Privacy Policy

Last updated: May 2026

1. About This Policy

This Privacy Policy explains how My AI Worker, operated by Now Technology Systems (ABN 95 168 282 914 – The trustee for Greenfield Chan Discretionary Trust) (“we”, “us”, “our”), collects, uses, stores and discloses personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using our services or website (myaiworker.com.au), you consent to the collection and use of your information as described in this policy.

2. Information We Collect

2.1 Information You Provide

When you sign up, request a quote or use our services, we may collect:

  • Business information: business name, ABN, industry, services offered, business address
  • Contact information: your name, email address, phone number
  • Account information: login credentials, subscription details, payment information (processed securely by Stripe – we do not store credit card numbers)
  • Service configuration: your preferred tools, messaging style, follow-up schedules, compliance deadlines and industry-specific settings

2.2 Information Collected Through Our Services

When our AI agents operate on your behalf, we process:

  • Your customer data: names, phone numbers and email addresses of your customers (used solely to send follow-up messages, reminders and review requests on your behalf)
  • Appointment and booking data: dates, times, service types and appointment notes
  • Communication records: SMS messages and emails sent and received through our platform
  • Call data: if using the AI Voice Receptionist, caller phone numbers, call duration and transcription summaries
  • Payment data: invoice amounts, payment status and Xero sync data (we do not process or store your customers’ payment card details)

2.3 Information Collected Automatically

When you visit our website, we may collect:

  • IP address, browser type and operating system
  • Pages visited, time spent and referral source
  • Cookies and similar tracking technologies (see Section 8)

2.4 Sensitive Information

We do not actively seek to collect sensitive information (as defined under the Privacy Act 1988, including health, religious, racial or other sensitive categories). Where sensitive information is incidentally provided to us by our business customers as part of their operational records (for example, appointment notes in a medical or allied health practice), we handle it with additional care and use it only for the purpose of delivering our services to you.

3. How We Use Your Information

We use your information to:

  • Set up and configure your AI agents for your business
  • Send SMS messages, emails and other communications on your behalf
  • Process your subscription payments via Stripe
  • Track compliance and certification deadlines as part of the compliance agent
  • Post content to your social media accounts (with your authorisation)
  • Provide customer support and resolve technical issues
  • Improve our services and develop new features (using aggregated, anonymised data only)
  • Comply with legal obligations

We will never sell your personal information or your customers’ personal information to third parties.

4. How We Share Your Information

We may share your information with the following third-party service providers, solely for the purpose of delivering our services:

Provider Purpose Data Shared
Telnyx SMS delivery and AI Voice Receptionist Phone numbers, message content, call data
Stripe Payment processing Payment details, billing address, email
n8n (self-hosted) Workflow automation platform Business data, customer data, agent configuration
Hostinger Server hosting (VPS) All platform data (stored on Australian/Singapore servers)
Meta (Facebook/Instagram) Social media posting Post content, images (with your authorisation)
Google Google Business Profile posting, Google review links Post content (with your authorisation)
Xero Accounting integration Invoice data, payment status (with your authorisation)

We may also disclose your information where required by law, court order or government authority.

5. Your Customers’ Data

When our AI agents send messages on your behalf, we act as a data processor for your customer data. You remain the data controller and are responsible for:

  • Obtaining valid consent from your customers for SMS and email communications in accordance with the Spam Act 2003 (Cth)
  • Providing your customers with a way to opt out of communications
  • Ensuring the accuracy of customer data provided to us
  • Complying with any industry-specific privacy requirements (e.g. health records for medical practitioners)

We will only use your customers’ data for the purpose of delivering our services to you. We will never contact your customers for our own marketing purposes.

6. Data Storage and Security

6.1 Where Data Is Stored

Your data is stored on our self-hosted infrastructure (Hostinger VPS) and in our PostgreSQL database. Our primary servers are located in the Asia-Pacific region. Some third-party providers (Telnyx, Stripe) may process data in the United States under appropriate data protection agreements. Specific server locations may change as our infrastructure providers update their data centre networks. We take reasonable steps to ensure data remains within the Asia-Pacific region where possible.

6.2 International Data Transfers

By using our services, you acknowledge and consent that your data may be transferred to and processed in countries outside of Australia, including the United States (where Stripe and Telnyx operate). We only work with providers that offer appropriate safeguards for international data transfers, including Standard Contractual Clauses (SCCs) and equivalent mechanisms. Where possible, data is kept within the Asia-Pacific region.

6.3 Security Measures

We implement reasonable security measures to protect your data, including:

  • SSL/TLS encryption for all data in transit
  • Encrypted database connections
  • Access controls limiting who can view your data
  • Regular security updates and patches
  • Secure credential management for third-party integrations

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6.4 Data Retention

  • Active subscriptions: data is retained for the duration of your subscription
  • After cancellation: data is retained for 30 days, then permanently deleted
  • Communication logs (SMS/email): retained for 12 months for support and dispute resolution
  • Financial records: retained for 7 years as required by Australian tax law

6.5 Data Breach Notification

In the event of a data breach that is likely to result in serious harm to affected individuals, we will assess the breach and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth).

7. Your Rights

Under the Australian Privacy Principles, you have the right to:

  • Access: request a copy of the personal information we hold about you
  • Correction: request correction of inaccurate or incomplete information
  • Deletion: request deletion of your personal information (subject to legal retention requirements)
  • Complaint: lodge a complaint about how we handle your information

To exercise any of these rights, email us at info@myaiworker.com.au. We will respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

8. Cookies

Our website uses cookies and similar technologies to:

  • Remember your preferences and session
  • Analyse website traffic (Google Analytics)
  • Improve website performance

You can control cookies through your browser settings. Disabling cookies may affect some website functionality.

We do not use cookies for retargeting or third-party advertising.

9. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to read their privacy policies before providing any personal information.

10. Children’s Privacy

Our services are marketed to business owners and staff, not to individuals under the age of 18. We do not knowingly collect personal information directly from children. Where our business customers provide us with operational records that may incidentally contain information about minors (for example, staff rosters, appointment lists or customer contacts), we rely on our business customer to have obtained appropriate consent in accordance with the Privacy Act 1988 (Cth).

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email at least 14 days before the changes take effect. The updated policy will be posted on this page with a revised “Last updated” date.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

  • Business Name: Now Technology Systems (trading as My AI Worker)
  • ABN: 95 168 282 914
  • Postal Address: 56 Grandview Road, Jimboomba, Queensland 4280, Australia
  • Email: info@myaiworker.com.au (alternative: frank@sitedesignnow.com)
  • Phone: 0412 606 287
  • Website: myaiworker.com.au