ToothFairyAI logo.
ToothFairyAI logo.
HomePricingDownloadContact usHow to guide
Sign Up

Privacy Policy for ToothFairyAI PTY LTD

1. Introduction

ToothFairyAI PTY LTD (ACN: 668 487 705) ("we", "us", "our") is committed to protecting the privacy of your personal information. This Privacy Policy outlines how we collect, use, store, disclose, and protect your information in connection with your use of our website (toothfairyai.com) and our AI services, tools, and applications (collectively, the "Services").

We adhere to the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) and, for our users in the European Union, we comply with the General Data Protection Regulation (GDPR).

By using our Services, you agree to the collection and use of information in accordance with this policy.

2. What is Personal Information and Why Do We Collect It?

Personal Information is any information or an opinion about an identified individual, or an individual who is reasonably identifiable.

We collect personal information for the primary purpose of providing our Services to you, ensuring the security of our platform, and improving user experience.

The types of personal information we may collect include:

  • Identity Data: Your name, email address, and username.
  • Contact Data: Billing address only
  • Financial Data: Payment card details (processed securely by our third-party payment gateways; we do not store full credit card numbers).
  • Client & User Data: Any data, text, documents, or other materials you upload or transmit to the Services, which may contain personal information.
  • Technical Data: Your IP address, browser type and version, time zone setting and location, operating system and platform, and other technology on the devices you use to access our Services.
  • Usage Data: Information about how you use our website and Services, including interactions with our AI agents.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. How We Collect Your Personal Information

We collect information in the following ways:

  • Directly from You: When you create an account, subscribe to a service, contact our support team, or otherwise provide it to us directly.[1]
  • Automatically: As you interact with our Services, we automatically collect Technical and Usage Data. This is collected by using cookies and other similar technologies.[2]
  • From Third Parties: We may receive information about you from third-party services if you choose to integrate or link them with our Services (e.g., Google Workspace, Microsoft 365). We will take steps to ensure you are aware of the information provided to us by the third party.[1]

4. Legal Basis for Processing (GDPR)

For individuals in the EU, we will only process your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Performance of a Contract: Where we need to perform the contract we are about to enter into or have entered into with you (e.g., providing the Services you subscribed to).
  • Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. This includes improving our Services, marketing, and ensuring our platform's security.
  • Legal Obligation: Where we need to comply with a legal or regulatory obligation.
  • Consent: Where you have provided your explicit consent. You have the right to withdraw consent at any time.

5. How We Use Your Personal Information

We use your personal information for the following purposes:

  • To provide, operate, and maintain our Services.
  • To process your subscription payments and manage your account.
  • To communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the Service, and for marketing and promotional purposes.
  • To ensure the security of our platform and prevent fraud.
  • To comply with our legal obligations.

Crucially, we do not use your Client Data to train our AI models.

6. Disclosure of Your Personal Information

We may disclose your personal information to:

  • Our employees, contractors, or service providers for the purposes of operating our Services, fulfilling your requests, and providing support.
  • Third-party service providers who perform functions on our behalf, such as dedicated hosting for private AI (e.g., AWS) and payment processors.
  • Law enforcement or regulatory authorities if required by law.
  • Third-party services (like OpenAI, Google AI, Microsoft Azure) only when you provide your own API keys for integration. In such cases, your data is governed by that third party's privacy policy, and we are not liable for their handling of your data.

7. International Transfers of Personal Information

To provide our Services, we may transfer your personal information to our service providers located overseas. Our platform runs on AWS and we offer regions in Australia and the EU.[3]

If upon your request, we transfer your personal information outside of Australia or the European Economic Area (EEA), we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • The country has been deemed to provide an adequate level of protection for personal data.
  • We use specific contracts approved for use which give personal data the same protection it has in Australia and Europe.

8. Data Security and Retention

We are committed to ensuring your information is secure. We have implemented robust security measures, encryption of data in transit and at rest, and strict access controls to prevent unauthorized access, use, or disclosure.[1][3]

We retain your personal information only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Account Data: Retained until you delete your account.[1]
  • Workspace Data Retained for 30 days after subscription expiration to allow for data recovery.[1]

9. Your Rights

Under both Australian and EU law, you have rights regarding your personal information. These include:

  • Right of Access: You can request a copy of the personal information we hold about you.[1]
  • Right to Correction: You can request that we correct any inaccurate or incomplete information.[1]
  • Right to Erasure (Right to be Forgotten): You can request that we delete your personal information, subject to our legal obligations.[1]
  • Right to Restrict Processing: You can request that we restrict the processing of your personal information.
  • Right to Data Portability: You can request that we provide you with your personal information in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to our processing of your personal information where we are relying on a legitimate interest.

To exercise any of these rights, please contact our support team using the details below. We will not charge a fee for an access request, but may charge an administrative fee for providing a copy.[1]

10. Cookies

We use cookies to improve your experience on our website. Cookies are small files stored on your device. We use them to understand site usage and for marketing purposes. You can set your browser to refuse cookies, but some parts of our Services may not function properly as a result.[2]

11. Complaints

If you believe we have breached the Australian Privacy Principles or GDPR, please contact us with your concerns. We will investigate the complaint and respond to you in a timely manner. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) or your local data protection authority in the EEA.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page. We encourage you to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, or if you wish to exercise any of your rights, please contact our support team:

Support Team ToothFairyAI PTY LTD
242 Exhibition St, Melbourne VIC 3000
Email: support@toothfairyai.com

Copyright Ⓒ 2025 ToothFairyAI PTY LTD. All Rights Reserved.