Privacy Policy

Information We Collect

When you interact with lyszaxlplo, we collect different types of information depending on how you use our services. We're upfront about what we gather and why we need it.

Information You Provide Directly

This includes data you give us when signing up, using our platform, or contacting our team:

• Your name, email address, and phone number
• Business details and financial planning preferences
• Payment information when you subscribe to our services
• Messages you send through our contact forms or support channels
• Budget scenarios and contingency planning data you create within our platform

Information Collected Automatically

When you visit our website or use our services, we collect certain technical information:

• IP address and general location data
• Browser type, device information, and operating system
• Pages you visit and features you use
• Time spent on our platform and interaction patterns
• Cookies and similar tracking technologies (see our Cookie Policy for details)

How We Use Your Information

We use your data to provide and improve our services. Here's what that actually means in practice:

We don't sell your personal information to third parties. That's not our business model, and frankly, we think it's a lousy way to treat people who trust us with their financial planning data.

Your Rights Under Australian Privacy Law

The Privacy Act 1988 and Australian Privacy Principles give you specific rights about your personal information. We've made it straightforward to exercise these rights.

To exercise any of these rights, contact us at support@lyszaxlplo.com. We'll respond within 30 days and guide you through the process.

How We Protect Your Information

Security isn't just a checkbox for us. We've built multiple layers of protection into our platform:

• All data transmitted to and from our servers is encrypted using TLS 1.3 protocol
• Your budget data is stored with AES-256 encryption at rest
• We use multi-factor authentication options to protect account access
• Our servers are hosted in Australian data centres that meet ISO 27001 standards
• Regular security audits and penetration testing by independent third parties
• Staff access to personal data is restricted based on role and logged for accountability
• Automated backup systems with encrypted storage and regular restoration testing

While no system is completely impenetrable, we take reasonable steps to protect your information and respond quickly if something goes wrong.

Data Retention and Deletion

We don't keep your information longer than necessary. Here's our approach:

Active Account Data

While your account is active, we keep your profile information and budget scenarios so you can access them anytime. You control what you save and can delete specific scenarios whenever you want.

After Account Closure

When you close your account, we delete most of your personal data within 90 days. Some information needs to be kept longer for legal reasons:

• Transaction records: 7 years (Australian tax law requirement)
• Support correspondence: 3 years (business record keeping)
• Anonymised usage data: indefinitely for analytics purposes

Inactive Accounts

If you haven't logged in for 3 years, we'll send warnings to your email before eventually closing your account and deleting your data. We'd rather keep your information safe than let it sit unused.

Sharing and Third-Party Services

We work with a small number of trusted service providers. Here's who might see your data and why:

Essential Service Providers

• Cloud hosting: AWS Sydney region for secure data storage and platform hosting
• Payment processing: Stripe for handling subscription payments (they never store full card details)
• Email services: SendGrid for sending account notifications and educational content
• Customer support: Zendesk for managing support tickets and enquiries

All these providers have contracts with us that restrict how they can use your data. They're only allowed to process information for the specific services they provide to us.

When We Must Share Information

Sometimes we're legally required to share data:

• If we receive a valid court order or subpoena
• To prevent fraud or illegal activity
• To protect someone's safety in an emergency
• If required by Australian financial services regulations

We'll notify you about such requests unless legally prohibited from doing so.

International Data Transfers

Your data is primarily stored in Australia. However, some of our service providers operate globally, which means your information might be processed in other countries.

When we transfer data internationally, we ensure:

• The receiving country has adequate privacy protections under Australian law
• We have contractual safeguards in place with the service provider
• The transfer is necessary for providing our services to you

Our main international transfers are with AWS (which also has Australian servers), Stripe (payment processing), and SendGrid (email services). All meet Australian Privacy Principles requirements for cross-border data disclosure.

Cookies and Tracking Technologies

We use cookies and similar technologies to make our platform work properly and understand how people use it.

Essential Cookies

These keep you logged in and remember your settings. They're necessary for the platform to function, so they're not optional.

Analytics Cookies

We use these to understand which features people find helpful and where they get stuck. This helps us improve the platform. You can disable these in your account settings.

Your Cookie Choices

Most browsers let you block cookies, but this might break some features. You can manage your cookie preferences in your account settings or through your browser settings.

Children's Privacy

lyszaxlplo isn't designed for children under 18. We don't knowingly collect information from kids. If you're a parent and think your child has given us their information, contact us immediately and we'll delete it.

Changes to This Policy

We update this policy occasionally to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you by email and post a notice on our platform.

The "Last Updated" date at the top shows when we last revised this policy. By continuing to use lyszaxlplo after changes take effect, you're accepting the updated terms.

Making a Complaint

If you're unhappy with how we've handled your personal information, we want to hear about it. Contact our privacy officer at support@lyszaxlplo.com with details of your concern.

We'll acknowledge your complaint within 7 days and provide a full response within 30 days. If you're not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC).