Privacy Policy

Last updated: 02/12/2024

1. Introduction

Aglet Limited t/a Fundsorter ("we", "us", or "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered funding matching and application drafting service.

2. Information We Collect

We collect the following personal information directly from you:

  • Name

  • Email address

  • Phone number

We also collect documents about your organisation that you upload and can include:

  • Strategic plans

  • Past funding applications

  • Financial data

  • Impact reports

  • Website content

You control the type and volume of documents that you wish to share with us.

3. How We Use Your Information

We use your personal information to:

  • Contact you regarding our services

We use your organisational data to

  • Suggest potential funding opportunities

  • Assist in drafting funding applications

  • Predict and inform you of relevant future funding opportunities

4. Data Storage and Security

Your data is stored on servers located in Australia, hosted by Linode. We implement standard server security practices to protect your information. However, please note that we currently do not use encryption at rest for stored data.

5. International Data Transfers

We transfer your personal data to countries outside of New Zealand:

a) To Australia: Your data is stored on servers hosted by Linode (owned by Akamai Technologies, Inc.) in Australia.

b) To the United States: Portions of your data are shared with OpenAI for AI processing.

For these transfers, we rely on the standard terms of service and privacy policies of our service providers:

1. Transfers to Linode (Akamai):

We use Linode's cloud hosting services under their standard terms of service. Akamai, Linode's parent company, has implemented various compliance mechanisms for international data transfers, including Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), and participation in the EU-U.S. and Swiss-U.S. Data Privacy Frameworks. However, our use of their services is governed by their standard terms.

2. Transfers to OpenAI:

We use OpenAI's services under their standard terms of service and privacy policy. OpenAI has its own data protection measures in place, but we do not have a separate data processing agreement with them.

To protect your information, we implement the following measures:

  • Encryption of data during transfer using HTTPS

  • Strict access controls limiting data access to staff and contractors who need it for system monitoring and improvement

  • Regular internal security audits of our systems

We transfer the following categories of data:

  • Personal identification information (name, email, phone number)

  • Organisational documents (which may include strategic plans, funding applications, and financial data)

  • AI-generated profiles and scores

Data is retained by us and our processors until you delete your account or request removal of your data.

The purpose of these transfers is:

  • To Linode: Storage and processing of all collected data

  • To OpenAI: AI processing for matching and application drafting services

We strive to ensure that your data is protected, but please be aware that international transfers of your data may not have the same level of protection as required in New Zealand or the EU. By using our services, you consent to these transfers.

6. AI Transparency and Automated Decision-Making

Our service uses artificial intelligence (AI) to match community organisations with potential funders and assist in drafting funding applications. Here's what you need to know about our AI system:

Purpose: Our AI system is designed to:

  • Match organisations with potential funders based on eligibility criteria

  • Assist in drafting funding applications

  • Decision-making process: Our AI system:

Decision-making process: Our AI system:

  • Analyses the information you provide about your organisation

  • Compares this information against our database of funders and their criteria

  • Uses natural language processing to understand and summarise key points from your documents

  • Generates draft applications based on this analysis

Data used: The AI system uses:

  • Information you provide directly (e.g., organisation details, project descriptions)

  • Documents you upload (e.g., strategic plans, past applications, financial data)

  • Our database of funder information and criteria

Potential impacts: The AI's output can influence:

  • Which funding opportunities are presented to you

  • The initial content and structure of your funding applications

Limitations: While our AI system is designed to be helpful, it has limitations:

  • It may not capture all nuances of your organisation or project

  • Its recommendations are based on available data and may not be exhaustive

  • The AI generates draft applications that require your review and modification

  • The AI can make mistakes, you need to carefully review any content before including it in your final application.

Your rights: You have the right to:

  • Request human review of any AI-generated content that you'll be using

  • Express your point of view and modify any AI-generated content

  • Obtain an explanation of how the AI system generated its output

We are committed to using AI responsibly and transparently. If you have any questions about how our AI system works or how it has been used in your case, please contact us at hello@fundsorter.com.

7. Data Security

We are committed to protecting the security of your personal information. While no method of transmission over the Internet or electronic storage is 100% secure, we strive to use commercially acceptable means to protect your personal information. Our security measures include:

Data Transmission Security:

  • All data transmitted between your device and our servers is encrypted using HTTPS protocols.

Access Controls:

  • We implement strict access controls, limiting data access to only those employees and contractors who need it to perform their job functions.

  • All staff with data access are bound by confidentiality agreements.

Server Security:

  • Our servers are hosted by Linode (Akamai) in Australia, which provides industry-standard physical and network security measures.

  • We regularly update and patch our systems to address known vulnerabilities.

Monitoring and Logging:

  • We continuously monitor our systems for potential security breaches.

  • We maintain logs of system access and use to detect and investigate any potential unauthorised access.

Regular Security Audits:

  • We conduct regular internal security audits of our systems and processes.

Data Backup:

  • We regularly back up your data to prevent loss in case of system failures.

Please note that while we encrypt data during transmission, we currently do not encrypt data at rest on our servers. We are evaluating options to implement this additional security measure in the future.

Despite these measures, no system is entirely secure. In the event of a data breach that affects your personal information, we will notify you in accordance with applicable laws.

You also play a vital role in protecting your data. We recommend using strong, unique passwords for your account and not sharing your login credentials with others.

If you have any questions about the security of your personal information, please contact us at hello@fundsorter.com.

8. User Consent and Data Processing

We collect and process your personal data based on the following legal grounds:

Consent:

  • When you sign up for our service, you provide explicit consent for us to collect and process your personal information as described in this policy.

  • You have the right to withdraw this consent at any time by contacting us or deleting your account.

Contractual Necessity:

  • We process your data as necessary to provide our services to you, as per our Terms of Service.

Legitimate Interests:

  • We may process your data for our legitimate business interests, such as improving our services, as long as these interests are not overridden by your rights and freedoms.

Your Rights:

As a user, you have the following rights regarding your personal data:

  1. Right to Access: You can request a copy of the personal data we hold about you.

  2. Right to Rectification: You can ask us to correct any inaccurate or incomplete data.

  3. Right to Erasure: You can request that we delete your personal data under certain circumstances.

  4. Right to Restrict Processing: You can ask us to restrict the processing of your data in certain situations.

  5. Right to Data Portability: You can request a copy of your data in a machine-readable format.

  6. Right to Object: You can object to our processing of your data in certain circumstances.

To exercise any of these rights, please contact us at hello@fundsorter.com.

Automated Decision-Making:

  • As described in our AI Transparency section, we use automated decision-making in our services. You have the right to request human intervention, express your point of view, and contest any decision made by automated means.

Data Retention:

  • We retain your personal data for as long as necessary to provide our services to you and to comply with our legal obligations. If you delete your account or request data deletion, we will remove your personal data from our systems within 14 business days, unless we are required to retain it for legal reasons.

Changes to this Policy:

  • We may update this privacy policy from time to time. We will notify you of any significant changes by posting the new policy on our website and, where appropriate, contacting you directly.

9. Conclusion and Contact Information

We at Aglet Limited are committed to protecting your privacy and ensuring the security of your personal information. This privacy policy outlines our practices regarding the collection, use, and protection of your data when you use our AI-powered funding matching and application drafting service.

Key points to remember:

  1. We collect and process personal and organisational data to provide our services.

  2. We use AI technology to match you with potential funders and assist in drafting applications.

  3. Your data may be transferred internationally to our service providers.

  4. We implement security measures to protect your data, but no method is 100% secure.

  5. You have rights regarding your personal data, including access, rectification, and erasure.

  6. We retain your data for as long as necessary to provide our services and comply with legal obligations.

We strive for transparency in our data practices and are committed to addressing any questions or concerns you may have. If you have any inquiries about this privacy policy, your personal information, or our data practices, please contact us at hello@fundsorter.com

We regularly review and update this policy to ensure it accurately reflects our data practices and complies with relevant laws and regulations. We encourage you to review this policy periodically.

Thank you for trusting us with your information. We are dedicated to maintaining that trust by protecting your privacy and providing transparent information about our data practices.