Updated On: 05 October 2025

1. Who We Are and Scope

Professionalize.com is operated by Cloudize Pty Ltd (“Cloudize”, “we”, “us”, “our”), Suite 163, 79 Longueville Road, Lane Cove, NSW 2066, Australia.

This Privacy Policy explains how we collect, use, share, and protect personal data when you:

• visit our websites, apps, and pages that link to this Policy;
• create an account or use our Hosted Services and AI Agents;
• interact with us for support, sales, or marketing.

By accessing our Services, you agree to this Policy. If you do not agree, please discontinue use.

Key terms

• Visitor: anyone who browses our site(s) or marketing pages.
• User/Customer: an organization or individual with an account or subscription.
• Services: our websites, Hosted Services/SaaS, APIs, downloadable tools (if any), and mobile/desktop apps.
• Third-Party Products: integrations, add-ons, or services you choose to connect—governed by their own privacy terms.

We handle personal data confidentially and implement organizational and technical safeguards consistent with industry standards.

2. What We Collect

The types of information we collect depend on how you interact with us.

2.1 Account & Contact Data Name, company, job title, email, phone, billing and shipping address; account preferences; authentication data (e.g., SSO identifiers).

2.2 Transaction & Billing Data Purchase history, subscription details, invoices, partial payment instrument metadata (we use secure payment processors—full card data is not stored by us).

2.3 Product & Usage Data Log events, device/browser info, IP address, timestamps, pages viewed, feature usage, agent run metrics, workflow execution metadata, API usage and error logs.

2.4 Customer Content / Client Data Data you upload or process through the Services (documents, prompts, files, messages, datasets). This may contain personal data of your end users (“Client Data”).

2.5 Support & Communications Support tickets, call recordings (if disclosed), chat or email communications, feedback, surveys.

2.6 Cookies & Similar Technologies We use cookies, local storage, and similar tools for authentication, preferences, analytics, and security. See Section 7.

3. How We Use Data (Purposes & Legal Bases)

We use personal data to:

• Provide and maintain Services: create/manage accounts, deliver features, process transactions, provide support. (Art. 6(1)(b) contract)
• Secure and improve: monitor performance, prevent abuse, debug, and enhance features. (Legitimate interests Art. 6(1)(f))
• Communicate: send transactional notices (service, billing, security); send marketing where permitted with opt-out. (Contract/Legitimate interests/Consent)
• Comply with law: tax, accounting, regulatory obligations. (Art. 6(1)(c))

AI/ML and Model Improvement

• We do not use Customer Content/Client Data to train foundation models unless you explicitly opt-in or enable a setting or sign an Order allowing it.
• We may process aggregate/de-identified telemetry to secure, maintain, and improve our platform, as described in this Policy.

4. Controller vs Processor Roles

• Controller: We act as a controller for our own business operations data (website analytics, account, billing, communications).
• Processor: When you upload or process Client Data in the Services, you are the controller and Cloudize acts as your processor, handling personal data solely per your documented instructions.

Our Terms of Use and this Policy together constitute a Data Processing Agreement (DPA) for Customers. We only access Client Data to operate the Services, provide support, ensure security, or comply with law.

5. Data Sharing

We share personal data only as necessary:

• Service Providers/Sub-processors: cloud hosting, email delivery, analytics, customer support tools—bound by confidentiality and data protection terms.
• Legal & Safety: to comply with law, enforce agreements, or protect rights, safety, and security.
• Corporate Transactions: in connection with a merger, acquisition, or sale of assets; we will notify you of material changes.
• With Your Direction: with Third-Party Products/integrations you authorize.

We do not sell your personal information. For US residents, see Section 12 for state-specific rights and “Do Not Sell/Share” choices.

6. International Data Transfers

We operate from Australia and use infrastructure and providers in multiple regions (including the United States). Where data is transferred outside the EEA/UK/Switzerland, we rely on:

• Standard Contractual Clauses (SCCs) approved by the European Commission;
• Adequacy mechanisms, such as the EU–US Data Privacy Framework where applicable;
• Additional safeguards (encryption in transit/at rest, access controls, data minimization).

We maintain an updated list of approved Sub-processors at /legal/subprocessors/.

7. Cookies & Tracking Technologies

We use cookies and similar technologies for login, preferences, security (e.g., bot detection), analytics, and—in some regions—advertising measurement where permitted.

• You can manage preferences via your browser and (where required) our cookie consent banner.
• Disabling certain cookies may limit functionality (e.g., authentication).

Typical tools include (list may change): Google Analytics, Google Ads/Tag Manager, reCAPTCHA, Bing/Microsoft Advertising, Meta/Facebook Pixel, Reddit/Quora/Twitter (X) pixels, and first-party session/auth cookies. We strive to minimize identifiers and respect regional consent requirements.

8. Google reCAPTCHA

We use Google reCAPTCHA to protect forms against abuse. This involves analyzing limited interaction signals (e.g., IP address, mouse/touch events) to distinguish humans from bots. Processing is based on our legitimate interests in security. Learn more in Google’s Privacy Policy.

9. Your Privacy Choices & Communications

• Account settings: update profile, security, and notification preferences in your account.
• Marketing opt-out: use the unsubscribe link in emails or adjust preferences in your profile.
• Cookies: manage via browser or our consent banner.
• Third-Party Products: manage data sharing directly with those providers.

10. Data Subject Rights

Subject to applicable law, you may:

• request access, correction, or deletion of personal data;
• request portability of certain data;
• object to or restrict certain processing (e.g., based on legitimate interests);
• withdraw consent where processing relies on consent.

Submit requests to dpo@professionalize.com. We will verify your identity and respond within the timelines set by law. If you are an end user of a Customer, please contact that Customer (the controller) first; we will support them in fulfilling your request.

11. US State Privacy Disclosures (CPRA/CPA/VDPA/etc.)

For residents of California and other US states with privacy laws:

• We do not sell personal information as defined by CPRA.
• We may “share” personal information for cross-context behavioral advertising (e.g., ad measurement). Where applicable, you can exercise a “Do Not Sell or Share My Personal Information” choice via our cookie banner or by contacting privacy@professionalize.com.
• You have rights to know/access, delete, correct, and to limit certain uses of sensitive data. We will not discriminate against you for exercising your rights.

12. Security

We apply layered security controls: encryption in transit and at rest, MFA/SSO, role-based access, logging and monitoring, secure development practices, regular reviews of vendors and sub-processors, and a formal incident response plan. See /legal/security/ for details.

If we become aware of a breach affecting personal data, we will notify affected parties and regulators as required by law.

13. Data Retention

We retain personal data for as long as necessary to provide Services, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data category and purpose. We honor Customer-configured retention settings for Client Data where available.

14. Children’s Privacy

Our Services are not directed to children under 13 (or 16 where local law sets a higher age of consent). We do not knowingly collect personal data from children. If you believe a child provided data, contact privacy@professionalize.com and we will delete it.

15. Contact, DPO, and Complaints

• Data Protection Officer (DPO): dpo@professionalize.com
• Privacy Team: privacy@professionalize.com
• Legal Notices: legal@professionalize.com

If you are in the EEA/UK, you may lodge a complaint with your local supervisory authority. We encourage you to contact us first so we can address your concerns.

16. Changes to this Policy

We may update this Policy to reflect operational, legal, or regulatory changes. We will post updates here with a revised Last Updated date and, where required, provide additional notice. Your continued use of the Services after an update signifies acceptance of the revised Policy.