Privacy Policy
At orenthyra, we understand that your financial information is deeply personal. This policy explains how we handle your data when you use our budget risk management services. We're based in Australia and follow the Australian Privacy Principles under the Privacy Act 1988, which means you have strong protections and clear rights regarding your information.
What Information We Collect
Running a budget risk management service means we need certain details from you. But we only ask for what actually helps us provide better analysis and support. Here's what we typically gather and why it matters.
Account Information
Your name, email address, phone number, and business address. This is basic stuff we need to set up your account and stay in touch.
Financial Data
Budget figures, expense categories, revenue streams, and financial goals. This is what allows us to assess risks and provide meaningful recommendations.
Usage Details
How you interact with our platform, which features you use most, and when you access reports. This helps us improve the service.
Technical Data
IP address, browser type, device information, and session logs. Standard technical details that keep our platform secure and functional.
We don't collect information we don't need. If you upload financial documents for analysis, we only extract the relevant data points and don't keep copies of entire documents unless you specifically request it for record-keeping purposes.
How We Use Your Information
Everything we collect serves a specific purpose. We're not in the business of selling data or using your financial details for anything beyond what you've signed up for.
Primary Uses
- Analysing your budget data to identify potential financial risks and opportunities
- Generating custom reports and recommendations based on your specific situation
- Sending you alerts about significant changes or potential issues in your budget patterns
- Communicating with you about your account, service updates, and important notices
- Processing payments and maintaining accurate billing records
- Improving our risk assessment algorithms and service features
- Providing customer support when you reach out with questions or concerns
Important: We never use your financial data for marketing purposes or share it with third parties for their promotional activities. Your budget information stays within our secure systems and is only accessed by authorised team members who need it to support your account.
Data Storage and Security
We take protection seriously because we're dealing with sensitive financial information. Our infrastructure is hosted in Australian data centres that meet strict security standards.
Security Measures
All data transmitted between your device and our servers uses bank-grade encryption. When information is stored in our databases, it's encrypted at rest using AES-256 encryption. We maintain regular security audits and penetration testing to identify potential vulnerabilities before they become problems.
Access to your data is strictly controlled. Our team members can only view information relevant to their role, and every access is logged. We use multi-factor authentication for all staff accounts and maintain strict password policies.
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Information | Duration of service plus 7 years | Required by Australian tax and financial regulations |
| Financial Analysis Data | Duration of service plus 7 years | Historical trend analysis and compliance requirements |
| Usage Logs | 12 months | Security monitoring and service improvement |
| Support Communications | 3 years | Reference for ongoing support and quality assurance |
When you close your account, we begin the deletion process within 30 days. Some information may be retained longer where required by law, but it's archived and no longer actively used.
Sharing and Disclosure
We don't sell your data. Period. But there are a few specific situations where we might need to share certain information with carefully selected partners.
Service Providers
We work with a small number of trusted companies that help us operate the platform. This includes our cloud hosting provider, payment processor, and email service. These companies are bound by strict confidentiality agreements and can only use your data to provide services to us, not for their own purposes.
Legal Requirements
Sometimes the law requires us to disclose information. This might happen if we receive a valid subpoena, court order, or request from a regulatory authority. We carefully review all such requests and only provide the minimum information legally required. Where possible, we'll notify you before disclosing your information, unless prohibited by law.
If orenthyra is involved in a merger, acquisition, or sale of assets, your information may be transferred to the new entity. We would notify you via email and prominent notice on our website at least 30 days before any such transfer, giving you the option to delete your account if you prefer.
Your Privacy Rights
Under Australian privacy law, you have substantial control over your personal information. These aren't just theoretical rights—we've built practical tools to help you exercise them.
Access Your Data
You can request a complete copy of all personal information we hold about you. We'll provide this in a commonly used electronic format within 30 days. There's no charge for your first request in any 12-month period.
Correct Inaccuracies
If any information we hold is wrong or outdated, you can update it directly through your account settings or request corrections by contacting our support team. We'll make changes within 5 business days.
Delete Your Information
You can request deletion of your account and associated data at any time. We'll complete this within 30 days, though some information may need to be retained for legal compliance as outlined in our retention schedule.
Object to Processing
If you believe we're processing your data inappropriately, you can object. We'll review your concern and either stop the processing or explain why we believe it's necessary and lawful.
Data Portability
You can request your financial data in a structured, machine-readable format to transfer to another service. This doesn't affect any data that remains with us during your continued use of the service.
Lodge a Complaint
If you're not satisfied with how we've handled your privacy concerns, you have the right to lodge a complaint with the Office of the Australian Information Commissioner. We'd prefer to resolve issues directly first, but this option is always available.
To exercise any of these rights, email us at support@orenthyra.com with your request. We'll need to verify your identity before processing requests that involve accessing or changing your data—this protects you from unauthorised access by others.
Cookies and Tracking
Like most websites, we use cookies and similar technologies. These are small files stored on your device that help us remember your preferences and understand how people use our service.
Essential Cookies
These are necessary for the platform to function. They handle things like keeping you logged in and remembering your security settings. You can't opt out of these while using the service, but they don't track you across other websites.
Analytics Cookies
We use analytics to understand which features are most useful and where people encounter problems. This data is aggregated and doesn't identify individual users. You can opt out through your account settings.
We don't use advertising cookies or allow third-party advertising networks to track you on our site. Your financial information and browsing behaviour aren't being packaged and sold to advertisers.
International Data Transfers
Your data is primarily stored and processed in Australia. However, some of our service providers operate internationally, which means your information might occasionally be accessed from other countries.
When data leaves Australia, we ensure appropriate safeguards are in place. This includes using service providers in countries with equivalent privacy protections or implementing contractual protections that require the same standards we follow.
Our payment processor operates globally but maintains separate regional data centres. Australian customer payment information is processed and stored within Australia-based systems that comply with local financial regulations.
Children's Privacy
orenthyra is a business service not intended for use by individuals under 18. We don't knowingly collect information from minors. If we discover that we've inadvertently collected data from someone under 18, we'll delete it immediately.
If you're a parent or guardian and believe your child has provided us with personal information, please contact us so we can take appropriate action.
Changes to This Policy
We review and update this privacy policy regularly to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you by email and display a prominent notice on the platform for at least 30 days.
Minor updates, like clarifications or contact detail changes, might not trigger notifications but will always be reflected in the "Last Updated" date at the top of this page. We encourage you to review this policy periodically.
If you disagree with changes to this policy, you can close your account before the changes take effect. Continued use of the service after changes become effective means you accept the updated terms.
Questions About Your Privacy?
We're here to help if anything in this policy is unclear or if you have specific concerns about how your information is handled. Our privacy team responds to most enquiries within 2 business days.