Privacy Policy
Last Updated: 15 January 2025
At noralithven, we understand that trust forms the foundation of effective financial statement analysis. When you share your financial data with us, you're placing significant confidence in our ability to protect it. This privacy policy explains exactly how we collect, store, and safeguard your information in accordance with Australian privacy legislation.
We operate under the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), which govern how Australian organisations handle personal information. Our commitment goes beyond mere compliance—we've built our entire data handling framework around protecting your privacy while delivering the analytical insights you need.
1. Information We Collect
The nature of financial statement analysis means we work with sensitive business information. We're transparent about what we collect and why we need it.
Personal Identification Information
When you engage our services, we collect basic contact details: your name, business email address, phone number, and company details. This information helps us communicate effectively about your analysis requirements and deliver results directly to you.
Financial Data
The core of what we do involves analysing financial statements, which means you'll provide us with balance sheets, income statements, cash flow statements, and related financial documents. We also collect contextual information about your business operations that helps us provide more accurate analysis.
Technical Information
Our website collects standard technical data: IP addresses, browser types, device information, and how you interact with our platform. This helps us maintain security and improve your experience when accessing our services.
2. How We Use Your Information
Every piece of information we collect serves a specific purpose related to delivering quality financial analysis services. We don't believe in collecting data "just in case"—if we ask for it, we use it.
- Conducting thorough financial statement analysis and generating reports tailored to your business needs
- Communicating with you about your analysis, answering questions, and providing ongoing support
- Processing payments securely and maintaining accurate billing records
- Improving our analytical methods and service delivery based on aggregated, de-identified data
- Meeting our legal obligations under Australian financial services regulations
- Protecting against fraudulent activity and maintaining the security of our systems
We never sell your financial data to third parties. Your business information remains confidential and is used solely for the purposes you've authorised. This isn't just our policy—it's a fundamental principle of how we operate.
3. Data Storage and Security
Financial information demands the highest security standards. Our infrastructure reflects this reality.
Where We Store Data
All client data is stored on secure servers located within Australia. This means your information remains subject to Australian privacy laws and isn't transferred offshore without your explicit consent. We've chosen Australian data centres specifically to provide this protection.
How We Protect It
We employ bank-grade encryption for data transmission and storage. Access to financial information is restricted to authorised personnel who need it to complete your analysis. Our systems undergo regular security audits, and we maintain comprehensive backup procedures.
| Security Measure | Implementation |
|---|---|
| Data Encryption | AES-256 encryption for stored data, TLS 1.3 for transmission |
| Access Control | Multi-factor authentication and role-based permissions |
| Network Security | Firewall protection, intrusion detection systems, regular penetration testing |
| Physical Security | Australian data centres with 24/7 monitoring and controlled access |
| Backup Systems | Daily encrypted backups with geographic redundancy |
4. Sharing Your Information
We limit data sharing to what's necessary for service delivery. When we do share information, it's done carefully and with appropriate safeguards.
Service Providers
Some aspects of our service rely on trusted third-party providers—payment processors, cloud infrastructure providers, and email services. These partners are bound by strict confidentiality agreements and can only use your data for the specific services they provide to us. We vet all service providers carefully before engaging them.
Legal Requirements
Australian law occasionally requires us to disclose information to government agencies or regulatory bodies. We'll only do this when legally obligated and will inform you unless prohibited by law. We keep detailed records of any such disclosures.
Business Transitions
If noralithven is acquired or merged with another company, your information may transfer to the new entity. We'll notify you before any such transfer and ensure the new owner maintains the same privacy protections outlined here.
5. Your Rights Under Australian Privacy Law
The Australian Privacy Principles give you specific rights regarding your personal information. We've designed our processes to make exercising these rights straightforward.
Right to Access: You can request a copy of all personal information we hold about you. We'll provide this within 30 days of your request, free of charge for the first request each year.
Right to Correction: If any information we hold is inaccurate or outdated, you can ask us to correct it. We'll update our records promptly and notify any third parties who received the incorrect information.
Right to Deletion: You can request deletion of your personal information, subject to our legal obligations to retain certain records. We'll explain any limitations before proceeding with deletion.
To exercise any of these rights, contact our privacy team using the details at the bottom of this page. We'll verify your identity before processing requests to protect your information from unauthorised access.
6. Data Retention
We don't keep your information indefinitely. Our retention periods balance your privacy interests with legitimate business needs and legal requirements.
- Active client financial data: Retained while you remain a client, plus seven years after the relationship ends (as required by Australian taxation law)
- Communication records: Kept for three years after the last interaction
- Marketing communications: Retained until you unsubscribe or request deletion
- Website analytics: Aggregated and anonymised after 26 months
- Payment information: Retained for seven years in compliance with financial regulations
When retention periods expire, we securely delete or anonymise your information. Deletion is permanent and irreversible, ensuring your data doesn't remain in our systems longer than necessary.
7. International Data Transfers
Our default practice is to keep all Australian client data within Australia. However, some situations may require international transfers—for instance, if you specifically request collaboration with overseas partners.
Before transferring any personal information outside Australia, we'll obtain your explicit consent and ensure the receiving country has privacy protections comparable to Australian standards. If adequate protections don't exist, we'll put contractual safeguards in place before any transfer occurs.
8. Cookies and Tracking Technologies
Our website uses cookies to improve functionality and understand how people use our services. We're upfront about what we track and why.
Essential Cookies
These keep the website functioning properly—remembering your login status, maintaining security, and processing your requests. You can't disable these without breaking core functionality.
Analytics Cookies
We use analytics to understand which pages people visit, how long they stay, and where they encounter problems. This data is anonymised and helps us improve the user experience. You can opt out of analytics tracking through your browser settings.
We don't use advertising cookies or sell your browsing data to third parties. Our analytics exist solely to improve our service.
9. Children's Privacy
Our services target businesses and professional users. We don't knowingly collect information from anyone under 18 years of age. If we discover we've inadvertently collected such information, we'll delete it immediately upon becoming aware.
10. Changes to This Policy
Privacy regulations evolve, and so do our practices. When we update this policy, we'll post the new version here with a revised date at the top. Significant changes will be communicated directly to active clients via email at least 30 days before taking effect.
We recommend reviewing this policy periodically to stay informed about how we protect your information. Continued use of our services after changes take effect indicates your acceptance of the updated terms.
11. Complaints and Disputes
If you believe we've mishandled your personal information or breached Australian privacy law, please contact us first. We take complaints seriously and investigate them thoroughly.
Our internal complaint process typically resolves issues within 30 days. If you're not satisfied with our response, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC). We'll provide you with their contact details and assist with this process if needed.
Contact Our Privacy Team
For privacy-related questions, access requests, or concerns, reach out to our dedicated privacy team:
Email: support@noralithven.com
Phone: +61 422 295 653
Mail: Privacy Officer, noralithven
Shop T192, Canberra Outlet Centre
337 Canberra Ave, Fyshwick ACT 2609
Australia
We respond to all privacy inquiries within five business days.