Privacy Policy
Last updated 24 June 2026.
Introduction
Factor House Pty Ltd (ABN 90 635 807 251) respects your privacy and is committed to protecting personal information. We are based in Australia and comply with the Australian Privacy Principles under the Privacy Act 1988 (Cth). We may also apply GDPR standards for individuals in the EU/UK.
1. What information we collect
We collect limited personal data, including:
- Name and job title
- Organisation or employer
- Email and contact details
- Customer account information
- Billing and transaction records
- Support communications
- Website usage data (IP address, browser type, pages visited)
Factor House software products are self-managed by customers within their own infrastructure. We do not host, access, or process personal data within customer deployments.
2. How we collect information
We gather information when you:
- Contact us via our website or email
- Request product information or a demonstration
- Become a customer or partner
- Submit a support request
- Interact with our marketing communications
- Visit our website
- Attend an event
We also collect information automatically through website analytics tools.
3. Third-party or subcontractor services
We use the following providers:
| Provider | Purpose | Data | Region |
|---|---|---|---|
| HubSpot | CRM and marketing | Contact data | Australia/US/EU |
| Zendesk | Customer support | Support data | US |
| Xero | Accounting | Billing data | Australia |
| Paddle/Stripe | Tax compliance | Billing data | US |
| Google Analytics | Website analytics | Usage data | US |
| Plausible Analytics | Website analytics | Aggregated data | EU |
These providers may change from time to time as our services evolve. We ensure that any such providers are subject to appropriate contractual and security obligations relating to confidentiality, data protection, and security.
4. How we use personal information
We use your data to:
- Manage customer relationships
- Provide product support
- Process billing and payments
- Communicate about products and services
- Send marketing communications, where permitted
- Improve our website and services
- Comply with legal obligations
Under GDPR, our lawful bases include contractual necessity, legitimate interests, legal obligations, and consent.
5. Marketing communications
We may send you product updates and marketing messages. You can unsubscribe at any time using the link in our emails or by contacting us.
6. Cookies and analytics
Our website uses cookies and similar technologies to ensure the site functions correctly and to understand how visitors use our website.
These may include:
- Essential cookies required for website functionality
- Analytics cookies provided by tools such as Google Analytics and Plausible to help us understand website usage and improve our services
You can manage or disable cookies through your browser settings. When you first visit our website, you will also be able to manage your cookie preferences through our cookie consent banner.
7. International data transfers
Personal information may be processed in Australia, the United States, Ireland, Singapore, and Germany. We take reasonable steps to ensure it is protected in accordance with applicable privacy laws. These transfers occur through the use of cloud infrastructure and third-party service providers necessary to operate our business.
8. Data retention
Typical retention periods:
- Customer account records: duration of the relationship
- Billing records: at least 7 years (legal requirement)
- Support records: up to 5 years
- Marketing contacts: until unsubscription
9. Security
We implement reasonable steps to protect personal information from misuse, loss, or unauthorised access, through encryption, access control policies, security monitoring, and infrastructure practices. We investigate data breaches and notify affected individuals and regulators where legally required.
Where a security incident may impact our systems or services, we will investigate and take appropriate response measures. Where required by law or contractual obligations, we will notify affected parties or regulators.
We maintain operational and technical measures designed to support the reliability and availability of our systems and services.
10. Access and correction
You may request access to your personal information or request corrections by contacting us.
11. Your rights (EU/UK)
Under GDPR, you may have rights to:
- Access your personal data
- Correct inaccurate data
- Request deletion
- Restrict or object to processing
- Withdraw consent where applicable
12. Contact information
Data Protection Officer
Factor House Pty Ltd
13 Robbs Parade
Northcote VIC 3070
Australia
Email: [email protected]
13. Complaints
You may lodge a complaint with Factor House or the Office of the Australian Information Commissioner (OAIC).
14. Changes to this policy
We may update this policy from time to time. The current version is always available at factorhouse.io/privacy.