Privacy Policy

Effective Date: January 27, 2025
Last Updated: January 27, 2025

Table of Contents

1. Overview

Noice Pty Ltd (ACN 634 536 360) ("Noice," "we," "us," or "our") operates the Migration Accelerator service ("Service"), a SaaS platform that helps organizations migrate content from various Content Management Systems (CMS) to Magnolia CMS using artificial intelligence and automation tools.

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Service. By using Migration Accelerator, you agree to the collection and use of information in accordance with this policy.

We are committed to protecting your privacy and complying with applicable privacy laws, including the Australian Privacy Principles (APPs), the European Union General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA).

2. Information We Collect

2.1 Personal Information

We collect personal information that you provide directly to us, including:

  • Account Information: Name, email address, password, organization details
  • Profile Information: Professional role, contact preferences, avatar image
  • Authentication Data: OAuth tokens for Google and GitHub integrations
  • Payment Information: Billing address and payment method details (processed by third-party payment processors)
  • Communication Data: Messages, feedback, and support requests

2.2 Content and Migration Data

When you use our Service to migrate content, we process:

  • Source Content: Web pages, text, images, metadata from your existing CMS
  • Migration Configurations: Template mappings, component configurations, site settings
  • Generated Content: AI-processed content mappings, migration results, exported files
  • Screenshots: Automated screenshots used during migration to provide visual progress and verification (not stored in content mapping)
  • CMS Credentials: Encrypted connection details for your source and target CMS systems

2.3 Technical Information

We automatically collect technical information, including:

  • Log Data: IP addresses, browser type, operating system, referral URLs
  • Usage Analytics: Feature usage patterns, session duration, error logs
  • Performance Data: Service response times, system performance metrics
  • Device Information: Device type, screen resolution, language settings

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Provision

  • Providing and maintaining the Migration Accelerator service
  • Processing content migrations using AI analysis
  • Generating migration reports and downloadable assets
  • Managing user accounts and authentication
  • Facilitating team collaboration within organizations

3.2 Service Improvement

  • Analyzing usage patterns to improve our AI algorithms
  • Monitoring service performance and reliability
  • Debugging issues and providing technical support
  • Developing new features and enhancements

3.3 Communication

  • Sending migration status notifications and alerts
  • Providing customer support and technical assistance
  • Sending important service updates and security notifications
  • Marketing communications (with your consent)

3.4 Legal and Security

  • Complying with legal obligations and regulatory requirements
  • Protecting against fraud, unauthorized access, and security threats
  • Enforcing our Terms of Service and other policies
  • Protecting our rights, property, and safety, and those of our users

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Third-Party Service Providers

We share information with trusted third-party providers who assist us in operating our Service:

  • Amazon Web Services (AWS): Cloud hosting, file storage (S3), and data processing
  • OpenAI: AI-powered content analysis and mapping (content is processed but not used for training)
  • Mailchimp: Email marketing and communications (with your consent)
  • Sentry: Error monitoring and performance tracking
  • Google/GitHub: OAuth authentication services
  • Payment Processors: Processing subscription payments and billing

4.2 Within Your Organization

Information is shared among members of your organization as necessary for collaboration and project management within the Service.

4.3 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal processes, court orders, or governmental requests
  • Enforce our Terms of Service or other agreements
  • Protect the rights, property, or safety of Noice, our users, or others
  • Investigate potential violations of our policies

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections outlined in this policy.

5. Data Security

We implement comprehensive security measures to protect your information:

5.1 Technical Safeguards

  • Encryption of data in transit and at rest using industry-standard protocols
  • Secure authentication mechanisms including OAuth and multi-factor authentication options
  • Regular security assessments and penetration testing
  • Access controls and role-based permissions
  • Automated monitoring for security threats and anomalies

5.2 Organizational Measures

  • Employee training on data protection and security practices
  • Limited access to personal information on a need-to-know basis
  • Incident response procedures for potential security breaches
  • Regular review and updating of security policies and procedures

5.3 Data Breach Notification

In the event of a data breach that poses a risk to your privacy rights, we will notify you and relevant authorities within 72 hours as required by applicable law.

6. Data Retention

We retain your information for different periods based on the type of data and business need:

  • Account Information: Retained while your account is active and for up to 7 years after closure for legal and tax purposes
  • Migration Data: Content and migration results are retained for 2 years after project completion, unless you request earlier deletion
  • Log and Analytics Data: Technical logs are retained for up to 1 year for security and performance monitoring
  • Marketing Data: Retained until you unsubscribe or withdraw consent, then deleted within 30 days
  • Support Communications: Retained for 3 years to maintain service quality and resolve disputes

You may request deletion of your data at any time, subject to our legal obligations to retain certain information for compliance purposes.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

  • Request access to your personal information
  • Obtain a copy of your data in a portable format
  • Export your migration data and configurations

7.2 Correction and Updates

  • Update your account information through your profile settings
  • Request correction of inaccurate personal information
  • Modify communication preferences and notification settings

7.3 Deletion and Restriction

  • Request deletion of your personal information ("right to be forgotten")
  • Restrict processing of your data in certain circumstances
  • Close your account and request data deletion

7.4 Consent and Objection

  • Withdraw consent for marketing communications
  • Object to processing based on legitimate interests
  • Opt-out of non-essential data collection

7.5 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@noice.net.au. We will respond to your request within 30 days. Some requests may require identity verification.

8. International Data Transfers

We are based in Australia, and our servers are located in multiple regions including Australia, the United States, and Europe. When you use our Service, your information may be transferred to and processed in countries other than your country of residence.

For transfers from the EU/UK, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable
  • Additional safeguards such as encryption and access controls

For users in Australia, transfers are conducted in accordance with the Australian Privacy Principles and cross-border privacy rules.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience with our Service:

9.1 Types of Cookies

  • Essential Cookies: Required for basic functionality, authentication, and security
  • Performance Cookies: Help us understand how you use our Service to improve performance
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Used for targeted advertising (with your consent)

9.2 Third-Party Tracking

We may use third-party analytics services such as:

  • Google Analytics for usage analytics and insights
  • Google Tag Manager for marketing campaign tracking
  • Error tracking services for performance monitoring

9.3 Managing Cookies

You can control cookies through your browser settings and our cookie banner. Disabling essential cookies may affect the functionality of our Service.

10. Third-Party Services

Our Service integrates with various third-party platforms and services:

10.1 CMS Platforms

We connect to your Magnolia CMS, AEM, WordPress, Drupal, and other content management systems to facilitate migrations. We only access content with your explicit authorization and configured permissions.

10.2 AI Services

We use OpenAI and other AI services to analyze and process your content for migration mapping. Your content is processed but not used to train AI models.

10.3 Third-Party Privacy Policies

Each third-party service has its own privacy policy. We encourage you to review their privacy practices, particularly for services you directly authorize us to access.

11. Children's Privacy

Our Service is intended for business and professional use and is not directed to children under 16. We do not knowingly collect personal information from children. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Notify you by email (if you have provided an email address)
  • Display a prominent notice within the Service
  • Update the "Last Updated" date at the top of this policy

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Noice Pty Ltd

Level 6, 343 Little Collins St

Melbourne VIC 3000, Australia

Email: privacy@noice.net.au

Phone: 1300 572 008

ABN: 91 634 536 360

ACN: 634 536 360

For EU data protection matters, you may also contact your local data protection authority.