Privacy Policy

Hoist AI Pty Ltd (ABN 12 345 678 901) ("Hoist AI", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

We comply with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) and, where applicable, the General Data Protection Regulation (GDPR) for users in the European Economic Area.

We collect information you provide directly to us, including:

• Account Information: Name, email address, company name, and password when you create an account. • Profile Information: Job title, organisation type, and areas of funding interest. • Payment Information: Credit card details and billing address (processed securely by Stripe). • Application Data: Grant applications, procurement documents, and related materials you upload or create. • Communications: Messages you send to us via email, chat, or our contact forms.

We also collect information automatically, including:

• Usage Data: Pages visited, features used, and time spent on the platform. • Device Information: IP address, browser type, operating system, and device identifiers. • Cookies: We use cookies and similar technologies to enhance your experience and analyse usage patterns.

We use the information we collect to:

• Provide, maintain, and improve our services • Process transactions and send related information • Send you technical notices, updates, and administrative messages • Respond to your comments, questions, and customer service requests • Analyse usage patterns to improve user experience • Detect, investigate, and prevent fraudulent or unauthorised activities • Comply with legal obligations

We do not sell your personal information to third parties.

Hoist AI uses artificial intelligence to provide our services. When you use our platform:

• Your application data is processed by AI models to generate suggestions and analyse fit • We may use aggregated, anonymised data to improve our AI models • You retain ownership of all content you create or upload • Individual user data is not used to train AI models without explicit consent

We may share your information with:

• Service Providers: Third parties who perform services on our behalf, such as payment processing, data analysis, and customer support. • Business Transfers: In connection with a merger, acquisition, or sale of assets. • Legal Requirements: When required by law or to protect our rights and safety. • With Your Consent: When you have given us permission to share your information.

All third-party service providers are contractually bound to protect your information and use it only for the purposes we specify.

We implement appropriate technical and organisational measures to protect your personal information, including:

• Encryption of data in transit (TLS 1.3) and at rest (AES-256) • Regular security assessments and penetration testing • Access controls and authentication requirements • Employee training on data protection • Incident response procedures

While we strive to protect your information, no method of transmission over the Internet is 100% secure.

We retain your personal information for as long as necessary to:

• Provide our services to you • Comply with legal obligations • Resolve disputes and enforce our agreements

When you close your account, we will delete or anonymise your personal information within 90 days, except where retention is required by law.

You have the right to:

• Access: Request a copy of the personal information we hold about you • Correction: Request correction of inaccurate or incomplete information • Deletion: Request deletion of your personal information • Data Portability: Request a copy of your data in a portable format • Withdraw Consent: Withdraw consent for processing based on consent • Object: Object to processing based on legitimate interests

To exercise these rights, contact us at privacy@hoist.ai.

Your information may be transferred to and processed in countries other than Australia. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by relevant authorities • Adequacy decisions where available • Other legally recognised transfer mechanisms

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. We encourage you to review this policy periodically.

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Hoist AI Pty Ltd Level 4, 31 Queen Street Melbourne VIC 3000 Australia

Email: privacy@hoist.ai Phone: +61 3 9000 0000