Alert Relay Privacy Policy

Effective date: April 7, 2026

Last updated: April 7, 2026

1. Who we are

Alert Relay is a software service provided by independNET Pty Ltd.

If you have questions about this Privacy Policy or our handling of personal information, you can contact us at our contact page.

2. About this Privacy Policy

This Privacy Policy explains how we collect, use, hold and disclose personal information in connection with Alert Relay, including our website pages under /alert-relay/, connector services, API services, subscriptions, support, and related operations.

We are based in Australia and aim to handle personal information in a transparent and secure way.

3. What information we may collect

Depending on how Alert Relay is used, we may collect the following types of information.

• Tenant and organisation information such as Microsoft Entra tenant ID, tenant display name, service status, trial or subscription status, and related timestamps.
• User identity information such as Microsoft Entra object ID, display name, email address, user principal name, and basic authentication or connection metadata.
• Region-related account information such as raw Microsoft Graph profile fields including usageLocation and country.
• Service usage and diagnostic information such as which Alert Relay action was called, request date and time, tenant reference, list ID, site ID where relevant, service status, and operational telemetry.
• Subscription and billing information such as billing contact details, subscription identifiers, invoice status, payment status, and payment provider references.

4. What we do not intend to store

Alert Relay is designed to minimise retention of customer business content. As a general rule, we do not intend to store SharePoint list item contents, document contents, page contents, generated email bodies containing customer business data, or OAuth access tokens beyond short-lived operational handling.

Where customer data must be handled to provide the service, we aim to minimise collection and retention.

5. How we collect information

• Directly from you.
• When you connect or authenticate to Alert Relay using Microsoft services.
• When users in your organisation configure or use the Alert Relay connector or related services.
• Through API requests, logs, and operational telemetry.
• Through limited Microsoft Graph calls used to enrich tenant or user metadata.
• When you subscribe, contact us, request support, or use our website.
• From service providers that help us operate the service, such as hosting, communications, authentication, and payment providers.

6. Why we collect, use and disclose information

• Providing and operating Alert Relay.
• Authenticating users and validating service requests.
• Linking service activity to the relevant tenant, user, and entitlement.
• Enforcing service limits, trials, subscriptions, and licensing conditions.
• Processing subscriptions, billing, renewals, and invoices.
• Maintaining service security, integrity, fraud prevention, and abuse detection.
• Diagnosing issues and improving service performance and reliability.
• Understanding service usage by region or market at an aggregate or operational level.
• Communicating about support, billing, incidents, and service changes.
• Complying with legal, regulatory, and contractual obligations.

7. Legal bases for processing

Where applicable privacy or data protection laws require a legal basis for processing, we generally process personal data to provide the service requested, perform or prepare for a contract, pursue our legitimate interests in operating and securing Alert Relay, comply with legal obligations, or with consent where consent is required.

8. Roles and responsibilities

Customer organisations remain responsible for their own Microsoft 365, SharePoint, and user authorisation environments.

Depending on the context, we may act as an independent controller for our own account, subscription, billing, support, security, regional usage, and service operations data, and as a service provider or processor in relation to certain customer-linked operational processing carried out to provide Alert Relay functionality.

9. Where information is stored

We intend to host core Alert Relay infrastructure in Microsoft Azure in Australia East. This means that the primary service data we choose to retain for Alert Relay is intended to be stored in Australian-hosted Azure resources, subject to how Microsoft and supporting providers operate their services.

10. International disclosures and transfers

We do not currently intend to disclose personal information overseas as part of normal core Alert Relay operations, except where this occurs through third-party providers or supporting services we use, such as payment providers, support tools, email delivery providers, monitoring tools, or infrastructure services with overseas personnel or subprocessors.

11. Security

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Those steps may include encryption in transit, access controls, least-privilege access, secure secret handling, logging, monitoring, and data minimisation.

12. Data retention

We keep personal information only for as long as reasonably necessary for service delivery, security, diagnostics, subscription management, legal compliance, record-keeping, and dispute resolution.

Retention periods may vary depending on the kind of information involved, for example account data, subscription records, support records, billing records, and operational telemetry.

13. Access, correction, and related rights

You may request access to personal information we hold about you and ask us to correct information that is inaccurate, incomplete, out of date, irrelevant, or misleading.

Depending on where you are located and which laws apply, you may also have rights to request deletion, restriction, objection, portability, or withdrawal of consent in certain circumstances.

14. Complaints

If you have a complaint about how we have handled your personal information, please contact us first using our contact page. We will review your complaint and respond within a reasonable time.

15. Data breaches

If a data breach occurs involving personal information we hold, we will assess and respond to the incident in accordance with applicable law and our internal procedures. Where required, we will notify affected individuals and relevant regulators.

16. Third-party services

Alert Relay may rely on third-party providers to operate effectively, including providers of cloud hosting, identity and authentication, payments and billing, communications and email delivery, monitoring, logging, analytics, support, and security tooling.

17. Website and analytics

If you visit our public website pages, including the Alert Relay pages under /alert-relay/, we may collect standard website usage information such as IP address, browser type, timestamps, pages accessed, and referring URLs for security, analytics, and website administration.

18. Availability by region

Alert Relay may not be available in all jurisdictions. We may limit or refuse access to the service in particular countries or regions for legal, operational, commercial, or compliance reasons.

19. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be published on this page with a revised effective date.

20. Contact us

For privacy questions, requests, or complaints relating to Alert Relay, contact independNET Pty Ltd via our contact page.