PRIVACY PROTOCOL

This Privacy Policy applies to all personal information collected by SYRON.AI through:

• Our website, syron.ai, and any associated subdomains
• Our consultation request forms and contact channels
• Our live chat service (Tawk.to)
• Direct communications (email, phone, in-person)
• Our AI and cybernetic intelligence service delivery

This Policy does not apply to personal information handled by third parties whose websites or services may be linked from our Website. We encourage you to review the privacy policies of those third parties directly.

We collect personal information that is reasonably necessary for our functions and activities. The types of personal information we may collect include:

• First name and last name
• Email address
• Organisation or company name
• Industry sector
• Services of interest
• Enquiry messages and consultation details
• Any other information you voluntarily provide

When you visit our Website, we may automatically collect certain technical information, including:

• IP address and approximate geolocation
• Browser type and version
• Operating system and device type
• Pages visited and time spent on pages
• Referring website or source

We do not intentionally collect sensitive information (as defined in the Privacy Act, such as health, racial or ethnic origin, political opinions, religious beliefs, or biometric data) unless you choose to provide it in the context of a consultation enquiry and you have consented to its collection. If you inadvertently provide sensitive information, we will handle it in accordance with APP 3 and APP 6.

• When you submit a consultation request or contact form on our Website
• When you engage with our live chat service
• When you correspond with us by email or telephone
• When you attend meetings, demonstrations, or events with us

• From publicly available sources or business directories, where lawful
• From referral partners or intermediaries, where applicable

• Through cookies, web beacons, and similar tracking technologies on our Website
• Through server logs and analytics tools

Where it is lawful and practicable to do so, we will give you the option to interact with us anonymously or using a pseudonym. However, in some cases — such as when requesting a consultation — we will need to identify you in order to provide our services.

We collect, hold, use, and disclose personal information for the following primary purposes:

• To respond to your enquiries and consultation requests
• To provide, manage, and improve our AI and cybernetic intelligence services
• To communicate with you about our services, updates, and relevant industry information
• To assess suitability and tailor proposals to your organisation's needs
• To maintain our client and prospect relationships
• To comply with our legal and regulatory obligations
• To protect against fraud, security incidents, and unauthorised access
• To improve the functionality and user experience of our Website

We will not use or disclose your personal information for a secondary purpose unless: (a) the secondary purpose is related to the primary purpose of collection and you would reasonably expect such use; (b) you have consented; or (c) an exception under the Privacy Act applies.

• Our employees, contractors, and agents who need access to provide services to you
• IT service providers, cloud hosting providers, and software platforms used to operate our business
• Third-party communication and analytics tools (including Tawk.to live chat and Google reCAPTCHA)
• Professional advisers including lawyers, accountants, and auditors
• Law enforcement, regulators, and courts where required by law
• Successors in the event of a merger, acquisition, or business restructure

We do not sell, rent, or trade your personal information to third parties for their own marketing or commercial purposes.

Some of our third-party service providers may be located overseas or may process data on servers located outside Australia. Where we disclose personal information to an overseas recipient, we take reasonable steps to ensure the recipient handles the information in a manner consistent with the APPs (APP 8). Countries may include the United States and the European Union.

By providing your personal information, you consent to this potential overseas disclosure.

Our Website uses cookies and similar technologies to enhance your browsing experience and gather analytics data.

• Essential cookies — Required for the Website to function properly
• Analytics cookies — Help us understand how visitors interact with our Website
• Third-party cookies — Set by service providers such as Tawk.to and Google reCAPTCHA

You can control or disable cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our Website. For more information, visit allaboutcookies.org.

Our contact form uses Google reCAPTCHA to protect against spam and abuse. reCAPTCHA collects hardware and software information and sends that data to Google for analysis. Use is subject to Google's Privacy Policy and Terms of Service.

We take reasonable steps to protect the personal information we hold from misuse, interference, loss, and from unauthorised access, modification, or disclosure (APP 11). Our security measures include:

• Encryption of data in transit using HTTPS/TLS protocols
• Access controls and authentication measures for internal systems
• Secure cloud hosting infrastructure at NextDC Sydney (Tier IV)
• Regular review of our information security practices

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements.

Our standard retention period for client and prospect records is seven (7) years from the date of last interaction, unless a longer period is required by law. When personal information is no longer required, we will take reasonable steps to destroy or de-identify it in accordance with APP 11.2.

Under APP 12 and APP 13, you have the right to:

• Request access to the personal information we hold about you
• Request correction of personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading

To make an access or correction request, please contact our Privacy Officer using the contact details in Section 13. We will respond within 30 days. In some circumstances, we may charge a reasonable fee for providing access (we will notify you of any such fee in advance).

We may refuse access or correction in limited circumstances permitted under the Privacy Act. If we refuse, we will provide written reasons and information on how to complain about the refusal.

If you have a complaint about how we have handled your personal information, please contact our Privacy Officer in the first instance (see Section 13). We will acknowledge your complaint within 5 business days and aim to resolve it within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Mail: GPO Box 5218, Sydney NSW 2001

Our Website integrates third-party services including:

• Tawk.to live chat — subject to Tawk.to's Privacy Policy
• Google reCAPTCHA — subject to Google's Privacy Policy

We are not responsible for the privacy practices of third-party websites or services. We encourage you to review their privacy policies before providing any personal information to those services.

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal information, please contact our Privacy Officer:

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. The updated Policy will be posted on our Website with a revised effective date.

For material changes, we will endeavour to notify you via email (where we hold your contact details) or by displaying a prominent notice on our Website prior to the changes taking effect.