Legal
Privacy Policy
Lunio Energy Pty Ltd (ABN 31 672 296 767) and Lunio Labs Pty Ltd (ABN 94 689 993 137) (we, us, our) are committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose, and store your personal information, and how you can access or correct it.
1. Personal information we collect
- Identity information — name, email address, organisation.
- Account information — login credentials and account details.
- Technical and usage data — IP address, device information, browser type, and usage logs.
- Communication records — support requests, correspondence, and feedback.
We collect personal information directly from you (such as when you register or contact us) and automatically through your use of our services.
2. How we use your personal information
- To provide, operate, and maintain our services.
- To respond to your enquiries and support requests.
- To analyse usage patterns and improve system performance.
- To train and optimise AI and machine learning models — where our services include AI-powered features, we use your operational and commercial data exclusively to train and optimise the AI model deployed for your specific customer instance. We do not engage in cross-customer training using identifiable or proprietary customer data.
- To meet our legal and regulatory obligations.
- To detect, prevent, and address technical issues or security threats.
3. Disclosure of personal information
We may disclose your personal information to third-party service providers (primarily Amazon Web Services as our cloud hosting provider, and other approved sub-processors), professional advisers, and government agencies or regulators where required or authorised by law. We do not sell, rent, or trade your personal information.
4. Customer data ownership
You retain full ownership of all data uploaded to our systems, as well as all outputs, insights, and derivative data generated by our platform. We claim no ownership rights to your data and use it solely to provide the contracted services.
5. Cross-border disclosure
Some of our service providers are located overseas, including in the United States (AWS). When we disclose your personal information overseas, we take reasonable steps to ensure the overseas recipient complies with the APPs or is subject to a substantially similar privacy regime.
6. Security
We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access. Our measures include encryption in transit (TLS 1.2+) and at rest (AES-256), access controls and multi-factor authentication, and regular monitoring and logging.
7. Data retention
We retain your personal information for the duration of the active service agreement and for 30 days following termination, unless otherwise agreed in writing or required by law. When personal information is no longer required, we securely delete it in accordance with NIST 800-88 guidelines for media sanitisation. A certificate of destruction can be provided on request.
8. Your rights
Under the APPs you may request access to the personal information we hold about you, request correction of information that is inaccurate or out of date, and, where practicable, interact with us anonymously or pseudonymously. To exercise these rights, contact us using the details below.
9. Complaints
If you believe we have breached the APPs or your privacy, you may lodge a complaint with us and we will respond within a reasonable timeframe (usually 30 days). If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au, by phone on 1300 363 992, or by email at enquiries@oaic.gov.au.
Contact
For any privacy questions or requests, contact us at privacy@lunio.co.