Privacy Policy

About PracticeOS

PracticeOS is an AI-powered practice management platform built for Australian financial planning practices. It provides AI-assisted tools for SOA drafting, compliance documentation, practice financial oversight, and operations management.

PracticeOS is a product of Consilium Systems, based in Sydney, New South Wales, Australia. All data collected through PracticeOS is handled in accordance with this Privacy Policy and Australian law.

What Information We Collect

PracticeOS collects the following categories of information:

• Account information — name, email address, business name, and professional role provided at registration
• Platform inputs — client data, meeting notes, fact-find information, and other content you enter into PracticeOS to generate outputs
• Generated outputs — SOA drafts, compliance documents, and other AI-generated content produced by the platform
• Usage data — how you interact with the platform, features used, session duration, and error logs
• Technical data — IP address, browser type, device information, and access timestamps

How We Use Your Information

We use the information collected through PracticeOS for the following purposes:

• To provide and operate the PracticeOS platform and its AI modules
• To process inputs and generate AI-assisted outputs on your behalf
• To maintain and improve the platform's features and performance
• To communicate with you about your account, updates, and support
• To comply with legal and regulatory obligations
• To detect and prevent misuse, fraud, or security incidents

We will not use your information for purposes other than those described above without your consent, unless required or permitted by law.

AI Processing — Anthropic Claude API

PracticeOS is powered by Anthropic's Claude API. When you submit inputs to generate outputs, that content is transmitted to Anthropic's API for processing.

• Anthropic processes inputs in accordance with their own privacy policy and terms of service
• Anthropic may be located outside Australia — by using PracticeOS you consent to this overseas disclosure
• We do not use your inputs to train AI models without your explicit consent
• AI-generated outputs are not guaranteed to be accurate, complete, or compliant — all outputs must be reviewed by a qualified adviser before use with clients

Data Storage — Supabase

PracticeOS uses Supabase as its database and authentication provider. Your account data, platform inputs, and generated outputs may be stored on Supabase infrastructure.

• Supabase may store data on servers located outside Australia
• Data is encrypted in transit and at rest
• Access to stored data is restricted to authorised personnel only
• Row-level security policies are applied to ensure users can only access their own data

Disclosure of Information

We do not sell, rent, or trade your information. We may disclose information to:

• Anthropic — for AI processing via the Claude API (see Section 04)
• Supabase — for data storage and authentication (see Section 05)
• Vercel — for platform hosting and deployment infrastructure
• Professional advisers such as lawyers or accountants, where necessary
• Regulatory authorities or law enforcement, where required by law

Consilium Systems has no undisclosed referral fee arrangements or commercial relationships with any third-party technology vendor. We do not share your information with AI platform vendors beyond what is necessary to operate the platform.

Overseas Disclosure

Some third-party providers used by PracticeOS — including Anthropic and Supabase — may store or process data outside Australia. By using PracticeOS, you consent to this overseas disclosure. We take reasonable steps to ensure these providers handle your information in a manner consistent with the Australian Privacy Principles.

Data Retention

We retain your account information and platform data for as long as your account is active or as required to provide the service. If you close your account, we will delete or de-identify your personal information within a reasonable timeframe, unless we are required to retain it by law.

Generated outputs and session data may be retained for platform improvement purposes in a de-identified form.

Security

We take reasonable steps to protect your information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Security measures include:

• Encryption of data in transit (HTTPS/TLS) and at rest
• Row-level security policies enforced at the database level
• Access controls limiting data access to authorised personnel
• Two-factor authentication on platform infrastructure accounts

While we take reasonable precautions, no system is completely secure. We cannot guarantee the absolute security of information transmitted over the internet.

Access and Correction

You have the right to request access to the personal information we hold about you through PracticeOS, and to request corrections if that information is inaccurate, incomplete, or out of date.

To make a request, please contact us at info@consiliumsystems.com.au. We will respond within a reasonable timeframe in accordance with the Australian Privacy Principles.

Complaints

If you believe we have breached the Australian Privacy Principles or mishandled your personal information, please contact us at info@consiliumsystems.com.au. We will acknowledge your complaint promptly and aim to resolve it within 30 days.

If you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

Changes to This Policy

We may update this Privacy Policy from time to time as the platform evolves. The most recent version will always be available at practiceos.consiliumsystems.com.au/privacy, with the date of last update noted at the top of this page. Continued use of PracticeOS following any update constitutes your acceptance of the revised policy.