Privacy Policy
Last Updated: May 2026
1. About This Policy
This Privacy Policy explains how Earlymark AI Pty Ltd (Earlymark, we, us, or our) collects, uses, holds, and discloses personal information in connection with the Earlymark website, AI receptionist, CRM, messaging, scheduling, quoting, billing, and related services (Platform).
The Platform is intended for Australian business customers only. By using the Platform, you confirm that you are using it for business purposes in Australia and that you are authorised to provide personal information about your staff, customers, suppliers, and other contacts.
2. Your Responsibilities
You are responsible for the personal information you enter into the Platform or cause the Platform to collect on your behalf. This includes ensuring that your customers and staff are properly notified, that any required consents are obtained, and that your use of AI, phone, SMS, email, and follow-up workflows complies with applicable laws, including privacy, consumer, spam, and telecommunications laws.
3. Information We Collect
We may collect and hold the following kinds of information:
- Account and identity information: names, email addresses, phone numbers, business names, ABNs, roles, login details, and workspace settings.
- Business and job information: customer details, job descriptions, site addresses, notes, schedules, pipeline stages, quotes, invoices, photos, files, and related records.
- Communications information: SMS and email content, call metadata, call transcripts, AI-generated summaries, follow-up records, and support messages.
- Voice interaction information: live call audio may be processed transiently so the AI receptionist can answer and respond. Earlymark does not intentionally store call audio recordings. We may store transcripts, summaries, call outcomes, phone numbers, dates, times, durations, and related CRM records.
- Billing and transaction information: subscription status, invoices, payment status, billing identifiers, usage charges, and related payment metadata. Full card details are handled by payment providers.
- Device, usage, and security information: IP addresses, browser and device details, log data, cookies or similar identifiers, product usage events, crash reports, and security audit records.
- AI output and derived information: classifications, summaries, suggested replies, draft quotes, appointment suggestions, lead status, and other outputs generated from information in the Platform.
4. How We Collect Information
We collect information when:
- you create an account, configure your workspace, or use the Platform;
- your staff, customers, or contacts interact with your AI receptionist or CRM workflows;
- you connect third-party services such as calendars, accounting, email, or messaging tools;
- you contact us for support, sales, billing, or product feedback;
- we receive webhook, delivery, usage, security, or billing events from service providers;
- our website or Platform records usage, diagnostic, security, or performance information.
5. How We Use Information
We use information to:
- provide, operate, secure, maintain, and improve the Platform;
- answer calls, generate transcripts and summaries, send messages, schedule jobs, and update CRM records;
- process subscriptions, usage charges, invoices, credits, referrals, and payments;
- provide onboarding, support, troubleshooting, alerts, and service communications;
- monitor reliability, prevent fraud, enforce limits, detect abuse, and protect the Platform;
- develop and improve features using aggregated, de-identified, or operational analytics;
- comply with legal obligations, respond to lawful requests, and protect our rights.
6. AI Processing and Model Training
The Platform uses external AI systems to generate responses, summaries, classifications, drafts, and other outputs. Customer content is processed to provide the service and generate requested outputs.
Earlymark does not use customer content to train AI models. Earlymark does not operate its own foundation models. External AI systems are used to provide the service, and Earlymark does not authorise customer content to be used to train public or general-purpose AI models.
AI outputs may be inaccurate, incomplete, delayed, or unsuitable for a particular purpose. You are responsible for reviewing AI-generated quotes, schedules, messages, invoices, and other actions before relying on them where review is appropriate or required.
7. Disclosure to Service Providers
We use third-party service providers to deliver the Platform. To avoid exposing unnecessary operational detail, this public policy describes provider categories rather than naming every provider. Providers may include services for:
- hosting, database, storage, authentication, and infrastructure;
- telephony, SMS, email, voice, and real-time communications;
- AI processing, speech-to-text, text-to-speech, and automation;
- payments, billing, accounting, and invoicing integrations;
- maps, address lookup, calendars, email inboxes, and other connected tools;
- analytics, error monitoring, security logging, and support.
We require service providers to use information only for authorised purposes. Some providers may process or store information outside Australia, including in countries such as the United States, New Zealand, the United Kingdom, Singapore, or member states of the European Union. We take reasonable steps to use reputable providers and appropriate contractual, technical, and organisational controls.
8. Marketing and Electronic Messages
We may send service, billing, security, onboarding, and product communications. We may send marketing communications where we have consent or are otherwise permitted by law. Commercial electronic messages will identify Earlymark and include a functional unsubscribe or opt-out mechanism where required.
If you use the Platform to send messages to your customers, you are responsible for ensuring you have consent or another lawful basis to send those messages and for honouring unsubscribe, opt-out, and do-not-contact requests.
9. Cookies and Website Technologies
We use cookies, local storage, pixels, logs, and similar technologies for authentication, security, preferences, analytics, performance, error monitoring, and product improvement. More information is available in our Website Technologies Policy.
10. Retention
We retain information for as long as reasonably necessary to provide the Platform, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and protect our legitimate business interests. Typical retention periods include:
| Information type | Typical retention |
|---|---|
| Account, workspace, contact, job, quote, invoice, and CRM records | For the life of the account and up to 2 years after closure, unless deleted earlier or retained for legal reasons |
| Billing, tax, payment, and accounting records | Up to 7 years or longer if required by law |
| Call audio | Not intentionally stored by Earlymark |
| Transcripts, summaries, messages, AI logs, and communication records | While the account is active and up to 2 years after closure, unless deleted earlier or retained for legal reasons |
| Security, audit, diagnostic, and access logs | Usually up to 12 months, or longer for investigation, fraud prevention, or security purposes |
| Deleted account data and backups | Usually purged or de-identified within 90 days, subject to backups, legal holds, and billing records |
| Aggregated or de-identified information | Indefinitely |
11. Security
We use reasonable technical and organisational safeguards designed to protect personal information, including access controls, encryption in transit, credential protection, monitoring, logging, and operational security practices. No internet or cloud service can be guaranteed to be completely secure, and you are responsible for maintaining secure passwords, devices, integrations, and user permissions.
12. Access and Correction
You may request access to, or correction of, personal information we hold about you, subject to the Australian Privacy Act 1988 and Australian Privacy Principles. We may refuse or limit access where permitted by law, including where a request is unreasonable, would affect the privacy of others, would reveal confidential commercial information, or would compromise security.
To make a request, contact privacy@earlymark.ai.
13. Data Breaches
If we become aware of a data breach, we will assess it and take steps we consider appropriate. Where required by the Notifiable Data Breaches scheme, we will notify affected individuals and the Office of the Australian Information Commissioner.
14. Business Transfers
If Earlymark is involved in a merger, acquisition, restructure, financing, sale of assets, or similar transaction, personal information may be disclosed or transferred as part of that transaction, subject to applicable law.
15. Changes to This Policy
We may update this Privacy Policy from time to time by posting a revised version on this page. The updated policy applies from the date it is posted, unless stated otherwise. Continued use of the Platform after an update means you accept the updated policy.
16. Contact and Complaints
Privacy questions, requests, or complaints should be sent to:
Email: privacy@earlymark.ai
If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner at oaic.gov.au.