Privacy Policy

1. Introduction

Taui Pty Ltd ("us", "we", or "our") operates the website www.apmplus.io and the APM+ web platform and associated Application Programming Interfaces (APIs) (collectively referred to as the "Service").

Our Privacy Policy governs your visit to and use of our Service and explains how we collect, safeguard, and disclose information that results from your use of our Service. We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used here have the same meanings as in our Terms of Service.

2. Definitions

• SERVICE means the www.apmplus.io website and APM+ web platform/software operated by Us.
• PERSONAL DATA means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
• USAGE DATA is data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit or API latency).
• COOKIES are small files stored on your device (computer or mobile device).
• DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.
• DATA PROCESSORS (OR SERVICE PROVIDERS) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.
• DATA SUBJECT is any living individual who is the subject of Personal Data.
• THE USER is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.

3. Information Collection and Use

We collect several different types of information for various purposes to provide and improve our Service to you.

4. Types of Data Collected

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ('Personal Data'). Personally identifiable information may include, but is not limited to:

• Email address
• First name and last name
• Address, State, Province, ZIP/Postal code, City
• Cookies and Usage Data

With your explicit consent (opt-in), we may use your Personal Data to contact you with newsletters, marketing or promotional materials, and other information that may be of interest to you. You may opt out of receiving any or all of these communications at any time by following the unsubscribe link or emailing [email protected].

Usage Data

We collect information that your browser sends whenever you visit our Service or access it via an API ("Usage Data"). This may include your computer's Internet Protocol (IP) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track activity on our Service and hold certain information. Examples of Cookies we use:

• Session Cookies: We use Session Cookies to operate our Service.
• Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
• Security Cookies: We use Security Cookies for security purposes.

5. Use of Data

We use the collected data for the following strictly operational and platform purposes:

• To provide, maintain, and optimise our Service;
• To notify you about critical changes or service updates;
• To provide client support and handle technical troubleshooting;
• To monitor usage, system health, and detect/address technical anomalies;
• To fulfill contractual and billing obligations arising from subscriptions;
• To provide account-related notices, including expiration and renewal instructions;
• For any other business purpose explicitly disclosed at the time you provide consent.

6. Retention of Data

We retain your Personal Data only for as long as necessary to fulfill the purposes set out in this Privacy Policy:

• Account & Profile Data: Retained for the duration of your active subscription and securely purged or anonymized within thirty (30) days following the termination or closure of your account.
• Usage and Infrastructure Logs: Retained for internal security analysis and performance optimization, and are systematically deleted or fully aggregated/anonymised within ninety (90) days, unless legally required to retain them longer.
• Legal Compliance: We will retain and use your data to the extent necessary to comply with legal obligations, resolve disputes, and enforce our corporate legal agreements.

7. Transfer of Data

Your information, including Personal Data, may be transferred to—and maintained on—computers located outside your state, province, country, or other governmental jurisdiction where data protection laws may differ from yours.

If you are located outside the United States and choose to provide information to us, please note that we may transfer and process data, including Personal Data, in the United States.

For European Union (EU) and United Kingdom (UK) Residents: When transferring Personal Data outside the EEA, EU, or UK, We ensure appropriate safeguards are in place. We rely on standard contractual clauses (SCCs) approved by the European Commission (and the UK Information Commissioner's Office), or ensure transfers occur to jurisdictions or entities certified under recognised frameworks, such as the EU-U.S. Data Privacy Framework, to provide a structurally adequate level of data protection.

8. Disclosure of Data

We may disclose personal information under the following limited circumstances:

• Law Enforcement: If required to do so by applicable law or in response to valid, legally binding requests by public authorities (e.g., a court order or subpoena).
• Business Transactions: If We are involved in a merger, acquisition, or asset sale, your Personal Data may be transferred under strict confidentiality provisions.
• Operational Safety: If we reasonably believe disclosure is necessary to protect the rights, property, critical security, or safety of Us, our customers, or the public.

9. Security of Data

The security of your data is paramount. We employ standard commercial administrative, technical, and physical safeguards appropriate to the sensitivity of the data processed. However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure; while we strive to protect your data, we cannot guarantee absolute security.

10. Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the EU or EEA, you possess the following rights:

• Right of Access, Update, or Erasure: The right to view, correct, or request deletion of your Personal Data.
• Right of Rectification: The right to have inaccurate or incomplete information corrected.
• Right to Object or Restrict Processing: The right to object to or limit how we process your personal data.
• Right to Data Portability: The right to receive a copy of your data in a structured, machine-readable format.
• Right to Withdraw Consent: The right to revoke consent at any time when processing relies upon it.

To exercise these rights, please contact us at [email protected]. You also retain the right to lodge a complaint with a local Data Protection Authority within the EEA.

11. Your California Privacy Rights (CCPA / CPRA)

If you are a California resident, you are protected under the California Consumer Privacy Act as amended by the California Privacy Rights Act (CPRA). You have the right to request:

• The categories and specific pieces of personal data collected, and the categories of third parties with whom it is shared.
• The correction of inaccurate personal data held by us.
• The deletion of your personal data, subject to legal exemptions.

No Sale or Sharing of Data: We do not sell your personal information, nor do we share your personal data with third parties for cross-context behavioural advertising. We do not process or utilise Sensitive Personal Information outside of core operational access.

To submit a request, contact [email protected]. We do not discriminate against users who exercise their privacy rights.

12. Service Providers, Analytics, and Payments

We employ external third-party infrastructure and tools to safely facilitate our Service. These providers have access to data solely to perform specific tasks on our behalf and are bound by strict non-disclosure obligations:

• Analytics: We use PostHog to monitor and evaluate platform usage patterns. PostHog data handling can be configured for regional compliance. See their practices at https://posthog.com/privacy.
• CI/CD Development Tools: We use GitHub (GitHub, Inc.) to host code and manage deployments. Review their statement at https://github.com/site-policy/github-privacy-statement.
• Payments: For paid subscriptions, processing is executed securely via Stripe. We never collect or store your payment card numbers. Stripe's usage is governed by their policy: https://stripe.com/privacy.

13. Children's Privacy

Our Services are strictly designed and intended for corporate, professional, and enterprise users. They are prohibited for use by anyone under the age of eighteen (18). We do not knowingly collect information from individuals under this age threshold.

14. Changes to This Privacy Policy

We may update our Privacy Policy periodically. We will notify you of material changes via email and/or a prominent notification banner within our Service dashboard prior to the changes taking effect, and will update the "Last Updated" date at the top of this page.

15. Contact Us

If you have questions about this Privacy Policy, please contact us:

• By email: [email protected]