How we handle your data.
This policy covers the Condense Governance Check — what we collect when you use it, where it goes, and when it's deleted. It's written to be read, not survived. The short version sits on the check page; this is the full detail.
Last updated 13 June 2026
Who this covers
This policy applies to the Governance Check — the intake form, the documents you upload, and the report we deliver. The service is run by Condense Pty Ltd, an independent data and software practice in Hobart, Tasmania. If anything here is unclear, email hello@condense.com.au and a person will answer.
What we collect
- The documents you upload — the governance documents you choose to send for assessment (constitution, charter, policies, plans). We ask you to send only governance scaffolding, not operational records or anything naming individuals.
- Your intake details — your contact email, your organisation's name, and the optional terminology preferences you enter on the form.
- Payment information — handled entirely by Stripe. We never see or store your card details; Stripe processes the payment and tells us only that it succeeded. Stripe's handling is governed by Stripe's privacy policy.
- Technical information — to keep the site reliable, our error-monitoring service (Sentry) records technical details when something goes wrong: the page, the error, and the connection information your browser sends, which can include your IP address. We do not use advertising or analytics cookies, and we do not track your behaviour across other sites.
How we use it
We use what you send for one purpose: to produce and deliver your governance report. Your documents are read by AI — every document against every checklist item — and the findings, each citing the document it's drawn from, are assembled into your report. Every AI call runs through enterprise endpoints under terms that prohibit using your content to train models. We don't use your documents to tune our own tooling, and we don't share them with anyone.
Where it's stored
Your documents go directly from your browser to a private storage bucket in Google Cloud's Sydney region, over an encrypted connection, using single-purpose upload links that expire after fifteen minutes and accept only the named file. They never pass through our web server and are never emailed. Public access to the bucket is blocked at the platform level.
The AI analysis runs on Google Cloud's enterprise endpoints, which don't guarantee an Australian processing region — so we don't claim one. What the enterprise terms do guarantee, and what we rely on: your content is not used to train models and is not retained by the AI services after processing.
Who can see it
The check runs in a dedicated cloud environment, separate from everything else we operate, with access scoped to exactly that. Nobody at Condense reads your documents in the normal course of a check — a person steps in only if a run fails or you ask us to. We don't share your documents, your details, or your report with anyone, for any reason.
How long we keep it
Deletion is part of delivery, not a chore we remember later. Once your report is delivered, an automated step removes your uploaded documents, your intake details, and the working data the check produced, and writes a deletion record to a separate write-once audit store — records can be added there, never changed or removed. If a run pauses for more documents or fails before delivery, your documents are held in the same private storage so the run can resume without re-processing — and a storage rule removes everything within 30 days of submission regardless. So: deleted on delivery, and gone within 30 days either way.
Want it sooner? Email hello@condense.com.au from the address you submitted with and we'll delete the run and confirm.
Your report
Your report isn't emailed as an attachment. You get a notification with a link to a report access page, which asks for your email; only when it matches the address from your submission and payment does it send a fresh, short-lived download link. A forwarded or leaked link doesn't expose your report.
Cookies & tracking
This site doesn't use advertising or analytics cookies, and we don't track you across other sites. The only technical data we collect is the error-monitoring information described above. Stripe may set its own cookies during checkout to process your payment and prevent fraud, governed by Stripe's privacy policy.
Access, correction & complaints
You can ask what personal information we hold about you — in practice, your contact email and billing record — and ask us to correct or delete it. Email hello@condense.com.au from the address you used and we'll sort it out. If you're unhappy with how we've handled your data, tell us first and we'll work to put it right. If you're still not satisfied, you can refer the matter to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
Changes to this policy
If we change how the check handles your data, we'll update this page and the date at the top. Material changes will be reflected here before they take effect.
Condense Pty Ltd · Hobart, Tasmania · hello@condense.com.au · Last updated 13 June 2026