1. Introduction

1. This Privacy Policy explains how Sterling Ai Ltd (NZBN 9429053197177) collects, uses, discloses, and protects personal information when you use our Service or interact with our Website, histerling.com.
2. By using the Service, you agree to this Policy.

‍

2. Who we are and how to contact us

1. Company: Sterling Ai Ltd (NZBN 9429053197177)
2. Website: histerling.com
3. Email: n@histerling.com
4. Contact page: histerling.com/contact

‍

3. Personal information we collect

1. Account information: name, email, role, organisation details.
2. Usage data: IP address, device and browser information, pages visited, timestamps, diagnostic logs.
3. Support and communications: messages and metadata.
4. Billing: contact and transaction details where applicable.
5. Cookies and similar technologies: see section 7.

‍

4. How we use personal information

1. Provide, operate, secure, and improve the Service.
2. Create and manage accounts and authenticate users.
3. Respond to support requests and communicate about updates and security notices.
4. Analyse usage to improve features and performance.
5. Legal compliance and to protect our rights.
6. With your consent, send product news and offers. You can opt out at any time.

‍

5. Sharing and disclosure

1. Service providers (processors) under appropriate safeguards, including AWS, Google Cloud, PostHog, WorkOS, Postmark, Intercom, OpenAI, Raygun, Cloudflare R2 and Slack.
2. Integration platforms where Sterling processes customer data:
   • Xero (accounting platform integration - customer-authorized access)
   • Microsoft Graph API (Exchange/Office365 email integration - customer-authorized access)
   • Google Workspace (Drive/Gmail integration - customer-authorized access)
3. Business transactions, such as a merger or acquisition, with notice where required.
4. Legal disclosures where required by law or to protect safety, rights, or property.
5. With your consent or at your direction.

‍

6. International transfers and data locations

1. We may process and store personal information in New Zealand and the United States (us‑west‑2). We take steps to ensure adequate protections for cross‑border transfers.
2. Primary data locations: United States (us‑west‑2). If this changes, we will update this Policy.

‍

7. Cookies and tracking

1. We use necessary, functional, and performance cookies, and similar technologies such as web beacons, to operate and improve the Service.
2. You can control cookies via your browser settings, but some features may not function without them.

‍

8. Security

1. We use commercially reasonable administrative, technical, and organisational measures to protect personal information. No method of transmission or storage is completely secure.

‍

9. Retention

1. We retain personal information for as long as needed for the purposes described, to comply with legal obligations, resolve disputes, and enforce agreements. Usage data may be kept for shorter periods unless needed for security or improvements.

‍

10. Your rights

1. Subject to law, you may request access to, correction of, or deletion of your personal information, and may object to or restrict certain processing.
2. Marketing: you can opt out of marketing emails at any time.

‍

11. Third‑party links

1. Our Service may include links to third‑party sites. Their privacy practices are governed by their policies, not this one.

‍

12. Changes to this Policy

1. We may update this Policy and will post the new version with an updated “Last updated” date and provide notice where required.

‍

13. Contact

1. Questions or requests: n@histerling.com or the contact page on histerling.com.

‍