Skip to main content

Legal

Terms of Service

Effective date: 18 August 2025
Provider: FactNexus Pty Ltd (ABN 46 086 885 092) trading as retrievable.ai (“we”, “us”, “our”)
Contact for notices: Level 2, 11 York Street, Sydney NSW 2000, Australia · legal@retrievable.ai

1. Agreement to Terms

By creating an account, requesting a free audit, connecting data sources, or using the Services, you agree to these Terms and to any documents we reference (for example, our Privacy Policy, the Acceptable Use Policy in Schedule 1, and the Data Processing Addendum in Schedule 2 where applicable). If you do not agree, do not use the Services.

2. Services and Scope

2.1 What we provide. Retrievable.ai helps make your website readable, usable, and actionable to AI agents. Offerings include:
a) retrievability audits and recommendations
b) advice and task management for remediation
c) Share-of-AI-Voice tracking using targeted queries and, if enabled, analytics ingestion

Plan names and features appear on our site (currently Analyst, Coordinator, and Director).

2.2 Changes. Features may change from time to time. If a change materially reduces core functionality you use, we will give reasonable notice.

3. Accounts and Authority

Keep account details accurate and secure. Ensure you have authority to connect any domains, properties, analytics, or third-party systems. You are responsible for activities under your account.

4. Plans, Fees, Taxes, and Billing (USD via Stripe)

4.1 Pricing and currency. Prices are listed in US dollars (USD), exclusive of GST and other taxes, and are billed via Stripe. Where Australian GST applies, it will be added at checkout or invoiced. You are responsible for other applicable taxes, including reverse-charge where relevant.
4.2 Renewals. Subscriptions renew automatically each term until cancelled.
4.3 Changes to fees. Fee changes take effect at your next renewal with prior notice.
4.4 Refunds. Fees are non-refundable except:
a) as required by the Australian Consumer Law (ACL)
b) pro-rata refunds for any unused prepaid period if you terminate for convenience under section 18.3
4.5 Payment processor. Stripe collects and processes card details. We do not store full card numbers.

5. Free Retrievability Audit (Authorised Scanning)

By requesting a free audit you confirm you are authorised to permit scanning and testing of the submitted domain(s). Audits may trigger logs, rate-limits, or alerts. We are not responsible for such effects unless caused by our negligence or wilful misconduct.

6. Acceptable Use

You must not violate law, infringe IP or privacy, probe or test systems you are not authorised to test, upload malicious code, bypass security or rate limits, or resell or misuse the Services. We may throttle, suspend, or terminate for breach. See Schedule 1 for details.

7. Customer Data, Service Data, and Outputs

7.1 Customer Data. You retain ownership of data you submit (for example, URLs, user stories, documents, prompts, analytics, tickets). You grant us a non-exclusive worldwide licence to use, copy, process, and create derivative works solely to provide and improve the Services.

7.2 Service Data. We may collect and keep aggregated or de-identified metrics (for example, query counts, model latency, markup patterns) to operate and improve the Services.

7.3 AI and search providers. Some features send prompts or snippets, which may include your brand terms or public content fragments, to third-party AI and search providers to run targeted queries and tests. We maintain a Sub-processor Register (Schedule 3) and will provide notice of material changes. You may object on reasonable grounds. If we cannot accommodate an objection, you may disable the affected feature or terminate with a pro-rata refund.

7.4 Privacy and ACL. We handle personal information per our Privacy Policy and the ACL’s non-excludable consumer guarantees.

8. Security, Data Breaches, and Retention

8.1 Security. We apply reasonable technical and organisational measures appropriate to the risk.
8.2 Breach notice. If we become aware of an eligible data breach under Australia’s Notifiable Data Breaches scheme, we will assess promptly and notify affected customers and the OAIC where required, generally within 72 hours of becoming aware where practicable.
8.3 Retention and deletion. We keep Customer Data for your subscription term and a short period after termination, then delete or irreversibly anonymise it unless retention is required by law or to resolve disputes. We will provide a reasonable export on request.

9. Intellectual Property and Feedback

The Services, software, models, workflows, and data sets we create are our intellectual property. Except for the limited licence in section 7.1, these Terms do not grant either party rights to the other’s IP. Feedback is voluntary. You grant us a perpetual, royalty-free licence to use it.

10. Warranties and Output Quality

AI-assisted outputs and recommendations may be wrong or outdated. They are for information and workflow support only. You remain responsible for review and implementation decisions.

11. Consumer Guarantees (ACL) and Unfair Terms

11.1 Non-excludable rights. Our Services come with guarantees that cannot be excluded under the ACL. Where the ACL applies, you may be entitled to a repair, replacement, re-supply, or refund for a major failure and compensation for reasonably foreseeable loss.
11.2 Fair contracts. We avoid unfair standard-form contract terms. Australia bans proposing, using, or relying on unfair terms in such contracts.

12. Service Levels, Fair Use, and Betas

12.1 Availability. We aim for high availability but do not guarantee 100% uptime. Outages due to third-party providers, force majeure, or planned maintenance are excluded.
12.2 Fair use. We may apply reasonable rate-limits to protect the platform and other customers.
12.3 Beta and previews. Early features may change, break, or be withdrawn and are provided “as is”.

13. Third-Party Services

Use of connectors, such as Google Analytics, is governed by those providers’ terms. You are responsible for necessary permissions and consents.

14. IP Indemnity (Provider)

We will defend and indemnify you against third-party claims that the Services themselves, excluding your data, configurations, or third-party components, directly infringe another’s IP right, and we will pay finally awarded damages or approved settlements. If there is a claim, we may modify, replace, or procure rights for the Services. If none is commercially reasonable, either party may terminate the impacted Service and we will refund prepaid unused fees. This clause does not apply to claims arising from your materials, use not in accordance with documentation, combination with non-FactNexus items, or your modifications.

15. Indemnity (Customer)

You indemnify us against third-party claims arising from your breach of these Terms, unauthorised scans or data connections you direct, or infringement from your data or instructions, except to the extent caused by our breach.

16. Liability Cap

To the extent permitted by law and subject to the ACL, each party’s aggregate liability in any 12-month period is capped at the fees you paid in that period. Neither party is liable for indirect or consequential loss, lost profits, or loss of data, except where the ACL requires otherwise.

17. Confidentiality

Each party must protect the other’s non-public information and use it only to perform this agreement, except where disclosure is legally required.

18. Suspension, Termination, and Exit

18.1 Suspension. We may suspend the Services for non-payment, security risks, legal risks, or material breach.
18.2 Termination for cause. Either party may terminate for material breach not cured within 14 days of notice.
18.3 Termination for convenience. You may cancel anytime. Cancellation takes effect at the end of the current term. If you terminate for convenience, we will refund unused prepaid fees pro-rata within 14 days. This does not affect your ACL rights.
18.4 Data export. We will provide a reasonable export window at or after termination.

19. Changes to Terms

We may update these Terms to reflect changes to the Services or the law. Material changes will be notified by email or in-app. Continued use after the effective date constitutes acceptance.

20. Notices

We will send notices to your account email. You may send notices to legal@retrievable.ai or to our postal address above.

21. Governing Law and Jurisdiction

These Terms are governed by the laws of New South Wales, Australia, and the parties submit to the exclusive jurisdiction of its courts.

22. Assignment, Relationship, Entire Agreement

You may not assign without our consent. We may assign to an affiliate or as part of a merger or sale. No partnership, joint venture, or employment relationship is created. These Terms and any referenced documents are the entire agreement for the Services.

23. Force Majeure

Neither party is liable for delay or failure to perform caused by events beyond its reasonable control, provided it uses reasonable efforts to mitigate and resume performance.

Schedule 1 — Acceptable Use Policy (AUP)

  1. Authorised testing only. Limit scans and testing to assets you own or are authorised to test.
  2. No interference. Do not cause denial of service, abusive load, or bypass rate-limits or access controls.
  3. No harmful or unlawful content. No malware, illegal content, privacy violations, or IP infringement.
  4. Reasonable use. Comply with usage caps, concurrency, and rate limits we publish or notify.

Schedule 2 — Data Processing Addendum (EU/UK GDPR)

Applies only if we process EU or UK personal data as your processor.

Roles. You are the Controller. FactNexus Pty Ltd is the Processor.
Scope. Processing is limited to providing the Services on your documented instructions.
Sub-processors. We maintain a Sub-processor Register (Schedule 3) and will give notice of material changes. You may object on reasonable grounds. If we cannot accommodate an objection, you may disable the affected feature or terminate with a pro-rata refund.
Security. We implement appropriate technical and organisational measures, including encryption in transit, access controls, logging, least privilege, and vulnerability management.
Breach. Without undue delay, and where feasible within 72 hours after becoming aware, we will notify you of a personal data breach affecting your data and share details required by GDPR Articles 33 and 34.
Assistance. We will assist with data subject requests, DPIAs, and consultations as appropriate.
Transfers. For transfers to locations without an adequacy decision, we will apply appropriate safeguards, such as EU SCCs or the UK IDTA.
Audits. Once per 12 months on reasonable notice, you may conduct or appoint an independent auditor to conduct a security or privacy audit limited to controls relevant to your data. Use a desk-based review first, on-site only if reasonably necessary.
Deletion or return. On termination or on request, we will delete or return personal data unless retention is required by law.
Precedence. This DPA prevails over conflicting ToS terms regarding GDPR-covered processing.

Schedule 3 — Sub-processor Register (AI, Search, Infrastructure)

We use reputable providers to deliver functionality, such as AI query execution, analytics ingestion, hosting and CDN, error monitoring, and payments via Stripe. The current list and purposes will be provided on request. We will give advance notice of material changes and offer a reasonable objection process. If we cannot accommodate an objection, you may disable the affected feature or terminate with a pro-rata refund.

Privacy Policy

Effective date: 18 August 2025
Entity: FactNexus Pty Ltd (ABN 46 086 885 092) trading as retrievable.ai (“we”, “us”, “our”)
Contact: Level 2, 11 York Street, Sydney NSW 2000, Australia · legal@retrievable.ai

We handle Personal Information under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). If you are in the EU/UK, the GDPR/UK GDPR sections below also apply.

1) What this policy covers

  • Our website, app, support, subscriptions, and free audits.
  • Data we collect from you, your team, and the domains/systems you authorise us to test.
  • How we use, share, secure, retain, and delete that data.

2) The data we collect

You provide

  • Account and billing details (name, email, company, tax/PO info).
  • Domain(s), prompts/user stories, tickets, documents you upload.
  • Messages you send to support.

We collect automatically

  • Usage and telemetry (pages, features, timestamps, IP, device, event logs).
  • Audit outputs and scan findings for your authorised domains.
  • Cookies/identifiers to run the service and improve it (see §9).

From third parties (when you connect them)

  • Analytics (e.g., GA properties), error/log streams, and other data you instruct us to pull.
  • Payment data via Stripe (card token, payment outcome, limited billing info). We do not store full card numbers.

3) Why we collect and how we use it (Purposes)

  • Provide the service: audits, Share-of-AI-Voice tracking, advice, reporting, support.
  • Improve and secure: troubleshooting, quality, anti-abuse, analytics, and product research.
  • Billing and account: subscriptions, invoices, tax compliance, receipts.
  • Compliance: handle complaints, requests, and any legal obligations (including the NDB scheme).

4) Roles: controller vs processor

  • We act as controller for our site, accounts, billing, and platform telemetry.
  • We act as your processor when we handle Customer Data you supply for audits, testing, and analytics ingestion, as set out in the DPA (Schedule 2 of your ToS).

5) Sharing and disclosure

We share Personal Information only with:

  • Sub-processors that help us run the service (AI/search providers, hosting/CDN, observability, email, payments). We maintain a Sub-processor Register at /subprocessors and give notice of material changes.
  • Service providers bound by contract (confidentiality, security, limited purpose).
  • Authorities where the law requires.

If you object to a sub-processor on reasonable grounds and we cannot accommodate the objection, you may disable the affected feature or end your plan with a pro-rata refund (see ToS).

6) International transfers

Your data may be stored or processed outside your country (for example, Australia, the EU, the US) by our infrastructure and sub-processors. We use contractual and technical safeguards appropriate to the risk (for EU/UK data, see §11).

7) Security

We apply reasonable technical and organisational measures (access controls, encryption in transit, least-privilege, logging, vulnerability management). No method is 100% secure.

8) Data retention and deletion

  • Customer Data: kept for your subscription term and a short period after termination, then deleted or irreversibly anonymised unless the law allows/obliges us to keep it.
  • Billing records: kept as required for accounting/compliance.
  • On request, we will provide a reasonable export of your Customer Data.

9) Cookies and similar tech

We use necessary cookies to operate the site, and optional analytics/performance cookies to improve it. Most browsers let you block cookies; features may degrade if essential cookies are blocked.

10) Your rights (Australia – APPs)

You can request access to and correction of your Personal Information we hold (APP 12 and 13). We will respond within a reasonable time and explain any lawful refusal. To exercise your rights, email legal@retrievable.ai.

11) EU/UK add-on (GDPR/UK GDPR)

When the GDPR/UK GDPR applies, we rely on these lawful bases: performance of a contract (to deliver the service), legitimate interests (to improve and secure), consent (where required, e.g., certain cookies/marketing), and legal obligation (compliance).

Your rights include: access, rectification, erasure, restriction, portability, objection, and rights related to automated decision-making/profiling. To exercise these, contact legal@retrievable.ai; you may also contact your supervisory authority.

Transfers outside the EU/UK: where needed, we use Standard Contractual Clauses (SCCs) and/or the UK IDTA, plus technical measures.

12) Children

Our services are for business use and not directed to children under 16.

13) Marketing

We may send service and product updates. You can opt out of non-essential marketing at any time (email footer or legal@retrievable.ai). Transactional and service emails will still be sent.

14) Data breaches (Australia)

If we suspect a breach, we assess promptly. If it is an eligible data breach likely to cause serious harm, we notify affected individuals and the OAIC as required by the Notifiable Data Breaches (NDB) scheme and include the prescribed content.

15) Complaints

  • Contact us first: legal@retrievable.ai
  • If you are unsatisfied and are in Australia, you can complain to the Office of the Australian Information Commissioner (OAIC).
  • EU/UK users may contact their data protection authority.

16) Changes to this policy

We may update this policy to reflect changes in law or our services. We will post the new version with a new effective date. If the changes are material, we will give reasonable notice.

17) How to contact us

FactNexus Pty Ltd (ABN 46 086 885 092)
Level 2, 11 York Street, Sydney NSW 2000, Australia
legal@retrievable.ai