Privacy Policy

PRISM AI ("we", "us", "our") is committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy explains how we collect, use, store, and disclose personal information in accordance with the Australian Privacy Act and the Australian Privacy Principles (APPs). By using our website (prismai.com.au) or engaging our services, you consent to the practices described in this policy. We may update this policy from time to time; the date of the most recent revision is shown at the top of this page.

We collect only the personal information that is reasonably necessary to provide our services and respond to your enquiries. 2.1 Information You Provide Directly • Contact form submissions: name, email address, phone number (optional), and message content • Business enquiries or project scoping communications: any information you choose to share about your organisation, project requirements, or technical needs • Email correspondence with PRISM AI personnel 2.2 Information Collected Automatically • Standard web server logs (IP address, browser type, pages visited, referral URL, timestamps) for security and analytics purposes • Cookies and similar technologies as described in Section 7 We do not collect sensitive information (such as health, financial account details, or government identifiers) unless it is strictly necessary and you have provided explicit consent.

We use the personal information we collect to: • Respond to your enquiries and provide quotations or project scoping information • Deliver contracted services and communicate about active engagements • Send administrative communications (invoices, project updates, supporting documents) • Improve the quality and performance of our website • Comply with legal obligations • Protect the security and integrity of our systems We do not use your personal information for unsolicited marketing without your opt-in consent. We will never sell, rent, or trade your personal information to third parties for marketing purposes.

We may disclose your personal information to: • Service providers who assist us in operating our website and delivering services — such as cloud hosting providers and email delivery services. These providers are contractually obligated to handle your information securely and only for the purposes we specify. • Professional advisers (lawyers, accountants) where necessary for business operations, under strict confidentiality obligations. • Law enforcement or government agencies where required by law or court order. We will not disclose your personal information to overseas recipients without your consent, unless required by law or where we have taken reasonable steps to ensure the overseas recipient handles your information consistently with Australian Privacy Principles.

We take reasonable technical and organisational measures to protect your personal information from misuse, loss, unauthorised access, modification, or disclosure. These measures include: • Encrypted transmission of data (HTTPS/TLS) • Restricted access to personal data on a need-to-know basis • Secure third-party infrastructure for email and hosting While we take privacy and security seriously, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security of your information and encourage you to exercise care when transmitting personal information online.

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Specifically: • Contact form enquiries that do not result in a service engagement may be retained for up to twelve (12) months. • Client project records (including communications and deliverable documentation) are retained for seven (7) years for legal and financial compliance purposes. • You may request deletion of your personal information at any time (see Section 9), subject to any legal obligations that require us to retain certain records.

Our website uses cookies and similar tracking technologies to improve your browsing experience and analyse website traffic. Cookies are small text files stored on your device. We use: • Essential cookies — required for the website to function correctly (e.g., security tokens, session management) • Analytics cookies — anonymous, aggregated data to help us understand how visitors use the site (e.g., pages visited, referral sources) We do not use advertising or behavioural tracking cookies. You can control or disable cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

Our website may contain links to third-party websites or platforms. These sites have their own privacy policies, and we are not responsible for their content or practices. We encourage you to review the privacy policies of any external sites you visit.

Under the Australian Privacy Act, you have the right to: • Access the personal information we hold about you • Request correction of inaccurate, out-of-date, or incomplete information • Request deletion of your personal information (subject to legal retention requirements) • Withdraw consent where your information is processed based on consent • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au To exercise any of these rights, please contact us using the details in Section 10. We will respond to access and correction requests within thirty (30) days.

If you believe we have breached the Australian Privacy Principles or otherwise mishandled your personal information, please contact us in the first instance to allow us the opportunity to resolve your concern.

For any privacy-related enquiries, requests, or complaints, please contact: PRISM AI — Privacy Officer Email: amal.g@prismai.com.au Website: prismai.com.au