We're committed to protecting your financial data with bank-level security and complete transparency about how we handle your information.
December 15, 2024
We may update this privacy policy from time to time. We'll notify you of any significant changes via email or through our platform.
We collect transaction data from your connected bank accounts and credit cards through secure, read-only connections. This includes transaction amounts, dates, merchant names, and categories. We do not store your banking credentials or have the ability to move money from your accounts.
We collect basic personal information including your name, email address, phone number, and tax file number (TFN) when provided. This information is used to create your account and generate tax-compliant reports.
We automatically collect information about how you use our service, including pages visited, features used, and time spent on the platform. This helps us improve our service and provide better support.
We collect information about the devices you use to access moulai, including IP address, browser type, operating system, and device identifiers. This information is used for security and fraud prevention.
Our AI analyzes your transaction data to identify potential tax deductions based on Australian Tax Office guidelines and your industry classification. This is the core function of our service.
We use your information to generate detailed, ATO-compliant tax deduction reports that you can use for your tax return or provide to your accountant.
We use aggregated, anonymized data to improve our AI algorithms, add new features, and enhance the accuracy of our deduction detection.
We use your information to provide customer support, respond to inquiries, and troubleshoot technical issues with your account.
We may use your information to comply with legal obligations, respond to lawful requests from authorities, and protect our rights and the rights of our users.
We never sell, rent, or trade your personal or financial information to third parties for marketing purposes. Your data is not a product we monetize.
We may share your information with trusted service providers who help us operate our platform, such as cloud hosting providers, payment processors, and customer support tools. These providers are bound by strict confidentiality agreements.
We may disclose your information if required by law, court order, or government request, or to protect the safety and security of our users and platform.
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, subject to the same privacy protections.
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Your financial data is stored in encrypted Australian data centers with multiple layers of security.
We implement strict access controls, ensuring only authorized personnel can access your data on a need-to-know basis. All access is logged and monitored.
We conduct regular security audits and penetration testing to identify and address potential vulnerabilities. We are SOC 2 Type II compliant.
We have comprehensive incident response procedures in place. In the unlikely event of a data breach, we will notify affected users and relevant authorities as required by law.
You have the right to access your personal information and request a copy of your data in a portable format. You can download your data through your account settings.
You can update your personal information at any time through your account settings. If you notice any inaccuracies, please contact us to have them corrected.
You can request deletion of your account and associated data at any time. We will delete your information within 30 days, except where we are required to retain it by law.
You can opt out of non-essential communications and data processing activities. However, some data processing is necessary for the core functionality of our service.
We retain your data for as long as your account is active and you continue to use our service. This allows us to provide ongoing tax deduction analysis and maintain your historical records.
If your account becomes inactive for more than 2 years, we may delete your data after providing 30 days notice. You can reactivate your account at any time before deletion.
We may retain certain information for longer periods if required by law, such as for tax compliance or regulatory requirements. This typically applies to financial records and transaction data.
We may retain aggregated, anonymized data indefinitely for research and service improvement purposes. This data cannot be used to identify individual users.
If you have any questions about this privacy policy or how we handle your data, we're here to help.