Funneled

Privacy Policy

Effective Date: 6 May 2026  |  Last Updated: 6 May 2026

Governed by the laws of New South Wales, Australia.

This Privacy Policy describes how Plutocracy PTY LTD trading as Funneled (“Funneled”, “we”, “us”, or “our”) collects, holds, uses, and discloses personal information in connection with the Funneled no-code funnel building platform and associated services (the “Platform”).

This Policy is issued in accordance with the Privacy Act 1988 (Cth) (the “Privacy Act”) and the thirteen Australian Privacy Principles (the “APPs”) set out in Schedule 1 to that Act. It forms part of the Funneled Terms and Conditions of Service and should be read together with them.

By accessing, registering for, or using the Platform, you acknowledge that you have read this Policy and consent to the collection, use, and disclosure of personal information as described below. If you do not agree, you must not use the Platform.

1. Scope of this Policy

1.1 This Policy applies to:

  • Customers and prospective customers who register for, subscribe to, or evaluate the Platform
  • Visitors to the Funneled website at getfunneled.com and any related domains
  • Personnel of customer organisations authorised to access the Platform
  • End-users of customer-published funnels and landing pages, to the extent Funneled collects or processes their personal information on behalf of a customer

1.2 The Platform is designed primarily for business customers. Where Funneled processes personal information about end-users of a customer’s funnel or landing page, Funneled generally does so as a service provider acting on the customer’s behalf. The customer is responsible for ensuring that its own collection notices, consents, and privacy practices comply with the Privacy Act, the APPs, and any other applicable privacy law.

1.3 This Policy does not apply to:

  • Third-party websites, services, or platforms linked to or integrated with the Platform, including Shopify, Meta (Facebook and Instagram), TikTok, Google, Yotpo, Okendo, and other third-party services. Each third-party service is governed by its own privacy policy.
  • Any handling of personal information that is exempt from the Privacy Act, including the employee records exemption under section 7B(3) of the Privacy Act.

2. What Personal Information We Collect

2.1 Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, as defined in section 6 of the Privacy Act.

2.2 The categories of personal information Funneled may collect include:

  • Account and identity information: name, business name, role or job title, email address, telephone number, billing address, and authentication credentials
  • Subscription and billing information: subscription tier, payment method tokens, billing history, GST registration details, and tax invoices (Funneled does not store full payment card numbers; these are handled by upstream payment processors)
  • Customer organisation information: company name, ABN or business registration number, industry, store URL, monthly revenue band (where voluntarily provided for plan eligibility)
  • Platform usage information: funnels created, blocks used, pages published, audit logs, feature usage telemetry, error reports, browser type and version, operating system, device identifiers, IP address, and approximate geolocation derived from IP
  • Customer Content: content, copy, creative assets, analytics data, customer lists, and other materials you upload, paste, or generate within the Platform. Customer Content may incidentally include personal information about you, your personnel, or your end-users.
  • Third-party integration data: where you elect to connect a third-party service (such as Shopify, Meta, TikTok, Google, Yotpo, or Okendo), data obtained through that integration, which may include product catalogues, ad account data, audience data, review content, and store analytics
  • Communications and support information: correspondence with our team, support tickets, feedback, demo bookings, survey responses, and call recordings or transcripts where you have been notified and consented
  • Marketing and engagement information: newsletter subscription status, email open and click data, event attendance, and marketing preferences

2.3 Sensitive information. Funneled does not request or require sensitive information as defined in section 6 of the Privacy Act (such as health, racial or ethnic origin, political opinions, religious beliefs, or biometric information). You should not upload sensitive information to the Platform. If you do, you do so at your own risk and you consent to its handling in accordance with this Policy and APP 3.3.

2.4 Anonymity and pseudonymity (APP 2). Where lawful and practicable, you may interact with Funneled anonymously or under a pseudonym (for example, when making a general enquiry). However, it is generally not practicable to provide the Platform, billing, or account support to an anonymous or pseudonymous user, and we will require identifying information to provide those services.

3. How We Collect Personal Information

3.1 Funneled collects personal information by lawful and fair means and, wherever practicable, directly from the individual concerned, in accordance with APP 3.

3.2 We collect personal information when you:

  • Visit our website, request a demo, or download marketing materials
  • Register for an account, accept the Terms, or subscribe to a plan
  • Use, configure, or interact with the Platform
  • Connect a third-party integration to the Platform
  • Contact our team by email, chat, phone, or video call
  • Provide feedback, complete a survey, or attend an event
  • Receive and interact with our marketing communications

3.3 Collection from third parties. We may collect personal information from third parties where it is unreasonable or impracticable to collect it from you directly, including:

  • Payment processors (for billing and fraud-prevention purposes)
  • Third-party services you have elected to integrate (for example, Shopify, Meta, TikTok, or Google)
  • Publicly available business directories or registers (for example, ASIC or LinkedIn) used to verify business details
  • Referral sources, partners, or resellers who introduce you to Funneled
  • Analytics, attribution, and anti-fraud providers

3.4 Cookies and similar technologies. Funneled and its analytics providers use cookies, local storage, pixel tags, and similar technologies on the Funneled website and within the Platform to operate the service, remember preferences, measure usage, and improve performance. You can manage cookies through your browser settings, although disabling certain cookies may affect functionality.

3.5 Funnels and landing pages published by customers. Where a customer publishes a funnel or landing page using the Platform, Funneled may, on the customer’s instruction and configuration, collect information from end-users who interact with that funnel — including form submissions, click events, page-view telemetry, and IP-derived geolocation. Funneled processes this information as a service provider on the customer’s behalf.

4. Why We Collect, Hold, Use, and Disclose Personal Information

4.1 In accordance with APP 3 and APP 6, Funneled collects, holds, uses, and discloses personal information for the following primary purposes:

  • To provide, operate, maintain, secure, and improve the Platform
  • To create and administer your account, authenticate logins, and apply user permissions
  • To process subscription payments, issue tax invoices, and manage billing
  • To respond to enquiries, provide customer support, and resolve disputes
  • To deliver service-related communications, including security alerts, billing notices, outage notifications, and policy updates
  • To monitor and analyse Platform usage, detect errors, prevent abuse, and improve features
  • To train internal staff and operate Funneled’s business in the ordinary course
  • To meet our legal, regulatory, and contractual obligations, including under the Privacy Act, the Spam Act 2003 (Cth), the A New Tax System (Goods and Services Tax) Act 1999 (Cth), the Corporations Act 2001 (Cth), and any applicable foreign law
  • For direct marketing, subject to Clause 8 (Direct Marketing)

4.2 Secondary purposes. Funneled may use or disclose personal information for a secondary purpose only where: (a) you would reasonably expect us to do so and the secondary purpose is related to the primary purpose; (b) you have consented to the secondary use or disclosure; or (c) another exception in APP 6.2 applies, including where the use or disclosure is required or authorised by Australian law or a court or tribunal order.

4.3 AI processing of Customer Content. Some Platform features use third-party large language model and machine learning APIs to generate copy, analyse creative assets, recommend layouts, and assist with funnel creation. To deliver these features, Customer Content (which may include personal information you have included in that content) may be transmitted to the relevant AI model API provider for processing. We use commercially reasonable efforts to select providers that contractually agree not to use input data to train their public models. You are responsible for ensuring that any personal information you submit to AI features may lawfully be processed in this way.

4.4 No use of Customer Content for our own commercial purposes. Funneled does not sell Customer Content. Funneled does not use the substantive content of your funnels, customer lists, or analytics data to train Funneled-owned AI models or to provide products to other customers, except in aggregated and de-identified form that cannot reasonably identify you, your customers, or your end-users.

5. Disclosure to Third Parties

5.1 Funneled may disclose personal information to the following categories of recipient, in each case only to the extent reasonably necessary for the purposes set out in Clause 4:

  • Upstream infrastructure providers that are essential to the operation of the Platform, including:
    • Cloudflare, Inc. (CDN, DDoS protection, DNS, edge routing)
    • MaxMind and similar geolocation data providers
    • Cloud infrastructure providers, including Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure
    • AI model API providers (for AI-assisted features)
    • Payment processors (for subscription billing and fraud prevention)
    • Email and transactional communication providers
    • Domain registrars, DNS resolvers, and SSL/TLS certificate authorities
    • Logging, monitoring, error-tracking, and analytics providers
  • Customer-facing third-party integrations that you elect to connect, including Shopify, Meta (Facebook and Instagram), TikTok, Google, Yotpo, Okendo, and others
  • Professional advisers, including accountants, auditors, lawyers, and insurers, where reasonably necessary
  • Successors in interest, in the event of a sale, merger, restructure, financing, or acquisition involving Funneled or any related body corporate (as defined in the Corporations Act 2001 (Cth)), subject to recipients agreeing to handle personal information consistently with this Policy
  • Government, regulators, and law enforcement, where required or authorised by law (including under APP 6.2(b)) — for example, in response to a subpoena, court order, or lawful request from the Australian Taxation Office, the Office of the Australian Information Commissioner, or another competent authority
  • Other parties with your consent or at your direction

5.2 Funneled requires its service providers to handle personal information in accordance with appropriate confidentiality and security obligations, and (where overseas recipients are involved) consistently with the APPs to the extent required under APP 8.

5.3 Funneled does not sell personal information to third parties.

6. Cross-Border Disclosure (APP 8)

6.1 Some of Funneled’s upstream infrastructure providers and service providers are located outside Australia, including in the United States, the European Union, the United Kingdom, Canada, and the Asia-Pacific region. As a result, Funneled may disclose personal information to overseas recipients.

6.2 Before disclosing personal information to an overseas recipient, Funneled will take steps reasonable in the circumstances to ensure that the recipient does not breach the APPs in relation to the information, in accordance with APP 8.1. These steps may include entering into contractual arrangements requiring the recipient to comply with privacy obligations substantially equivalent to the APPs, or relying on the recipient’s compliance with a comparable privacy framework.

6.3 If an overseas recipient handles personal information in a way that breaches the APPs, Funneled may, in some circumstances, be accountable for that breach under section 16C of the Privacy Act.

7. Security, Storage, and Retention

7.1 Security. Funneled takes steps reasonable in the circumstances to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure, in accordance with APP 11.1. These measures include encryption of data in transit using TLS, encryption of data at rest in line with our cloud providers’ standards, role-based access controls, multi-factor authentication for administrative access, audit logging, and periodic review of security practices.

7.2 No absolute security. No method of transmission over the internet and no method of electronic storage is completely secure. While Funneled implements commercially reasonable safeguards, we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for notifying Funneled immediately of any suspected unauthorised access.

7.3 Retention. Funneled retains personal information for as long as it is reasonably necessary for the purposes for which it was collected, to comply with legal obligations (including taxation, financial-records, and corporate-records obligations under Australian law), to resolve disputes, and to enforce our agreements.

7.4 Destruction or de-identification (APP 11.2). Where personal information is no longer needed for a permitted purpose and Funneled is not required by law to retain it, Funneled will take reasonable steps to destroy or permanently de-identify the information. Following termination of your subscription, Funneled may delete your Customer Content and account data after the notice period set out in the Terms, except where retention is required by law or reasonably necessary for backup, audit, dispute-resolution, or fraud-prevention purposes.

8. Direct Marketing

8.1 Funneled may use your contact details to send you direct marketing communications about the Platform, new features, offers, events, and content we believe may be of interest to you, in accordance with APP 7 and the Spam Act 2003 (Cth).

8.2 You may opt out of direct marketing at any time by:

  • Clicking the “unsubscribe” link in any marketing email; or
  • Contacting us at james@getfunneled.com with a request to unsubscribe.

8.3 Funneled will give effect to opt-out requests within a reasonable period and in any event within the timeframe required by the Spam Act 2003 (Cth). Service-related communications (such as billing notices, security alerts, and material changes to the Terms or this Policy) are not marketing communications and you cannot opt out of them while you maintain an active account.

9. Notifiable Data Breaches

9.1 Funneled is subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act.

9.2 If Funneled becomes aware that there are reasonable grounds to believe that an “eligible data breach” has occurred — that is, an unauthorised access to, unauthorised disclosure of, or loss of personal information that is likely to result in serious harm to one or more affected individuals — Funneled will, as soon as practicable:

  • Conduct an assessment of the suspected breach within thirty (30) days as required by section 26WH of the Privacy Act
  • Notify the Australian Information Commissioner in the form required under section 26WK of the Privacy Act
  • Notify affected individuals (or, where direct notification is not practicable, publish a notification on the Funneled website) of the kind of information involved, the circumstances of the breach, and recommended steps to mitigate harm

9.3 Funneled will cooperate with any investigation, direction, or determination by the Office of the Australian Information Commissioner relating to a notifiable data breach.

10. Your Rights

10.1 Access (APP 12). You may request access to the personal information Funneled holds about you. We will respond to access requests within thirty (30) days. Funneled may charge a reasonable fee for the cost of providing access (no fee is charged for the request itself), and may decline access where permitted under APP 12.3 (for example, where giving access would have an unreasonable impact on the privacy of others, would be unlawful, or would prejudice an investigation).

10.2 Correction (APP 13). If you believe personal information Funneled holds about you is inaccurate, out of date, incomplete, irrelevant, or misleading, you may request correction. Funneled will take reasonable steps to correct the information, or to associate a statement with the information noting your view, where Funneled does not agree to correct it. Funneled will respond to correction requests within thirty (30) days.

10.3 Withdrawing consent. Where Funneled relies on your consent to handle personal information, you may withdraw that consent at any time by contacting us. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal and may limit our ability to provide certain features.

10.4 Account self-service. Where practicable, you may exercise rights of access and correction directly through the account-management features within the Platform.

10.5 How to exercise your rights. Requests under this Clause 10 should be sent in writing to james@getfunneled.com, with sufficient detail to allow Funneled to identify you and locate the relevant information. Funneled may need to verify your identity before responding.

11. International Users

11.1 Funneled is established in Australia and operates the Platform from Australia. The Platform is offered for use globally, but Funneled does not specifically target individuals in any jurisdiction outside Australia, except by virtue of customers operating their own businesses internationally.

11.2 If you access the Platform from outside Australia, you acknowledge and agree that your personal information may be transferred to, stored in, and processed in Australia and other jurisdictions where Funneled and its service providers operate.

11.3 EU/UK General Data Protection Regulation. Where the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) or the UK General Data Protection Regulation (“UK GDPR”) applies to a particular processing activity (for example, where Funneled offers the Platform to data subjects in the European Economic Area or United Kingdom), Funneled will handle personal data in accordance with applicable GDPR and UK GDPR obligations. In such cases, references in this Policy to “personal information” should be read as including “personal data”, and references to the APPs should be read as supplemented by the equivalent rights under GDPR Articles 12 to 22.

11.4 California residents. Where the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA”), applies, Funneled does not sell or share personal information for cross-context behavioural advertising. California residents may contact us at james@getfunneled.com to exercise rights of access, deletion, correction, and opt-out where available under the CCPA.

11.5 Nothing in this Clause 11 expands the scope of any law beyond its own terms; each foreign privacy framework applies only to the extent it lawfully applies to Funneled or to a particular processing activity.

12. Children

12.1 The Platform is intended for use by individuals aged at least 18 years and is not directed to children. Funneled does not knowingly collect personal information from children under the age of 16. If you become aware that personal information about a child has been provided to Funneled, please contact us at james@getfunneled.com and we will take reasonable steps to delete it.

13. Changes to this Policy

13.1 Funneled may update this Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The current version is always available at getfunneled.com/legal/privacy.

13.2 Where a change is material, Funneled will provide at least fourteen (14) days’ notice via email or through the Platform. Your continued use of the Platform after the effective date of any change constitutes acceptance of the revised Policy.

13.3 The “Last Updated” date at the top of this Policy reflects the date of the most recent change.

14. Complaints and Regulatory Bodies

14.1 If you believe Funneled has breached the Privacy Act, the APPs, or this Policy, please submit your complaint in writing to james@getfunneled.com with full particulars. Funneled will acknowledge receipt within five (5) business days and use good faith efforts to investigate and respond within thirty (30) days.

14.2 If you are not satisfied with Funneled’s response, you may refer the complaint to the Office of the Australian Information Commissioner (OAIC):

  • Office of the Australian Information Commissioner (OAIC)
  • Website: oaic.gov.au
  • Phone: 1300 363 992
  • Post: GPO Box 5288, Sydney NSW 2001

14.3 Other Australian regulatory bodies that may be relevant to a privacy or consumer complaint include:

14.4 Nothing in this Policy limits your rights to make a complaint directly to a regulator or to seek remedies available to you under the Privacy Act, the Australian Consumer Law (Schedule 2 to the Competition and Consumer Act 2010 (Cth)), or any other applicable Australian law.

15. Contact Information

For all privacy enquiries, access or correction requests, complaints, or notifications under this Policy:

Funneled (Plutocracy PTY LTD) Website: getfunneled.com Privacy Officer: james@getfunneled.com Booking: cal.com/jameshamelsmith/30min

BY USING THE FUNNELED PLATFORM, YOU ACKNOWLEDGE THAT YOU HAVE READ THIS PRIVACY POLICY, UNDERSTAND IT, AND CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS DESCRIBED. YOUR STATUTORY RIGHTS UNDER THE PRIVACY ACT 1988 (CTH), THE AUSTRALIAN PRIVACY PRINCIPLES, THE AUSTRALIAN CONSUMER LAW, AND OTHER APPLICABLE AUSTRALIAN LEGISLATION ARE NOT AFFECTED.

© 2026 Funneled. All Rights Reserved.