Privacy Policy

Liquid Ledger Pty Ltd (ABN 72 646 721 931), trading as Mileon (“Mileon”, “we”, “us” or “our”), is an Australian company based in Victoria, Australia. We design, build and integrate technology and systems for our clients, and we operate the website at mileon.ai together with related services.

We are committed to protecting your privacy and to handling personal information in accordance with the Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APPs). This policy explains the kinds of personal information we collect and hold, how we collect, use and disclose it, how you can access or correct it, and how to make a privacy complaint.

It applies to information we handle in our own right. Where we handle personal information on behalf of a client while delivering our services, that information is also governed by our agreement with that client and by the client’s own privacy notices — see “Information we handle on behalf of clients” below.

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not and whether recorded in a material form or not. Examples include your name, contact details, and information about your dealings with us.

Sensitive information is a special category of personal information — such as information about your health, racial or ethnic origin, or biometric data — that attracts additional protections under the Privacy Act. We do not ordinarily collect sensitive information, and will only do so with your consent or where we are otherwise permitted by law.

Depending on how you interact with us, we may collect:

• Identity and contact details — your name, email address, phone number, business name, role and similar details.
• Engagement information — details about your project, requirements, systems and the work we carry out for you, including notes from calls, meetings and correspondence.
• Access information — where you ask us to build or integrate systems, you may grant us access to platforms, tools or accounts that contain personal or business information. We handle this access on a least-privilege basis and only for the purposes of the engagement.
• Website and device data — pages visited, time on site, referring URLs, IP address and browser or device information, collected automatically through cookies and analytics tools.
• Billing information — the details needed to invoice and process payment. Card payments, where applicable, are handled by third-party payment providers and we do not store full card numbers.

We collect personal information:

• Directly from you — when you complete our contact form, book a call, email us, or work with us during an engagement.
• Automatically — when you use our website, through cookies and analytics (see cookies and website analytics).
• From third parties — such as referrals, publicly available sources, or our clients where you are one of their customers, contacts or staff.

Where it is lawful and practicable, you have the option of dealing with us anonymously or using a pseudonym — though we may be unable to provide certain services if we cannot identify you. If we receive personal information we did not solicit and could not have lawfully collected, we will destroy or de-identify it where the law allows.

We use personal information to:

• respond to enquiries, schedule and conduct calls;
• design, build, integrate, support and maintain the technology and systems we deliver;
• manage our relationship with you, including contracts and billing;
• operate, secure and improve our website and services;
• send updates, proposals or follow-ups you would reasonably expect or have asked to receive; and
• meet our legal, regulatory and record-keeping obligations.

We only use or disclose personal information for the primary purpose for which it was collected, for a related secondary purpose you would reasonably expect, with your consent, or where we are otherwise required or authorised by law. We do not sell, rent or trade your personal information.

When we build or integrate systems for a client, we may access, store or process personal information that belongs to that client — for example, information about the client’s own customers, contacts or staff.

In respect of that information we act as a service provider on the client’s behalf and under our engagement agreement. The client remains responsible for that information, and the client’s own privacy policy and collection notices govern how it may be used. We only handle it as reasonably necessary to deliver the services, in line with the client’s instructions, and we apply appropriate security.

If you are an individual whose personal information is held by one of our clients, please direct any access, correction or complaint requests to that client in the first instance. We will assist our clients in meeting their privacy obligations as required.

Our website uses cookies — small files stored on your device — to remember preferences and measure performance. We use analytics tools, which may include Vercel Analytics and Google Analytics, to understand, in aggregate, how the site is used so we can improve it.

You can disable or delete cookies through your browser settings, though some parts of the site may not function as intended without them.

We may disclose personal information to:

• Service providers who help us operate our business — including hosting and infrastructure (such as Vercel), analytics, scheduling (such as Cal.com), email, and customer-management tools;
• Professional advisers such as our accountants and lawyers, where reasonably required;
• Regulators, courts or authorities where we are required or authorised by law to do so; and
• A purchaser or successor in connection with a sale, merger or restructure of our business.

We require our service providers to protect personal information and to use it only for the purposes for which we engage them.

As part of building and integrating systems — and in running our own operations — we and our clients may use third-party AI platforms (for example, services from Anthropic and OpenAI).

Where personal information may be processed by such tools, we take reasonable steps to minimise the personal information shared, prefer enterprise or zero-data-retention configurations where they are available, and do not permit your personal information to be used to train publicly available models without consent or a lawful basis.

Some of our team members and service providers are located outside Australia, including in Vietnam and the United States, and some providers store or process data overseas. This means your personal information may be accessed from, or stored in, countries other than Australia.

Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient handles it in a way consistent with the Australian Privacy Principles.

We take reasonable technical and organisational measures to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure — including access controls, least-privilege access, and encryption in transit. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

If we become aware of an eligible data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme.

We take reasonable steps to keep the personal information we hold accurate, up to date and complete. Please let us know if your details change.

We keep personal information only for as long as it is needed for the purposes described in this policy or as required by law, after which we destroy or de-identify it. As a guide, enquiry and contact records are generally retained for up to 3 years after our last contact, while client engagement and financial records may be retained for up to 7 years to meet tax and corporate record-keeping obligations.

We may occasionally send you information about our services where you would reasonably expect it or have opted in, and as permitted under the Privacy Act and the Spam Act 2003 (Cth). Every marketing message includes a way to opt out, and you can also unsubscribe at any time by emailing team@mileon.ai. We will action opt-out requests promptly.

Under the Australian Privacy Principles you may, in relation to the personal information we hold about you:

• request access to it;
• ask us to correct it if it is inaccurate, out of date or incomplete;
• ask us to delete it, subject to our legal and record-keeping obligations; and
• opt out of marketing communications.

To make a request, email team@mileon.ai. We may need to verify your identity first, and we will respond within a reasonable period — generally within 30 days. If we are unable to give access or make a correction, we will explain why in writing where required.

If you have a question about this policy, want to exercise your rights, or wish to make a privacy complaint, please contact our Privacy Officer:

Liquid Ledger Pty Ltd trading as Mileon
ABN 72 646 721 931
202/2 Queen Street, Melbourne VIC 3000, Australia
team@mileon.ai

We take complaints seriously. We will acknowledge your complaint, look into it, and aim to respond within 30 days. If you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner:

Office of the Australian Information Commissioner (OAIC)
Phone: 1300 363 992
Web: www.oaic.gov.au
Post: GPO Box 5288, Sydney NSW 2001

We may update this policy from time to time. Material changes will be reflected by a revised “Last updated” date at the top of this page, and we encourage you to review it periodically.

This policy and our handling of personal information are governed by the laws of Victoria, Australia and the Commonwealth of Australia.