Privacy Policy
Effective date: 24 June 2026
Aleverum Global Pty Ltd, ABN 76 698 919 256, operates the Aleverum platform, website, and related services. In this Privacy Policy, “Aleverum”, “we”, “us”, and “our” refers to Aleverum Global Pty Ltd.
This Privacy Policy explains how we collect, use, disclose, store, and protect personal information in connection with our website, platform access requests, product demonstrations, business communications, AI-assisted product intelligence workflows, Digital Product Passport workflows, and related services.
Aleverum is currently a startup. We are reviewing whether we are legally required to comply with the Australian Privacy Principles under the Privacy Act 1988, including whether any small-business exemption applies. Regardless of that status, we aim to handle personal information responsibly and in a way that supports privacy, security, and customer trust.
1. Information We Collect
We may collect the following kinds of personal information:
- name;
- email address;
- phone number, if provided;
- company or organisation name;
- job title;
- country or location;
- contact and enquiry details;
- meeting, demonstration, or platform access requests;
- onboarding or support information; and
- other information provided to us through business communications.
We may also collect technical and website information, including:
- IP address;
- browser type;
- device information;
- pages visited;
- referral source;
- website interaction information;
- analytics and usage information; and
- cookie-related information.
Where applicable, the Aleverum platform may process product, supplier, evidence, compliance, Digital Product Passport, and user-generated platform information. Some of this information may include personal information, depending on what customers or users upload or provide.
2. How We Collect Information
We may collect information when you:
- visit our website;
- contact us;
- request platform access;
- request a product demonstration;
- communicate with us by email or other channels;
- use or interact with the Aleverum platform;
- provide product, supplier, compliance, or evidence-related information; or
- otherwise provide information to us in connection with our services.
We may also collect technical information automatically through cookies, analytics tools, logs, and similar technologies.
3. How We Use Information
We may use information to:
- respond to enquiries and requests;
- provide demonstrations, onboarding, support, and platform access;
- operate, maintain, secure, and improve the Aleverum platform;
- support Digital Product Passport and product data governance workflows;
- support product evidence, claims, and compliance workflows;
- conduct analytics and usage monitoring;
- maintain platform security and integrity;
- detect fraud, misuse, unauthorised access, or security risks;
- communicate service, product, or business updates;
- comply with legal, regulatory, audit, and governance obligations; and
- support internal business operations.
We will only use personal information for purposes that are reasonably connected to the reason it was collected, or otherwise where permitted by law.
4. AI-Assisted Workflows
Aleverum may use AI-assisted technologies to support:
- product data structuring;
- evidence analysis;
- claim-to-evidence matching;
- product intelligence workflows;
- risk identification;
- readiness assessments; and
- data review and governance workflows.
AI-assisted outputs are intended to support human review and governance processes. They do not replace legal, regulatory, audit, certification, or professional advice.
Where personal information is used in AI-assisted workflows, we aim to minimise unnecessary use of that information where practical.
[Legal/operational confirmation required: confirm whether Aleverum uses personal information in AI workflows, whether any outputs are used for automated decisions, whether human review is always involved, which AI providers are used, and whether any customer or user data is used to train, fine-tune, improve, or evaluate AI models.]
5. Cookies and Analytics
Our website may use cookies, analytics tools, and similar technologies to understand how visitors interact with the website, improve functionality, and support website performance.
These technologies may collect information such as:
- browser type;
- device information;
- website usage patterns;
- session information;
- referral data; and
- general analytics information.
Some cookies may be necessary for website functionality. Others, such as analytics or marketing cookies, may depend on the settings available through our cookie consent tool.
You may manage cookie settings through your browser and, where available, through the website’s cookie consent preferences.
[Legal/operational confirmation required: confirm cookie categories, analytics vendors, marketing cookies, tracking pixels, cross-site tracking, and consent/withdrawal process.]
6. Direct Marketing and Product Communications
We may use contact details to send product updates, business information, or other communications that may be relevant to our services.
Where we send marketing communications, we will provide a way to opt out or unsubscribe where required. You may also contact us at privacy@aleverum.com to ask us to stop sending marketing communications.
We may still send non-marketing communications, such as security, service, support, or account-related messages.
7. Disclosure of Information
We may disclose information where reasonably necessary to:
- website hosting providers;
- cloud infrastructure providers;
- analytics providers;
- communication and email service providers;
- platform functionality providers;
- AI-assisted service providers;
- security monitoring providers;
- technical support providers;
- professional advisers;
- regulators or authorities where required by law;
- law enforcement agencies where required by law; and
- business or operational partners where appropriate.
We do not sell personal information.
[Legal/operational confirmation required: confirm whether any disclosure to business or operational partners occurs, and whether those partners should be named or described more narrowly.]
8. Overseas Handling, Processing, and Disclosure
Depending on the technologies, infrastructure, and service providers we use, personal information may be handled outside Australia.
Where practicable, the countries and regions where personal information may be handled include:
- Australia;
- New Zealand;
- United States;
- Canada;
- United Kingdom;
- European Union and European Economic Area countries;
- Singapore;
- India;
- Philippines;
- Japan;
- South Korea;
- Hong Kong;
- Malaysia;
- Indonesia;
- Thailand;
- Vietnam;
- Taiwan;
- United Arab Emirates;
- Israel;
- South Africa;
- Brazil;
- Mexico; and
- other countries where our service providers, cloud infrastructure, support teams, security providers, analytics providers, AI providers, payment processors, communication platforms, or professional advisers are located or operate.
Overseas handling may include disclosure, cloud hosting, data storage, backups, technical routing, support access, maintenance access, security monitoring, incident response, analytics processing, AI workflow processing, communications delivery, payment processing, and operational support.
Where we disclose personal information to an overseas recipient, we take reasonable steps to ensure the recipient handles that information in a way that is consistent with the Australian Privacy Principles, unless an exception applies.
For cloud and service-provider arrangements, whether overseas handling is considered overseas use or overseas disclosure may depend on the degree of control we retain over the information. Because this distinction can be difficult in practice, this Privacy Policy describes overseas handling broadly, including storage, access, support, routing, processing, and disclosure.
9. Data Storage and Security
We take reasonable technical and organisational steps to protect personal information and platform-related data from misuse, interference, loss, unauthorised access, modification, and disclosure.
Security measures may include:
- access controls;
- role-based permissions;
- secure authentication controls;
- monitoring and logging;
- secure hosting environments;
- backup and recovery processes;
- security review procedures; and
- infrastructure and software maintenance.
No method of electronic storage or transmission is completely secure, and absolute security cannot be guaranteed.
10. Data Retention
We retain information for as long as reasonably necessary for the purposes for which it was collected, including:
- business operations;
- platform functionality;
- support and account management;
- security monitoring;
- legal obligations;
- dispute resolution;
- record-keeping;
- governance and audit purposes; and
- legitimate operational needs.
When information is no longer required, we may delete, de-identify, archive, or securely destroy it, where appropriate.
[Legal/operational confirmation required: confirm retention periods or criteria for website enquiries, platform accounts, customer-uploaded content, product evidence, support tickets, analytics data, security logs, AI workflow data, and legal records.]
11. Access and Correction
You may request access to, or correction of, personal information we hold about you, subject to applicable legal requirements and limitations.
To make a request, contact privacy@aleverum.com.
We may need to verify your identity before responding. If we cannot provide access or make a requested correction, we will explain why where required or appropriate.
[Legal confirmation required: insert expected response timeframe, such as “within a reasonable period” or a specific operational target.]
12. Privacy Complaints
If you have a privacy concern or complaint, contact us at:
privacy@aleverum.com
We will review your complaint and aim to respond within a reasonable period.
If you are not satisfied with our response, you may be able to contact the Office of the Australian Information Commissioner or another applicable privacy regulator.
13. Customer-Uploaded Platform Data
Customers and users may upload or provide product, supplier, evidence, compliance, Digital Product Passport, and other platform-related information.
Some customer-uploaded information may include personal information, such as names, business contact details, supplier contacts, reviewer details, or information contained in documents or evidence records.
[Legal/operational confirmation required: clarify whether Aleverum acts as an independent controller/business, a processor/service provider acting on customer instructions, or both depending on the data and context. Align this section with customer terms, data processing terms, and platform agreements.]
14. Third-Party Links
The Aleverum website may contain links to third-party websites or services.
We are not responsible for the privacy practices, content, or security of third-party websites or platforms.
15. Children’s Privacy
The Aleverum website and platform are intended for business and professional use and are not directed to children.
We do not knowingly seek to collect personal information from children.
16. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in:
- legal obligations;
- technology;
- platform functionality;
- business operations;
- AI-assisted workflows;
- service providers;
- data handling practices; or
- security practices.
Updated versions will be published on our website with a revised effective date.
17. Contact Information
For privacy, security, or data-related enquiries, contact:
Aleverum Global Pty Ltd
ABN 76 698 919 256
Aleverum Platform
Privacy enquiries: privacy@aleverum.com
General support: support@aleverum.com
Legal enquiries: legal@aleverum.com
Legal Review Note
This Privacy Policy is intended as a working draft for legal review. Before publication, Aleverum should confirm its Privacy Act status, AI workflow practices, provider locations, cookie and analytics vendors, direct marketing practices, customer data role allocation, and retention rules.