Privacy Policy

1. About Us

Vermilion Intelligence Pty Ltd is an Australian artificial intelligence and automation consultancy. We build tailored AI automation systems for business clients, deploying intelligent workflows that connect with tools such as CRM platforms, project management software, and cloud storage. Our registered business address is in Sydney, New South Wales, Australia.

2. What Personal Information We Collect

2.1 Information you provide directly

When you enquire about or engage our services, we may collect:

• Your name, title, and business role
• Contact details including email address, phone number, and business address
• Business information such as company name, ABN, and industry
• Communications you send us, including emails, messages, and meeting notes
• Information provided during discovery, scoping, or project delivery engagements

2.2 Information collected automatically

When you visit our website (vrmintelligence.com), we may automatically collect:

• IP address and approximate geographic location
• Browser type, version, and operating system
• Pages visited, time spent on pages, and navigation patterns
• Referring website or search terms that directed you to our site

2.3 Client system data

As part of delivering our automation services, we may access data within your business systems (such as CRM records, project management data, or documents stored on-premises) solely to configure and deploy automation solutions. All such access occurs under a written services agreement and is strictly limited to the scope of that engagement. Where possible, this work is performed on-site using hardware under your direct control.

2.4 Sensitive information

We do not intentionally collect sensitive information as defined under the Privacy Act (including health information, racial or ethnic origin, political opinions, religious beliefs, or biometric data). If such information is inadvertently encountered during a client engagement, we will not retain, process, or disclose it beyond what is strictly necessary.

3. How We Use Personal Information

We collect and use personal information only for purposes that are directly related to our services or that you would reasonably expect. These include:

• Responding to enquiries and providing information about our services
• Delivering, scoping, and managing AI and automation engagements
• Communicating project updates, invoices, and support correspondence
• Improving our services, systems, and methodologies
• Complying with our legal and contractual obligations
• Protecting our legal rights and interests

We will not use your personal information for a secondary purpose unless you have consented, or the secondary purpose is directly related to the primary purpose of collection and you would reasonably expect such use.

4. How We Disclose Personal Information

We do not sell, rent, or trade your personal information to third parties. We may disclose personal information in the following limited circumstances:

• Service providers: Third-party providers that support our operations (e.g., cloud hosting, email, invoicing, or AI API services), bound by confidentiality obligations
• Legal requirements: Where disclosure is required by law, regulation, or a court or government order
• Business transfers: In the event of a merger, acquisition, or sale of business assets, subject to confidentiality commitments
• With your consent: In any other circumstance where you have expressly authorised disclosure

5. Overseas Disclosure

Some of the third-party service providers we use (for example, AI API providers or cloud infrastructure services) may store or process data in servers located overseas, including in the United States or Europe. Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient does not breach the APPs in relation to that information, including by relying on contractual protections or assessing that the recipient's jurisdiction has comparable privacy protections.

6. Data Security

We take reasonable steps to protect personal information we hold from misuse, interference, loss, and from unauthorised access, modification, or disclosure. These steps include:

• Preferring on-site deployment models that minimise data leaving client environments
• Limiting access to personal information to personnel who need it to perform their role
• Using encrypted communications and secure platforms for any remote collaboration
• Reviewing and improving our security practices as our services evolve

While we implement industry-standard safeguards, no method of electronic transmission or storage is completely secure. If you have reason to believe your information has been compromised, please contact us immediately.

7. Cookies and Website Tracking

Our website may use cookies and similar technologies to improve your browsing experience and understand how visitors use our site. Cookies are small files placed on your device by your browser. You can configure your browser to decline cookies, though this may affect certain functionality. We do not use cookies for advertising or to track you across third-party websites.

8. Retention of Personal Information

We retain personal information only for as long as necessary to fulfil the purpose for which it was collected, or as required by law. In practice:

• Client engagement records are retained for a minimum of seven years for tax and legal compliance purposes
• Enquiry and correspondence records are retained for up to two years after last contact
• Website analytics data is typically retained in aggregated, de-identified form only
• Job application materials are retained for up to 12 months unless an employment relationship is formed

When personal information is no longer required, we take reasonable steps to destroy or de-identify it securely.

9. Your Rights and Access

Under the Privacy Act, you have the right to:

• Access the personal information we hold about you, subject to certain exceptions under the Act
• Correct personal information that is inaccurate, out of date, incomplete, or misleading
• Make a complaint about how we handle your personal information
• Opt out of receiving direct marketing communications from us at any time

To exercise any of these rights, please contact us using the details in Section 11. We will respond to access and correction requests within 30 days. We will not charge a fee to make a request, though reasonable administrative fees may apply where a request is particularly complex.

10. Complaints

If you believe we have not handled your personal information in accordance with the Privacy Act or the APPs, please contact us in the first instance so that we can attempt to resolve your concern. We will acknowledge your complaint within 5 business days and aim to resolve it within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Post: GPO Box 5288, Sydney NSW 2001

11. Contact Us

For all privacy-related enquiries, access requests, corrections, or complaints, please contact us at:

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or business operations. The current version will always be published at vrmintelligence.com/privacy with the date it was last updated. We encourage you to review it periodically. Continued use of our website or services following an update constitutes acceptance of the revised policy.