Privacy Policy
Imprint, operated by Upgraded Last updated: 19 May 2026
This Privacy Policy explains how Upgraded Co Pty Ltd (ABN 82 655 679 404) ("we", "us", "our") collects, uses, stores, and discloses personal information when you use Imprint ("the Service"). We are committed to handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
By creating an account or using the Service, you consent to the practices described in this Policy.
1. Who We Are
The Service is operated by Upgraded Co Pty Ltd (ABN 82 655 679 404), based in Australia. Contact: hello@upgraded.au.
2. What Information We Collect
2.1 Account information
When you sign up, we collect your name, email address, and any other information you provide during account creation. If you represent an organisation, we may also collect your business name and ABN.
2.2 Document content
When you use the Service to create documents, we collect the content you input ("Input Content"), including text, data, templates, brand assets, and other materials you upload or type into the platform. We also store the documents the Service generates for you ("Output Content").
2.3 Usage data
We automatically collect information about how you use the Service, including:
- log data (IP address, browser type, pages visited, time and date of access);
- device information (device type, operating system);
- feature usage (which tools you use, how many documents you generate, session duration); and
- error reports and diagnostic data.
2.4 Billing information
When you subscribe to the Service, billing is handled by Stripe. We do not store your full payment card details. Stripe provides us with a tokenised representation of your payment method and billing history. For details on how Stripe handles your payment data, see stripe.com/privacy.
2.5 Communications
If you contact us by email or through the Service, we retain a record of that correspondence.
3. How We Use Your Information
We use the information we collect to:
- create and manage your account;
- provide, operate, and improve the Service;
- process your document requests via the AI generation pipeline;
- manage billing and subscriptions;
- send transactional communications (receipts, password resets, service notices);
- send product updates and announcements (you can opt out at any time);
- monitor usage to enforce our Terms of Service and acceptable use policies;
- diagnose technical problems and improve platform reliability;
- comply with our legal obligations; and
- respond to your enquiries and support requests.
We do not sell your personal information to third parties. We do not use your Input Content or Output Content to train AI models or for any purpose other than providing the Service to you.
4. Sub-processors and Third-Party Disclosure
We share your information with the following third-party sub-processors to operate the Service. Each is bound by data processing obligations consistent with this Policy.
| Sub-processor | Purpose | Data involved | Location |
|---|---|---|---|
| Anthropic | AI document generation | Input Content sent via API for processing | United States |
| Supabase | Database and file storage | Account data, document content | Sydney, Australia (AWS ap-southeast-2) |
| Vercel | Application hosting and delivery | Request logs, session data | Global edge network (data may transit multiple regions) |
| Stripe | Payment processing | Billing information | United States |
A note on Anthropic: Your Input Content is transmitted to Anthropic's API to generate documents. Anthropic does not use content submitted through its API to train its AI models. For full details, see Anthropic's usage policy at anthropic.com/policies.
We may also disclose your information to:
- government authorities or law enforcement where required by law or valid legal process;
- professional advisors (legal, accounting) under duties of confidentiality; and
- a successor entity in connection with a sale, merger, or restructure of our business, provided that entity agrees to handle your information consistent with this Policy.
We will not otherwise disclose your personal information without your consent.
5. Data Storage and Security
Your account data and document content are stored in Supabase's Sydney region (AWS ap-southeast-2), keeping your data within Australia.
We take reasonable technical and organisational steps to protect your personal information from unauthorised access, loss, or misuse, including:
- encryption of data in transit (TLS) and at rest;
- access controls limiting who can access your data within our systems;
- use of reputable, security-certified infrastructure providers; and
- regular review of our security practices.
No method of transmission or storage is completely secure. While we take these precautions, we cannot guarantee absolute security. If you suspect unauthorised access to your account, contact us immediately at hello@upgraded.au.
6. Data Retention
We retain your personal information for as long as your account is active and for a reasonable period afterwards to allow you to reactivate your account, comply with legal obligations, and resolve disputes.
Specific retention practices:
- Account information: retained for the life of your account plus 7 years after closure (to meet Australian tax and record-keeping obligations).
- Document content: retained while your account is active. On account closure, document content is deleted within 90 days unless legal retention obligations require otherwise.
- Usage logs: retained for 12 months in identifiable form, then aggregated or deleted.
- Billing records: retained for 7 years to comply with Australian financial record-keeping requirements.
You may request earlier deletion of your document content at any time (see Section 8).
7. Cookies and Tracking
The Service uses cookies and similar technologies to:
- maintain your session and authentication state;
- remember your preferences;
- analyse usage patterns to improve the Service; and
- support payment processing via Stripe.
You can control cookies through your browser settings. Disabling cookies may limit your ability to use certain features of the Service.
We do not use third-party advertising cookies or share data with advertising networks.
8. Your Rights Under the Australian Privacy Act
Under the Privacy Act 1988 (Cth), you have the right to:
Access: Request access to the personal information we hold about you.
Correction: Request that we correct personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading.
Complaint: Lodge a complaint if you believe we have mishandled your personal information. We will respond to complaints within 30 days. If you are not satisfied with our response, you may escalate to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
To exercise any of these rights, contact us at hello@upgraded.au. We may need to verify your identity before we can act on a request.
We will respond to access and correction requests within 30 days. In complex cases, we may extend this by a further 30 days and will notify you if we do.
9. International Data Transfers
Some of our sub-processors (Anthropic, Vercel, Stripe) process data outside Australia, including in the United States. Vercel operates a global edge network and your data may transit multiple regions as part of normal application delivery.
Where your information is transferred internationally, we take reasonable steps to ensure it receives a level of protection consistent with the Australian Privacy Principles. Specifically, we enter into Data Processing Agreements (DPAs) with each international sub-processor. These agreements require each provider to handle your information in accordance with applicable privacy law and to implement appropriate technical and organisational security measures.
You can review the data processing commitments of each sub-processor at their respective privacy pages: anthropic.com/policies, vercel.com/legal/privacy-policy, and stripe.com/privacy.
10. Children's Privacy
The Service is not directed at children under 18 years of age. We do not knowingly collect personal information from anyone under 18. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email and by displaying a notice in the Service at least 14 days before the changes take effect. The updated Policy will include a revised "Last updated" date at the top.
Continued use of the Service after the effective date of a material change constitutes your acceptance of the updated Policy.
12. Contact Us
For any privacy enquiries, access requests, correction requests, or complaints:
Email: hello@upgraded.au Business: Upgraded Co Pty Ltd (ABN 82 655 679 404), Australia
We aim to respond to all privacy enquiries within 5 business days.
This Privacy Policy was last updated on 19 May 2026. It is intended to be reviewed by a qualified Australian privacy lawyer before a full public launch.