Last updated January 2026
This Privacy Policy applies to all Personal Information collected by Qiri Pty Ltd (we, us or our) via the website located at www.qiri.ai (Website) and any related applications or services we operate.
1. What information do we collect?
The Personal Information we collect depends on how you interact with the Website and our services. We collect only Personal Information that is reasonably necessary for our functions or activities.
The categories of Personal Information we may collect and hold include:
(a) Account and authentication information, including usernames and securely stored (hashed and encrypted) passwords used to authenticate access to the Services;
(b) Contact information, including name and email address, where provided when you communicate with us, submit feedback, or otherwise interact with the Services;
(c) Usage and interaction data, including search queries and other information generated through use of the Services, which may be associated with your account or device;
(d) Feedback and communications, including information you provide when contacting us or submitting feedback;
(e) Payment and transaction information, including billing details and payment method information, which may be stored securely on a recurring basis or processed on a one-off basis through PCI-DSS compliant payment service providers;
(f) User content and connected data, including content you upload to the Services and data obtained through authorised third-party integrations; and
(g) Cookies and analytics: Information collected through cookies and similar technologies. While session cookies are generally anonymous, authentication cookies used when you are logged in will identify you to our servers.
2. Definitions
In this Privacy Policy, the terms "Personal Information" and "Sensitive Information" have the meanings given to them in the Privacy Act 1988 (Cth) (Privacy Act).
We do not seek to collect Sensitive Information. If we do collect Sensitive Information, we will do so only with your consent or where otherwise permitted by law, and will handle it in accordance with the Privacy Act.
3. How we collect your Personal Information
(a) We collect Personal Information from you directly when you input such information into the Website, related applications, or otherwise provide it to us.
(b) We generally collect Personal Information directly from you. However, we may also collect Personal Information about you from third parties, including through integrated services, payment providers, analytics providers, or other users who share content with you. In such circumstances, we will handle your Personal Information in accordance with this Privacy Policy and applicable law.
4. Purpose of collection
We collect and use Personal Information for the primary purpose of providing, operating, and improving the Qiri services, and for related purposes you would reasonably expect, including to:
(a) create and manage user accounts and authenticate access to the Services;
(b) operate platform features, including the generation of AI outputs in response to user inputs;
(c) communicate with users about service updates, support requests, and operational matters;
(d) conduct analytics, research, and service improvement activities, including using de-identified or aggregated data where practicable;
(e) process payments and manage billing arrangements; and
(f) comply with legal and regulatory obligations.
Certain features of the Services allow users to make profile information or content visible to other users, subject to user-selected visibility settings. Further information about these settings is provided in the Software User Terms and within the Services.
We may send direct marketing communications where permitted by law, including where consent has been provided or an exception under Australian Privacy Principle 7 applies. You may opt out at any time using the unsubscribe mechanism or by contacting us.
5. Security and correction
We take reasonable technical and organisational measures to protect Personal Information from misuse, interference, loss, and unauthorised access or disclosure.
We retain Personal Information only for as long as reasonably necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law.
To provide the Services, we may transmit user inputs to trusted third-party AI service providers for processing. These providers are subject to contractual confidentiality and security obligations and are not permitted to use Personal Information to train public models without authorisation.
6. Access and correction
You may request access to, or correction of, the Personal Information we hold about you in accordance with Australian Privacy Principles 12 and 13. Requests should be made in writing using the contact details set out below. We will respond within a reasonable period and in accordance with the Privacy Act.
7. Data breaches
In the event of a data breach that is likely to result in serious harm, we will comply with our obligations under the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth), including notifying affected individuals and the Office of the Australian Information Commissioner where required.
8. Complaint procedure
If you have a complaint concerning the manner in which we maintain the privacy of your Personal Information, please contact us on the contact details set out at the bottom of this policy. All complaints will be considered by an Executive of Qiri responsible for complaints and privacy compliance and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.
9. Overseas transfer
To provide the AI services, your Personal Information and User Content may be transferred to and processed in countries outside of Australia (including the United States) where our third-party AI model providers and cloud servers are located.
While these jurisdictions may have different privacy laws, we take reasonable steps to ensure your data remains protected, including by entering into Data Processing Agreements (DPAs) with our sub-processors that align with Australian privacy standards. These transfers are necessary to provide the Services.
10. GDPR and equivalent overseas privacy laws
This section applies only where the General Data Protection Regulation (EU) 2016/679 (GDPR), the UK GDPR, or equivalent overseas data protection laws apply. Where applicable, we process Personal Information only where we have a lawful basis to do so, including where processing is:
(a) necessary for the performance of a contract with you, including to provide the Services;
(b) required to comply with legal obligations;
(c) necessary for our legitimate business interests (such as operating, securing, and improving the Services), provided those interests do not override your rights; or
(d) based on your consent, where required.
Subject to applicable law, you may have rights to request access to, correction or deletion of your Personal Information, to object to or restrict certain processing, to request data portability, or to withdraw consent where processing is based on consent. You may also lodge a complaint with a relevant supervisory authority.
Requests may be made using the contact details set out in section 15. We may need to verify your identity before responding.
11. Children's Privacy
Our Services are not intended for use by children under the age of 18. We do not knowingly collect Personal Information from children under 16. If we become aware that we have collected Personal Information from a child under 16 without verification of parental consent, we take steps to remove that information from our servers.
12. Enterprise / Workplace Accounts
Where you access Qiri through an organisation, that organisation may be the ‘controller’ of your Personal Information and Qiri may act as a ‘processor’ on its instructions, in accordance with applicable agreements. In such cases, requests to access, correct, or delete Personal Information should be directed to your organisation.
Except where Qiri acts as a processor on behalf of an organisation, Qiri Pty Ltd is the controller of Personal Information collected through the Services.
13. Changes to this Privacy Policy
We may make changes to this Privacy Policy from time to time. Notice of such changes will be communicated to you by the login page or other communication methods. When we do, we will update the “Last Updated” date.
14. How to contact us about privacy
If you have any queries, or if you seek access to your Personal Information, or if you have a complaint about our privacy practices, you can contact us through: hello@qiri.ai.
