Privacy Policy

Cervio is operated by Morphotech Australia Pty Ltd (ABN to be registered), a company incorporated in New South Wales, Australia. Our registered address is in Sydney, New South Wales, Australia.

For privacy-related enquiries, you may contact us at: privacy@morphotech.com.au

We collect the following categories of personal information:

Account Information: When you register for Cervio, we collect your name, email address, and password (stored as a secure hash).

Business Profile Information: Information you voluntarily provide about your business, including business name, role, business description, team size, industry, and strategic goals. This information is used exclusively to personalise your Cervio experience.

Usage Data: Information about how you use the Cervio platform, including features accessed, AI interactions, briefings generated, decisions logged, meetings prepared, and calendar events created.

Technical Data: IP address, browser type, device information, operating system, and access timestamps, collected automatically when you use our services.

Payment Information: If you subscribe to a paid plan, payment processing is handled by Stripe Inc. We do not store your full card details. We receive confirmation of payment and a Stripe customer identifier.

We use your personal information for the following purposes:

Service Delivery: To provide, operate, and maintain the Cervio platform, including generating AI-powered briefings, decision analyses, and personalised recommendations.

AI Personalisation: Your business profile and usage data are used as context for AI-generated content. This context is sent to Anthropic's Claude API to generate personalised outputs. We do not train AI models on your personal data.

Account Management: To create and manage your account, process payments, and communicate important service updates.

Service Improvement: Aggregated, anonymised usage data may be used to improve our features and user experience. We do not use individual personal data for this purpose without consent.

Legal Compliance: To comply with applicable Australian laws and regulations, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

We use the following third-party services to operate Cervio:

Anthropic (AI Processing): Your business context and queries are processed by Anthropic's Claude API to generate AI outputs. Anthropic processes this data subject to their own privacy policy. We send only the minimum necessary context for each interaction.

Supabase (Database & Authentication): Your data is stored in Supabase's infrastructure, hosted on AWS in the ap-south-1 (Mumbai) region. Supabase is SOC 2 compliant.

Vercel (Hosting): Our web application is hosted on Vercel's infrastructure. Vercel processes request and response data as part of serving the application.

Stripe (Payments): Payment processing is handled by Stripe Inc. Stripe is PCI DSS Level 1 certified. We share only necessary information (email, name) to facilitate billing.

We do not sell your personal information to any third party.

Storage Location: Your data is primarily stored in AWS ap-south-1 (Mumbai, India) via Supabase. By using Cervio, you consent to this cross-border transfer.

Security Measures: We implement industry-standard security practices including: encrypted data transmission (TLS 1.2+), encrypted data at rest, row-level security policies on all database tables, secure authentication via Supabase Auth, and regular security reviews.

Data Retention: We retain your personal data for as long as your account is active. You may request deletion of your account and all associated data at any time through the Settings page or by contacting us directly.

Breach Notification: In the event of a data breach affecting your personal information, we will notify you and, where required, the Office of the Australian Information Commissioner (OAIC) within 30 days of becoming aware of the breach, in accordance with the Notifiable Data Breaches (NDB) scheme.

Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the following rights:

Access: You have the right to request access to the personal information we hold about you. You can export all your data directly from Settings → Export Your Data.

Correction: You have the right to request correction of inaccurate or incomplete personal information.

Deletion: You have the right to request deletion of your personal information. You can delete your account and all associated data from Settings → Delete Account.

Complaints: If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us directly at privacy@morphotech.com.au. If you are unsatisfied with our response, you may escalate to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

We will respond to all privacy requests within 30 days.

Cervio uses essential cookies and local storage for authentication and session management. We do not use third-party advertising cookies or tracking pixels.

Authentication Tokens: Stored in browser local storage to maintain your login session.

Preferences: Your theme preference (light/dark/system) is stored in browser local storage.

We do not use Google Analytics, Facebook Pixel, or any other third-party behavioural tracking technologies.

Cervio is designed for business use by adults. We do not knowingly collect personal information from individuals under the age of 18. If you believe a minor has provided us with personal information, please contact us immediately at privacy@morphotech.com.au and we will promptly delete that information.

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes via email or a prominent notice within the Cervio platform at least 14 days before the changes take effect.

Your continued use of Cervio after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.

For all privacy-related enquiries, requests, or complaints:

Morphotech Australia Pty Ltd Sydney, New South Wales, Australia Email: privacy@morphotech.com.au Website: cervio.ai

For urgent security concerns: security@morphotech.com.au

We aim to respond to all enquiries within 5 business days.