Privacy policy
What data AuditHQ collects, how it is used, who it is shared with, your rights, retention periods, and how to contact us. Compliant with GDPR, CCPA, and the Australian Privacy Act.
Data rights and DSAR pathway
You have the right to access, correction, erasure, restriction, portability, and objection over your personal data, depending on your location. To exercise your rights, email hello@audithq.com.au to file a Data Subject Access Request (DSAR) or data deletion request, subject to identity verification and legal retention requirements. Data subject rights requests are answered as soon as reasonably practical.
Lawful basis for processing
AuditHQ processes personal data under GDPR Article 6 lawful bases: contract necessity for account, audit, and billing data needed to deliver the service; consent for marketing emails and optional communications; legal obligation for tax and accounting records; and legitimate interests for service security, fraud prevention, and product improvement, balanced against your rights.
AI processing disclosure
AI providers may process submitted URLs, extracted public page content, technical signals, and audit context to generate report language. AuditHQ does not intentionally send card data, passwords, or private credentials to AI providers. Transparency disclosures aligned with the EU AI Act (Article 50) are published in the AuditHQ AI Policy: AI-assisted report language is always labelled and grounded in deterministic check evidence.
Jurisdiction coverage
AuditHQ identifies privacy themes relevant to the Australia Privacy Act, GDPR, UK GDPR, CCPA/CPRA, and other regional privacy laws where applicable. The policy is not legal advice, but it gives users a clear route to ask privacy questions or exercise rights.
Data retention and deletion
We retain account, audit, and report data while your account is active or as needed to provide the service, meet legal obligations, resolve disputes, and maintain business records. The data retention period for billing and support records may be longer where accounting, tax, or fraud-prevention rules require it. You can ask us to delete your data at any time: email a data deletion request to hello@audithq.com.au and we will erase it, subject to lawful retention limits.
Complaints and regulator pathway
Users should raise privacy complaints with AuditHQ first so they can be reviewed and answered. Australian users may contact the OAIC (Office of the Australian Information Commissioner, oaic.gov.au) if a complaint is not resolved; EU and UK users may contact their local data protection authority.
Children and sensitive data
AuditHQ is a business tool, is not directed at children under 13, and does not knowingly collect children's personal information; if you believe a child has provided personal data, contact us and we will delete it. Users should not submit passwords, payment card details, private credentials, sensitive personal data, or private website content for scanning.