Privacy Policy

1. Introduction

This Privacy Policy explains how Arikai Pty Ltd (trading as Truescale Partners) (“Truescale”, “we”, “us”) collects, uses, stores, and discloses your personal information. We are headquartered in Australia and provide consulting and AI solutions to clients globally. We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), as well as the General Data Protection Regulation (GDPR) for individuals in the European Economic Area (EEA). This policy applies to all personal data we collect and process through our AI solutions and services, regardless of your location.

2. Collection of Personal Information

2.1 Purpose of Collection

We collect personal information to deliver AI solutions that automate document processing, workflows, and other enterprise functions. This information helps us support and improve our services globally.

2.2 Types of Information Collected

We may collect:

• Your name, email address, company name, and job title
• Profile information (e.g. preferred language)
• Data from team communication platforms (e.g. team or chat names, member details)
• Any other information necessary to provide our services to your organisation

2.3 Compliance with Regulations

In accordance with APP 3 and GDPR Article 6, we:

• Collect only the data necessary for our business operations
• Obtain data directly from you or via enterprise clients who engage us to deliver services

3. Use of Personal Information

3.1 How We Use Your Data

We use your personal data to:

• Provide and improve Truescale’s AI solutions
• Automate processes such as document processing and notifications
• Analyse and enhance our services for better efficiency and user experience globally

3.2 Legal Basis for Processing

Under GDPR Article 6, we process personal data on the basis of:

• Performance of a contract with you or your organisation
• Compliance with legal obligations
• Legitimate interests, including improving our services and ensuring their secure operation

4. Disclosure of Personal Information

4.1 Disclosure to Third Parties

We do not share your personal data with third parties except:

• With your consent
• Where required by law
• Where necessary to deliver services (e.g. cloud hosting providers, analytics services)

We comply with APP 6 and GDPR Articles 13 and 14 by ensuring transparency and data security when disclosing information.

4.2 Sharing of Data

We may share your data:

• With your organisation for the purpose of delivering our services
• With carefully selected service providers under contractual obligations to protect your information

5. Data Security and Retention

5.1 Security Measures

We take reasonable steps to protect your personal information from misuse, loss, and unauthorised access, consistent with APP 11 and GDPR Article 32. Our measures include:

• Encryption of data in transit and at rest
• Access controls and secure authentication
• Regular security audits and monitoring

5.2 Data Retention

We retain your personal data only as long as necessary to fulfil the purposes for which it was collected, in line with APP 11 and GDPR Article 5(1)(e).

6. Access, Correction, and Accuracy

6.1 Your Rights

You have the right to access and correct your personal information under APP 12 and GDPR Articles 15 (Right of Access) and 16 (Right to Rectification).

6.2 How to Request Access or Correction

You can request access or correction by contacting us using via email. We will respond within a reasonable time frame, consistent with our obligations under the APPs and GDPR.

7. Right to Erasure (Right to Be Forgotten)

7.1 Requesting Deletion

Under GDPR Article 17 and consistent with APP 11, you may request deletion of your personal data where:

• It is no longer necessary for the purposes it was collected
• You withdraw consent (where applicable)
• It has been unlawfully processed

7.2 Responding to Requests

We will process valid requests for deletion in consultation with your organisation as appropriate, unless we are required to retain the data by law or for the establishment, exercise, or defence of legal claims.

8. Data Portability

8.1 Your Right

Under GDPR Article 20, you have the right to request that we provide your personal data in a structured, commonly used, and machine-readable format.

8.2 Transfers to Another Organisation

Where technically feasible, you may request that we transfer your data directly to another organisation.

9. Restriction of Processing

9.1 Requesting Restrictions

Under GDPR Article 18, you can request that we restrict processing if:

• You contest the accuracy of the data
• Processing is unlawful but you prefer restriction over deletion
• We no longer need the data but you require it for legal claims

9.2 Storage During Restriction

In such cases, we will store your data but suspend other processing activities until the restriction is lifted.

10. Automated Decision-Making and Profiling

10.1 Automated Decisions

Some of our AI solutions may involve automated decision-making. Under GDPR Article 22, you have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.

10.2 Human Intervention

You may request human review of decisions, express your point of view, or contest the decision.

11. International Data Transfers

11.1 Transfers Outside Australia or the EEA

Given our global operations, we may transfer personal data outside Australia or the EEA (e.g. to cloud service providers or regional support teams). We comply with APP 8 and GDPR Chapter V (Articles 44–50) by implementing safeguards such as:

• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules (BCRs)
• Other legally acceptable mechanisms

11.2 Third-Party Recipients

We ensure any third-party recipients of data provide equivalent data protection as required by applicable laws.

12. Updates and Continuous Improvement

12.1 Ongoing Commitment

In line with APP 1.2 and GDPR Article 5(1)(d), we regularly review and update our privacy practices to ensure ongoing compliance with evolving data protection laws worldwide. This includes updating this Privacy Policy as needed, and we encourage you to review it regularly.