PRIVACY POLICY

Last updated: [insert date]

This Privacy Policy explains how Stravus, a business operated by Jeroen van Amerongen as a sole trader (“Stravus”, “we”, “us”, “our”), collects, uses, stores, and discloses personal information.

We are committed to protecting your privacy and handling your personal information in a transparent and secure manner.

1. Scope of This Policy

This Privacy Policy applies to:

  • the Stravus website

  • digital readiness assessments

  • reports and submissions

  • platform interactions

  • communications with us

It applies to users globally.

2. Information We Collect

We may collect the following types of personal information:

a. Information You Provide

  • name

  • email address

  • business name and details

  • questionnaire responses and submissions

  • communications and feedback

b. Automatically Collected Information

  • IP address

  • device and browser information

  • usage data and interaction logs

  • cookies and analytics data

c. Payment Information

Payments are processed by third-party providers (such as Stripe).

We do not store full credit card details.

3. How We Use Your Information

We use personal information to:

  • deliver assessments, reports, and insights

  • operate and improve our Services

  • personalise outputs and recommendations

  • process payments

  • communicate with you

  • comply with legal obligations

  • protect the security and integrity of our systems

4. AI Processing

Some data you provide may be processed using artificial intelligence systems to generate insights and outputs.

Where applicable:

  • outputs may be reviewed and verified by a human

  • 1:1 chat interactions may be fully AI-generated

AI systems may process data in multiple regions depending on infrastructure availability.

5. Legal Bases for Processing (GDPR & UK GDPR)

If you are located in the EU or UK, we process personal data on the following bases:

  • performance of a contract

  • legitimate interests (operating and improving our Services)

  • consent (where required, e.g. marketing cookies)

  • legal obligations

6. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • ensure the website functions correctly

  • analyse usage and performance

  • improve user experience

You can control cookies through your browser settings. Disabling cookies may affect site functionality.

7. Data Storage & International Transfers

Your personal information may be stored and processed using third-party service providers, including:

  • Cloud hosting providers (e.g., AWS – including US-based regions)

  • Payment processors (e.g., Stripe)

  • AI processing providers

  • Automation, analytics, and infrastructure tools

This may involve transferring data outside your country of residence, including to the United States, European Union, United Kingdom, or Australia.

We take reasonable steps to ensure appropriate safeguards are in place for international transfers.

8. Disclosure of Personal Information

We may disclose personal information to:

  • service providers and infrastructure partners

  • payment processors

  • professional advisers (where required)

  • regulators or authorities where legally required

We do not sell personal information.

9. Data Retention

We retain personal information only for as long as necessary to:

  • provide the Services

  • meet legal and regulatory obligations

  • resolve disputes

  • enforce agreements

You may request deletion of your data at any time, subject to legal requirements.

10. Your Rights

Depending on your location, you may have the right to:

  • access your personal information

  • correct inaccurate information

  • request deletion

  • restrict or object to processing

  • withdraw consent

  • request data portability

Requests can be made by contacting us using the details below.

11. Security

We take reasonable technical and organisational measures to protect personal information from misuse, loss, unauthorised access, or disclosure.

However, no system can be guaranteed to be completely secure.

12. Third-Party Links

Our website or Services may contain links to third-party websites.

We are not responsible for the privacy practices of third parties.

13. Children’s Privacy

Our Services are not intended for individuals under 18 years of age.

We do not knowingly collect personal information from children.

14. Changes to This Policy

We may update this Privacy Policy from time to time.

The updated version will be published on our website with a revised “Last updated” date.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact:

Stravus
Operated by Jeroen van Amerongen
support@stravus.io

16. Australian Privacy Act Notice

This Privacy Policy is intended to comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles.

If you believe we have breached your privacy rights, you may contact us to lodge a complaint. We will investigate and respond within a reasonable timeframe.