Privacy Policy

Ethenai is operated by Earthly Brewing Co & Cellar Door Pty Ltd, a company registered in Australia with its principal place of business at 104 Brooks Road, Bywong NSW 2621, Australia. For the purposes of the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable privacy laws, we are the data controller for the personal information we process.

This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use the Ethenai platform, visit our websites, engage with us on social media, or interact with our customer or marketing communications.

It applies to personal information handled globally, including data of individuals located in the European Economic Area (EEA), the United Kingdom, the United States (including residents of California), and Australia.

Account Information: name, email address, phone number, business details, billing information, and authentication credentials supplied when you register or manage an account.

Communications Data: content you send through integrated messaging platforms (e.g., Meta, Instagram, WhatsApp, SMS), support tickets, and feedback.

Usage and Technical Data: device identifiers, browser type, operating system, IP address, referring URLs, pages viewed, and timestamps gathered via cookies and similar technologies.

Customer Data: personal information that our customers upload or connect via integrations so that our platform can automate messaging on their behalf. We process this data as a processor (service provider) and only in accordance with our customer’s instructions.

Marketing Preferences: records of your consent to receive marketing communications and your responses to campaigns.

Provide and maintain the Ethenai platform, including onboarding, account management, customer support, and troubleshooting.

Deliver automated messaging services, analytics, and integrations requested by our customers.

Improve and secure our services through research, usage analysis, and service enhancements.

Process payments, prepare invoices, and manage subscriptions.

Send transactional notices, service updates, and information about new features or promotions (where permitted by law).

Comply with legal obligations, enforce agreements, and protect the rights, safety, and security of our users, personnel, and partners.

Contract: processing necessary to perform our agreements with you or to take steps at your request before entering into a contract.

Consent: where we rely on your permission, such as for direct marketing communications or analytics cookies.

Legitimate Interests: to improve and market our services, prevent fraud, secure our systems, and support business operations, provided these interests are not outweighed by your rights.

Legal Obligation: to comply with applicable laws, regulatory requirements, and lawful requests.

Service Providers: trusted vendors who assist with hosting, data storage, payment processing, analytics, communications, security, and compliance. Each provider is bound by confidentiality and data protection obligations.

Messaging Platforms: social media, messaging, and telecommunications partners when you choose to integrate them (e.g., Meta, WhatsApp). We share data strictly to deliver the requested automation services.

Professional Advisors: lawyers, auditors, insurers, or consultants as necessary for legal, compliance, or business purposes.

Corporate Transactions: prospective or actual buyers, investors, or other third parties in connection with any merger, sale, restructuring, or financing, subject to confidentiality commitments.

Legal Requirements: authorities, law enforcement, or other parties when required to comply with laws or protect our rights and safety.

We operate globally and may transfer personal information to countries outside of the location where you reside. When we transfer personal data from the EEA, UK, or Switzerland, we rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, and we implement supplementary measures where needed.

For Australian residents, overseas disclosures occur only when necessary to deliver our services, and we take reasonable steps to ensure recipients comply with privacy standards comparable to those found in the Australian Privacy Principles.

We retain personal information for as long as necessary to fulfil the purposes described in this policy, including providing services, complying with legal obligations, resolving disputes, and enforcing agreements.

When we no longer need personal information, we delete or anonymise it. If deletion is not possible (for example, because data is stored in backup archives), we will securely store it and isolate it from further processing until deletion can be achieved.

We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorised access, loss, misuse, or alteration. These include encryption in transit, access controls, security monitoring, and staff training.

Despite our efforts, no system can be completely secure. If we learn of a data breach that impacts personal information, we will notify affected individuals and regulators as required by applicable law.

EEA/UK/Swiss Residents: you may request access, correction, deletion, restriction, portability, or object to certain processing of your personal data. You also have the right to withdraw consent where we rely on it. Submit requests by contacting us using the details below.

Australian Residents: you may request access to and correction of personal information we hold about you. Complaints regarding our handling of your information will be investigated, and we will respond within a reasonable timeframe.

California Residents: if we act as a business for your data, you may request to know, delete, or opt out of the sale or sharing of personal information (we do not sell personal information). An authorised agent may act on your behalf with proof of authority.

Customer End Users: if you interact with Ethenai through one of our customers, please direct your request to that customer (the data controller). We will support them in responding to your request where applicable.

We use cookies, pixels, and similar tools to remember preferences, authenticate sessions, analyse traffic, and measure campaign performance. Where required, we obtain your consent before placing non-essential cookies.

You can adjust cookie settings within your browser, use built-in opt-out controls, or contact us for additional information about our cookie practices.

We may send you marketing communications about Ethenai if you have opted in or if permitted under applicable law. You can unsubscribe at any time by following the instructions in the message or contacting us directly.

Even after opting out of marketing, you will continue to receive transactional and service-related communications.

Ethenai uses automation to route, prioritise, and respond to messages. These systems are designed to augment human workflows and include oversight mechanisms to ensure the accuracy and fairness of outcomes.

If you have concerns about automated decisions that significantly affect you, contact us so that a member of our team can review the decision.

Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete the data.

We may update this Privacy Policy to reflect changes in our practices, technologies, or legal requirements. When we do, we will revise the “Last Updated” date and, where appropriate, provide additional notice (such as email or in-app alerts).

Your continued use of Ethenai after any update signifies your acceptance of the revised policy.

To exercise your rights or ask questions about this policy, contact us at:

Email: privacy@ethenai.com

Mail: Privacy Officer, Earthly Brewing Co & Cellar Door Pty Ltd, 104 Brooks Road, Bywong NSW 2621, Australia.

You also have the right to lodge a complaint with your local data protection authority. For example, individuals in the EEA may contact their national supervisory authority, and Australians may contact the Office of the Australian Information Commissioner.