Privacy Policy

1.1. SolarHub respects your right to privacy and is committed to safeguarding the privacy of our customers, end‑users and website visitors.

1.2. We aim to comply with applicable privacy and data protection laws in the regions where we operate, which may include (as applicable):

- the Privacy Act 1988 (Cth) and the Australian Privacy Principles; and

- the EU/UK General Data Protection Regulation (GDPR).

1.3. In this Policy,"personal information" or "personal data" means any information about an identified individual, or an individual who is reasonably identifiable, as defined under applicable law.

2.1. We may collect personal information that you provide directly to us, that is entered into the Services by you or your authorised users, or that is provided to us by third parties in connection with your use of the Services.

2.2. The types of personal information we may collect include (as applicable):

- contact details (name, email address, phone number, postal address);

- business details (business name, role/title, ABN/ACN or registration numbers);

- account information (login credentials, profile information, subscription details);

- billing and payment information (billing address, partial card details or tokenised payment identifiers processed by our payment providers);

- customer and lead information that you input into Solarhub (for example, your customers’ names, contact details, property addresses, system details, quotes, contracts, invoices and related project information);

- communications with us (support requests, feedback, survey responses);

- technical and usage information (described further in section 9).

2.3. We may also collect any other information that you choose to provide to us in connection with your use of the Services.

2.4. You are responsible for ensuring that any personal information you provide to us (including about your customers or staff) is accurate, complete and up to date, and that you have all necessary permissions to provide it to us.

3.1. We may collect personal information in various ways, including when you:

- register for an account or subscribe to our Services;

- configure your business and user profiles in Solarhub;

- input or upload customer, project or financial data into the Services;

- communicate with us via email, in‑app messaging, support channels or social media;

- respond to surveys, promotions or marketing communications;

- visit and use our websites or applications.

3.2. We may also collect personal information from third parties where permitted by law or where you have authorised them to share information with us. For example:

- payment processors and billing providers;

- integration partners and third‑party services you connect to Solarhub;

- publicly available sources or business directories.

3.3. When we receive personal information from third parties, we will handle it in accordance with this Privacy Policy and applicable law.

4.1. We may use personal information for the following purposes:

- to provide, operate and maintain the Services;

- to set up and manage your account and Subscription;

- to enable you to manage leads, quotes, proposals, projects, installations, invoices and related activities within Solarhub;

- to communicate with you about the Services, including support, service announcements and technical notices;

- to process payments and manage billing;

- to personalise and improve your experience, including by analysing usage patterns and feedback;

- to send you marketing communications about features, updates or offers that may be of interest to you, in accordance with applicable marketing and spam laws (you may opt out at any time);

- to monitor, detect and prevent fraud, abuse, security incidents and other harmful activity;

- to comply with legal obligations and respond to lawful requests from authorities;

- for any other purpose that you authorise or that is otherwise permitted by law.

4.2. We may aggregate or de‑identify information so that it no longer identifies you or any other individual. We may use such aggregated or de‑identified data for analytics, benchmarking, product improvement and other legitimate business purposes.

5.1. We may disclose personal information to:

- our employees and individual contractors who need the information to help us provide the Services;

- our professional advisers (such as lawyers, accountants and auditors), solely as needed for them to provide services to us;

- our trusted service providers and data processors who assist us in operating the Services (for example: hosting providers, payment processors, email and SMS providers, analytics providers, customer support tools, and integration partners).

5.2. We only disclose personal information to third parties where it is reasonably necessary for them to perform their functions in connection with the Services, where required by law, or where you have otherwise consented.

5.3. We may disclose personal information to comply with legal obligations, including responding to law enforcement requests, court orders or other legal processes, or to protect our rights, property, safety or that of our users or others.

5.4. If SolarHub is involved in a merger, acquisition, corporate reorganisation or sale of assets, personal information may be transferred as part of that transaction. We will take reasonable steps to ensure that any recipient continues to protect personal information consistently with this Privacy Policy.

5.5. Where we disclose personal information to third parties, we will seek to ensure that they only use the information for the purposes for which it was disclosed, and that they implement appropriate security measures.

6.1. Your personal information may be stored or processed in countries other than your own, including by our hosting providers, support teams or integration partners.

6.2. These countries may have different data protection laws to the country in which you are located. Where we transfer personal information internationally, we will take reasonable steps to protect it in accordance with this Privacy Policy and applicable law.

6.3. For transfers from the European Economic Area (EEA), the United Kingdom or other regions with data transfer restrictions, we may use appropriate safeguards such as standard contractual clauses or rely on other lawful transfer mechanisms, where required.

7.1. We take reasonable technical and organisational measures to protect personal information from misuse, interference, loss and unauthorised access, modification or disclosure. These measures may include access controls, encryption in transit, security monitoring and regular review of our security practices.

7.2. Despite our efforts, no method of transmission over the internet or method of electronic storage is completely secure. You acknowledge that there are inherent risks in transmitting information online and that we cannot guarantee absolute security.

7.3. You are responsible for keeping your account credentials secure and for any activity occurring under your account. You should use strong, unique passwords and enable any available security features (such as multi‑factor authentication, if provided).

8.1.1. Depending on your location and applicable law, you may have rights in relation to the personal information we hold about you. These may include rights to:

- access and obtain a copy of your personal information;

- request correction or updating of inaccurate or incomplete information;

- request deletion of certain personal information;

- restrict or object to certain processing activities;

- withdraw consent where we rely on your consent to process personal information;

- receive your personal information in a structured, commonly used and machine‑readable format and have it transferred to another controller (data portability).

8.1.2. To exercise any of these rights, please contact us using the details in section 12. We may need to verify your identity before acting on your request and may be entitled to refuse certain requests, subject to applicable law.

8.2.1. If you are an Australian resident, you may request access to or correction of the personal information we hold about you in accordance with the **Privacy Act 1988 (Cth)**.

8.2.2. We may charge a reasonable administrative fee for providing access where permitted by law. In some circumstances, we may refuse access or correction, for example where we are required or authorised by law to do so. If we refuse your request, we will provide written reasons where required.

8.3.1. If the GDPR or UK GDPR applies to our processing of your personal data, you have the rights described in 8.1.1 above, subject to the conditions and exemptions in those laws.

8.3.2. Where we rely on our legitimate interests as the legal basis for processing your personal data, you have the right to object if you believe your fundamental rights and freedoms outweigh our legitimate interests.

8.3.3. Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

8.3.4. If you are not satisfied with how we handle your personal data, you may also lodge a complaint with your local data protection authority.

9.1.1. When you visit our websites (for example, **https://www.solarhubcrm.com.au**) we may automatically collect certain information such as:

- browser type and version;

- device identifiers and operating system;

- pages viewed, time spent on pages and navigation paths;

- referring/exit pages and timestamps.

9.1.2. We use this information in aggregate form to analyse how visitors use our websites and to improve the Services.

9.2.1. We may use cookies and similar technologies (such as web beacons, pixels and local storage) to recognise you when you return to our websites or apps, to remember your preferences and to help personalise your experience.

9.2.2. Most browsers allow you to refuse or delete cookies. If you do so, some features of the Services may not function properly.

9.3.1. We may use analytics services (such as Google Analytics or similar tools) to help us understand how the Services are used and to improve performance.

9.3.2. We may also use cookies or similar technologies to deliver or measure the effectiveness of advertising, in accordance with applicable laws. You can usually opt out of certain interest‑based advertising via your browser or device settings or through industry opt‑out tools.

9.4.1. The Services may contain links to third‑party websites, services or integrations that are not operated by us. We are not responsible for the privacy practices or content of those third parties.

9.4.2. We encourage you to review the privacy policies of any third‑party services you access or connect to Solarhub.

10.1. We will retain personal information for as long as necessary to fulfil the purposes for which it was collected, to comply with our legal obligations, to resolve disputes and to enforce our agreements.

10.2. When we no longer have a legitimate need to process personal information, we will take reasonable steps to delete or anonymise it.

10.3. Specific retention periods

- For client/business accounts: we may retain data relating to a closed or cancelled account for up to **180 days** from the date of closure, unless a longer period is required by law or for legitimate business purposes.

- For free trial accounts: we may delete or anonymise content within **60 days** of the trial end or account closure.

- Server backups: our backups may be retained for up to **90 days** before being overwritten or deleted.

10.4. You may request earlier deletion of certain data by contacting us, subject to our legal and contractual obligations.