Last updated: 4 April 2026
Hingston Capital Pty Ltd (ACN 690 585 196) ("we", "us", "our") operates Clubernance (clubernance.com.au). This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).
We collect the following types of information:
Account information: name, email address, phone number, and role within your club.
Club information: club name, ABN, ACN, registered address, liquor and gaming licence numbers, and director details (including names, dates of birth, contact details, positions, and appointment dates).
Financial information: aggregated club financial data entered for benchmarking purposes (revenue, expenses, assets, liabilities). We do not collect personal banking or credit card numbers — all payment processing is handled by our payment provider.
Governance data: board meeting records, minutes, motions, compliance records, policies, risk registers, incident reports, correspondence, conflict of interest declarations, and strategic plans.
Documents: files you upload such as constitutions, policies, board papers, training certificates, and meeting papers.
Usage data: pages visited, features used, and interaction patterns for the purpose of improving the platform.
AI interactions: messages sent to the Clubernance AI assistant, including the club context provided to generate responses.
We use your information to:
All club data is stored in Australian data centres (Sydney region). We encrypt data in transit and at rest, enforce strict access controls so each club's data is fully isolated from other clubs, and support multi-factor authentication.
Our platform is built to OWASP Application Security Verification Standard (ASVS) Level 2, the internationally recognised benchmark for applications handling sensitive data. For full details, see our Security page.
We use the following third-party services to operate the platform. We only share the minimum data necessary for each service to function:
Stripe — payment processing. Receives your email address and subscription details only. Stripe is PCI DSS Level 1 certified.
Anthropic — powers the in-app AI governance assistant. When you use the assistant, your message and relevant club context are sent to Anthropic for processing. Your data is not used for AI model training and is retained for a maximum of 7 days for safety monitoring before permanent deletion.
Google — powers document analysis features such as ASIC extract parsing and AI-assisted document generation. When you use these features, the relevant document content is sent to Google for processing. Your data is not used for model training and is retained for a maximum of 55 days for safety compliance before permanent deletion.
Vercel — application hosting. No club data is permanently stored by Vercel.
Resend — transactional email delivery (meeting reminders, compliance alerts, invitations). Receives email addresses and email content necessary for delivery.
Sentry — error monitoring. Receives error reports for debugging purposes. We configure Sentry to exclude personal data.
Cloudflare — bot protection on authentication forms. No club data is shared with Cloudflare.
We do not sell, rent, or trade your personal information. We only share data with the third-party service providers listed in Section 5, and only as necessary to operate the platform.
We may disclose information if required by law, regulation, legal process, or governmental request.
Benchmarking features compare your club's data against publicly available NSW government gaming statistics. Your club's financial data is never shared with, aggregated with, or visible to other clubs.
While your primary club data is stored in Australia, some data is processed by services hosted outside Australia:
By using Clubernance, you consent to the transfer of data to these services as described. All listed providers maintain security practices and data processing agreements consistent with our obligations under the Privacy Act 1988.
We retain your data for as long as your account is active and your subscription is current.
Upon account closure or subscription cancellation, your data is retained for 30 days to allow for recovery or data export, then permanently deleted.
AI assistant conversation history can be cleared by the user at any time. Upon clearing, messages are deleted from our database.
Backup copies of data may be retained for up to 30 additional days as part of standard backup procedures.
Under the Australian Privacy Principles, you have the right to:
To exercise any of these rights, contact us at support@clubernance.com.au.
Clubernance is a business platform designed for registered club governance. We do not knowingly collect information from children under 18. If you believe a child's information has been provided to us, please contact us immediately.
We may update this Privacy Policy from time to time. Material changes will be communicated via email to account holders and posted on this page. Your continued use of the platform after changes are posted constitutes acceptance of the updated policy.
For privacy inquiries, complaints, or data access requests:
Email: support@clubernance.com.au
Entity: Hingston Capital Pty Ltd (ACN 690 585 196)