This Privacy Policy explains how IntelliPaaS collects, uses, stores, and protects personal data. Our goal is to ensure transparency in our data practices while complying with global privacy regulations. By outlining our commitments, we aim to help users understand their rights and how their data is handled when interacting with IntelliPaaS.

IntelliPaaS is a technology company operating under Global Market Expansions Pty Ltd, providing integration and automation solutions. This policy covers IntelliPaaS and its affiliated entities responsible for processing personal data.

This policy applies to:

• Visitors to IntelliPaaS websites displaying or linking to this Privacy Policy.
• Individuals engaging with IntelliPaaS through emails, phone calls, or other communications.
• Participants in IntelliPaaS community forums, social media pages, webinars, or events.
• Visitors to IntelliPaaS offices or attendees of training sessions.
  
• Employees of IntelliPaaS customers whose information is shared with us.

This policy does not apply to customer data processed through the IntelliPaaS platform, where we act as a data processor on behalf of our customers. In such cases, the customer’s privacy policy governs the handling of personal data.

Key Terms

• Personal Data – Any information relating to an identified or identifiable individual, including but not limited to name, email address, phone number, IP address, and other identifiers.
• Controller – IntelliPaaS, when determining the purposes and means of processing personal data.
• Processor – IntelliPaaS, when processing personal data on behalf of a customer under their instructions.
• Data Subject – The individual whose personal data is collected, processed, or stored.
  
• Third-Party Sharing – The transfer or disclosure of personal data to external organisations, such as service providers, business partners, or regulatory authorities, in compliance with legal requirements and contractual obligations.
• Consent – The explicit, informed, and voluntary agreement by a data subject to the processing of their personal data for a specified purpose.
• Legitimate Interest – A lawful basis for processing personal data where IntelliPaaS has a business or security-related reason that does not override the rights of the data subject.
• Data Retention – The period for which personal data is stored before deletion, based on legal, operational, or regulatory requirements.
• Anonymisation – The process of irreversibly altering personal data so that individuals cannot be identified.
• Pseudonymisation – The processing of personal data in such a way that it cannot be attributed to a specific data subject without additional information, which is kept separate to maintain security.
• Cookies – Small text files stored on a user's device to track website activity, preferences, and analytics.
• Data Breach – A security incident leading to the accidental or unlawful destruction, loss, alteration, or unauthorised disclosure of or access to personal data.

This Privacy Policy governs how IntelliPaaS collects, processes, stores, and protects personal data when individuals interact with our websites, services, and communications. It applies to personal data collected from:

• Visitors to IntelliPaaS websites displaying or linking to this Privacy Policy.
• Users engaging with IntelliPaaS through emails, phone calls, or other direct communications.
• Participants in IntelliPaaS webinars, community forums, social media pages, or events.
• Visitors to IntelliPaaS offices or attendees of in-person training sessions.
  
• Employees of customers whose personal data is shared with IntelliPaaS in its role as a data controller.

This Privacy Policy does not apply to:

• Customer Data Processed on Our Platform – IntelliPaaS acts as a data processor when processing customer data within its platform. In such cases, the customer (data controller) determines how the data is handled, and their privacy policies apply.
• Third-Party Services and Integrations – Our platform may link to third-party services, applications, or websites. IntelliPaaS is not responsible for their privacy practices, and users should review those services’ privacy policies separately.
• Employee and Contractor Data – This policy does not cover data collected in the context of IntelliPaaS employment or contractor relationships, which are governed by separate internal policies.

Under the General Data Protection Regulation (GDPR), IntelliPaaS processes personal data based on the following legal grounds:

• Consent – When users provide explicit consent for specific processing activities, such as marketing communications. Users can withdraw consent at any time.
• Contractual Necessity – When processing is required to fulfil a contract, such as providing access to IntelliPaaS services or responding to customer inquiries.
• Legitimate Interest – When processing is necessary for IntelliPaaS' business operations, provided it does not override individuals’ rights (e.g., security, fraud prevention, internal analytics).
• Legal Obligation – When processing is required to comply with regulatory, tax, or other legal requirements.
  
• Vital Interests – When processing is necessary to protect an individual’s life or safety.

IntelliPaaS complies with data protection laws in various jurisdictions, including:

• California Consumer Privacy Act (CCPA) – Users in California have rights related to access, deletion, and opting out of personal data sales. IntelliPaaS does not sell personal data.
• Australian Privacy Act 1988 – IntelliPaaS ensures transparency, access rights, and security measures in accordance with Australian privacy principles.
• Other Regional Regulations – IntelliPaaS follows applicable laws in regions where it operates, ensuring compliance with local data protection and consumer rights frameworks.

Users may withdraw consent at any time by:

• Adjusting their preferences in account settings (where applicable).
• Clicking the "unsubscribe" link in marketing emails.
• Submitting a request via privacy@intellipaas.io.
• Using opt-out tools for cookies and tracking technologies, as detailed in the Cookies & Tracking section.

Withdrawal of consent does not affect the lawfulness of processing conducted before the withdrawal.

IntelliPaaS collects personal data provided by users through:

• Website Forms & Registrations – When users request information, sign up for events, or create an account.
• Support Requests – When users contact IntelliPaaS for technical assistance or customer service.
• Trial & Subscription Services – When users register for a free trial or subscribe to IntelliPaaS products.
• Community Participation – When users engage in IntelliPaaS forums, webinars, or training sessions.

This data may include:

• Name
• Email address
• Phone number
• Job title & company name
• Billing & payment details (for purchases)
• User credentials (for account access)

When users interact with IntelliPaaS websites and services, we may automatically collect:

• Cookies & Tracking Data – Browsing activity, preferences, and analytics data (subject to consent).
• Log Files – IP addresses, access timestamps, and session activity for security and diagnostics.
• Device Identifiers – Browser type, operating system, and geolocation (when enabled).
• Usage Data – Clickstream behavior, referring pages, and interaction with IntelliPaaS services.

Users can manage cookie settings and tracking preferences through their browser or IntelliPaaS' consent management tools.

IntelliPaaS may receive personal data from external sources, including:

• Business Partners – Shared customer data when integrating with third-party platforms.
• Marketing & Advertising Providers – Contact details from opt-in lead generation campaigns.
• Public Databases & Social Media – Business contact information for outreach and engagement.

Third-party data collection adheres to privacy laws, and users can opt out of marketing communications at any time.

IntelliPaaS processes personal data to:

• Provide access to IntelliPaaS products, services, and integrations.
• Respond to inquiries, technical support requests, and troubleshooting issues.
• Manage user accounts, subscriptions, and billing.
• Deliver training, webinars, and other user engagement activities.

With user consent, IntelliPaaS may use personal data to:

• Send newsletters, promotional offers, and event invitations.
• Provide product updates, feature announcements, and educational content.
• Conduct surveys and collect feedback for service improvements.

Users can manage marketing preferences or opt out at any time through:

• The unsubscribe link in emails.
• Account settings (where applicable).
• A request to privacy@intellipaas.io.

IntelliPaaS uses personal data to:

• Monitor and secure its platform, services, and infrastructure.
• Detect and prevent fraud, abuse, and unauthorised access.
• Comply with legal obligations, regulatory requirements, and law enforcement requests.

If IntelliPaaS employs artificial intelligence or automated decision-making, it will be used for:

• Enhancing data processing efficiency and customer support responses.
• Improving product recommendations and user experience.
• Detecting suspicious activity or security threats.

Users will be informed when AI-driven decisions significantly affect them and may request manual review where required by law.

IntelliPaaS retains personal data only for as long as necessary to fulfill its intended purpose, comply with legal obligations, or resolve disputes. Retention periods vary based on data type:

• User Account Data – Stored for the duration of the account's active status and deleted upon user request.
• Support & Service Requests – Retained for up to X years for auditing and service improvement.
• Marketing & Communication Data – Stored until users opt out or request deletion.
• Billing & Transaction Data – Retained for X years to comply with financial and tax regulations.
• Security & Compliance Logs – Kept for X months/years for fraud detection and legal compliance.

Users may request data deletion where legally permitted by contacting privacy@intellipaas.io.

IntelliPaaS implements industry-standard security measures to protect personal data, including:

• Encryption – Data encrypted in transit (TLS) and at rest (AES-256).
• Access Controls – Role-based access, multi-factor authentication (MFA), and strict authorisation policies.
• Network Security – Firewalls, intrusion detection systems, and regular vulnerability assessments.
• Compliance Certifications – IntelliPaaS aligns with security frameworks such as:
  - ISO 27001 (Information Security Management)
  - SOC 2 (Service Organisation Controls for Data Protection)
  - GDPR & CCPA (Regional privacy compliance)
  

Data Breach Notification Process

In the event of a data breach, IntelliPaaS follows a structured response plan:

• Incident Detection & Assessment – Identify and contain the breach.
• Internal Investigation – Assess the scope, impact, and affected data.
• Regulatory Compliance – Notify relevant authorities within legally mandated timeframes (e.g., 72 hours under GDPR).
• User Notification – Affected users will be informed if the breach poses a risk to their data.
  
• Remediation & Prevention – Implement corrective actions and enhance security protocols.
  

For security-related concerns, users can contact security@intellipaas.io.

IntelliPaaS may share personal data with trusted third parties under strict contractual and security obligations. These recipients include:

• Cloud Service Providers – Secure data storage, hosting, and infrastructure (e.g., AWS, Azure, Google Cloud).
• Analytics & Marketing Partners – Platforms that help improve services, measure engagement, and personalise communications (e.g., Google Analytics, HubSpot).
• Customer Relationship Management (CRM) Tools – Systems used for customer support, engagement, and account management (e.g., Salesforce, Zendesk).
• Payment & Billing Providers – Secure processing of transactions and invoicing (e.g., Stripe, PayPal).
  
• Regulatory & Legal Authorities – Where required by law or to comply with regulatory investigations.
  

IntelliPaaS does not sell personal data to third parties.

Data Transfer Mechanisms

For international data transfers, IntelliPaaS ensures compliance with applicable laws, including:

• Standard Contractual Clauses (SCCs) – Legally binding clauses for data transfers outside the EU/EEA.
• Binding Corporate Rules (BCRs) – Internal policies for global data protection within IntelliPaaS' corporate structure.
• Data Privacy Frameworks – Compliance with regional frameworks such as GDPR, UK GDPR, CCPA, and Australian Privacy Act.

When transferring data to countries with differing privacy regulations, IntelliPaaS implements additional safeguards such as encryption and access controls.

Users can manage and limit third-party data sharing through:

• Privacy Settings – Adjusting sharing preferences in account settings (where applicable).
• Cookie & Tracking Preferences – Using consent management tools to opt out of tracking technologies.
• Data Access Requests – Requesting a report on how personal data is shared with third parties via privacy@intellipaas.io.
• Opt-Out Mechanisms – Unsubscribing from marketing communications or disabling non-essential third-party tracking.
  

Users who wish to restrict international data transfers can contact IntelliPaaS to review available options for data localisation and alternative processing methods.

9. Your Rights & How to Exercise Them

GDPR Rights (European Union & UK Users)

Users in the EU/EEA and UK have the following rights under the General Data Protection Regulation (GDPR) and UK GDPR:

• Right to Access – Request a copy of the personal data IntelliPaaS holds about you.
• Right to Rectification – Correct inaccurate or incomplete personal data.
• Right to Erasure ("Right to be Forgotten") – Request deletion of your data where legally applicable.
• Right to Restrict Processing – Limit how IntelliPaaS processes your data in specific circumstances.
• Right to Data Portability – Receive your data in a structured format or transfer it to another service provider.
• Right to Object – Object to processing for marketing or legitimate interest purposes.
• Right to Withdraw Consent – Revoke consent for processing activities based on prior consent.

CCPA Rights (California Users)

Users in California have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know – Request details on the categories of data collected, shared, or sold.
• Right to Access – Obtain a copy of the personal data IntelliPaaS holds about you.
• Right to Deletion – Request deletion of personal data, subject to legal and business exemptions.
• Right to Opt-Out of Sale or Sharing – IntelliPaaS does not sell personal data, but users can opt out of certain data sharing for advertising purposes.
• Right to Correct Inaccurate Information – Request correction of any incorrect data.
• Right to Non-Discrimination – IntelliPaaS will not deny services or impose penalties for exercising privacy rights.

Other Global Privacy Rights

IntelliPaaS complies with additional privacy regulations in jurisdictions where it operates, including:

• Australia (Australian Privacy Act 1988) – Rights to access, correct, and opt out of direct marketing.
• Canada (PIPEDA) – Right to access, correct, and withdraw consent.
• Brazil (LGPD) – Similar rights to GDPR, including data access and deletion.

Users should refer to their local data protection authorities for specific rights applicable in their region.

Self-Service Mechanisms & Contact for Requests

Users can manage their privacy preferences through:

• Account Settings – Where applicable, users can access, update, or delete their data directly.
• Privacy Request Portal – Submit requests via the IntelliPaaS website (if available).
• Email Requests – Contact privacy@intellipaas.io for assistance with data access, corrections, or deletions.

IntelliPaaS will respond to verified requests within the legally required timeframes (30 days under GDPR, 45 days under CCPA) and may request identity verification before processing.

IntelliPaaS may disclose personal data when required to do so by law, including:

• Regulatory Compliance – Responding to legal requests from government agencies, courts, or regulatory bodies.
• Law Enforcement Requests – Providing data in compliance with subpoenas, court orders, or other legal obligations.
• Fraud Prevention & Security – Disclosing data to detect, investigate, and prevent fraud, cyber threats, or unlawful activities.
• Protection of Rights – Sharing data to protect the rights, safety, or property of IntelliPaaS, its users, or third parties.
  

Where legally permitted, IntelliPaaS will notify affected users before disclosing their data unless prohibited by law or regulatory requirements.

Business Mergers, Acquisitions & Restructuring

In the event of a corporate transaction, IntelliPaaS may transfer personal data as part of its business assets, including:

• Mergers & Acquisitions – If IntelliPaaS is acquired, merged, or consolidated with another company, personal data may be transferred to the new entity.
• Restructuring & Divestitures – If IntelliPaaS sells or transfers part of its business, relevant personal data may be shared with the acquiring party.
• Bankruptcy or Liquidation – In cases of insolvency or similar proceedings, personal data may be transferred to creditors or legal successors.

In such scenarios, IntelliPaaS will ensure that data protection commitments remain in place and provide users with notice of any changes affecting their personal data. Users will have the option to exercise their rights or request deletion before data is transferred under a new ownership structure.

11. Cookies & Tracking Technologies

Types of Cookies Used

IntelliPaaS uses cookies and similar tracking technologies to enhance user experience, improve website functionality, and support marketing efforts. These include:

• Essential Cookies – Necessary for website functionality, security, and authentication (e.g., session cookies, login authentication). Disabling these may affect core site functions.
• Functional Cookies – Enhance user experience by remembering preferences, such as language settings or past interactions with the website.
• Analytics & Performance Cookies – Collect anonymised data to measure website performance, user engagement, and technical diagnostics (e.g., Google Analytics, heatmaps).
• Marketing & Advertising Cookies – Track user interactions to deliver personalised ads and measure ad effectiveness. May be set by third-party advertising platforms (e.g., Meta, Google Ads).

How Users Can Manage Cookie Preferences

Users can control cookie settings through:

• Cookie Consent Banner – Upon first visit, users can accept, reject, or customise cookie preferences.
• Browser Settings – Most browsers allow users to block, delete, or limit cookie tracking via settings.
• Opt-Out Tools – Users can opt out of tracking and targeted advertising via industry-standard platforms such as:
  - Your Online Choices (EU)
  - Network Advertising Initiative (NAI)
  - Google Ads Settings
• Do Not Track (DNT) Requests – While IntelliPaaS respects DNT signals where technically feasible, some third-party services may still collect tracking data.

For more details or to modify cookie preferences, users can visit the Cookie Settings section on the IntelliPaaS website or contact privacy@intellipaas.io.

12. Policy Updates & Notifications

How & When We Update the Privacy Policy

IntelliPaaS reviews and updates this Privacy Policy periodically to reflect changes in legal requirements, industry standards, or company practices. Updates may occur due to:

• Changes in data protection laws (e.g., GDPR, CCPA, Australian Privacy Act).
• New features, products, or services affecting how personal data is processed.
• Security enhancements or modifications to third-party service providers.
• Adjustments to cookie usage or data retention policies.

All changes will be effective as of the “Last Updated” date listed at the top of this policy.IntelliPaaS will notify users of material changes through:

How Users Will Be Notified of Changes

IntelliPaaS will notify users of material changes through:

• Website Notice – A banner or pop-up notification on the IntelliPaaS website.
• Email Notification – Sent to registered users if updates significantly affect their rights.
• In-App Alerts – Where applicable, users may receive alerts within IntelliPaaS platforms.

If required by law, IntelliPaaS will request users to review and accept material changes before continuing to use services.

Version History for Transparency

A version history will be maintained, outlining key changes in:

• Privacy Policy updates and amendments.
• Changes to data collection, processing, or sharing practices.
• Modifications to user rights or consent mechanisms.

Users can access prior versions of this policy by requesting details via privacy@intellipaas.io.

13. How to Contact Us

Contact Details for Privacy Inquiries

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, you can contact IntelliPaaS at:

IntelliPaaS Privacy Team
Global Market Expansions Pty Ltd
Level 36, Gateway Building
1 Macquarie Place, Sydney, NSW, 2000
Email: privacy@intellipaas.io

Supervisory Authority Contact Information for Complaints

If you believe IntelliPaaS has not adequately addressed your privacy concerns, you have the right to file a complaint with the relevant data protection authority in your region:

• European Union (EU) – Contact your local Data Protection Authority (DPA) (List of DPAs).
• United Kingdom (UK) – Information Commissioner's Office (ICO): www.ico.org.uk
• Australia – Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au
• United States (California Residents) – California Privacy Protection Agency (CPPA): www.cppa.ca.gov

We encourage users to contact IntelliPaaS first to resolve any privacy concerns before reaching out to regulatory authorities.

Date of Last Revision: 27 February 2025