Privacy Policy
1. Introduction
Welcome to Nebula AI (trading name of PJW MEDIA PTY LTD, ABN 96669111611).
We are committed to protecting your privacy and handling your personal information in a safe, transparent, and responsible manner.
This Privacy Policy explains how we collect, use, store, and protect your personal information when you engage with our services, visit our websites, communicate with our AI agents, or otherwise interact with us.
We are committed to complying with:
The Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs),
The General Data Protection Regulation (GDPR) for users located in the European Economic Area (EEA),
The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for residents of California,
And other applicable privacy and data protection laws.
By using our services, you agree to the terms of this Privacy Policy.
If you do not agree with any part of this Privacy Policy, please do not use our services.
If you have any questions about this Privacy Policy, you can contact us at: info@thenebulaai.io
2. Information We Collect
We collect personal information that is necessary to provide our services, communicate effectively with you, and improve your experience with Nebula AI.
The types of information we collect include:
2.1 Personal Information You Provide Directly
Full name
Email address
Phone number
Business information (e.g., company name, revenue range, service needs)
Payment information (processed securely via Stripe or Wise)
Any additional information you provide through website forms, voice calls, email communications, or during onboarding.
2.2 Information Collected Automatically
When you interact with our services or website, we may automatically collect certain technical information, including:
Device information (browser type, operating system, device identifiers)
Usage information (pages visited, time spent, interaction patterns)
IP address and general location data (derived from your IP address)
This information helps us optimize our services and improve user experience.
2.3 Call Recordings and Messaging
We may record voice calls and collect communications sent via SMS, WhatsApp, or other messaging channels to:
Confirm appointments
Monitor quality
Train and improve our AI systems
Comply with legal obligations
Where required by law, we will disclose recording at the start of a call and obtain consent.
2.4 Information from Third Parties
We may collect information from trusted third-party sources, such as:
Advertising platforms (e.g., Facebook Ads)
Professional networks (e.g., LinkedIn)
CRM systems
This information is combined with the data you provide to better tailor our services to your needs.
3. How We Use Your Information
We use the personal information we collect for the following purposes:
3.1 Providing and Managing Our Services
Setting appointments and managing client communications
Delivering our AI-powered services, including voice agents, chatbots, and automations
Processing payments for services rendered
3.2 Communication and Support
Responding to inquiries, support requests, and service feedback
Sending transactional communications, such as appointment confirmations or service updates
Contacting you regarding account management or service changes
3.3 Marketing and Promotions
Sending marketing emails, newsletters, and promotional materials (only where consent has been given or as permitted by law)
Conducting retargeting and advertising campaigns (e.g., using Meta Pixel or Google Analytics, where applicable)
Personalizing marketing content based on your interactions with our services
You may opt out of marketing communications at any time by following the unsubscribe instructions in our emails or contacting us directly.
3.4 Service Improvement and AI Training
Improving the performance, reliability, and functionality of our AI agents, websites, and services
Monitoring quality and enhancing customer experience through analysis of call recordings and interaction logs
Developing new services and features
3.5 Legal and Compliance Purposes
Complying with legal obligations, including privacy, telecommunications, and data protection regulations
Enforcing our Terms and Conditions, protecting our rights, and preventing misuse of our services
Responding to lawful requests from authorities or regulators
4. Call Recording and AI Interactions
4.1 Call Recording
We may record voice calls between you and our AI agents or human representatives for purposes including:
Appointment setting and service delivery
Quality assurance
Staff training and AI model improvement
Compliance with legal obligations
Consent to recording is handled as follows:
In jurisdictions where only one-party consent is required, calls may be recorded without prior disclosure.
In jurisdictions requiring two-party consent (such as certain U.S. states and European regions), you will be notified that the call may be recorded at the beginning of the call, and your continued participation or explicit consent will be obtained.
If you do not consent to call recording where required, alternative communication methods (such as SMS or email) will be offered.
4.2 AI Interactions
Some communications may be handled by AI agents (voice or chatbot). These agents are designed to provide appointment setting, answer basic questions, and assist with service inquiries.
Transparency: If you ask whether you are communicating with an AI agent, the AI will honestly disclose its nature.
Limitations: While our AI agents are designed to provide accurate and helpful responses, they are not infallible. Human oversight is maintained where necessary to ensure service quality and accuracy.
By interacting with our services, you acknowledge that you may be communicating with AI agents and agree to the recording and processing of those communications as outlined in this Privacy Policy.
5. Legal Basis for Processing (GDPR Compliance)
If you are located in the European Economic Area (EEA), we rely on the following legal bases under the General Data Protection Regulation (GDPR) to collect and use your personal information:
5.1 Consent
We may process your personal information based on your explicit consent, such as:
Sending marketing communications
Using cookies or tracking technologies (where applicable)
Processing call recordings (where consent is required)
You have the right to withdraw your consent at any time by contacting us or following opt-out instructions provided in our communications.
5.2 Performance of a Contract
We process your information when it is necessary to provide services you have requested, including:
Scheduling appointments
Delivering AI agent interactions
Managing service agreements
Without this data, we may not be able to perform the services you requested.
5.3 Legitimate Interests
We may process your information where it is reasonably necessary for our legitimate business interests, including:
Improving and developing our services
Communicating with clients
Preventing fraud, misuse, or illegal activity
Ensuring the security of our systems
Where we rely on legitimate interests, we balance our interests against your privacy rights to ensure fairness.
5.4 Compliance with Legal Obligations
We may process your information where necessary to comply with applicable legal requirements, such as:
Record-keeping obligations
Regulatory compliance
Responding to lawful requests from public authorities
6. Sharing of Personal Information
We take your privacy seriously and do not sell, rent, or trade your personal information to third parties.
However, in limited circumstances, we may share your information as outlined below:
6.1 Service Providers and Partners
We may share your personal information with trusted third-party service providers who assist us in operating our business and delivering our services, including:
Customer Relationship Management (CRM) platforms
Payment processors (e.g., Stripe, Wise)
Cloud storage providers (e.g., Oracle Cloud, Google Cloud)
Communication platforms (e.g., Retell AI, Supabase, Voiceflow)
These service providers are authorized to use your personal information only as necessary to perform services on our behalf and are contractually obligated to protect it.
6.2 Third-Party Platforms
If you interact with services integrated through third-party platforms, such as CRMs or AI communication systems, your information may be subject to those third parties’ privacy policies.
While we take reasonable steps to work with reputable providers, we are not responsible for how third parties independently collect, use, or secure your information once it is shared with them.
We encourage you to review the privacy policies of any third-party services you access through our platform.
6.3 Legal Compliance and Protection
We may disclose your personal information if required to:
Comply with applicable laws, regulations, legal processes, or enforceable government requests
Protect our rights, property, or safety, or that of our clients or the public
Enforce our agreements, policies, and terms of service
Respond to emergencies or suspected illegal activities
6.4 Business Transfers
In the unlikely event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you if such an event occurs and outline your choices where applicable.
7. Payments
We offer services that may require payment. All payments are processed securely through trusted third-party payment providers, primarily Stripe, and in some cases Wise.
7.1 Payment Information Handling
We do not collect, store, or process your full credit card information directly on our servers.
When you make a payment, you will be directed to a secure third-party payment page (e.g., Stripe Invoice Link) where your payment details are collected and processed.
These third-party processors are responsible for the security of your payment information and are compliant with industry standards, including the Payment Card Industry Data Security Standard (PCI-DSS).
7.2 Billing and Transaction Records
We may retain limited transaction information, such as your payment confirmation, invoice number, and billing contact information, solely for:
Record-keeping
Tax and accounting purposes
Customer service and dispute resolution
We do not have access to or retain your full card number, CVV, or other sensitive payment details.
8. Data Storage, Security, and Retention
We take appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction.
8.1 Data Storage
Your information may be stored on secure servers operated by:
Oracle Cloud
Google Cloud
Local servers under our direct control
Data may also be temporarily stored within trusted third-party platforms used to deliver services (e.g., CRM systems, communication platforms).
Where personal information is transferred or stored outside Australia, we ensure appropriate safeguards are in place to protect your privacy, including compliance with applicable data protection regulations (such as GDPR for EU clients).
8.2 Data Security Measures
We protect personal information through measures including:
Data encryption in transit and at rest where applicable
Strict access controls (limiting access to authorized personnel only)
Secure authentication methods
Regular system monitoring and security updates
Despite our efforts, no method of transmission or storage is 100% secure. Therefore, while we strive to protect your information, we cannot guarantee absolute security.
8.3 Data Retention and Deletion
We retain your personal information only for as long as necessary to:
Deliver our services
Fulfill legal and accounting obligations
Resolve disputes
When you cease using our services or terminate your relationship with us, we will delete your personal information from our active systems in a timely manner, unless retention is legally required or necessary for legitimate business purposes (e.g., financial record-keeping).
You may request deletion of your data at any time by contacting us at info@thenebulaai.io.
9. Your Rights and Choices
We respect your rights regarding your personal information.
Depending on your location and applicable laws, you may have the following rights:
9.1 Access and Correction
You have the right to:
Request access to the personal information we hold about you
Request correction of inaccurate, incomplete, or outdated information
We will respond to such requests promptly, subject to any legal and operational limitations.
9.2 Data Deletion
You may request that we delete your personal information where:
The information is no longer necessary for the purposes for which it was collected
You withdraw consent (where processing was based on consent)
You object to processing and there are no overriding legitimate grounds
Deletion is required by law
Upon verifying your request, we will delete your information unless retention is legally required.
9.3 Marketing Communications
You may opt out of receiving marketing emails, newsletters, SMS messages, or promotional communications from us at any time by:
Clicking the “unsubscribe” link in our marketing emails
Replying “STOP” to SMS messages where applicable
Contacting us directly at john@thenebulaai.io
We will process opt-out requests promptly. Please note that even if you opt out of marketing communications, you may still receive transactional or service-related communications (such as appointment confirmations).
9.4 Non-Discrimination
We will not discriminate against you for exercising any of your privacy rights under applicable laws.
9.5 How to Make a Request
To exercise any of these rights, please contact us at:
For security, we may ask you to verify your identity before processing certain requests.
10. Cookies and Tracking Technologies
Our website and services may use cookies and similar tracking technologies to enhance your experience, analyze website traffic, and support marketing efforts.
10.1 What Are Cookies?
Cookies are small data files stored on your device that help websites remember information about your visit. They can be used to:
Keep you signed in
Remember your preferences
Understand how you interact with our site
10.2 How We Use Cookies
We may use cookies, pixels, and similar technologies for purposes including:
Website performance and analytics (e.g., Google Analytics)
Advertising and retargeting (e.g., Meta Pixel for Facebook/Instagram ads)
Improving the functionality and security of our website
10.3 Managing Cookies
You have choices regarding the use of cookies:
Most web browsers automatically accept cookies but allow you to modify your browser settings to decline cookies if you prefer.
You can opt out of Google Analytics tracking through browser add-ons available from Google.
You can manage advertising preferences via your social media platform settings.
Please note that disabling cookies may affect the functionality of our website or limit your experience.
11. International Data Transfers
Given the global nature of our services and infrastructure, your personal information may be transferred to, stored in, or processed in countries other than the one where you reside.
This may include jurisdictions such as the United States, the European Economic Area (EEA), and other regions where our cloud service providers or partners operate.
11.1 Safeguards for International Transfers
When we transfer your personal information internationally, we take appropriate measures to protect it, including:
Storing data with trusted providers such as Oracle Cloud and Google Cloud, who maintain robust security and compliance certifications
Implementing contractual protections, such as Standard Contractual Clauses (SCCs) approved by the European Commission, where required
Taking additional technical and organizational measures to ensure your data is handled securely and lawfully
11.2 Your Rights Regarding International Transfers
Regardless of where your information is processed, we will protect it in accordance with this Privacy Policy and applicable law.
If you are located in the European Economic Area (EEA), you may contact us at info@thenebulaai.io if you would like more information about how we protect your personal information when it is transferred internationally.
12. Age Restrictions
Our services are intended for use by businesses and individuals who are 18 years of age or older.
We do not knowingly collect, solicit, or store personal information from individuals under the age of 18.
If we become aware that we have inadvertently collected personal information from a person under 18, we will take reasonable steps to delete such information promptly.
If you believe that we may have collected information from a minor, please contact us immediately at:
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or other factors.
When we make material changes, we will notify you by:
Sending an email to the contact address you have provided, and/or
Posting a prominent notice on our website
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.
Your continued use of our services after any update to this Privacy Policy constitutes your acceptance of the updated terms.
The “Effective Date” at the top of this Privacy Policy indicates when it was last revised.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal information, please contact us:
📧 Email: info@thenebulaai.io
📍 Business Address:
Nebula AI (PJW MEDIA PTY LTD)
303/368 Little Collins Street, Melbourne, Victoria, 3000, Australia
Note: Our business address may change from time to time. Please contact us via email for the latest contact details if needed.
We will respond to your inquiry promptly and in accordance with applicable privacy laws.
