Intelligent Angels (“IA”, “we”, “us”) operates intelligentangels.com. This policy explains what data we collect, why, and how we protect it. We comply with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).
1. What we collect
Information you give us
- Name and email address when you sign up
- Business name and type during onboarding
- Payment information (processed by Stripe — we never see your card number)
- Messages you send to our support chat
Data from your connected integrations
- Sales and order data from Shopify, Stripe, or WooCommerce
- Financial records from Xero or QuickBooks
- Email metadata from Gmail (subject lines and senders — never full email bodies unless you explicitly enable it)
- Social and ad performance metrics from connected accounts
We only request the minimum permissions each angel needs. You can disconnect any integration at any time.
Usage data
- Pages visited and features used (via anonymised analytics)
- Error logs to help us fix bugs
- IP address for security and rate-limiting purposes
2. How we use your data
- To run your angels and deliver your daily briefings
- To send you product and billing emails
- To improve IA — we may review aggregated, anonymised usage patterns
- To comply with legal obligations
We never sell your data. We never use your business data to train AI models for any other customer or third party.
3. Who we share data with
- Supabase — database and authentication (servers in the US, SOC 2 compliant)
- Stripe — payment processing (PCI-DSS Level 1 certified)
- Resend — transactional email delivery
- Anthropic — AI model provider that powers your angel briefings
- Vercel — infrastructure and hosting
Each provider is bound by their own privacy policy and data processing agreements. We do not share data with any other third parties.
4. Security
- All data is encrypted in transit (HTTPS/TLS) and at rest
- OAuth tokens for your integrations are encrypted with AES-256-GCM before storage
- Row-level security on our database means each user can only access their own data
- API endpoints are rate-limited to prevent abuse
- We maintain an immutable audit log of all significant actions
5. Data retention
We keep your data while your account is active. If you cancel, we retain anonymised billing records for 7 years as required by Australian tax law. All other personal data is deleted within 30 days of account closure on request.
6. Your rights
Under the Australian Privacy Principles you have the right to:
- Access — request a copy of the personal data we hold about you
- Correction — ask us to fix inaccurate data
- Deletion — request your account and data be deleted
- Portability — export your data via Settings › Export
- Opt-out — unsubscribe from marketing emails at any time
To exercise any of these rights, email us at hello@intelligentangels.com. We will respond within 30 days.
7. Cookies
We use only essential cookies required to keep you logged in. We do not use advertising or tracking cookies.
8. Changes to this policy
If we make material changes, we will notify you by email at least 14 days before they take effect. The latest version is always at intelligentangels.com/privacy.
9. Contact
Questions or complaints: hello@intelligentangels.com
If we can't resolve a complaint, you can contact the Office of the Australian Information Commissioner (OAIC).