What Information We Collect

Let's break down what we actually gather when you use our finance insights platform. Some of this you give us directly, other bits come from how you interact with our service.

Information You Provide

When you sign up or use our services, you might share:

• Your name, email address, and contact details when creating an account
• Financial data you choose to connect or input for analysis
• Payment information when subscribing to premium features
• Messages you send through our contact forms or support channels
• Profile preferences and notification settings

Information We Collect Automatically

As you navigate our platform, we gather technical information to improve your experience:

• Device type, browser information, and operating system
• IP address and general location data (city and state level)
• Pages visited, features used, and time spent on our platform
• Links clicked and search terms entered within our service
• Session data and interaction patterns

How We Use Your Information

We're not in the business of selling your data. Everything we collect serves a specific purpose related to providing and improving our finance insights service.

Service Delivery

The main reason we process your information is to actually deliver what you signed up for. This includes generating your financial insights, maintaining your account, processing payments, and sending you updates about your subscription.

Platform Improvement

We analyze usage patterns to figure out what works and what doesn't. If everyone's struggling with a particular feature, that tells us something needs fixing. This helps us prioritize development and make smarter decisions about where to focus our efforts.

Security and Fraud Prevention

Financial services are a target for bad actors. We monitor for suspicious activity, unusual login patterns, and potential security threats. This might mean temporarily blocking an account if we see something that looks off – better safe than sorry.

Communication

We'll send you essential account information, security alerts, and updates about our service. If you've opted in, you might also receive educational content and feature announcements. You can adjust these preferences anytime in your account settings.

Sharing and Disclosure

We keep your information close to the chest, but there are specific situations where we share data with others. Here's the complete picture.

Service Providers

We work with carefully vetted third-party companies who help us run our platform. This includes hosting providers, payment processors, analytics services, and customer support tools. These partners only access what they need to perform their specific function, and they're bound by strict confidentiality agreements.

Legal Requirements

Sometimes we're legally required to share information. This happens when we receive valid subpoenas, court orders, or other legal processes. We may also disclose data if we believe it's necessary to prevent harm, investigate fraud, or comply with Australian privacy regulations.

Business Transitions

In the event tavenlyros is acquired or merges with another company, your information would likely transfer as part of that transaction. We'd notify you beforehand and ensure the new entity honors this privacy policy or gives you a chance to delete your account.

Your Privacy Rights

Australian privacy law gives you real control over your personal information. These aren't just theoretical rights – we've built systems to make them easy to exercise.

How to Exercise Your Rights

Send requests to info@tavenlyros.com with "Privacy Request" in the subject line. Include your account email and specify what you'd like us to do. We'll verify your identity and respond within 30 days. If we need more time (complex requests sometimes happen), we'll let you know and explain why.

Data Security

Protecting financial information isn't something we take lightly. We've implemented multiple layers of security to keep your data safe from unauthorized access, theft, or misuse.

Encryption and Transport Security

All data moving between your device and our servers travels through encrypted connections using TLS 1.3 or higher. Financial data stored in our databases is encrypted at rest using industry-standard AES-256 encryption. Even if someone somehow accessed our storage systems, they'd find gibberish without the encryption keys.

Access Controls

Our team can't just browse user data on a whim. Access is strictly limited based on job function, logged for audit purposes, and protected by multi-factor authentication. Engineers working on the platform see anonymized test data – real user information is compartmentalized.

Infrastructure Security

We host our services with Australian data centers that maintain ISO 27001 certification and SOC 2 compliance. Regular security audits, penetration testing, and vulnerability scanning happen quarterly. We patch systems promptly when security updates are released.

Monitoring and Response

Automated systems monitor for unusual activity 24/7. If we detect a potential breach, our incident response plan kicks in immediately. This includes containment, investigation, notification (if your data was affected), and remediation. We'd contact you within 72 hours of confirming a breach that impacts your information.

Data Retention

We don't keep your information forever just because we can. Each data type has a specific retention period based on how long we need it.

Active Account Data

While your account is active, we maintain your profile information, financial data, and usage history to provide continuous service. You control how long this lasts – close your account, and we begin the deletion process.

After Account Closure

When you close your account, most of your data gets deleted within 90 days. Some information sticks around longer for legitimate reasons: transaction records for tax compliance (7 years), support communications for quality assurance (5 years), and basic account details to prevent re-registration fraud (3 years).

Aggregated Analytics

We convert individual usage data into anonymized statistics that can't be traced back to you. This aggregated information helps us understand platform trends and might be retained indefinitely since it's no longer personal data.

Cookies and Tracking

Like most websites, we use cookies and similar technologies. Here's what that actually means and how to control them.

Essential Cookies

These keep the site functioning. They remember your login session, security tokens, and basic preferences. Without these, you'd have to log in on every page – not exactly practical. You can't disable these through our cookie settings because they're necessary for the service to work.

Analytics Cookies

We track how people use our platform to identify problems and opportunities. Which features get ignored? Where do people get stuck? This data is anonymized and helps us prioritize improvements. You can opt out through your account preferences.

Managing Cookie Preferences

Access cookie settings through your account dashboard under Privacy Settings. You can disable optional cookies while keeping essential ones active. Browser settings also let you block or delete cookies, though this might break some functionality.

International Data Transfers

tavenlyros primarily operates within Australia, and we store data in Australian data centers. But the internet is global, and some of our service providers operate internationally.

If your information needs to be processed outside Australia, we ensure adequate protections are in place. This means standard contractual clauses approved by privacy regulators, adequacy decisions recognizing equivalent privacy standards, or other approved transfer mechanisms.

When we work with international service providers, we verify they meet Australian privacy standards or equivalent protections. You have the right to ask about specific international transfers affecting your data.

Children's Privacy

tavenlyros is designed for adults managing their finances. We don't knowingly collect information from anyone under 18 years old. If you're a parent and discover your child has created an account, contact us and we'll delete it promptly.

Our platform deals with financial information and concepts that aren't appropriate for children. If we learn we've accidentally collected data from a minor, we'll take immediate steps to remove it from our systems.

Changes to This Policy

Privacy practices evolve as technology and regulations change. When we update this policy, we'll post the revised version here with a new "Last Updated" date at the top.

For minor clarifications or additions, we'll simply update the policy. If we make significant changes that affect how we handle your data, we'll notify you by email at least 30 days before the changes take effect. This gives you time to review the updates and decide if you want to continue using our service.

Continuing to use tavenlyros after policy changes means you accept the updated terms. If you disagree with modifications, you can close your account before they take effect.

Privacy Complaints

If you believe we've mishandled your personal information or violated your privacy rights, we want to hear about it. Start by contacting our privacy team at info@tavenlyros.com with details about your concern.

We'll acknowledge your complaint within 5 business days and provide a full response within 30 days. If the matter is complex and needs more time, we'll explain why and give you a timeline.

Not satisfied with our response? You have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC). They're the privacy regulator for Australia and can investigate whether we've breached the Privacy Act. You can reach the OAIC at oaic.gov.au or call 1300 363 992.