1. About this Policy
Coderra Pty Ltd (ABN 55 680 828 157) (Coderra, we, us or our) is committed to protecting your privacy. We are an AI Search Optimisation (AISO) platform and service provider, helping businesses with visibility across AI-powered search and answer engines, lead generation, and governance of their AI search presence.
This Privacy Policy explains how we collect, use, hold, disclose and protect personal information, and how you can access or correct it or make a complaint. We handle personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs).
This Policy applies to our website at https://coderra.com.au (the Site), our platform, and our products and services (together, the Services). It should be read together with our Terms and Conditions.
By using the Site or the Services, or by providing personal information to us, you acknowledge the practices described in this Policy.
2. What is personal information
“Personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not and whether recorded in a material form or not. Examples include a person’s name, contact details and certain online identifiers.
“Sensitive information” is a subset of personal information (for example, health, racial or ethnic origin, or political opinions) that attracts higher protection. We do not seek sensitive information and ask that you do not provide it to us unless we have specifically agreed.
3. The personal information we collect
The personal information we collect depends on how you interact with us. It may include:
- Account and identity information — your name, business name, job title, email address, phone number and login credentials;
- Billing and transaction information — billing contact details, plan and subscription details, and partial payment information (full card details are handled by our payment processors, not stored by us);
- Communications — the content of enquiries, support requests, feedback and correspondence with us;
- Usage and technical information — information about how you use the Site and platform, including IP address, device and browser type, pages viewed, and analytics and log data;
- Marketing information — your marketing preferences and engagement with our communications;
- Client Data — data and content you upload to or generate within the Services (such as your website content, accounts, and reporting data), which may contain personal information about you or about third parties (for example, your own customers or leads); and
- Lead information — where you use our lead generation features, contact details and related information about individuals who enquire about or interact with your business.
4. How we collect personal information
We collect personal information:
- directly from you — when you create an account, subscribe, contact us, complete forms, or use the Services;
- automatically — through cookies, analytics and similar technologies when you use the Site or platform (see clause 5); and
- from third parties — such as integrations and accounts you connect to the Services, AI platforms and search data sources, our payment processors, and analytics providers, where you have authorised that collection or it is otherwise permitted by law.
Where it is reasonable and practicable, we collect personal information directly from the individual concerned. If you provide us with personal information about another person, you must ensure you are authorised to do so and that the person is aware of this Policy.
6. Why we collect, hold and use personal information
We collect, hold and use personal information to:
- provide, operate, maintain and improve the Services;
- create and manage your account and process payments;
- deliver AISO, visibility, lead generation and governance features and reporting;
- respond to enquiries and provide customer support;
- communicate with you about your account, the Services, and changes to our terms or policies;
- send you marketing communications where permitted (see clause 9);
- maintain the security and integrity of the Services and detect and prevent fraud or misuse;
- understand usage and conduct analytics, research and product development (often using aggregated or de-identified data); and
- comply with our legal obligations and enforce our terms.
If you do not provide the personal information we request, we may be unable to provide the Services or respond to your enquiry.
7. Disclosure of personal information
We may disclose personal information to:
- service providers and contractors who help us run our business, such as cloud hosting and storage providers, payment processors, email and communications platforms, analytics providers, and IT and support providers;
- AI platforms, search engines and data providers to the extent necessary to deliver the Services (for example, to measure or optimise your visibility);
- integrations and accounts you connect to the Services, in accordance with your instructions;
- professional advisers such as lawyers, accountants and auditors;
- a purchaser or successor in connection with a sale, merger or restructure of our business; and
- government, regulators, courts or law enforcement where required or authorised by law.
We require our service providers to handle personal information consistently with the Privacy Act and only for the purposes for which we engage them.
We do not sell personal information.
8. Overseas disclosure
Some of our service providers and the AI platforms we work with may store or process personal information outside Australia (for example, in the United States or other countries where cloud and AI infrastructure is located). The specific locations may change as our providers change.
Where we disclose personal information overseas, we take reasonable steps to ensure it is handled consistently with the APPs, having regard to the circumstances of the disclosure.
9. Direct marketing
We may use your personal information to send you marketing about our Services, where permitted by the Privacy Act and the Spam Act 2003 (Cth).
Every marketing message will include a way to opt out (unsubscribe). You can also opt out at any time by contacting us using the details in clause 18. We will action opt-out requests within a reasonable time.
We do not use sensitive information for direct marketing without consent.
10. Client Data and personal information you handle through the Services
When you use the Services, you may upload, generate or process personal information about third parties (for example, your customers or leads). In relation to that Client Data, you are the entity responsible for it, and we act on your behalf and in accordance with your instructions and our Terms and Conditions.
You are responsible for ensuring you have the necessary rights, notices, consents and lawful basis to provide that personal information to us and to have it processed through the Services, and for your own compliance with the Privacy Act, the Spam Act, and the Do Not Call Register in how you use leads and conduct marketing.
We will handle Client Data only to provide, secure, maintain and improve the Services, or as otherwise instructed by you or required by law.
11. AI and automated decision-making
Our Services use artificial intelligence to analyse, classify, generate, summarise and recommend content and insights. AI-generated outputs may be inaccurate or incomplete and are intended to be reviewed and approved by a person before being relied upon.
We aim to keep meaningful human oversight over decisions that could significantly affect individuals. Where we use computer programs that use personal information to make, or substantially help make, a decision that could reasonably be expected to significantly affect an individual’s rights or interests, we will disclose the relevant details in this Policy in line with the automated decision-making transparency requirements commencing on 10 December 2026 under the Privacy Act.
12. Security of personal information
We take reasonable technical and organisational steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure. These steps may include access controls, encryption in transit, and restricting access to personnel who need it.
No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If we become aware of an eligible data breach, we will respond in accordance with the Notifiable Data Breaches scheme under the Privacy Act.
13. Retention and destruction
We retain personal information only for as long as necessary for the purposes described in this Policy, or as required by law (for example, tax and financial records).
When personal information is no longer needed and we are not required to keep it, we will take reasonable steps to destroy it or de-identify it.
14. Anonymity and pseudonymity
Where lawful and practicable, you have the option of dealing with us anonymously or using a pseudonym. However, for most of the Services we need to identify you to provide them (for example, to manage your account and billing).
15. Accessing and correcting your personal information
You may request access to the personal information we hold about you, and ask us to correct it if it is inaccurate, out of date, incomplete, irrelevant or misleading.
To make a request, contact us using the details in clause 18. We may need to verify your identity. We will respond within a reasonable time and, in most cases, will not charge a fee for an access request (we may charge reasonable costs for retrieving and providing access in some cases). If we refuse access or correction, we will tell you why and how you can complain.
16. Complaints
If you believe we have breached the APPs or mishandled your personal information, please contact our privacy contact (clause 18) with details of your complaint. We will acknowledge your complaint, investigate it, and aim to respond within a reasonable time (usually within 30 days).
If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au, by phone on 1300 363 992, or by mail to GPO Box 5288, Sydney NSW 2001.
17. Children
The Services are intended for businesses and are not directed at children. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate steps.
18. Contact us
For privacy questions, requests or complaints, contact:
Coderra Pty Ltd — Privacy Officer
- ABN: 55 680 828 157
- Email: info@coderra.com.au
- Support: support@coderra.com.au
- Address: 2A Fairy St, Gwynneville, NSW 2500, Australia
- Website: https://coderra.com.au
19. Changes to this Policy
We may update this Policy from time to time. The current version will be posted on the Site with a revised “Last updated” date. For material changes we will take reasonable steps to notify you. Your continued use of the Services after a change takes effect indicates your acceptance of the updated Policy.