Contents
- Introduction and Scope
- Who We Are
- Our Privacy Principles
- What Information We Collect
- How We Collect Information
- How We Use Your Information
- Legal Basis for Processing
- Data Sharing and Third Parties
- Marketing and Communications
- Data Retention
- Data Security
- Your Privacy Rights
- Cookies and Tracking Technologies
- International Users and Cross-Border Transfers
- Children's Privacy
- Policy Updates
- Contact and Complaints
1. Introduction and Scope
Valevant ("we", "our", or "us") is committed to protecting the privacy of everyone who interacts with our platform, website, and services. This Privacy Policy explains how we collect, use, store, disclose, and protect personal information in connection with the Valevant Engineering platform and any associated services (collectively, the "Services").
This policy applies to all visitors to our website, registered users of the platform, clients who engage us for engineering services, and individuals who contact us for training or support. It covers personal information we collect directly, through automated means, and through our service providers.
This policy is prepared in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained in Schedule 1 of that Act. Where we interact with individuals in the European Economic Area or United Kingdom, we also endeavour to comply with the General Data Protection Regulation (GDPR) and the UK GDPR as applicable.
2. Who We Are
Valevant is an unincorporated trading name operated by an individual based in Queensland, Australia. We develop and operate an engineering software platform providing industrial reliability analytics, mechanical simulation, and asset failure forecasting tools for professional engineering users and industrial organisations.
For the purposes of Australian privacy law, the operator of Valevant is the individual responsible for the personal information described in this policy. For GDPR purposes, the operator of Valevant acts as the data controller in respect of personal data processed in connection with the Services.
3. Our Privacy Principles
Our approach to privacy is grounded in the following commitments:
No Data Sale
We do not sell, rent, or trade your personal information to any third party, and we contractually prohibit our service providers from doing so.
Minimal Collection
We collect only what is necessary to operate and improve the Services. We do not collect government ID, full financial account details, or unnecessary sensitive information.
Transparent Use
We use your information for purposes you would reasonably expect given the nature of our Services, and we tell you when that changes.
Your Control
You have meaningful rights over your personal information, including access, correction, and deletion, which we will honour promptly.
4. What Information We Collect
4.1 Information You Provide Directly
- Account registration: Name, corporate email address, organisation name, job title, and password (stored in hashed form)
- Contact and inquiry forms: Name, email address, company, and the content of your message or inquiry
- Training registrations: Name, email address, organisation, and any professional background information you choose to share
- Platform usage: Engineering data and parameters you enter into simulators and analytics tools (see Section 4.3)
- Support and correspondence: Communications you send to us, including support requests and feedback
4.2 Information Collected Automatically
- Usage data: Pages visited, tools accessed, session duration, click interactions, and feature usage within the platform
- Device and browser data: IP address, browser type and version, operating system, device identifiers, screen resolution, and referring URL
- Log data: Server logs recording access times, errors, and performance metrics
- Cookies and similar technologies: See Section 13 for full details
4.3 Engineering Data Submitted to the Platform
When you use our simulators and analytics tools, you may submit technical data such as equipment specifications, operating parameters, failure records, and maintenance histories. This data is used solely to compute outputs and deliver the requested analysis. We treat any data you mark as confidential or that appears commercially sensitive with heightened care and do not use it for any purpose other than service delivery.
We strongly recommend that you anonymise or aggregate sensitive asset data before submission where this does not impair the analysis.
4.4 Information We Do Not Collect
Valevant does not collect or store:
- Full credit or debit card numbers (payment card data is handled directly by our payment processor, Stripe)
- Government-issued identification numbers
- Biometric data
- Sensitive personal information as defined under the Australian Privacy Act (such as health information or racial or ethnic origin) unless you volunteer it in correspondence and it is necessary to address your inquiry
5. How We Collect Information
We collect information through the following channels:
- Directly from you when you register, use the platform, submit a form, or contact us
- Automatically through cookies, analytics tools, and server logs when you browse the website or use the platform
- From third-party service providers (such as analytics platforms) that collect data on our behalf
- From payment processors in the form of transaction confirmations (not full card data)
6. How We Use Your Information
We use the personal information we collect for the following purposes:
6.1 Service Delivery
- Creating and managing your account
- Providing access to and operating the engineering platform and simulators
- Processing payments for subscriptions or services
- Delivering training and support
- Responding to inquiries, support requests, and feedback
6.2 Service Improvement
- Analysing usage patterns to improve platform features, interface design, and performance
- Debugging and resolving technical issues
- Conducting internal research to develop new tools and capabilities
6.3 Communications
- Sending transactional communications (account confirmations, receipts, service updates)
- Sending promotional communications about new features, training events, or services — only where you have opted in (see Section 9)
- Notifying you of changes to these policies or the platform
6.4 Legal and Compliance
- Complying with our legal obligations under Australian law and applicable regulations
- Enforcing our Terms and Conditions
- Detecting, investigating, and preventing fraud, security incidents, and breaches of export control or sanctions obligations
- Responding to lawful requests from regulatory and law enforcement authorities
7. Legal Basis for Processing
Under Australian privacy law, we are required to collect personal information only by lawful and fair means, and only where it is reasonably necessary for our functions and activities. We meet this requirement in respect of all processing described in this policy.
For individuals in the European Economic Area or United Kingdom, we rely on the following legal bases under the GDPR:
- Contract performance: Processing necessary to provide the Services you have requested (account management, platform access, service delivery)
- Legitimate interests: Processing for platform improvement, security monitoring, fraud prevention, and analytics — where our interests are not overridden by your rights
- Consent: Sending marketing communications where you have opted in; placing non-essential cookies
- Legal obligation: Processing required by applicable law, including export control and sanctions compliance
8. Data Sharing and Third Parties
We do not sell, rent, or trade your personal information. We share personal information only in the following limited circumstances:
| Third Party | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Name, email, billing details (card data is not received by Valevant) |
| Google Analytics | Website and platform usage analytics | Anonymised usage data, IP address (subject to IP masking) |
| Formspree | Contact form processing | Name, email, message content submitted via contact form |
| Cloud infrastructure providers | Hosting, storage, and compute services | Platform data as required for service delivery |
| Legal and regulatory authorities | Compliance with legal obligations | Information required by law or court order |
All third-party service providers are contractually bound to handle personal information in a manner consistent with this policy and applicable privacy laws. We permit them to use personal information only for the specified purpose and not for their own independent commercial purposes.
We may also disclose personal information if Valevant is involved in a merger, acquisition, or asset sale. In such events, we will provide notice and, where required by law, seek consent before transferring your personal information to a new entity.
9. Marketing and Communications
We will only send you promotional, newsletter, or update communications if you have explicitly opted in to receive them — for example, by ticking a consent box at registration, subscribing via our website, or requesting our training brochure.
Each marketing communication we send will include a clear and easy mechanism to unsubscribe. You may also opt out at any time by:
- Clicking the "unsubscribe" link in any marketing email
- Emailing us at [email protected] with the subject line "Unsubscribe"
Opting out of marketing communications will not affect your receipt of transactional messages required to deliver the Services (such as account notifications and receipts).
10. Data Retention
We retain personal information for as long as is necessary to fulfil the purposes for which it was collected, as outlined in this policy, or as required by law. Specific retention periods include:
- Account data: Retained for the duration of your account and for a reasonable period thereafter (typically 3 years) to handle any post-closure inquiries or disputes
- Transaction records: Retained for 7 years to meet Australian taxation and accounting obligations
- Usage and analytics data: Retained in anonymised or aggregated form for up to 26 months, in line with Google Analytics' default retention period
- Contact form submissions: Retained for up to 2 years or until your inquiry is resolved, whichever is later
- Engineering data submitted to tools: Retained only for the duration of the session or as required to deliver the analysis; not stored long-term unless explicitly agreed
When personal information is no longer required, we destroy or de-identify it in a secure manner.
11. Data Security
Valevant implements a range of technical and organisational measures to protect personal information against unauthorised access, disclosure, alteration, and destruction. These measures include:
- Encryption of data in transit using TLS/HTTPS
- Hashing and salting of user passwords — we never store passwords in plain text
- Role-based access controls limiting internal access to personal information on a need-to-know basis
- Regular security assessments and monitoring of the platform
- Contractual security requirements imposed on all third-party service providers
While we take all reasonable steps to protect your information, no method of transmission over the internet or method of electronic storage is completely secure. In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988.
12. Your Privacy Rights
Under the Australian Privacy Act 1988 and, where applicable, the GDPR, you have the following rights in relation to your personal information:
- Access: You may request a copy of the personal information we hold about you.
- Correction: You may request correction of inaccurate or incomplete personal information.
- Deletion: You may request deletion of your personal information, subject to legal obligations that require us to retain certain records.
- Restriction of processing (GDPR): You may request that we restrict processing of your personal data in certain circumstances.
- Data portability (GDPR): Where processing is based on consent or contract and is carried out by automated means, you may request a copy of your data in a structured, machine-readable format.
- Objection (GDPR): You may object to processing based on legitimate interests, including profiling for direct marketing purposes.
- Withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days and will confirm what personal information we hold, if any, and fulfil your request to the extent required by law. We may need to verify your identity before processing certain requests.
We will not discriminate against you for exercising your privacy rights.
13. Cookies and Tracking Technologies
We use cookies and similar tracking technologies on our website and platform. A cookie is a small data file placed on your device by your browser when you visit a website.
13.1 Types of Cookies We Use
- Strictly necessary cookies: Required for the website and platform to function correctly (e.g., session authentication, security tokens). These cannot be disabled.
- Analytics cookies: Used to understand how visitors interact with our website and platform (e.g., Google Analytics). These are set only with your consent where required by law.
- Preference cookies: Used to remember your settings and preferences to improve your experience.
13.2 Managing Cookies
You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Please be aware that disabling certain cookies may affect the functionality of the platform. For information on managing cookies in your specific browser, refer to your browser's help documentation.
For Google Analytics specifically, you can opt out by installing the Google Analytics Opt-out Browser Add-on.
14. International Users and Cross-Border Transfers
While Valevant primarily serves users in Australia, our platform is accessible globally. If you access the Services from outside Australia, your personal information may be transferred to and processed in Australia, where our operations are based. Australian privacy law governs how we handle that information.
We may also use third-party service providers that process data outside Australia (for example, cloud infrastructure in the United States). Where we transfer personal information internationally, we take steps to ensure that the recipient provides a comparable level of protection to that required under the Australian Privacy Principles, including through contractual safeguards such as Standard Contractual Clauses where applicable under the GDPR.
15. Children's Privacy
The Valevant platform is designed for professional engineering use and is not directed at children under the age of 18. We do not knowingly collect personal information from individuals under 18 years of age. If we become aware that we have inadvertently collected personal information from a child, we will take steps to delete it promptly. If you believe we have collected information from a child, please contact us immediately at [email protected].
16. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. The effective date at the top of this page will be updated to reflect the date of the latest revision.
Where changes are material — for example, if we begin collecting new categories of personal information or change how we use your data in a significant way — we will provide prominent notice via the platform or by email to registered users. We recommend reviewing this policy periodically.
Your continued use of the Services after any update constitutes acceptance of the revised policy. If you do not accept the changes, you should discontinue use of the Services and may request deletion of your account.
17. Contact and Complaints
If you have any questions, concerns, or requests relating to this Privacy Policy or the way we handle your personal information, please contact us:
Valevant — Privacy Inquiries
Email: [email protected]
Queensland, Australia
We take all privacy inquiries seriously and will respond within 30 days of receipt.
Filing a Complaint
If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
- Website: www.oaic.gov.au
- Phone: 1300 363 992
EEA and UK residents who are unsatisfied with our response may also have the right to lodge a complaint with their local data protection authority.