← Back to Valiant AI

Privacy Policy

Last updated: 9 May 2026 — Valiant Partners Pty Ltd (ABN 77 636 173 307)

1. About This Policy

This Privacy Policy is issued by Valiant Partners Pty Ltd (ABN 77 636 173 307), trading as Valiant AI (we, us, our). Our registered address is in New South Wales, Australia.

We are bound by the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Privacy Act). This policy explains how we manage personal information — that is, information or an opinion about an identified or reasonably identifiable individual — in connection with our website at valiantai.com.au and our AI agent deployment services.

By submitting an enquiry through our website or engaging our services, you acknowledge that you have read this policy and consent to our handling of your personal information as described herein.

2. What Personal Information We Collect

2.1 Information You Provide Directly

When you contact us via our website contact form or by email, we may collect:

• Your full name and preferred name
• Your email address
• Your phone number (if voluntarily provided)
• Your business name and industry
• A description of your business needs, processes, or enquiry

2.2 Information Collected During Engagement

If you proceed with our services, we may additionally collect:

• Business contact details for key personnel involved in your project
• Workflow documentation and process descriptions you share to enable scoping
• Third-party API credentials or integration details you explicitly provide for configuration purposes (handled as described in Section 7)
• Billing and invoicing information (name, ABN if applicable, address)

2.3 Information Collected Automatically

Our website may collect limited technical information through standard server logging, including:

• IP address and approximate geographic location
• Browser type and version
• Pages visited and time of visit
• Referring URL

We do not use cookies for tracking or advertising purposes. We do not use analytics platforms that build individual user profiles.

2.4 Sensitive Information

We do not intentionally collect sensitive information (as defined under the Privacy Act, including health, racial origin, or financial information) through our contact channels. Please do not include sensitive information in your initial enquiry. If sensitive information becomes relevant during an engagement, we will seek your explicit consent before collecting or handling it.

3. Why We Collect It

We collect personal information for the following primary purposes:

• Responding to enquiries: To assess your requirements and respond to your questions about our services.
• Scoping and proposals: To prepare tailored proposals, statements of work, and cost estimates.
• Service delivery: To design, configure, and deploy AI agent systems on your behalf.
• Billing and administration: To issue invoices and manage our commercial relationship.
• Support: To provide post-deployment support where agreed under your statement of work.
• Legal compliance: To meet our obligations under applicable Australian law.

We will not use your personal information for unrelated secondary purposes (such as direct marketing) without your consent, unless otherwise permitted by the Privacy Act.

4. Disclosure to Third Parties

We do not sell, trade, or rent your personal information to third parties. We may disclose your personal information to the following categories of recipients only to the extent necessary to deliver our services:

4.1 Formspree (Contact Form Processor)

Our website contact form is processed by Formspree, Inc., a third-party form submission service. When you submit an enquiry via our contact form, your submission data — including your name, email address, and message — is transmitted to and temporarily stored by Formspree to facilitate delivery to us. Formspree processes this data in accordance with its own Privacy Policy. We encourage you to review that policy. You may alternatively contact us directly at hello@valiantai.com.au to avoid Formspree entirely.

4.2 Professional Advisers

We may disclose personal information to our legal advisers, accountants, or insurers where required for legitimate professional purposes, subject to confidentiality obligations.

4.3 Law Enforcement and Legal Process

We may disclose personal information where required or authorised by Australian law, a court order, or a regulatory body with jurisdiction over us.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of all or part of our business, personal information we hold may be transferred to the successor entity, subject to equivalent privacy protections.

5. Overseas Disclosure

Our primary operations are conducted from New South Wales, Australia. However, certain third-party services we use may process or store data outside Australia:

• Formspree: Headquartered in the United States. Subject to US privacy laws. We take reasonable steps to ensure Formspree maintains standards comparable to the APPs, and Formspree's Privacy Shield/standard contractual commitments apply.
• Email infrastructure: Standard email delivery services may route communications through overseas servers.

By submitting information through our website, you consent to the potential overseas disclosure of your personal information as described above, in accordance with APP 8. Where we disclose your information to an overseas recipient, we take reasonable steps to ensure that recipient does not breach the APPs in relation to that information. However, where those reasonable steps have been taken, we may not be held liable under the Privacy Act for a breach of the APPs by the overseas recipient.

6. Your Deployed Agents & Business Data

The AI agents we design and deploy for your business operate on your own Virtual Machine (VM) — infrastructure that you own, control, and pay for directly. This architecture has the following privacy implications:

• We do not host your agents. Once deployed, your agents operate entirely within your own infrastructure environment. We have no persistent access to your VM.
• We do not process your business data. Your agents' operational data — including customer interactions, internal records, and any data the agents act upon — resides exclusively on your VM and is never transmitted to us.
• We do not monitor your agent activity. We have no telemetry, logging, or monitoring access to your deployed system unless you explicitly grant temporary remote access for support purposes.
• Support access is consent-based and time-limited. If you request technical support that requires VM access, access is granted solely by you, for a defined purpose, and revoked at the conclusion of the support session. Any access is limited to what is necessary to resolve the issue.

Your business data and your customers' data are entirely under your control. You are the data controller for those datasets. We are not a processor of your operational data in the ordinary course of our services.

7. Storage & Security

We take reasonable steps to protect personal information we hold from misuse, interference, loss, and unauthorised access, modification, or disclosure. Our security measures include:

• Encrypted communication channels (TLS/HTTPS) for all website interactions and email correspondence
• Secure storage of onboarding documentation with access limited to personnel who require it
• Secure, encrypted transmission of any API credentials or access tokens provided during engagement — these are not stored in plain text and are deleted upon project completion unless ongoing maintenance has been agreed
• Regular review of access controls for internal systems

No transmission over the internet is entirely secure. While we employ industry-standard protections, we cannot guarantee absolute security. In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches (NDB) scheme in Part IIIC of the Privacy Act.

8. Retention & Deletion

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our general retention practices are:

• Pre-engagement enquiry data: Retained for up to 24 months from the date of initial contact to accommodate delayed project timelines. If no engagement proceeds, enquiry data is deleted at the conclusion of this period.
• Project and engagement records: Retained for 7 years from project completion to satisfy our obligations under the Income Tax Assessment Act 1997 (Cth) and related tax and accounting legislation.
• API credentials and access tokens: Deleted promptly upon project handover or earlier upon your request. Not retained for longer than necessary to complete configuration.
• Support access logs: Where temporary VM access has been granted, any notes or logs relevant to the support session are retained for 12 months and then securely deleted.

You may request deletion of your personal information at any time (see Section 9). We will comply unless retention is required by law or a legitimate business purpose.

9. Your Rights Under the Privacy Act

Under the Privacy Act and the APPs, you have the following rights in relation to personal information we hold about you:

9.1 Right of Access (APP 12)

You have the right to request access to personal information we hold about you. We will respond to access requests within 30 days. We will not charge a fee for access requests, though reasonable fees may apply for complex or voluminous requests. We may decline access in limited circumstances permitted by the Privacy Act (for example, where access would unreasonably affect another person's privacy).

9.2 Right of Correction (APP 13)

If you believe personal information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, you may request that we correct it. We will take reasonable steps to correct information within 30 days of a valid correction request.

9.3 Right to Request Deletion

You may request deletion of personal information we hold about you. Where we are not legally required to retain information, we will delete it within 30 days of your request and confirm in writing.

9.4 Right to Withdraw Consent

Where our processing of your personal information is based on consent, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.

To exercise any of these rights, contact us at hello@valiantai.com.au with the subject line Privacy Request. We may need to verify your identity before processing your request.

10. Complaints

If you believe we have breached the APPs or this Privacy Policy, please contact us in the first instance at hello@valiantai.com.au. We take privacy complaints seriously and will respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Post: GPO Box 5218, Sydney NSW 2001

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, technology, or legal obligations. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our website or services after any amendment constitutes your acceptance of the revised policy.

For significant changes that affect how we handle personal information you have already provided, we will notify you directly by email where practicable.

12. Contact Us

For any questions, requests, or concerns regarding this Privacy Policy or our handling of your personal information, please contact our Privacy Officer:

• Email: hello@valiantai.com.au
• Entity: Valiant Partners Pty Ltd
• ABN: 77 636 173 307
• Jurisdiction: New South Wales, Australia