Privacy Policy

1. Compliance with Privacy Laws

Biz Playbooks is committed to protecting your privacy and ensuring the security of your personal information. We adhere to the following privacy regulations:

• Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)
• European Union General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)

Our privacy practices are designed to meet or exceed the requirements of these regulations, ensuring that your personal information is handled with the utmost care and respect.

2. Information We Collect

We collect and process the following categories of personal information:

• Personal identifiers (name, email address, contact information)
• Account credentials and authentication data
• Financial information (processed securely through Stripe)
• Usage data and behavioral analytics
• Communication preferences and interaction history

3. Legal Basis for Processing

Under GDPR and other applicable privacy laws, we process your personal information based on the following legal grounds:

• Performance of a contract when we provide you with our services
• Legitimate interests in operating and improving our business
• Compliance with legal obligations
• Your consent, where applicable

4. Information Sharing and Third-Party Processing

We maintain strict control over your personal information. Your data is only shared with:

• Stripe - for secure payment processing (PCI DSS compliant)
• Google Analytics - for website usage analysis (with appropriate safeguards)
• Vercel - for application hosting and deployment
• Supabase - for database and backend services
• Clerk - for authentication and user management
• SendGrid - for transactional and marketing email communications
• Slack - for customer support and community engagement
• Intercom - for customer support and engagement
• HubSpot - for customer relationship management and marketing automation
• Cloudflare - for content delivery and security services

These service providers are bound by contractual obligations to protect your data and comply with applicable privacy laws. Each service is carefully selected based on their security standards and privacy practices. We do not sell, rent, or trade your personal information to third parties.

5. Data Security and Protection

We implement comprehensive technical and organizational measures to protect your personal information, including:

• End-to-end encryption for data transmission
• Secure payment processing through PCI DSS compliant systems
• Regular security assessments and audits
• Access controls and authentication mechanisms
• Data minimization and retention policies

6. Your Privacy Rights

Under applicable privacy laws, you have the following rights:

• Right to access and receive a copy of your personal information
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent
• Right to opt out of automated decision-making
• Right to opt out of Google Analytics tracking

7. International Data Transfers

We may transfer your personal information to countries outside your jurisdiction. When we do so, we ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by relevant authorities
• Adequacy decisions by competent authorities
• Binding corporate rules where applicable

8. Policy Updates

We regularly review and update this privacy policy to ensure compliance with evolving privacy laws and best practices. Significant changes will be communicated through appropriate channels, and we will obtain your consent where required by law.

9. Contact Information

For any privacy-related inquiries, including exercising your rights or reporting concerns, please contact our Data Protection Officer at privacy@bizplaybooks.com. We will respond to your request within the timeframe required by applicable law.