Privacy Policy

AI Point Pty Ltd ("we", "our", "us")
ABN 32667971388
ACN: 667971388
Location: Sydney, New South Wales, Australia
Last Updated: 7th June 2026

1. Our Commitment to Privacy

We respect your privacy and are committed to protecting your personal information in accordance with:

  • Privacy Act 1988 (Cth)
  • Australian Privacy Principles (APPs)
  • Spam Act 2003 (Cth)
  • Australian Consumer Law

This Policy applies to:

  • Website visitors
  • AI sales automation clients (AI SDR, Voice AI Agent)
  • AI Growth Workshop and training cohort participants
  • Data enrichment and outreach service clients
  • Prospects contacted through outbound campaigns we run on behalf of clients

2. What Personal Information We Collect

2.1 Information You Provide

We collect personal information you give us directly, including:

  • Name, email address, phone number
  • Business name, role/title, and company information
  • Payment and billing information
  • Communications and interactions with our platform
  • LinkedIn profile information (when you engage with our outreach)
  • Marketing preferences and communication history

2.2 Information We Collect Automatically

When you use our services, we automatically collect:

  • IP address, browser type, and device information
  • Usage data (pages visited, time on site, links clicked)
  • Cookies and analytics data

2.3 Lawful Basis for Collection

We collect your personal information for these reasons:

  • Consent: You've given permission (e.g., submitting a form, signing up for a course)
  • Contract: We need it to deliver services you've requested
  • Legal obligation: Tax, regulatory, or accounting requirements
  • Legitimate interest: Improving our services, conducting marketing, or analytics

Providing information is generally optional. However, if you don't provide certain details, we may be unable to deliver some or all of our services.

3. When We Process Data on Your Behalf

3.1 Data Controller vs. Data Processor

When you engage us for outbound campaigns, data enrichment, analytics, or automation services:

  • You are the data controller (responsible for the data)
  • We are the data processor (handling data according to your instructions)

You remain responsible for:

  • Having legal rights to provide data to us
  • Obtaining consent from individuals whose data you provide
  • Compliance with the Privacy Act 1988 (Cth) and Spam Act 2003 (Cth)

3.2 Prospect Data in Outbound Campaigns

When we run outbound campaigns on your behalf — across email, LinkedIn, SMS, or voice — we contact individuals who have no direct relationship with AI Point. In those cases:

  • You (our client) are the data controller for that prospect data
  • We act solely as your data processor and contact prospects on your instruction
  • Prospects receiving communications should be directed to your own privacy policy for data inquiries
  • We are not responsible for your compliance obligations regarding prospect consent or list quality

3.3 Data Processing Agreement (DPA)

For all data processing engagements, we will execute a Data Processing Agreement that specifies:

  • Scope and duration of data processing
  • Security measures and compliance obligations
  • How long we retain data
  • When and how we delete or return your data
  • Your rights and our obligations as processor
  • Sub-processor arrangements (third-party tools we use)

3.4 Data Enrichment and Third-Party Sources

When we enrich your data using third-party sources, we use commercially available data providers (such as Apollo.io, Clay.com, and others) to enhance your records with information from public records, business directories, and commercial databases.

Your responsibilities before using enriched data:

  • Validate enriched data for accuracy and duplicates
  • Obtain fresh consent from individuals before marketing to them
  • Ensure enriched data complies with the Spam Act 2003 (Cth) and Privacy Act
  • Test enriched data in small batches before full-scale deployment

We are not responsible for:

  • Inaccurate or incomplete enriched data from third-party sources
  • Your failure to validate data before use
  • Regulatory violations resulting from your use of enriched data
  • Bounce rates, spam complaints, or account suspension from enriched contacts

3.5 Data Retention and Deletion

  • During engagement: We retain data as necessary to provide services
  • After engagement: We securely delete your customer data within 30 days unless a written agreement states otherwise
  • Exceptions: We may retain aggregated, anonymised data for service improvement
  • On request: You can request deletion of your personal data at any time. We will confirm within 30 days or explain why deletion isn't possible

3.6 Voice AI Agent Services

When we provide Voice AI agent services:

  • Call recordings and transcripts are processed through AI providers (ElevenLabs, Vapi, etc.)
  • Voice data is used only for the specific service purpose (lead qualification, meeting booking)
  • We do not retain call recordings beyond the service period unless required for billing disputes or legal compliance
  • You warrant that call recipients have appropriate consent for AI-based calling where required by law
  • You are responsible for compliance with any applicable telemarketing or do-not-call obligations in your jurisdiction

4. Multi-Channel Outbound — Email, LinkedIn, SMS, and Voice

4.1 Email Outreach

All commercial email sent by us on your behalf complies with the Spam Act 2003 (Cth), including:

  • Clear identification of the sending business
  • Valid contact and unsubscribe information
  • Honouring unsubscribe requests within 5 business days

You are responsible for ensuring you have a lawful basis to contact prospects via email and that your lists meet Spam Act requirements.

4.2 LinkedIn Outreach

Where our services involve LinkedIn outreach:

  • You warrant that your use complies with LinkedIn's Terms of Service and Data Policy
  • Data is used only for purposes permitted by LinkedIn
  • You agree not to re-scrape, re-sell, or combine LinkedIn data with other data without LinkedIn's consent
  • You will notify us immediately if LinkedIn issues a cease-and-desist notice
  • We are not liable for LinkedIn policy violations, account suspension, or bans resulting from your use of our services

4.3 SMS Outreach

Where our services include SMS outreach on your behalf:

  • All commercial SMS messages comply with the Spam Act 2003 (Cth)
  • Messages include clear business identification and opt-out instructions
  • We honour opt-out requests promptly, within 5 business days
  • You are responsible for ensuring recipients have consented to receive commercial SMS messages from your business
  • You must not provide us with SMS contact lists where consent has not been obtained

4.4 Voice and AI Calling

Where our services include outbound calling via AI voice agents:

  • You are responsible for ensuring prospects are not listed on the Australian Do Not Call Register unless a valid exemption applies
  • You warrant that you have a lawful basis to contact individuals by phone
  • Call recordings are handled as described in Section 3.6
  • We are not liable for regulatory breaches arising from your prospect lists or campaign instructions

5. How We Use Your Information

We use your personal information to:

  • Deliver, operate, and improve our AI automation, data enrichment, and outbound services
  • Build and optimise marketing campaigns and workflows for your business
  • Enrich marketing databases and customer profiles (with your instruction)
  • Provide marketing analytics and insights
  • Respond to inquiries and provide customer support
  • Process payments and manage subscriptions
  • Send service-related and marketing communications (with appropriate consent)
  • Perform analytics and research to improve our services
  • Manage community membership and deliver training programs
  • Comply with legal and regulatory obligations

6. Sensitive Information

We do not intentionally collect sensitive personal information (such as health, biometric, political, or religious data). If a specific service requires sensitive information, we will request explicit written consent before collection, inform you how we'll protect it, and handle it with enhanced security measures.

7. AI Services and Data Processing

7.1 AI Service Providers

We use artificial intelligence services (Anthropic Claude, OpenAI, ElevenLabs, Vapi, and others) to provide automation, analytics, and enrichment services. Data sent to AI providers is subject to their terms and privacy policies. We use enterprise tiers with enhanced privacy protections where available.

Data sent to AI providers is typically not retained by them for model training. We do not use your data to train AI Point's own systems. We may use aggregated, anonymised, de-identified data to improve our services.

7.2 Automated Decision-Making

If we use AI to make automated decisions that significantly affect you or your customers, we will inform you about the automated processing and provide human review options where required.

7.3 AI Limitations

You acknowledge that:

  • AI-generated outputs may contain inaccuracies, biases, or errors
  • You must independently verify AI outputs before critical business decisions
  • AI is not a substitute for professional advice (legal, financial, medical, tax)
  • AI recommendations are suggestions only, not guaranteed outcomes

8. Third-Party Services and Integrations

Our services integrate with third-party platforms including cloud infrastructure (AWS, Azure, Google Cloud), AI services (Anthropic, OpenAI, ElevenLabs, Vapi), data enrichment tools (Apollo.io, Clay.com), automation platforms (n8n, Make.com, Zapier), community platforms (Skool), and analytics tools (Google Analytics).

Your use of these services is subject to their respective terms and privacy policies. We are not responsible for third-party service failures, data breaches, or policy changes. You are responsible for reviewing third-party terms before using integrated services.

9. Cookies & Analytics

We use cookies and analytics tools to understand user behaviour and site usage, improve our website and services, and personalise your experience. You can manage cookie settings via your browser, opt out of Google Analytics, or contact us to request no-tracking.

10. Marketing Communications

We may send you marketing emails about our services, courses, community, and industry insights. You can opt out at any time by clicking "unsubscribe" in any email, updating your account preferences, or contacting us directly. We will continue to send transactional and service-critical communications regardless of marketing preference.

All marketing communications comply with the Spam Act 2003 (Cth).

11. Your Rights

You have the right to access, correct, and request deletion of personal information we hold about you. Contact us via our contact page. We may verify your identity before providing access and will respond within 30 days. Some data may be retained for legal or accounting obligations (see Section 16).

12. Data Security

We protect your personal information using encrypted communications (HTTPS/SSL/TLS), access controls and authentication, secure cloud infrastructure, regular security assessments, staff training, and secure deletion procedures. No method of transmission or storage is 100% secure, but we maintain industry best practices.

13. Data Breach Notification

If we experience a data breach likely to cause serious harm, we will notify you as soon as practicable, take steps to remediate, and notify the Office of the Australian Information Commissioner (OAIC) where required under the Notifiable Data Breaches scheme. If a third-party provider is breached, we will notify you as soon as we become aware.

14. Your Consent and Warranties

If you provide us with personal data of third parties, you warrant that you have legal authority to do so, individuals have consented or you have another lawful basis, the data is accurate and current, and you've informed individuals about our data processing. You indemnify us against claims arising from data you provide that violates privacy law or individuals' rights.

15. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children and will delete any such information promptly if discovered.

16. Data Retention

We retain personal data only as long as needed:

  • Marketing list data: 3 years (or until unsubscribe + 6 months)
  • Client project data: Duration of engagement + 30 days
  • Financial records: 7 years
  • Course access data: 2 years after course completion
  • Community data: Until membership cancellation + 1 year

Once no longer needed, data is securely destroyed or de-identified.

17. Changes to This Policy

We may update this Privacy Policy to reflect changes in legal obligations, technology, or our business. Material changes will be posted on our website and notified by email. Continued use of our services after changes indicates acceptance of the updated policy.

18. Contact Us

AI Point Pty LtdSydney, NSW 2085, Australia

ABN: 32 667 971 388

Contact us here.

19. Complaints and Escalation

Step 1: Contact us with your complaint. We will investigate and respond within 30 days.

Step 2: If not satisfied, escalate to:

Office of the Australian Information Commissioner (OAIC)

Website: www.oaic.gov.au

Phone: 1300 363 992

Email: enquiries@oaic.gov.au

20. Governing Law

This Privacy Policy is governed by the laws of New South Wales, Australia, and the Privacy Act 1988 (Cth). By using AI Point's services, you acknowledge that you have read and understood this Privacy Policy and agree to our data practices.