Privacy Policy

The Systems Coach is the consulting and software business of Greg Roworth. We provide Microsoft 365 modern-workplace consulting, SYSTEMology®-certified business-systems coaching, and custom software and AI development, along with a free community, newsletter and online tools.

Our legal and contact details are:

• Legal entity:GH Roworth Pty Ltd (ACN 658 761 105), as trustee for the GH Roworth Family Trust (ABN 17 420 288 548)
• Trading as: The Systems Coach
• Sole director: Gregory Christopher Roworth
• Principal place of business: 339 Bees Creek Road, Bees Creek NT 0822, Australia
• Registered office: Suite 2, Level 14, 390 St Kilda Road, Melbourne VIC 3004
• Privacy contact: support@thesystemscoach.com.au

This policy covers the personal information we handle across our own website and business operations, including:

• our website at thesystemscoach.com.au, and the tools, forms and meeting bookings on it;
• our newsletter, marketing and lead-generation activities;
• our consulting and coaching engagements; and
• our general business operations — enquiries, accounts, record-keeping and the systems we use to run the business.

We also build software applications as part of our services. This policy explains how data control worksfor that software (see section 3 and section 8), but it does notdescribe the data practices of any individual application — each application we operate has its own privacy policy.

What this policy does not cover. A few things sit outside it:

• Applications we build for a client and hand over — once handed over, the client operates the application and controls its data under their own privacy policy.
• Applications we own and operate— each is covered by its own privacy policy, on that application’s own website, not by this one.
• Subcontracted work we perform for another organisation — that organisation’s own policies and systems govern it, not ours.
• Our own accountant, advisers and suppliershandle our company’s own information under their own privacy policies.
• Other websites we link to are covered by their own privacy policies, not ours.

Sometimes we hold or process personal information that another organisation controls. In privacy terms, that organisation is the controller— it decides how the information is used — and we are the processor, handling it on their behalf under their instructions.

This is what happens when we build an application for a client and hand it over: the client operates the application and controls its data, which is then governed by the client’s own privacy policy, not this one. The same principle applies to any work we carry out on another organisation’s behalf.

If you are an employee or customer of an organisation we have built or operate an application for and you want to know how that organisationcollects and uses your information, why it asks for particular details, or you want to access or correct your records, please contact that organisation directly — they control those decisions. We will always pass on or support a request that needs the controller’s involvement.

The information we collect depends on how you interact with us.

When you use our website, tools or forms, or contact us:

• your name, email address, and (optionally) your company name and phone number;
• the details you type into our interactive tools and calculators (for example business figures such as revenue, staff numbers and other operating metrics);
• messages you send us and meeting-booking details;
• marketing-engagement information, such as which emails you open and which pages you view; and
• technical information collected automatically, such as your IP address, browser type, the pages you request, and cookie identifiers (see section 9).

When you use an application we build or operate. The personal information collected inside an application is described in that application’s own privacy policy, available from the application and its app-store listing — not here. See section 8.

We use personal information to:

• respond to your enquiries and provide the services or tools you ask for;
• create and run your account, and operate the applications you use;
• deliver our newsletter and marketing communications where you have consented, and measure how they perform;
• provide AI-assisted features (see section 7);
• run, secure, support and improve our business and our products — including internal knowledge management, search and AI-assisted operations across our own systems; and
• meet our legal, tax and record-keeping obligations.

We only collect what we reasonably need for these purposes. Where the law requires your consent — for example, to send you marketing email — we ask for it, and you can withdraw it at any time.

We do not sell your personal information. We share it only with service providers who help us run our business, and only as far as they need it to provide their service to us. The main ones are:

• HubSpot

  CRM, marketing, forms, website tracking and meeting bookings.

  Data location: United States (with EU sub-processors)

• Microsoft 365

  Email, calendar, SharePoint, Teams, OneDrive, Bookings and Copilot.

  Data location: Australia (in-country processing where available)

• Vercel

  Hosting for our website and software products; short-lived request logs.

  Data location: United States / global edge

• Railway

  Application backends and PostgreSQL databases for our software products.

  Data location: United States

• Anthropic

  The Claude AI that powers AI features in our website, tools and apps.

  Data location: United States

• Voyage AI

  Vector embeddings for our internal knowledge system (internal business data only).

  Data location: United States

• Resend

  Delivery of transactional and marketing email.

  Data location: United States / EU

• Stripe

  Payment processing for software subscriptions (we do not store card numbers).

  Data location: United States / global

• Xero

  Accounting and invoicing.

  Data location: Australia

• Metricool

  Social media scheduling and analytics (Facebook/Instagram), and a website tracking pixel that gives us visitor analytics.

  Data location: European Union (Spain)

• GitHub

  Source-code hosting (code only — no customer data).

  Data location: United States

• Cron-job.org

  Triggering scheduled jobs (triggers only — no personal information).

  Data location: European Union

• Squarespace

  Our legacy website, currently being decommissioned.

  Data location: United States

We also rely on a small number of providers that handle only our own internal or business information — for example our accountant, document-signing and legal services, and our password manager — and these do not receive customer data. We may also disclose information where the law requires it, or to protect our rights, safety or property.

Some features on our website use artificial intelligence, provided by Anthropic(the Claude API). When you use one of these features — for example our AI-powered business and finance calculators, or the AI assistant available to community members — the information you enter is sent to Anthropic to generate a response, and is handled under Anthropic’s privacy and data-processing terms.

We do not use the information you enter into these AI features to train AI models. Some of our AI features, and our consulting work, also use Microsoft services (including Microsoft 365 Copilot) — both Anthropic and Microsoft are listed as service providers in section 6.

We build software applications as part of our services. How your personal information is handled depends on the application:

• Applications we build for a client and hand over — once handed over, the client operates the application and controls its data under their ownprivacy policy (see section 3).
• Applications we own and operate — each has its ownprivacy policy, published on that application’s own website and linked from its app-store listing. Each per-app policy is written when the application is completed, so it describes what the application actually does.

This page is not an app’s privacy policy. It governs our website and business operations. It is notthe privacy policy for any individual application, and it is not used as the privacy URL for any app-store listing — every application carries its own policy, which is where you will find the detail of the data it collects (such as account details, operational data, camera, notifications or location).

Our website uses a small number of cookies and tracking pixels. The cookies set on the public site come from:

• HubSpot— our CRM and marketing platform sets cookies (including hubspotutk, __hstc, __hssc and __hssrc) to recognise returning visitors, pre-fill forms and measure marketing performance; and
• Metricool— a tracking pixel that gives us website and social-marketing analytics.

Our website does not set its own login or session cookies on public pages, and we do not currently use Vercel Analytics.

Cookie consent.We do not currently display a cookie-consent banner. Because some of these cookies are set for analytics and marketing, we are reviewing adding a consent banner for visitors from the EU and UK. You can also control or block cookies through your browser settings, and opt out of marketing at any time (see section 12). Our cookies are retained for the periods set by the providers above — HubSpot’s tracking cookies typically last up to 13 months.

We keep personal information only for as long as we need it, and then delete or de-identify it. In practice:

• Marketing contacts:until you unsubscribe, after which we keep only the minimum needed for a suppression list so we don’t contact you again.
• Client and CRM records: for the duration of our engagement, plus seven years to meet tax record-keeping obligations.
• Data inside applications we operate: for the duration of the engagement, then for 90 days after cancellation, after which it is permanently deleted. (Applications we have built and handed over to a client are governed by that client’s own privacy policy after handover.)
• Server and platform logs: approximately three days (the default retention of our hosting providers).
• Backups:kept according to our platform providers’ standard backup cycles.

Some of our service providers are located overseas, so your personal information may be stored or processed outside Australia. Based on the providers in section 6, this includes:

• the United States— HubSpot, Vercel, Railway, Anthropic, Voyage AI, Stripe, Resend, GitHub and (until it is decommissioned) Squarespace;
• the European Union— Metricool (Spain), Cron-job.org, some HubSpot sub-processors, and Resend depending on region; and
• Australia— Microsoft 365 (our preferred location where available) and Xero.

Where we transfer personal information overseas, we take reasonable steps to ensure the recipient handles it consistently with the Australian Privacy Principles, including through contractual protections such as standard contractual clauses.

You have the right to:

• Access— ask for a copy of the personal information we hold about you;
• Correct— ask us to fix information that is inaccurate or out of date;
• Delete— ask us to delete your information, subject to any legal obligation we have to keep it;
• Opt out of marketing— unsubscribe from any marketing email with one click, at any time; and
• Complain— raise a privacy concern with us.

To make any of these requests, email us at support@thesystemscoach.com.au. We will respond within 30 days. If you are an employee or customer of one of our client organisations, please see section 3 — some requests are best directed to that organisation, and we’ll help where we can.

If you are not satisfied with how we handle your concern, you can contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au. Visitors in the EU or UK may also have the right to lodge a complaint with their local data-protection authority.

We do not knowingly collect personal information from anyone under 18, and none of our products are directed at children. If we become aware that we have collected information about a minor, we will delete it.

We may update this policy from time to time as our products, services or service providers change. The “last updated” date at the top shows when it last changed. If we make a material change, we will notify active customers by email and post a notice on our website.

If you have any questions about this policy or about how we handle your personal information, please contact us:

• Email: support@thesystemscoach.com.au
• Post: GH Roworth Pty Ltd, 339 Bees Creek Road, Bees Creek NT 0822, Australia