Back to home
Legal

Privacy Policy

Effective 1 July 2026 · Version 1.0

1.About This Policy

Noble Unseen Limited is committed to protecting your privacy and handling personal information in accordance with the Privacy Act 2020 (NZ). This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and your rights.

2.What Information We Collect

Account information: full name, email address, organisation name and role, password (stored as a cryptographic hash). Usage information: log data, device information, feature usage patterns, error reports. Contract Data: document content, AI-extracted obligations, actions, risks, notes and annotations you create. Payment information: transaction records and billing information (we do not store card numbers). Communications: records of correspondence including support tickets.

3.How We Use Your Information

We use your personal information to provide the Services, improve the Platform, communicate with you about your account and service updates, and comply with our legal obligations. We do not use your information for advertising.

4.Data Storage and Sovereignty

Your Contract Data and account information is stored in Supabase database infrastructure located in Sydney, Australia (ap-southeast-2). All data is encrypted in transit using TLS 1.2 or higher and at rest using AES-256 encryption. We will migrate to a New Zealand-based region as soon as one becomes available if required by our customers.

5.Who We Share Your Information With

We do not sell your personal information. We share it only with the following sub-processors: Supabase Inc. (database and authentication, Sydney AU), Anthropic PBC (AI contract analysis, United States), Vercel Inc. (application hosting, global CDN), and Resend Inc. (transactional email, United States). When you use the AI contract review feature, the text content of your uploaded documents is sent to Anthropic's API for processing. Anthropic processes this data solely to provide the AI service and does not use it to train their models. If your organisation's security policy prohibits sending document content to US-based providers, you should not use the AI review feature.

6.Your Rights Under the Privacy Act 2020

You have the right to access, correct, and request deletion of your personal information. To exercise these rights contact: privacy@nobleunseen.com. If you believe we have breached the Privacy Act you may complain to the Office of the Privacy Commissioner at privacy.org.nz.

7.Data Retention

Contract Data is retained for the duration of your subscription plus 30 days after termination. Account information is retained for 90 days after account closure. Usage logs are retained for 12 months. Financial records are retained for 7 years as required by NZ law.

8.Contact

Privacy Officer: Noble Unseen Limited. Email: privacy@nobleunseen.com. Security concerns: security@nobleunseen.com.