Here's what happens to the information you share with us when you decide to work with sirunavelon. We've organized this around what actually matters to you rather than following the standard template everyone else uses.
Current as of January 2025The nature of what we receive depends entirely on how you interact with our service. Someone exploring financial trend analysis tools will naturally provide different specifics compared to someone requesting direct consulting assistance.
When you establish an account, we obtain identifying particulars. Your full name appears on documentation. Your email becomes the primary communication channel. If you're representing an organization, we record your business designation and the entity name. This baseline information allows us to distinguish you from other users and maintain continuity across sessions.
Payment details enter the picture if you select a subscription tier or purchase analytical reports. We don't hold complete card numbers ourselves—our payment processor manages that sensitive material. What reaches us includes transaction confirmation codes and billing address elements needed for reconciliation and dispute resolution.
As you navigate through different analytical tools, we capture traces of those movements. Which trend recognition modules get activated most frequently. What time periods you examine. The specific market segments that draw your attention repeatedly. This behavioral data reveals nothing about your personal identity on its own, but when linked to your account, it forms a picture of how you work with financial information.
Technical identifiers arrive automatically. IP addresses indicate general geographic zones. Browser specifications determine which interface elements display correctly. Device types influence responsive layout adjustments. These technical markers help us maintain functionality rather than build profiles.
Support inquiries bring additional context. When you describe a technical problem or ask clarification questions, that exchange gets logged. If you share financial scenarios to illustrate your analysis needs, those examples become part of your support record. This correspondence history prevents you from explaining the same situation multiple times to different support staff.
Purpose determines everything. Each category of information serves specific functions. Nothing gets repurposed beyond its original justification without reconsidering whether that new use requires explicit permission.
Your account credentials grant access to customized dashboards. Historical usage informs which analytical templates surface first. Previous search patterns might influence suggested market sectors worth examining. The platform adapts presentation based on demonstrated preferences rather than maintaining identical interfaces for everyone.
Technical diagnostics rely on device and browser specifics. When something malfunctions, we correlate error reports with technical configurations to isolate causes. Geographic indicators help us route traffic through appropriate servers to minimize latency.
Billing cycles depend on accurate payment records. Transaction histories resolve disputes when charges appear questionable. If subscription renewals fail, we need contact methods to notify you before access interruption occurs. Australian tax obligations require maintaining records that demonstrate proper GST handling.
Service announcements reach users through recorded email addresses. Platform updates that alter functionality warrant direct notification. Security incidents affecting account protection require immediate contact. You decide whether to receive educational content about financial analysis techniques—that remains optional rather than mandatory.
Aggregate usage patterns reveal which features get adopted versus ignored. If most users abandon a particular analytical tool halfway through, that signals a design problem worth investigating. Regional concentration of certain activities might justify interface translations. These insights emerge from anonymized collective behavior rather than individual surveillance.
Performance monitoring detects degradation before it becomes critical. Slow query responses indicate database optimization needs. Unusual traffic spikes might signal infrastructure scaling requirements. System health depends on continuous measurement against operational baselines.
sirunavelon operates primarily through internal systems, but certain functions require involving outside entities. Those relationships exist under contractual restraints that limit what external parties can do with information they process on our behalf.
Cloud hosting providers store user data and application code. They maintain physical security for server facilities but hold no rights to examine or exploit the information they house. Payment processors handle transaction authorization and settlement. They see purchase amounts and card details during the payment flow but operate under strict financial industry regulations. Email delivery services route messages we compose but don't initiate communications independently.
These operational partnerships follow data processing agreements. External vendors act as extensions of our internal capabilities rather than independent controllers making their own decisions about information use.
Australian authorities can compel disclosure through proper legal channels. Court orders, regulatory investigations, or statutory obligations might require providing specific user records. We assess each demand for legal validity before compliance. Overly broad requests get challenged when they exceed legitimate scope. When legally permissible, we notify affected users about information requests concerning their accounts.
If sirunavelon merges with another entity or transfers service operations, user information travels with those business assets. Acquisition scenarios require informing users about ownership transitions. New controlling parties inherit existing privacy commitments until they provide proper notice of any policy modifications they intend to implement.
Australian user information stays within Australian data centers. We selected infrastructure providers with local facilities specifically to avoid cross-border data movement complications. Technical support staff access systems through secure connections rather than maintaining information copies in offshore locations.
Security exists as layered defense rather than absolute barrier. Each protective measure reduces specific risk categories without eliminating vulnerability entirely. Being transparent about limitations matters more than exaggerating protective capabilities.
Encryption wraps data during transmission between your device and our servers. Storage systems use encrypted volumes so physical server theft doesn't immediately expose readable information. Access controls limit which staff members can view particular data categories. Account credentials require strong password parameters. Optional two-factor authentication adds an extra verification layer.
Automated monitoring watches for suspicious access patterns. Unusual login locations trigger additional verification steps. Multiple failed authentication attempts temporarily lock accounts. Database queries get logged so unauthorized information retrieval attempts leave traces for investigation.
Staff training covers information handling obligations. Background checks screen employees before granting system access. Confidentiality agreements establish legal consequences for improper disclosure. Regular security audits test whether protective controls actually function as designed.
Determined attackers with substantial resources might eventually breach defenses. Social engineering can trick legitimate users into revealing credentials. Software vulnerabilities sometimes go undetected until actively exploited. Third-party infrastructure providers face their own security challenges that affect everyone using their services.
Account security depends partly on your password practices. Reusing credentials across multiple services means a breach elsewhere compromises your sirunavelon account. Sharing login details with colleagues creates accountability gaps. Accessing your account from public computers without proper logout creates exposure windows.
You hold several decision points regarding information we maintain. These controls function through account settings or direct requests to our support team.
Account dashboards display profile information available for direct editing. Name changes, updated email addresses, revised business affiliations—you can modify these elements without assistance. For information not exposed through the interface, submit access requests specifying what you want to review. We respond within reasonable timeframes with the requested material in readable format.
Correction requests address inaccurate records. If your account shows incorrect business affiliations or outdated contact methods, point out the errors so we can make adjustments. Historical records of past transactions stay intact for accounting integrity, but current profile elements remain editable.
Marketing communication preferences operate through subscription management tools. Unsubscribe from educational newsletters while keeping service announcements. Disable usage analytics collection if you prefer minimizing data footprints, though this might reduce interface personalization benefits.
Object to specific processing activities by explaining your reasoning. We evaluate whether legitimate operational needs override individual preferences. When objections prove justified, we adjust handling practices or offer alternative service delivery methods that accommodate your concerns.
Account closure triggers information removal workflows. Personal identifiers get purged from active systems. Anonymized usage statistics might persist in aggregate analytics databases where they can't be reconnected to you individually. Financial records required for tax compliance stay in archival storage for the legally mandated retention period before final deletion.
Immediate complete erasure isn't always technically feasible. Backup systems follow their own rotation schedules. Deleted information gradually disappears from backup archives as older versions expire and get overwritten by newer backup cycles.
Request structured exports of information you've provided directly. This includes profile details, saved analysis configurations, and historical report parameters. We deliver this material in common formats readable by other applications. System-generated logs and derived analytics fall outside portability scope since they represent our observations rather than your contributions.
Active accounts maintain full information sets. Subscriptions lapsed for over twelve months trigger profile archival. Archived accounts keep minimal identifying details and transaction history for regulatory compliance but shed granular usage patterns and preferences. After regulatory retention periods expire, archived material gets permanently deleted.
Support correspondence remains accessible for two years following resolution. Financial records persist for seven years matching Australian tax requirements. Anonymized analytics contribute to ongoing platform improvement indefinitely since they contain no reconnection paths to specific individuals.
Privacy inquiries reach us through multiple channels. For straightforward questions, email support@sirunavelon.com with "Privacy Query" in the subject line. Formal access or deletion requests benefit from written documentation sent to our registered office at 25a Kingsley St, Acton ACT 2601, Australia.
Phone contact at +61 2 4982 7770 connects you with staff who can explain processes or escalate concerns requiring management attention. Complex matters involving regulatory compliance or legal interpretation get routed to our privacy officer within two business days.
If you believe we've mishandled your information despite attempts to resolve concerns directly, lodge complaints with the Office of the Australian Information Commissioner. They investigate privacy breaches and mediate disputes between individuals and organizations subject to Australian privacy law.