a Subscriber uploads documents, prompts, records or other content into the Services, the Subscriber is usually responsible for deciding what personal information is included and why it is processed. We process that Subscriber Data to provide the Services and in accordance with the applicable SaaS Agreement, Order Form and Data Processing Terms.

2. Personal information we collect

The kinds of personal information we may collect depend on how you interact with us. They may include:

  • identity and business contact details, including name, job title, organisation, email address, phone number and business address;
  • account and access information, including username, role, permission settings, authentication events and account status;
  • billing and commercial information, including Subscriber organisation details, invoice contacts, plan details, payment status and order history;
  • demo, sales and support information, including enquiries, meeting notes, support tickets, implementation details and correspondence;
  • technical and usage information, including IP address, device and browser information, log data, error reports, feature usage, security events and approximate location derived from network data;
  • marketing preferences, including whether you have opted in or opted out of particular communications;
  • Subscriber Data submitted to the Services, including documents, prompts, files, metadata, contract records, outputs and related work product; and
  • any other information you or a Subscriber chooses to provide to us.

3. Sensitive information and confidential material

Contract Cloud is used for legal, procurement, compliance and document workflows. Subscriber Data may contain confidential information, commercially sensitive information, personal information, and in some cases sensitive information under the Privacy Act 1988 (Cth).

We do not ask website visitors to provide sensitive information through public website forms. We may process sensitive information if it is included in Subscriber Data, support material, or other information supplied to us by a Subscriber or Authorised User. In those cases, the Subscriber is responsible for ensuring it has the necessary rights, consents and legal bases for that information to be processed through the Services.

4. How we collect information

We may collect personal information:

  • directly from you when you complete a form, book a demo, send an email, attend a meeting, request support, create an account, or use the Services;
  • from a Subscriber, administrator or Authorised User who creates accounts, configures access, uploads documents, or invites users;
  • through the Services as documents, prompts, metadata, outputs and usage records are created, processed, stored or transmitted;
  • through website cookies, pixels, analytics tools, server logs and similar technologies;
  • from third party service providers who support hosting, authentication, communications, billing, analytics, security or customer operations; and
  • from publicly available business sources where relevant to sales, procurement, security or support communications.

5. Why we use personal information

We use personal information where reasonably necessary for our business activities and to provide the Services, including to:

  • operate, maintain, secure and improve the website and Services;
  • provide demos, respond to enquiries and communicate with prospective customers;
  • create, administer, authenticate and manage user accounts;
  • process Order Forms, invoices, renewals, billing and account administration;
  • deliver document management, review, drafting, analytics, search, AI assistance and related platform functionality;
  • provide implementation, support, diagnostics, maintenance and incident response;
  • monitor usage, fair use, service performance, errors, security events and compliance with our terms;
  • send service messages, product updates, security notices and administrative communications;
  • send marketing communications where permitted and manage opt outs;
  • detect, prevent and respond to fraud, misuse, unlawful activity, security threats and technical issues;
  • meet legal, regulatory, insurance, accounting, audit and dispute resolution obligations; and
  • develop aggregated, de-identified or anonymised insights about service usage and performance.

6. AI functionality and automated decisions

The Services include AI Functionality that can process Inputs and generate Outputs for contract review, drafting, document analysis, search, summarisation and related workflows. AI outputs are probabilistic and may be inaccurate, incomplete or inappropriate. They are not a substitute for legal, professional or commercial judgement.

We process Inputs, Outputs and related metadata to provide the Services, maintain security, troubleshoot issues, support users, manage usage and comply with the applicable SaaS Agreement. We do not use Subscriber Data to train public foundation models unless this is permitted by the applicable agreement, consent, law, or the data has been aggregated or de-identified so that individuals are not reasonably identifiable.

Contract Cloud does not use personal information from website visitors, demo enquiries or SaaS account administration to make solely automated decisions that are reasonably expected to significantly affect an individual's rights or interests. Product outputs may assist Subscribers with document analysis, but Subscribers and their users remain responsible for decisions made using those outputs.

7. When we disclose personal information

We may disclose personal information to:

  • our personnel, contractors and advisers who need access for business, legal, accounting, security or support purposes;
  • Subscribers, administrators and Authorised Users connected with the relevant workspace or account;
  • hosting, infrastructure, data storage, communications, email, customer relationship, analytics, security, billing, payment, support and AI service providers;
  • professional advisers, insurers, auditors and consultants;
  • regulators, courts, law enforcement agencies and government bodies where required or permitted by law;
  • third parties involved in an actual or proposed merger, acquisition, financing, corporate restructure or sale of assets; and
  • other recipients with your consent or as otherwise required or permitted by law.

We require service providers to handle personal information consistently with the purposes for which it was provided and with appropriate confidentiality, privacy and security obligations.

8. Overseas disclosure and data residency

We store production Subscriber Data at rest in data centres located in Australia.

We use third party hosting, communication, analytics, support, security and artificial intelligence services to deliver and support Contract Cloud. While production Subscriber Data at rest remains in Australia, Inputs submitted to the Services and Outputs generated by the Services may transit through, or be temporarily processed in, systems located outside Australia, including the United States, Singapore and member states of the European Union.

Where we disclose personal information overseas, we take reasonable steps designed to ensure that the recipient handles the information consistently with applicable Australian privacy requirements, unless an exception applies.

9. Cookies, analytics and website data

We may use cookies, pixels, local storage and analytics tools to operate the website, remember preferences, understand traffic, measure content performance, improve pages, detect technical issues and support marketing or sales attribution.

You can usually adjust your browser settings to block or delete cookies. Some website features may not work properly if cookies are disabled.

10. Security

We use technical and organisational measures designed to protect personal information from misuse, interference, loss, unauthorised access, modification and disclosure. These measures include encryption at rest and in transit, role based access controls, logging, vulnerability testing, access management, backup controls and personnel confidentiality obligations.

No method of transmission or storage is completely secure. Subscribers and Authorised Users must also protect their own accounts, credentials, devices, networks and uploaded data.

11. Data retention and deletion

We retain personal information for as long as reasonably necessary for the purposes described in this policy, including to provide the Services, manage accounts, comply with legal obligations, resolve disputes, enforce agreements, maintain security records and preserve business records.

Subscriber Data is retained and deleted in accordance with the applicable SaaS Agreement, Order Form and Data Processing Terms. Unless retention is required by law or agreed otherwise, Subscriber Data is generally made available for download for thirty days after termination or expiry, then deleted. Backup copies may persist for a limited period before routine deletion.

We may retain aggregated, de-identified or anonymised information where individuals are not reasonably identifiable.

12. Access and correction

You may request access to, or correction of, personal information we hold about you by contacting info@contractcloud.com.au. We may need to verify your identity before responding.

If your personal information is contained in Subscriber Data controlled by a Subscriber, we may refer your request to that Subscriber or ask you to contact them directly. We will assist Subscribers with data subject requests as required by applicable law and the relevant Data Processing Terms.

13. Marketing communications

We may send marketing communications about Contract Cloud where permitted by law. You can opt out by using the unsubscribe link in a marketing email or by contacting us. We may still send service, security, billing and administrative messages that are not marketing communications.

14. Anonymity and pseudonymity

You may deal with us anonymously or using a pseudonym where it is lawful and practicable, such as when browsing public pages of the website. We may need accurate identity, business contact, billing, security and account information to provide demos, manage subscriptions, authenticate users, provide support and operate the Services.

15. Children

Contract Cloud is designed for business, legal, procurement and compliance users. It is not directed to children and we do not knowingly collect personal information from children through the website or Services.

16. Data breaches

If we become aware of a suspected or actual data breach involving personal information, we will assess and respond to it in accordance with applicable law, our contractual obligations and our incident response processes. Where required by the Notifiable Data Breaches scheme, we will notify affected individuals and the Office of the Australian Information Commissioner.

17. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes to our Services, legal obligations, suppliers, security practices or business operations. The updated version will be published on this website with a revised last updated date.

18. Contact and complaints

If you have a privacy question, access or correction request, or complaint, contact us at:

AI Cloud Solutions Pty Ltd trading as Contract Cloud
ABN 48 679 002 316
Email: info@contractcloud.com.au

We will aim to respond within a reasonable time. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.