Privacy Policy

1. Introduction

BoringWork ("we", "us", or "our") is committed to protecting the privacy of your personal information. We are an Australian-based business automation and AI integration services company, and we comply with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth).

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at boringwork.com, use our services, or otherwise interact with us.

By using our website or services, you consent to the collection and use of your information as described in this policy. If you do not agree with this policy, please do not use our website or services.

2. About BoringWork

BoringWork provides professional automation and AI integration services to small and medium enterprises (SMEs) across Australia. Our services include:

• Custom workflow automation solutions
• AI implementation and integration services
• Custom CRM and database development
• Software development services
• Healthcare industry compliance-certified solutions

We operate primarily as a consultation-based service, offering free initial consultations to understand your business needs.

3. Information We Collect

3.1 Information You Provide Directly

When you interact with us through our website, you may voluntarily provide us with the following personal information:

Contact Form Submissions:

• Name (required)
• Email address (required)
• Phone number (optional)
• Company name (optional)
• Industry type (required)
• Budget range (optional)
• Your inquiry or message (required)

Newsletter Subscriptions:

• Email address (required)
• Name (optional)

Free Resource Downloads (Lead Magnets):

• Name (required)
• Email address (required)
• Company name (optional)
• Type of resource requested

3.2 Information Collected Automatically

When you visit our website, we automatically collect certain information through cookies and similar technologies:

Analytics Data (via Google Analytics 4):

• Pages visited and navigation patterns
• Time spent on pages
• Scroll depth and engagement metrics
• Button clicks and form interactions
• Device type, browser, and operating system
• Approximate geographic location (country/city level)
• Referral source (how you found our website)

User Experience Data (via Microsoft Clarity):

• Heatmaps showing click and scroll patterns
• Anonymous session recordings to improve website usability
• User interaction patterns

Note: Microsoft Clarity automatically masks sensitive content and does not capture keystrokes in text fields to protect your privacy.

3.3 Information We Do Not Collect

We do not collect:

• Payment card or financial account details (we do not process online payments)
• Government identifiers (Tax File Numbers, Medicare numbers, etc.)
• Health information (unless specifically required for healthcare industry compliance projects, and only with explicit consent)
• Information from children under 18 years of age

4. How We Use Your Information

We use the personal information we collect for the following purposes:

4.1 To Provide Our Services

• Respond to your inquiries and contact form submissions
• Schedule and conduct consultations
• Deliver the automation and AI services you request
• Communicate with you about ongoing projects

4.2 For Marketing and Communications

• Send newsletters and updates (only if you've subscribed)
• Deliver free resources you've requested
• Share relevant information about our services
• Send occasional promotional content (with your consent)

You can unsubscribe from marketing communications at any time by clicking the unsubscribe link in any email or contacting us directly.

4.3 To Improve Our Website and Services

• Analyse website usage patterns to improve user experience
• Identify and fix technical issues
• Understand which content and services are most valuable to visitors
• Optimise our website performance and navigation

4.4 For Legal and Security Purposes

• Protect against spam and fraudulent submissions
• Comply with legal obligations
• Enforce our terms of service
• Protect our rights and the rights of others

5. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience and collect analytics data.

5.1 Types of Cookies We Use

Essential Cookies:

• cookie-consent - Stores your cookie consent preference
• cookie-consent-date - Records when you provided consent

Analytics Cookies (Google Analytics 4):

• Used to understand how visitors interact with our website
• Help us measure the effectiveness of our content
• Data is aggregated and anonymised where possible

Experience Improvement Cookies (Microsoft Clarity):

• Help us understand user behaviour through heatmaps
• Enable session recordings to improve website usability
• Sensitive content is automatically masked

5.2 Managing Cookies

When you first visit our website, you will see a cookie consent banner allowing you to accept or decline non-essential cookies. You can also manage cookies through your browser settings. Please note that disabling certain cookies may affect website functionality.

We do not use cookies for advertising purposes. Ad storage is disabled on our website.

6. Disclosure of Your Information

We may share your personal information with the following categories of third parties:

6.1 Service Providers

We use trusted third-party service providers to help us operate our business:

6.2 Legal Requirements

We may disclose your information if required to do so by law, or if we believe in good faith that such disclosure is necessary to:

• Comply with a legal obligation or court order
• Protect and defend our rights or property
• Prevent or investigate possible wrongdoing
• Protect the personal safety of users or the public

6.3 Business Transfers

If BoringWork is involved in a merger, acquisition, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you of any such change and the choices you may have regarding your information.

7. Overseas Disclosure

In accordance with Australian Privacy Principle 8, we inform you that your personal information may be disclosed to overseas recipients. Specifically, the third-party service providers we use are based in the United States:

• Resend (email delivery)
• Airtable (data storage)
• Google LLC (analytics)
• Microsoft Corporation (user experience analytics)

These providers are bound by their own privacy policies and are required to protect your information. We have taken reasonable steps to ensure that these overseas recipients handle your personal information in accordance with the Australian Privacy Principles.

By providing your personal information to us, you consent to the disclosure of your information to these overseas recipients. You acknowledge that Australian Privacy Principle 8.1 will not apply to such disclosures.

8. Data Security

We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it, including:

• SSL/TLS encryption for all data transmitted through our website
• Secure API connections with our service providers
• Spam protection measures including honeypot fields on forms
• Input validation to prevent malicious data submissions
• Access controls limiting who can access personal information
• Regular review of our security practices

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to taking all reasonable steps to protect your information.

9. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including:

• Contact form submissions: Retained for the duration of any business relationship plus 7 years for legal and accounting purposes
• Newsletter subscriptions: Retained until you unsubscribe or request deletion
• Analytics data: Retained according to Google Analytics and Microsoft Clarity default retention periods (typically 14-26 months)
• Cookie consent preferences: Stored locally in your browser until cleared

When your personal information is no longer required, we will securely delete or de-identify it.

10. Your Rights

Under the Australian Privacy Principles, you have the following rights regarding your personal information:

10.1 Right to Access

You have the right to request access to the personal information we hold about you. We will respond to your request within a reasonable timeframe (usually within 30 days).

10.2 Right to Correction

If you believe the personal information we hold about you is inaccurate, incomplete, out-of-date, or misleading, you can request that we correct it.

10.3 Right to Erasure

You can request that we delete your personal information. We will comply with your request unless we are required to retain the information for legal or legitimate business purposes.

10.4 Right to Withdraw Consent

Where we rely on your consent to process personal information, you have the right to withdraw that consent at any time. This includes:

• Unsubscribing from marketing emails
• Declining or withdrawing cookie consent
• Requesting removal from our contact database

10.5 How to Exercise Your Rights

To exercise any of these rights, please contact us using the details in Section 14 below. We may need to verify your identity before processing your request.

11. Notifiable Data Breaches

In accordance with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988, if we experience a data breach that is likely to result in serious harm to any individuals whose personal information is involved, we will:

• Take immediate steps to contain the breach and mitigate any harm
• Assess the breach to determine if it is likely to result in serious harm
• Notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable
• Notify affected individuals as soon as practicable

12. Children's Privacy

Our website and services are intended for business professionals and are not directed at children under 18 years of age. We do not knowingly collect personal information from children.

If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately, and we will take steps to delete that information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Last updated" date at the top of this page
• Post the revised policy on our website
• For significant changes, we may notify you via email or a prominent notice on our website

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal information, please contact us:

15. Complaints

If you believe we have breached the Australian Privacy Principles or you are unhappy with how we have handled your personal information, you may lodge a complaint with us by contacting us using the details above.

We will investigate your complaint and respond to you within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):