SILReady

Privacy Policy

Last updated: 21 June 2026

This policy explains how Clarova ("we", "us") — the Australian business that operates SILReady — handles personal information. We follow the Australian Privacy Principles (APPs).

What we collect

  • If you take the free quiz or download the checklist: your email address (only if you choose to give it) and your quiz answers.
  • If you buy a pack or subscribe: your account email, and the business details you enter in the wizard (business name, ABN, contact details, insurance and worker-screening details).
  • If you use the platform (registers, participants, incidents, restrictive practices, plans): the records you create, which may include information about the participants you support. See "Participant and sensitive information" below.
  • Payments: processed entirely by Stripe. We never see or store your card number.
  • Basic technical data: our hosting providers log standard technical information (like IP addresses) to keep the service running and secure.

Participant and sensitive information

Records you create in the platform can include information about people with disability — including health and disability information, which is "sensitive information" under the APPs and attracts higher protection.

  • You are the entity responsible for collecting this information from your participants with their consent (or their authorised decision-maker's) and for having a lawful basis to enter it. By entering it, you confirm you have that consent.
  • We process it on your behalf solely to provide the service to you — generating your documents, running your registers, and powering the features you use. We do not sell it, use it for advertising, or use it to train AI models.
  • Minimisation: only enter what you genuinely need. Where a feature works fine with initials or a participant code, please use those instead of full identifying details.
  • Security: data is encrypted in transit and at rest, access is restricted by your organisation, and our database enforces row-level isolation so other customers cannot see your records.

Sub-processors

We use a small set of trusted providers to run the service:

  • Supabase — database and authentication, hosted in Sydney, Australia.
  • Vercel — application hosting.
  • Stripe — payment processing (may process limited data overseas under its own policy).
  • Anthropic (Claude) — powers our AI-assisted drafting and checking features. When you use an AI feature, the relevant text you submit is sent to Anthropic to generate a response. Anthropic does not use this data to train its models on our enterprise terms. Avoid pasting unnecessary identifying participant details into AI features.
  • Resend — sends transactional email (sign-in links, reminders).

How we use it

  • To generate your personalised documents, run your registers, and provide the features you use
  • To email you things you asked for: sign-in links, quiz results, expiry reminders, and updates about registration requirements (you can unsubscribe from updates anytime)
  • To improve the product in aggregate — we never sell or share your details with advertisers

Retention

We keep your data while your account is active. If you delete your account, we delete or de-identify your personal information within a reasonable period, except where we must retain limited records (e.g. payment records) to meet legal obligations. Documents you've already downloaded remain yours.

Access, correction and deletion

Email us at tessadewhirst2@gmail.com to see what we hold about you, correct it, or delete your account and data. We'll respond within a reasonable time and no later than 30 days.

Data breaches

If a breach affecting personal information occurs, we'll notify affected users promptly and comply with the Notifiable Data Breaches scheme where it applies.

Complaints

Contact us first at tessadewhirst2@gmail.com. If you're not satisfied, you can complain to the Office of the Australian Information Commissioner (oaic.gov.au).