Audit-IQ

This statement explains where Audit-IQ processes and stores data, and the controls we apply to protect it. It is provided for transparency and does not override our Terms of Service or Privacy Policy.

1. Data categories

Account data (name, email, organisation)
Workspace data (projects, obligations, evidence links, notes)
Uploaded content (framework PDFs, policies, evidence documents)
Operational logs (security/audit logs, basic telemetry)

2. Primary hosting region

Audit-IQ aims to store and process customer workspace data in the selected deployment region. The default deployment region for your workspace is determined by your organisation settings and environment.

If you require a specific residency (e.g., Australia-only or EU-only), contact us before onboarding so we can confirm availability for your plan.

3. Cross-border processing

Some limited processing may occur outside your primary region in the following cases:

Third-party services used for billing, authentication, email delivery, and monitoring
Security incident investigation and abuse prevention
Customer support (only with your request or consent)

4. AI processing

Audit-IQ may use language models to extract and summarise obligations from uploaded content. We do not use customer documents to train public, external AI models.

You are responsible for ensuring you have the right to upload and process the documents you provide.

5. Retention & deletion

We retain customer data for as long as your account remains active and as needed to provide the Service. You may request deletion of your workspace data, subject to legal and security retention requirements.

6. Contact