Skip to content
Legal

Privacy Policy

Last updated 24 June 2026.

Introduction

Factor House Pty Ltd (ABN 90 635 807 251) respects your privacy and is committed to protecting personal information. We are based in Australia and comply with the Australian Privacy Principles under the Privacy Act 1988 (Cth). We may also apply GDPR standards for individuals in the EU/UK.

1. What information we collect

We collect limited personal data, including:

  • Name and job title
  • Organisation or employer
  • Email and contact details
  • Customer account information
  • Billing and transaction records
  • Support communications
  • Website usage data (IP address, browser type, pages visited)

Factor House software products are self-managed by customers within their own infrastructure. We do not host, access, or process personal data within customer deployments.

2. How we collect information

We gather information when you:

  • Contact us via our website or email
  • Request product information or a demonstration
  • Become a customer or partner
  • Submit a support request
  • Interact with our marketing communications
  • Visit our website
  • Attend an event

We also collect information automatically through website analytics tools.

3. Third-party or subcontractor services

We use the following providers:

ProviderPurposeDataRegion
HubSpotCRM and marketingContact dataAustralia/US/EU
ZendeskCustomer supportSupport dataUS
XeroAccountingBilling dataAustralia
Paddle/StripeTax complianceBilling dataUS
Google AnalyticsWebsite analyticsUsage dataUS
Plausible AnalyticsWebsite analyticsAggregated dataEU

These providers may change from time to time as our services evolve. We ensure that any such providers are subject to appropriate contractual and security obligations relating to confidentiality, data protection, and security.

4. How we use personal information

We use your data to:

  • Manage customer relationships
  • Provide product support
  • Process billing and payments
  • Communicate about products and services
  • Send marketing communications, where permitted
  • Improve our website and services
  • Comply with legal obligations

Under GDPR, our lawful bases include contractual necessity, legitimate interests, legal obligations, and consent.

5. Marketing communications

We may send you product updates and marketing messages. You can unsubscribe at any time using the link in our emails or by contacting us.

6. Cookies and analytics

Our website uses cookies and similar technologies to ensure the site functions correctly and to understand how visitors use our website.

These may include:

  • Essential cookies required for website functionality
  • Analytics cookies provided by tools such as Google Analytics and Plausible to help us understand website usage and improve our services

You can manage or disable cookies through your browser settings. When you first visit our website, you will also be able to manage your cookie preferences through our cookie consent banner.

7. International data transfers

Personal information may be processed in Australia, the United States, Ireland, Singapore, and Germany. We take reasonable steps to ensure it is protected in accordance with applicable privacy laws. These transfers occur through the use of cloud infrastructure and third-party service providers necessary to operate our business.

8. Data retention

Typical retention periods:

  • Customer account records: duration of the relationship
  • Billing records: at least 7 years (legal requirement)
  • Support records: up to 5 years
  • Marketing contacts: until unsubscription

9. Security

We implement reasonable steps to protect personal information from misuse, loss, or unauthorised access, through encryption, access control policies, security monitoring, and infrastructure practices. We investigate data breaches and notify affected individuals and regulators where legally required.

Where a security incident may impact our systems or services, we will investigate and take appropriate response measures. Where required by law or contractual obligations, we will notify affected parties or regulators.

We maintain operational and technical measures designed to support the reliability and availability of our systems and services.

10. Access and correction

You may request access to your personal information or request corrections by contacting us.

11. Your rights (EU/UK)

Under GDPR, you may have rights to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to processing
  • Withdraw consent where applicable

12. Contact information

Data Protection Officer
Factor House Pty Ltd
13 Robbs Parade
Northcote VIC 3070
Australia

Email: [email protected]

13. Complaints

You may lodge a complaint with Factor House or the Office of the Australian Information Commissioner (OAIC).

14. Changes to this policy

We may update this policy from time to time. The current version is always available at factorhouse.io/privacy.