Login

1. Overview

Ozibus provides cloud message delivery services (email, SMS, push/OTP and related APIs and webhooks) to businesses and developers. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and your rights. We manage personal information in accordance with the Australian Privacy Principles (APPs). OAIC

2. Types of personal information we collect

We collect the categories of information necessary to provide messaging services and manage accounts, including:

  1. Identity & contact data: names, email addresses, phone numbers, company names, billing addresses.
  2. Messaging data: message content you submit for delivery (where you supply it), recipient addresses/numbers, delivery metadata (timestamps, delivery status, bounce codes, carrier responses), webhook payloads.
  3. Account & payment data: billing contact, invoices. We do not store full card numbers on our servers — we use PCI-compliant third-party payment processors. (Insert your payment provider names here.)
  4. Technical & usage data: IP addresses, device/browser type, API keys usage logs, timestamps, API request/response logs, cookies and analytics.
  5. Support & communication data: messages to/from our support team and any attachments you provide.

3. How we collect information

  1. Directly from you when you create an account, use our API or dashboard, contact support, or subscribe to marketing.
  2. From your organisation when you integrate our APIs or give us recipient lists.
  3. Automatically via cookies, logs, and analytics when you use our site or services.
  4. From third parties (payment processors, identity verification providers) where applicable.

4. Purpose of collection & legal basis

We collect and use personal information to:

  1. Provide, operate and improve the Ozibus platform (message delivery, dashboard, APIs, webhooks).
  2. Authenticate and secure accounts (API keys, OTPs).
  3. Send transactional notifications (account events, invoices) and — only with your consent — marketing.
  4. Detect abuse, fraud, spam and to comply with applicable laws and industry rules (for example anti-spam rules).
  5. Investigate and respond to incidents, security breaches and legal requests.
  6. Billing, tax and record-keeping.

If you are a customer (business), you remain responsible for ensuring you have lawful grounds (e.g., consent) to send messages to your recipients and for providing the content you submit to us for delivery. Where applicable we rely on consent, contractual necessity and legitimate interest to process personal information.

5. Marketing & consent (SMS / Email)

We will only send marketing messages to individuals where we have their consent (opt-in) or otherwise permitted by law. Commercial electronic messages must include a clear unsubscribe/opt-out method and we will honour unsubscribe requests promptly, as required by Australia’s spam laws. If you use Ozibus to send marketing messages you must also comply — and you remain responsible for opt-in/opt-out management for your recipient lists. acma.gov.au+1

6. Disclosure to third parties & processors

We share personal information with:

  1. Delivery providers & carriers: email service providers, SMS aggregators, and telecom carriers to route messages.
  2. Hosting and infrastructure providers: cloud hosting, databases, logging, monitoring and analytics.
  3. Payment processors for billing (PCI-compliant processors).
  4. Legal and compliance advisers and law enforcement when required by law.
  5. Third parties involved in a sale or restructuring of our business (with notice to affected users).

We enter into written agreements requiring third parties to protect personal information to a comparable standard to ours where feasible.

7. Cross-border transfers

Some service providers we rely on operate outside Australia. When we transfer personal information overseas we take reasonable steps to ensure it is protected (contractual safeguards, standard contractual clauses, due diligence). See APP guidance for overseas disclosures. OAIC

8. Storage & retention

We only keep personal data for as long as is required by law or for the stated purposes. Examples of typical retention (tailored to your company):

  1. Records of accounts and transactions: seven years (for tax and accounting purposes).
  2. Logs and metadata for message delivery: two years (for fraud detection, dispute resolution).
  3. Content of the message you supply:Your subscription package determines the retention period, which is 7-90 days, depending on your subscription options.

9. Safety

To safeguard personal data, we use industry-standard organizational and technical measures (TLS, access controls, encryption at rest when practical, secure key management, logging, and monitoring). No system is impenetrable; in the event of an eligible data breach under the Notifiable Data Breaches (NDB) scheme, we will notify the OAIC and the impacted parties as needed. The OAIC+1

10. Your legal rights

You can contact us ⁣ to file a complaint or to request access to or correction of any personal information we may have about you. We will provide an explanation and review options if we disagree with a request. You can file a complaint with the Office of the Australian Information Commissioner (OAIC) if it remains unresolved. OAIC.

11. Children

We do not knowingly collect personal information from children under 16 except where provided with parental consent. If you believe we have collected such information, contact us to request deletion.

12. Changes to this Policy

We may update this policy; we’ll publish the new version with an updated effective date. Significant changes will be communicated to account holders by email.