At a glance: Alii is subject to the Australian Privacy Act, the New Zealand Privacy Act, and the EU General Data Protection Regulation.
This Privacy Policy applies to Alii Technology Group Pty Ltd. We will use the terms Alii, us or we throughout this document to refer to ourselves.
This Privacy Policy explains how we process personal data through your use of Alii products or services such as websites and hosted products and services, or in relation to job applicants and business contacts. Please also refer to any contractual agreement between yourself or your company and Alii.
Alii is subject to the Australian Privacy Act, the New Zealand Privacy Act, and the European General Data Protection Regulation (GDPR). Occasionally, we may sell our services to customers in other regions, at which point we may be bound to other local data protection regulations.
At a glance: In certain jurisdictions such as the UK, Europe and New Zealand, we will act as a Controller in some cases, and a Processor in other cases. Where we act as a Processor, we will only act under our customer’s instructions.
The above roles have varying responsibilities. Controllers generally determine the purposes and means of processing, in other words, they decide what data needs to be processed and why. A Processor acts under the instruction of the Controller to process information on its behalf. In this scenario, our customers are generally Controllers, while we assume the role of Processor. A contract exists between the customer and ourselves which determines the purpose and means of processing.
Where we collect information for our own purposes, such as lead information for marketing or during the course of employing staff, we act as a Controller and will use Processors to process information on our behalf.
At a glance: We collect personal data to provide our services and operate the business.
We collect, store, and process personal data provided by users of our products and services, who may be the data subjects themselves or data subjects of a third-party (e.g. a customer). This personal data typically encompasses the categories outlined below.
For staff employed by a customer, we collect data including names, job titles and contact information. We may also collect bank details depending on which product modules have been purchased.
For other members of our customer community, such as debtors, creditors, and contractors, we collect names, email addresses, postal addresses, telephone numbers and bank details.
In the case of individuals applying for employment with us, we collect and process personal data typically comprising names, telephone numbers, email addresses, postal addresses, nationality, educational qualifications, dates of birth, employment histories, and any additional information included in a curriculum vitae, application, or disclosed during the recruitment process (e.g., remuneration details). Employees and prospective employees are also required to provide reference details, financial information (e.g., bank account details and tax identifiers), and sensitive data such as criminal record status, workers’ compensation information. We may also collect race or ethnicity information as required by regulation, and health-related information for the purposes of workplace adjustments or sickness tracking. We may also collect photographs and video recordings for promotional material and meeting recordings.
For current or prospective business partners, we collect and utilise personal data including names, contact details, bank and payment information, as well as photographs and video recordings in the case of meetings being recorded.
Alii collects personal data under various circumstances, including when an individual:
At a glance: We process your personal data for various reasons, but most often for providing our services or employment.
Alii will process your personal data for a variety of purposes. Typically, these purposes include:
Note that we also process personal data for analytics and product improvement purposes. Where we do so, we will ensure that the absolute minimum amount of data will be used to fulfil the purpose. For example, a typical use case might be to understand how often certain product features are used alongside trends or behaviour patterns that help us improve the user experience.
We will only use the sensitive information we collect from our staff to help with employment processes such as recruitment, ongoing employment, sickness management, legal workplace census, disciplinary proceedings, or making reasonable adjustments in the workplace. Access to sensitive information is strictly prohibited within the organisation except for key roles such as People & Culture staff.
Under the GDPR and similar regulations, a company must have a valid lawful basis wherever they process personal data. This means that for each processing activity, the company must determine at least one lawful basis to use.
At Alii, we typically rely on one of the following lawful bases:
If we have collected your personal data because you are a representative of one of our current or prospective partners or customers, we may send you marketing emails. You can opt-out at any time by following the unsubscribe link contained in the relevant communication, or by contacting our Privacy Officer at privacy@myalii.cloud.
At a glance: We may share your information with our service partners who help us deliver our products and services.
The Alii product is hosted within Australia. However, some personal data may be transferred outside of the country where a sub-processor is based overseas. When this happens, we will take steps to ensure that the sub-processor acts only under our instructions, and that the relevant data protection regulation can be enforced. Our first preference is always to host data in-country.
Personal data may also be disclosed outside Australia to our cloud service partners who help us supply our products and services (see the 'Sub-Processors' section below for further details).
Alii uses cloud services such as Microsoft Azure and Hubspot to store and process personal data. We also use cloud providers to protect our products and services. For example, we utilise a partner to operate our 24/7 Security Operations Centre (SOC) and Captcha services to prevent and detect malicious activities.
As well as cloud service providers, Alii make use of other companies and services to help us operate our business. Collectively, we refer to these companies and cloud service providers as sub-processors. We will change sub-processors periodically and could be required to let you know. When we are required to, we will contact you via email detailing any changes.
All sub-processors are reviewed for privacy and security ahead of implementation, and a Privacy Impact Assessment is conducted where necessary. The categories of sub-processors can be found below:
Where personal data is transferred outside Australia or New Zealand, we take steps to ensure that appropriate safeguards are in place, including requiring that the sub-processor acts only under our instructions and subject to enforceable data protection obligations.
A current, detailed list of our sub-processors (including company names, functions, and hosting locations) is available upon request. Please contact privacy@myalii.cloud.
Alii will not disclose personal data to third parties for marketing purposes without the relevant individual’s consent.
Under no circumstances will Alii sell your personal data.
As we continue to develop our business, we may acquire companies or be acquired. If this happens, we may use and disclose personal data to support any such transactions, including disclosing personal data with other transaction parties, where appropriate and lawful to do so.
At a glance: We make use of cookies and other tracking technologies to collect and store your information.
When you visit an Alii website or use a product or service hosted by Alii, the following information will normally be collected about you:
We use different types of cookies and tracking technologies:
For visitors based in certain countries, we display a cookie banner that allows you to choose whether to accept or reject non-essential cookies. Analytics and marketing cookies will only be set with your explicit consent.
For visitors in Australia and other regions, cookies are used in line with local law. You may still choose to disable or delete cookies through your browser settings, although this may affect how our sites and services function.
If you later decide to work with us, the above information may be matched with your registered information to enable a more personalised profile. This information is only available to a limited number of Alii staff.
You can change your cookie preferences or withdraw consent at any time by adjusting your browser settings or by using the “cookie settings” link in the banner (where available).
We use Google and Hubspot Analytics to help us improve our sites and understand how they are used. For more information on how Google Analytics collects and processes data, please see https://policies.google.com/technologies/partner-sites.
You can opt-out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on, available here: https://tools.google.com/dlpage/gaoptout.
We may also make use of ‘web beacons’. Web beacons are tiny transparent graphical images, that are sometimes embedded in our notification and marketing emails. They allow us to understand when an email has been opened and help us gauge the effectiveness of our customer communications. You can always block web beacons by preventing pictures from automatically downloading in your email client.
Our employees are trained in how to keep your information safe and secure. We employ physical, electronic, and other security measures to safeguard the confidentiality, integrity, and availability of the personal data we hold and utilise.
At Alii, we are dedicated to retaining personal data only for the duration required under law. Once the data is no longer needed for its intended purpose or legal retention period, we take appropriate measures to securely delete or anonymise it.
When engaging with us, you may choose not to reveal your identity (anonymity; or remaining anonymous) or opt to use a fictitious name (a pseudonym). We are pleased to assist you in either case, unless it becomes impractical to do so without knowing your true identity. Additionally, we are obliged to establish your identity if required by law or a court order.
Alii takes appropriate measures to ensure that the personal data it holds is accurate, complete, and current. You have the right to request corrections to your information, which we will gladly carry out at no expense to you.
You are also entitled to request access to the personal data Alii holds about you. We will strive to provide you with a suitable method of access, typically via secure email or registered post. In certain regions, such as Australia, we reserve the right to charge reasonable fees for supplying the requested information.
In some instances, we may be unable to grant access to the personal data we hold. This could occur, for example, if providing access would compromise the privacy of others or if the information might cause significant harm or distress. Should access be denied, we will provide you with written reasons for the refusal.
To request access or corrections, please contact us using the contact details listed under 'Contact Us' below.
EU and UK residents have the following additional rights:
To exercise any of these rights, please contact our Privacy Officer at privacy@myalii.cloud.
Our offices are in Australia. If you would like to talk to us about compliance or your rights under any other jurisdiction, please get in contact with privacy@myalii.cloud.
Alii has a Privacy Officer who oversees company activities to ensure that personal data is handled lawfully and in line with contractual obligations. You can contact the Privacy Officer using the details below.
To raise a privacy complaint, please send a written description of the matter to our Privacy Officer at privacy@myalii.cloud. We will review the details of your complaint and will provide a response within 30 days.
If you have spoken to us but would still like to take the matter further, then you have the right to make a complaint to the relevant supervisory authority, as per the below:
We will make changes to this Privacy Policy periodically as needed. Any updated versions of this notice will be posted on our website.
This notice was last updated on 20 August 2025
