Privacy Policy

MatterMaster ("we", "us", or "our") is committed to protecting the privacy and confidentiality of your information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our desktop application and web portal (collectively, the "Service").

1. Privacy by Design

MatterMaster is built with privacy as a core feature, not an afterthought. Our architecture ensures:

• Local Processing: All screenshot capture and AI analysis happens on your device. We never transmit screenshots or detailed work activity to our servers.
• Encrypted Storage: All local data is encrypted using AES-256 encryption at rest.
• Minimal Data Collection: We only collect the minimum information necessary to provide team collaboration features.
• User Control: You have complete control over data retention periods and can delete all data at any time.

2. Information We Collect

2.1 Data Stored Locally Only

The following data is stored exclusively on your device and never transmitted to our servers:

• Screenshots of your work screens
• AI processing results and analysis
• Detailed screen activity logs
• Local user preferences

2.2 Data Synced to Our Servers (Optional)

If you use team features, the following data may be synced to our cloud infrastructure (Neon PostgreSQL hosted in Australia):

• Account information (name, email address, organization name)
• Time entry summaries (client/matter names, hours tracked, billable status)
• Client and matter templates
• Team membership and permissions
• Billing and subscription information

2.3 Usage Analytics

We collect minimal usage analytics to improve the Service, including application version, platform (Windows/macOS), and feature usage patterns. This data is anonymized and does not include any client or work content.

3. How We Use Your Information

We use the information we collect to:

• Provide and maintain the Service
• Enable team collaboration features
• Process payments and manage subscriptions
• Send important service updates and security alerts
• Provide customer support and respond to your inquiries
• Improve and develop new features
• Comply with legal obligations

4. Australian Privacy Act Compliance

We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Specifically:

APP 1 - Open and Transparent Management

This Privacy Policy clearly outlines our data handling practices. You can contact us at privacy@mattermaster.app with any questions.

APP 3 - Collection of Solicited Personal Information

We only collect personal information that is reasonably necessary to provide the Service. All collection is with your knowledge and consent.

APP 6 - Use or Disclosure

We only use personal information for the purposes disclosed in this policy. We do not sell or share your data with third parties for their marketing purposes.

APP 11 - Security of Personal Information

We take reasonable steps to protect your information from misuse, interference, loss, unauthorized access, modification, or disclosure through encryption and secure cloud infrastructure.

APP 12 - Access and Correction

You have the right to access and correct your personal information at any time through your account settings or by contacting us.

5. Legal Professional Privilege

MatterMaster is designed specifically for legal professionals with strict confidentiality obligations. We maintain privilege through:

• 100% local processing - no third-party AI services see your data
• No network transmission of screenshots or detailed content
• Encrypted storage of all sensitive information
• Clear data boundaries between local and cloud storage
• User control over all sharing and synchronization

6. Data Security

We implement industry-standard security measures:

• Encryption: AES-256 encryption for local data, TLS for data in transit
• Access Controls: Role-based access control for team features
• Secure Infrastructure: Australian-hosted cloud infrastructure with security monitoring
• Regular Audits: Periodic security assessments and updates
• Secure Deletion: Data is securely wiped when deleted

7. Data Retention

Local Data: You control retention periods for screenshots and local data (7-180 days configurable). Data is automatically purged after the retention period.

Cloud Data: Account and time entry data is retained while your account is active. After account closure, data is retained for 30 days then permanently deleted, except as required by law for billing and tax purposes.

8. Notifiable Data Breach Scheme

In the unlikely event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner within 30 days as required by the Privacy Act.

9. Third-Party Services

We use the following third-party services:

• Neon (PostgreSQL): Database hosting (Australia)
• Stripe: Payment processing
• Better Auth: Authentication services
• Netlify: Web hosting

These services have their own privacy policies and security measures. We only share the minimum information necessary for these services to function.

10. Your Privacy Rights

You have the right to:

• Access your personal information
• Correct inaccurate or incomplete information
• Request deletion of your data
• Export your data in a portable format
• Object to processing of your information
• Lodge a complaint with the OAIC

To exercise these rights, contact us at privacy@mattermaster.app

11. Workplace Surveillance

MatterMaster is designed for self-monitoring by legal professionals. If your organization uses MatterMaster for multiple users:

• Clear consent must be obtained from each user
• Users must be notified about data collection and monitoring
• Organizations should comply with state-specific workplace surveillance laws
• Each user has full control over their local screenshots and AI processing

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through the Service. Your continued use of the Service after changes indicates your acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices: