Privacy Policy

Last updated: 26 May 2026

This Privacy Policy describes how Pulseware (“we”, “us”) collects, uses, and shares information when you use the Pulseware service (the “Service”), available at www.pulseware.com.au. Pulseware is operated from Australia and intends to align with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs). It is not legal advice.

1. What we collect

We collect three categories of information:

  • Account data. Your email address (required), and any name or organisation you choose to provide.
  • Survey content. The questions, titles, descriptions, theme settings, and metadata of surveys you create.
  • Response data. Answers submitted to your surveys by your respondents, along with the submission timestamp, a one-way hashed IP address (used only for abuse and duplicate detection), and a coarse user-agent string. We do not store raw IP addresses for response data.

2. Why we collect it

  • To operate the Service (authenticate you, store surveys, deliver responses).
  • To prevent abuse (rate-limiting, spam protection).
  • To send service emails (sign-in links, billing notices).
  • To improve the product, in aggregate and de-identified form.

We do not sell personal information. We do not use survey content or response data to train any AI model — yours or anyone else’s — without your explicit, opt-in consent on a per-survey basis.

3. Who we share it with

We share data only with the third-party processors that make the Service work:

  • Supabase — database and authentication.
  • Vercel — application hosting and edge delivery.
  • SendGrid — transactional email (sign-in links, receipts).
  • OpenAIonly when you use the optional AI builder; the prompt you submit is sent to OpenAI’s API. We do not send response data to OpenAI.
  • Stripe — payment processing for the Pro tier (when launched).

Each processor has its own privacy policy. We choose processors with privacy postures consistent with the APPs and the GDPR.

4. Cookies and tracking

We use first-party, essential cookies for authentication and CSRF protection. We do not use third-party advertising cookies or cross-site trackers. We may use privacy-respecting, aggregated analytics (no individual user profiles) — and if we do, we’ll name the provider here.

5. Retention

  • Account data is retained while your account is active. If you delete your account, we delete your account data within 30 days, subject to legal record-keeping obligations.
  • Survey content is retained while the survey exists in your account.
  • Response data is retained while the parent survey exists. Deleting a survey deletes its responses.

6. Your rights

You can request a copy of the personal information we hold about you, ask us to correct it, or ask us to delete it. Sign in to your account and use the data-export and delete-account controls in your dashboard. We aim to respond to manual requests within 30 days.

7. Survey respondents

If you respond to a survey built on Pulseware, the survey’s creator is the controller of your answers. We process those answers on their behalf. To exercise rights over response data, contact the survey creator first. If you cannot reach them, contact us and we will assist.

8. International transfers

Some of our processors may store or process data outside Australia (notably in the United States and the European Union). Where this happens, we rely on contractual safeguards and the processor’s own data-transfer commitments.

9. Children

Pulseware is not directed at children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will delete it.

10. Changes to this policy

We will post material changes to this policy on this page and update the “Last updated” date. Continued use of the Service after a change means you accept the new policy.

11. Contact

Questions, requests, or complaints: use the data controls in your Pulseware dashboard once signed in.