Privacy Policy | Keecore AI

Keecore Pty Ltd (ACN 621 712 801) · Last updated: 6 June 2026 · This document is a draft pending final legal review. Contact [email protected] with any queries.

1. Introduction

Keecore Pty Ltd operates Keecore AI, a managed AI agent service for Australian businesses ("the Service"). We are committed to protecting personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, hold and disclose personal information in connection with the Service, our website at keecore.ai, and our dealings with clients and prospective clients. By using our website or engaging our services, you agree to the collection and use of information in accordance with this policy.

2. What personal information we collect

From website visitors and enquiries:

Name and contact details (email address, phone number)
Business name and industry
Information provided in the audit request form or direct communications

From clients (under a service agreement):

Business contact details of authorised users
Information contained in documents, emails and data sources the client authorises the AI agent to access (the "client data scope" agreed at onboarding)
Usage data and interaction logs generated through the Service

We collect only what is reasonably necessary for the purposes described in this policy. We do not collect sensitive information unless it falls within the client's authorised data scope and is necessary for the Service.

3. How we collect personal information

We collect personal information directly from you when you submit an enquiry, request an audit, or enter into a service agreement with us; through your use of the Service including interactions with your AI agent; and from documents, files and data sources you authorise us to connect to during onboarding.

4. Why we collect it

We collect personal information to respond to enquiries and arrange AI Readiness & Security Audits; provide, manage and improve the Service; provision and configure AI agent instances for clients; communicate with clients about their service; and meet our legal and contractual obligations. We will not use personal information for any purpose not disclosed in this policy without your consent, unless required by law.

5. Disclosure of personal information

We may disclose personal information to the following service providers:

Anthropic PBC (United States) — AI model provider. See section 6 for cross-border disclosure.
Contabo GmbH (Australian data centre) — server and compute infrastructure hosting the Service. Data remains in Australia.
Wasabi Technologies LLC (Australian data centre) — cloud backup storage. Data remains in Australia.
OpenClaw — the agent platform through which the Service is delivered, hosted on Keecore's Australian infrastructure.

We do not sell, rent or trade personal information to third parties for marketing purposes. We may also disclose personal information where required by law, court order or regulatory authority.

6. Cross-border disclosure (APP 8)

Some of our third-party providers are located outside Australia and may process personal information overseas, including in the United States.

Specifically, Anthropic PBC (United States) processes queries and responses as part of AI model inference. This is the sole overseas disclosure in our standard infrastructure — our server infrastructure (Contabo) and backup storage (Wasabi) are both hosted in Australian data centres.

By engaging our services or submitting an enquiry, you acknowledge and consent to your personal information being processed by Anthropic PBC in the United States for the purpose of delivering the AI agent service. We apply data minimisation principles — we do not send more information to Anthropic than is necessary to respond to each query. We take reasonable steps to ensure Anthropic handles personal information appropriately, however APP 8.1 accountability may be affected where an overseas recipient is not subject to a law substantially similar to the Privacy Act.

7. Data security (APP 11)

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification and disclosure. Our security measures include:

Least-privilege access controls — AI agents are configured to access only what is explicitly authorised
Security review and client sign-off before any agent deployment
Encryption of data in transit and at rest
Audit logging of agent activity
Keecore-managed configuration — clients cannot modify agent security settings
Documented incident response procedures

8. Notifiable Data Breaches (NDB scheme)

We comply with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act. If we become aware of an eligible data breach that is likely to result in serious harm, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable, and take immediate steps to contain and remediate the breach.

9. Data retention

We retain personal information for as long as necessary to provide the Service and meet our legal obligations. On termination of a service agreement, we will provide the client with a reasonable opportunity to export their data and securely delete or de-identify personal information within 30 days of termination, subject to any legal retention requirements.

10. Access and correction (APPs 12–13)

You have the right to request access to personal information we hold about you and to request correction of inaccurate, incomplete or out-of-date information. Contact us at [email protected]. We will respond within 30 days. We may decline access in circumstances permitted by the Privacy Act and will explain any refusal in writing.

11. Complaints

If you believe we have breached the APPs or this Privacy Policy, please contact us at [email protected]. We will acknowledge your complaint within 5 business days and respond substantively within 30 days. If you are not satisfied, you may complain to the OAIC at oaic.gov.au.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will notify clients of material changes by email or through the Service. The current version is always available at keecore.ai/privacy.

13. Contact

Keecore Pty Ltd
[email protected]
Sydney, NSW, Australia