Privacy Policy
Effective date: 9 April 2026
Last updated: 12 May 2026
This Privacy Policy explains how The Little Tamar Dairy Company Pty Ltd (ABN 57 624 539 699), trading as BatchBuddy (“BatchBuddy”, “we”, “us”, or “our”), collects, uses, stores, discloses, and protects your personal information when you use the BatchBuddy software-as-a-service platform and any related websites, applications, and services (the “Service”).
We are committed to protecting your privacy and complying with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the Privacy and Other Legislation Amendment Act 2024. By using the Service, you consent to the collection and use of your information as described in this Policy.
1. Information We Collect
1.1 Information you provide directly
- Account information: name, email address, password (hashed), timezone, unit preferences, and profile details.
- Organisation information: organisation name, members, roles, and team structure.
- Business data: recipes, batches, ingredients, equipment, suppliers, lot numbers, control point measurements, production notes, and other food production records you create or upload.
- Billing information: billing address and tax information (collected by our payment processor — see Section 4).
- Support communications:messages, screenshots, and information you send when contacting support. When you click the “Let us know what breaks” link in the open-beta banner, your mail client opens pre-populated with the page URL you were on (origin and path only — no query string or URL fragment), your browser and operating system family, screen dimensions, timezone, and local time. You see this content in your mail composer before sending and can edit or remove it; nothing is sent unless you send the email.
1.2 Information collected automatically
- Usage data: pages visited, features used, time spent in the Service, referring URLs, and approximate location (derived from IP address).
- Device and connection data: IP address (hashed for privacy), browser type, operating system, device identifiers, and user agent string.
- Session data: session tokens (hashed with SHA-256), login timestamps, last activity time, and authentication state.
- Performance and error data: Core Web Vitals, page load times, error messages, stack traces, and request correlation IDs.
1.3 Information we do not collect
- We do not collect raw payment card details. Card data is handled directly by our payment processor (Paddle), which is PCI DSS compliant.
- We do not collect health, biometric, racial, religious, or other sensitive personal information.
- We do not sell personal information to third parties.
2. How We Use Your Information
We collect and use personal information for the following purposes:
- Providing the Service: creating and managing your account, processing your business data, delivering core features, and supporting AI-assisted features.
- Billing and accounts: processing subscription payments, sending invoices, and handling billing enquiries.
- Communications: sending transactional emails (account verification, password resets, billing notifications, support responses, and incident communications) and, where you have not opted out, product and lifecycle communications (onboarding tips, feature announcements, beta-program updates). You can unsubscribe from non-transactional emails at any time via the unsubscribe link in any such message; you will continue to receive transactional emails while your account is active.
- Support: responding to your enquiries and troubleshooting issues you report.
- Security and fraud prevention: detecting and preventing unauthorised access, abuse, and misuse.
- Service improvement: analysing usage patterns to improve features, performance, and reliability (using aggregated, de-identified data where possible).
- Legal and compliance: complying with legal obligations, responding to lawful requests, and enforcing our Terms of Service.
3. Legal Basis for Processing
Under the Australian Privacy Principles, we collect and use personal information where:
- You have consented (e.g., when you create an account or opt in to optional features);
- It is reasonably necessary to provide the Service you requested;
- We have legitimate business interests (e.g., security, fraud prevention, service improvement); or
- We are legally required to (e.g., tax records, lawful requests from authorities).
4. Third-Party Processors and Cross-Border Transfers
We use a number of third-party service providers to operate the Service. Where a provider processes personal information on our behalf, we have arrangements in place to require them to handle that information in accordance with our obligations under the Australian Privacy Principles. The table below lists our current third-party processors and their data processing jurisdictions:
4.1 Infrastructure and platform providers
| Provider | Purpose | Jurisdiction |
|---|---|---|
| Convex | Application database, real-time backend, file storage | United States |
| Cloudflare | Website hosting, CDN, DDoS protection | Global edge (data routed via nearest region) |
| WorkOS (AuthKit) | Authentication, user identity, session management | United States |
| Supabase | Object storage for uploaded files (e.g., photos) | United States |
| Paddle | Payment processing, tax calculation, invoicing (Merchant of Record) | United Kingdom |
| Loops | Transactional and lifecycle email delivery | United States |
4.2 Monitoring and analytics
| Provider | Purpose | Jurisdiction |
|---|---|---|
| Sentry | Error tracking and performance monitoring | European Union (Germany) |
| Axiom | Application logging and observability | United States |
| PostHog | Website analytics (cookieless, anonymous) and product analytics (consent-based, stored in browser local storage) | European Union |
How we use PostHog differs between our marketing website and our application:
- On our marketing website (batchbuddy.io): We use PostHog in cookieless mode. No cookies, local storage or other persistent identifiers are set. We track anonymous, aggregated information about page views, call-to-action clicks, scroll depth, and outbound link clicks so we can improve the site and measure the effectiveness of our marketing. Because nothing is stored on your device, no consent banner is required under Australian or EU law. We honour the browser Do Not Track header.
- In our application ( app.batchbuddy.io): We use PostHog with browser local storage to understand how customers use the product so we can improve it. This mode is only activated after you give explicit consent via the cookie banner on your first visit. You can decline and still use every feature of the application. You can change your consent at any time from Account Settings → Privacy.
4.3 AI providers
AI-assisted features use third-party large language model (LLM) providers, accessed through OpenRouter, our API gateway. Customer data is sent to LLM providers only when you explicitly initiate an AI interaction, and only the specific data the AI needs for that request. Customer data is not used to train AI models.
| Provider | Purpose | Jurisdiction |
|---|---|---|
| OpenRouter | API gateway routing requests to LLM providers | United States |
| Anthropic | Claude language models (Haiku, Sonnet, Opus) | United States |
| Gemini language models | United States / global Google Cloud | |
| OpenAI | GPT language models | United States |
| NVIDIA | Nemotron language model (free default) | United States |
| DeepSeek | DeepSeek language model (disabled by default; opt-in only) | People's Republic of China |
DeepSeek is disabled by default for all organisations. Organisation administrators may opt in to enable DeepSeek, but only after acknowledging that data sent to DeepSeek will be processed in the People's Republic of China.
4.4 Cross-border data transfers (APP 8)
As shown in the tables above, several of our third-party processors are located outside Australia. By using the Service, you consent to your personal information being disclosed to these overseas recipients for the purposes described in this Policy.
Where information is transferred overseas, we take reasonable steps to ensure that recipients handle it consistently with the Australian Privacy Principles. These steps include written agreements with our processors, vetting of their security and privacy practices, and use of commercial API tiers that contractually exclude training on customer data for AI providers.
Under Australian Privacy Principle 8.1, you should be aware that once your information is disclosed to an overseas recipient, we may have limited practical ability to enforce Australian privacy law against that recipient.
5. Data Retention
We retain personal information only for as long as necessary to provide the Service and to meet legal, regulatory, accounting, and reporting obligations. Different categories of data are retained for different periods:
| Category | Retention period | Reason |
|---|---|---|
| Batch production records, control point measurements, recipes | 7 years | Australian food safety standards (Standard 3.2.1 audit retention is 4 years; tax law is 5 years; we apply 7 years to provide a safety margin) |
| Billing and tax records | 7 years | Australian tax law minimum (5 years) plus margin |
| AI conversation logs | 3 years | Support and audit purposes |
| Audit trail fields (createdBy, updatedBy) | Matches the parent record | Integral to compliance evidence |
| Account data after deletion request | 30 days, then deleted | Allows account recovery during the grace period |
| Server logs and error data | 30–90 days | Security monitoring and debugging |
Soft-deleted records are retained in our database (in a recoverable state) until the retention period expires, then permanently deleted.
6. Your Rights
Under the Australian Privacy Principles and other applicable laws, you have the right to:
- Access the personal information we hold about you. You can export most of your data directly from your account settings.
- Correct any inaccurate or outdated information.
- Request deletion of your account and associated personal information, subject to our retention obligations under food safety law and other applicable laws.
- Withdraw consent for optional data processing (e.g., analytics).
- Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au if you believe we have mishandled your personal information.
To exercise any of these rights, contact us at support@batchbuddy.io. We will respond to most requests within 30 days.
7. Data Security
We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. Our security measures include:
- TLS encryption in transit (HTTPS) with HSTS preload;
- Encryption at rest for all stored data;
- Strong authentication via WorkOS (including support for password complexity, session invalidation, and multi-factor authentication);
- Role-based access control with fine-grained permissions across six user roles;
- Organisation-scoped data isolation (multi-tenant boundaries enforced at the database query level);
- Comprehensive security headers (Content Security Policy, X-Frame-Options, Referrer-Policy, etc.);
- Rate limiting on authentication and high-risk endpoints;
- Continuous dependency vulnerability scanning and secret scanning in our development pipeline;
- Audit logging of security-relevant events; and
- Regular backups with documented disaster recovery procedures.
While we work to protect your information, no online service is 100% secure. You are responsible for keeping your account credentials confidential and notifying us of any suspected unauthorised access.
8. Data Breach Notification
We comply with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988. If we become aware of an eligible data breach involving your personal information that is likely to result in serious harm, we will:
- Notify the Office of the Australian Information Commissioner (OAIC) within 72 hours of becoming aware of the breach, in accordance with the tightened notification requirements introduced by the Privacy and Other Legislation Amendment Act 2024;
- Notify affected individuals as soon as practicable;
- Provide information about the nature of the breach, the kinds of information involved, and steps you can take in response.
9. Cookies and Analytics
We use cookies and similar technologies for authentication, session management, and analytics. We take a different approach on the marketing website and inside the application so that the marketing site does not require a consent banner.
- Essential cookies (application only): required for login, session continuity, and CSRF protection. Set by our authentication provider (WorkOS) when you sign in. These cannot be disabled — without them, you cannot use the Service.
- Marketing-site analytics (cookieless): on batchbuddy.io we run PostHog in cookieless mode. No cookies, local storage, or session storage are written. We collect anonymous, aggregated information (page views, CTA clicks, scroll depth, UTM parameters, outbound links) to understand how people discover us and improve the site. Because nothing is stored on your device, this does not require your consent under Australian or EU law. We honour the Do Not Track header.
- Application analytics (consent-based): inside app.batchbuddy.io we use PostHog with browser local storage to measure product usage. This is only activated after you explicitly accept the cookie banner on your first visit. You can decline and still use every feature of the Service. You can change your consent at any time from Account Settings → Privacy. We honour the Do Not Track header regardless of your banner choice.
10. Children
The Service is not directed to children under 18 and we do not knowingly collect personal information from anyone under 18. If you believe a child has provided information to us, please contact us and we will delete it.
11. Changes to this Policy
We may update this Privacy Policy from time to time. Material changes will be communicated by email and/or by an in-app notice at least 30 days before they take effect. The “Last updated” date at the top of this page indicates the most recent revision.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our handling of personal information, contact us at support@batchbuddy.io.
The Little Tamar Dairy Company Pty Ltd
Trading as BatchBuddy
ABN: 57 624 539 699
If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner at oaic.gov.au.