Privacy Policy

This privacy policy is provided in English. 本隐私政策以英文提供。

Last updated: 24 February 2026

Roodee Pty Ltd (ABN 23 689 968 545), trading as Roodee AI Lab ("Roodee", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use our Roodee AI Chat platform ("Service").

We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and, where applicable, the General Data Protection Regulation (GDPR).

1. Information We Collect

1.1 Account Information (Customers)

When you register for an account, we collect:

  • Name and email address
  • Business name and website URL
  • Password (stored as a salted bcrypt hash; we never store plaintext passwords)
  • Billing information (processed securely by Stripe; we do not store credit card numbers)

1.2 Conversation Data (End Users)

When visitors interact with AI Employees on our customers' websites, we collect:

  • Chat messages exchanged between the visitor and the AI Employee
  • Contact information voluntarily provided by the visitor (e.g., name, email, phone number) through the lead capture feature
  • Session metadata (timestamps, session identifiers)
  • Browser type, language preference, and referring page URL

1.3 Knowledge Base Data

Customers upload content (documents, website URLs, FAQs) to train their AI Employees. This content is processed and stored to provide the Service.

1.4 Usage and Technical Data

We automatically collect:

  • IP address
  • Device and browser information
  • Pages visited and actions taken within the Service
  • Error logs and performance data

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process AI conversations and generate responses
  • Process payments and manage subscriptions
  • Send transactional emails (account verification, billing, escalation notifications)
  • Provide customer support
  • Monitor usage and enforce subscription limits
  • Detect, prevent, and address fraud, abuse, and security issues
  • Comply with legal obligations

We do not sell your personal information to third parties.

3. AI Processing

Conversation messages and knowledge base content are sent to third-party AI providers (currently OpenAI) to generate responses. This processing is necessary to provide the core functionality of the Service. We use AI provider APIs in accordance with their data processing terms, and conversation data sent to AI providers is not used to train their models.

AI-generated responses are based on probabilistic language models and may contain inaccuracies. We do not guarantee the accuracy of any AI-generated content.

4. Data Sharing and Disclosure

We may share personal information with:

  • Service Providers: Third-party companies that help us operate the Service, including:
    • OpenAI (AI conversation processing)
    • Stripe (payment processing)
    • Amazon Web Services (hosting, storage, email delivery)
  • Customers: Conversation data and lead information collected through AI Employees is shared with the respective customer (business) that owns the AI Employee.
  • Legal Requirements: When required by law, court order, or governmental authority, or to protect the rights, safety, or property of Roodee, our customers, or the public.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, personal information may be transferred as a business asset.

5. Data Storage and Security

Your data is stored on servers located in the Asia-Pacific region (AWS ap-southeast-2, Sydney). We implement industry-standard security measures, including:

  • Encryption in transit (TLS/HTTPS) and at rest
  • Salted bcrypt password hashing
  • Row-level security (RLS) for multi-tenant data isolation
  • Rate limiting and input validation
  • Regular security reviews

While we take reasonable precautions, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your data.

6. Data Retention

  • Account Data: Retained for the duration of your account and for up to 30 days after account closure.
  • Conversation Data: Retained for up to 12 months after the conversation, unless the customer deletes it earlier.
  • Knowledge Base Data: Retained for the duration of the customer's account and deleted within 30 days of account closure.
  • Billing Records: Retained for 7 years as required by Australian tax law.
  • Demo/Trial Data: Deleted automatically 7 days after the trial or demo expires.

7. Your Rights

Under the Australian Privacy Principles and applicable law, you have the right to:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal information.
  • Deletion: Request deletion of your personal information, subject to our legal obligations.
  • Data Portability: Request your data in a machine-readable format (e.g., CSV export of leads).
  • Complaint: Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the APPs.

To exercise any of these rights, contact us at info@roodee.com.au. We will respond within 30 days.

8. Cookies and Tracking

We use essential cookies to maintain your session and authentication state. We do not use advertising or tracking cookies. The chat widget uses a session identifier stored in the browser to maintain conversation continuity.

9. End Users of Our Customers

If you are an end user interacting with an AI Employee on a customer's website, please note:

  • The customer (business) that deployed the AI Employee is the data controller for your conversation data and any contact information you provide.
  • Roodee acts as a data processor on behalf of the customer.
  • You should refer to the customer's own privacy policy for information about how they handle your data.
  • You are interacting with an AI system, not a human. Responses are generated automatically and may not be accurate.

10. Children's Privacy

The Service is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete it promptly.

11. International Data Transfers

Your data may be transferred to and processed in countries outside Australia (e.g., the United States for AI processing via OpenAI). We ensure that such transfers are subject to appropriate safeguards in accordance with the APPs and, where applicable, Standard Contractual Clauses under the GDPR.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through an in-app notification. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at:

Roodee Pty Ltd (ABN 23 689 968 545), trading as Roodee AI Lab
Email: info@roodee.com.au
Website: roodee.com.au

You may also contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au if you have concerns about how we handle your personal information.