Privacy Policy

About This Policy

This Privacy Policy explains how MediaLab (“we,” “our,” or “us”) collects, uses, stores, and protects your personal information when you engage our digital marketing and data enrichment services.

This Policy applies to:

Information collected through our Terms and Conditions acceptance process
Data processed during service delivery under Statements of Work (SoWs)
Business contact information for ongoing client relationships
Data handled through third-party platforms in service delivery

Information We Collect

Information You Provide Directly

When you engage our services, we collect:

Business contact details: Company name, contact person name, email address, phone number, business address
Billing information: Payment details and invoicing requirements
Project information: Campaign objectives, target criteria, and service requirements
System access details: CRM data, API authorizations, and platform credentials (as needed for service delivery)

Client Data for Service Delivery

You may provide us with data for processing as part of our services, including:

Prospect data: Names, business roles, company information, contact details
Campaign data: Email addresses, LinkedIn profiles, and other professional contact information
CRM data: Customer and prospect information from your existing systems
Performance data: Campaign metrics, engagement statistics, and analytics

Information Collected Through Third-Party Platforms

We access and process data through platforms including:

Clay Platform (data enrichment and workflow automations)
LinkedIn (prospect research and outreach)
HubSpot, Outreach.io, and other CRM/sales platforms
Email marketing and advertising platforms

How We Use Your Information

Service Delivery

We use your information to:

Deliver data enrichment, campaign development, and GTM consultancy services
Conduct prospect research and market intelligence
Create and execute marketing campaigns on your behalf
Provide performance reporting and analytics
Integrate workflows across your preferred platforms

AI-Enhanced Service Delivery

We use artificial intelligence technology to enhance service quality and personalization:

All AI processing includes human oversight for quality assurance
We implement data minimization principles, using only necessary information
AI assists in creating campaign content, messaging frameworks, and prospect research summaries (all human-reviewed before delivery)
AI analysis of campaign data provides insights and optimization recommendations
AI-generated outputs undergo systematic review to ensure accuracy and prevent unintended disclosure of personal information

Business Operations

We use your contact information to:

Communicate about projects and service delivery
Process payments and maintain billing records
Provide customer support and account management
Send service updates and important notices

Legal and Compliance

We may use information to:

Comply with legal obligations and regulatory requirements
Protect our rights and defend against legal claims
Investigate suspected fraud or misuse of services

Information Sharing and Disclosure

Third-Party Service Providers

We share information with trusted service providers who assist in delivering our services:

Platform Providers: Clay Labs Inc., LinkedIn, HubSpot, Outreach.io, and others specified in your SoW (each has their own privacy policy)
Subcontractors: Engaged only for specific projects, bound by confidentiality agreements

Client Instructions

We process and share Client Data according to your lawful instructions and as necessary to deliver the agreed services under your SoW.

Legal Requirements

We may disclose information where required by law, court order, or to protect our legal rights.

Business Transfers

Information may be transferred as part of a merger, acquisition, or sale of business assets, subject to confidentiality obligations.

Data Security and Protection

Security Measures

We implement appropriate security measures, including:

Encrypted data transmission and storage
Access controls and user authentication
Regular security assessments and updates
Staff training on data protection

Third-Party Platform Security

Client Data processed through third-party platforms is subject to those platforms’ security measures and policies.

Limitations

While we implement industry-standard measures, no data system is completely secure. You acknowledge this limitation and remain responsible for systems under your control.

Data Breach Notification

If we become aware of a breach affecting personal information, we will:

Notify you in writing within 72 hours
Provide requested information for assessment
Cooperate in required notifications under the Notifiable Data Breaches scheme
Take steps to contain and remediate the breach

International Data Transfers

Overseas Processing

Some Client Data may be processed outside Australia, including:

Cloud storage providers (typically US-based)
Third-party platform operators
International subcontractors

Safeguards

We ensure appropriate safeguards, including:

Contractual protections with service providers
Selection of providers in countries with adequate privacy protections
Technical measures to protect data in transit and storage

Data Retention

Retention Periods

We retain information as follows:

Contact and billing information: Business relationship duration + 7 years (tax/accounting purposes)
Project deliverables: As specified in SoWs (typically until completion)
Client Data: Only as long as necessary, then returned or destroyed as instructed

Deletion

You are responsible for backing up deliverables or Client Data upon delivery. We are not obligated to retain copies beyond SoW-specified periods.

Your Privacy Rights

Your Rights

Under Australian privacy law, you may:

Access your personal information we hold
Correct inaccurate or incomplete information
Request deletion of your information (subject to obligations)
Object to certain processing activities
Lodge a complaint with the Office of the Australian Information Commissioner

Exercising Your Rights

Limitations

Some rights may be limited by legal or contractual obligations.

Cookies and Website Technologies

If you visit our website, we may use cookies and similar technologies to:

Improve website functionality and user experience
Analyze website traffic and usage
Remember preferences and settings

You can control cookies through your browser preferences.

Changes to This Policy

We may update this Privacy Policy to reflect:

Changes in services or business practices
Updates to privacy laws and regulations
Improvements in data protection measures

We will notify you of material changes via email or our website. Continued use of our services after notice constitutes acceptance.

Contact Information

For privacy inquiries, complaints, or to exercise your rights:

Privacy Officer

MediaLab

Email: [privacy@medialab.com]

Phone: [Phone Number]

Address: [Business Address]

For urgent data breach notifications, contact us immediately using the above details.

Complaints Process

If you have concerns about our handling of your information:

Internal Resolution: Contact our Privacy Officer
External Resolution: If unsatisfied, lodge a complaint with the Office of the Australian Information Commissioner (www.oaic.gov.au)

Note: This Privacy Policy should be read alongside our Terms and Conditions. If inconsistent, the Terms and Conditions prevail regarding service delivery and commercial arrangements.