Privacy Policy

1. Introduction

BlueprintLab Pty Ltd (ABN: 42694683694) ("we," "us," "our," or "zen") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our work platform with built-in chat and related services.

By using zen, you agree to the collection and use of information in accordance with this Privacy Policy. This policy complies with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and the General Data Protection Regulation (GDPR) where applicable.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

Account Information: Name, email address, phone number, company name, and job title
Profile Information: Profile pictures, preferences, and settings
Communication Data: Messages, conversations, and task discussions within the platform
Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
Contact Information: Information about your contacts and team members when you invite them to use our services

2.2 Technical Information

Device Information: IP address, browser type, operating system, device identifiers
Usage Data: How you interact with our platform, features used, time spent, and navigation patterns
Log Data: Server logs, error reports, and system performance data
Cookies and Tracking: Information collected through cookies, web beacons, and similar technologies

2.3 Chat and Collaboration Data

Chat messages and conversations within the platform (stored permanently)
Tasks, projects, decisions, and workflow information you create or manage
Files, documents, and attachments you upload
Comments, notes, and collaboration data
Time tracking and productivity metrics

2.4 Built-in Chat and AI Processing

How we handle your chat messages:

Permanent Storage: Chat messages sent within zen are stored permanently to maintain conversation history and enable team collaboration
AI Processing: Our AI analyzes chat messages to detect potential tasks, events, and provide summarizations when requested
User Control: Detected tasks and events are presented as suggestions that you can approve, modify, or dismiss
Data Access: Chat messages are accessible to team members within your workspace according to your space permissions
Encryption: All data transmission is encrypted using industry-standard HTTPS/TLS protocols
Data Security: Messages are stored securely in encrypted databases with access controls and regular security audits

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Provision

Provide, operate, and maintain our work platform with built-in chat
Store and deliver chat messages and collaboration data
Process and manage your account and subscriptions
Enable team collaboration, task management, and decision tracking features
Generate AI-powered task detection, summarizations, and productivity insights

3.2 Communication

Send service notifications, updates, and reminders
Respond to your inquiries and provide customer support
Send marketing communications (with your consent)
Inform you about new features, services, or changes to our terms

3.3 Improvement and Analytics

Analyze usage patterns to improve our services
Conduct research and development for new features
Monitor and analyze trends, usage, and activities
Troubleshoot technical issues and optimize performance

3.4 Legal and Security

Comply with legal obligations and regulatory requirements
Detect, prevent, and address fraud and security issues
Protect our rights, property, and safety, and that of our users
Enforce our terms of service and policies

4. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our platform:

Cloud hosting and infrastructure providers
Payment processing services
Customer support and communication tools
Analytics and monitoring services
Email and marketing platforms

4.2 Team Members

Within your organization or team workspace, information is shared with authorized team members as necessary for collaboration and project management purposes.

4.3 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or to protect our legal rights and interests.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, subject to appropriate confidentiality protections.

5. Data Security

We implement comprehensive security measures to protect your information:

Encryption: Data is encrypted in transit and at rest using industry-standard protocols
Access Controls: Strict authentication and authorization mechanisms
Regular Audits: Ongoing security assessments and penetration testing
Incident Response: Established procedures for detecting and responding to security incidents
Staff Training: Regular security training for all personnel with access to data
Infrastructure Security: Secure cloud infrastructure with regular updates and monitoring

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but commit to implementing reasonable safeguards and promptly notifying users of any significant security incidents.

6. Data Retention

We retain your information for as long as necessary to:

Provide our services and maintain your account
Comply with legal, regulatory, or contractual obligations
Resolve disputes and enforce our agreements
Support business operations and continuity

Active Accounts: Information is retained while your account remains active and for a reasonable period thereafter.

Deleted Accounts: Upon account deletion, we will delete your personal information within 90 days, except where retention is required by law or for legitimate business purposes.

Backup Systems: Information may persist in backup systems for up to 12 months after deletion for disaster recovery purposes.

7. Your Privacy Rights

Under Australian privacy law and GDPR (where applicable), you have the following rights:

7.1 Access and Transparency

Right to Access: Request access to your personal information we hold
Data Portability: Receive your data in a structured, machine-readable format
Transparency: Understand how your information is being used

7.2 Control and Correction

Right to Rectification: Correct inaccurate or incomplete information
Right to Erasure: Request deletion of your personal information
Right to Restrict Processing: Limit how we use your information
Right to Object: Object to certain types of processing

7.3 Consent Management

Withdraw Consent: Withdraw previously given consent at any time
Marketing Opt-out: Unsubscribe from marketing communications
Cookie Management: Control cookie preferences through your browser

7.4 How to Exercise Your Rights

To exercise these rights, contact us at yao@blueprintlab.io. We will respond to your request within 30 days and may require verification of your identity.

If you're not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) or your local data protection authority.

8. International Data Transfers

Your information is transferred to and stored in the United States. As an Australian company, we ensure appropriate safeguards are in place when transferring data internationally:

Primary Data Storage: United States (cloud infrastructure and database services)
Standard Contractual Clauses: We use data processing agreements with clauses approved by relevant authorities
Security Measures: Encryption in transit and at rest, access controls, and regular security audits
Service Provider Obligations: All service providers are contractually bound to protect your data according to applicable privacy laws
Compliance Frameworks: Our service providers maintain compliance with recognized privacy frameworks and certifications

By using zen, you acknowledge and consent to the transfer of your information to the United States for processing and storage. We remain committed to protecting your data regardless of where it is processed.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

9.1 Types of Cookies

Essential Cookies: Necessary for platform functionality and security
Performance Cookies: Help us analyze usage and improve our services
Functional Cookies: Remember your preferences and settings
Marketing Cookies: Deliver relevant advertisements and measure effectiveness

9.2 Cookie Management

You can control cookies through your browser settings or our cookie preference center. Disabling certain cookies may impact platform functionality.

10. Third-Party Services and Integrations

zen may offer optional integrations with various third-party work applications to enhance functionality. These optional integrations may include (but are not limited to):

Communication platforms (e.g., Slack, Microsoft Teams)
File storage services (e.g., Google Drive, Dropbox)
Calendar applications (e.g., Google Calendar, Outlook)
Project management tools and other work application APIs

Important: These integrations are entirely optional. When you choose to connect third-party services:

Their privacy policies and terms of service apply to any data they process
You authorize zen to access and process data from those services on your behalf
We are not responsible for the privacy practices or security of third-party services
You should review their privacy policies before enabling integrations

zen's core functionality does not depend on third-party integrations. You can use our platform fully without connecting any external services.

11. Children's Privacy

Our services are intended for business use and are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at yao@blueprintlab.io.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will:

Post the updated policy on our website with a new "Last Updated" date
Notify you of significant changes via email or platform notifications
Provide advance notice for material changes that affect your rights
Maintain previous versions for your reference

Your continued use of our services after changes take effect constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

BlueprintLab Pty Ltd

Privacy Officer: [Name]

Email: yao@blueprintlab.io

Address: 100 Shepherd St, Chippendale NSW 2008

Phone: +61 466 587 477

ABN: 42694683694

Data Protection Authority

If you have concerns about how we handle your personal information, you can contact:

Office of the Australian Information Commissioner (OAIC)

Website: www.oaic.gov.au

Phone: 1300 363 992

Email: enquiries@oaic.gov.au

14. Acknowledgment

By using zen, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. This policy forms part of our overall terms of service and reflects our commitment to protecting your privacy while providing exceptional work collaboration services.