DISTintel.ai

Privacy Policy

Distributed Intelligence Pty Ltd · ABN 49 677 443 524 · ACN 677 443 524

Last updated: 10 May 2026

Distributed Intelligence Pty Ltd ABN 49 677 443 524, ACN 677 443 524, trading as DISTintel.ai (Distintel, we, us, our) takes privacy seriously and is committed to handling personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose, store, secure, and dispose of personal information in the course of operating our corporate intelligence platform at https://distintel.ai (the Platform), our public website, and related services. It applies to visitors to our website, customers and users of the Platform, prospective customers, suppliers, contractors, job applicants, and other individuals whose personal information we may handle.

This Privacy Policy sits alongside our Terms of Service and any specific product terms or order forms that apply to the services we provide.

About Distintel and the data we handle

Distintel is a business-to-business (B2B) corporate intelligence platform. Our core function is to ingest, link, enrich, and analyse Australian corporate, business, and insolvency data drawn primarily from publicly available official sources, and to make that information searchable and actionable for our customers (typically lawyers, insolvency practitioners, lenders, accountants, and corporate risk teams).

The principal source datasets we work with include:

  • the Australian Business Register (ABR), made available by the Australian Taxation Office under the Australian Business Register Act 1999 (Cth);
  • ASIC company and business name registers, including the ASIC Companies dataset and ASIC Business Names dataset published on data.gov.au;
  • ASIC published notices (including notices of external administration, deregistration, court hearings, members’ and creditors’ meetings, and related insolvency notices);
  • Australian press, news, and trade publications relating to corporate events, distress, acquisitions, and insolvency outcomes; and
  • our customers’ own input, search activity, configuration, and account data.

Some of this information identifies, or can be combined to identify, individuals — for example, the names of company directors, secretaries, members, registered agents, sole traders, partners, trustees, court-appointed administrators, liquidators, receivers, and other officeholders. To the extent that information is “personal information” under the Privacy Act, it is handled under this Privacy Policy.

A significant portion of the information we handle is drawn from public registers and other lawfully publicly available sources. We rely on, among other things, Australian Privacy Principle 3 and the “publicly available information” framework under the Privacy Act for the collection, organisation, and disclosure of that information. Where personal information is drawn from public registers, we do not adopt or use government-issued identifiers as our own internal identifiers (see “Government-related identifiers” below).

What is personal information?

In this Privacy Policy, personal information has the meaning set out in the Privacy Act. In general terms, it is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether or not it is recorded in a material form.

Some categories of personal information are classified as sensitive information under the Privacy Act and attract additional protections. Distintel does not seek out or knowingly collect sensitive information about individuals through the Platform. To the extent sensitive information appears incidentally in source records (for example, references to alleged conduct in a published court notice), we handle that information in accordance with the Privacy Act.

What types of personal information do we collect?

The personal information we collect depends on the context. It typically includes:

  • Customer and account information — name, business email address, business telephone number, role/job title, employer name, account credentials (hashed), billing contact details, ABN/ACN of the customer entity, subscription tier, and order/invoice records;
  • Payment information — payments are processed by our payment processor (Stripe). Distintel does not store full card numbers on our own servers; we receive limited tokenised payment metadata (such as last four digits, card brand, expiry, and Stripe customer/subscription identifiers) sufficient to manage the subscription and reconcile invoices;
  • Platform usage data — search queries, entities and notices viewed, watchlists and saved searches, alert rules, exports, API calls, timestamps, and similar audit-log information generated by your use of the Platform;
  • Technical and analytics information — IP address, approximate geolocation derived from IP, user agent and browser type, device type, referring/exit pages, session identifiers, cookie identifiers, and similar information collected automatically when you visit our website or use the Platform;
  • Corporate intelligence content (third-party personal information) — names and roles of company directors, secretaries, members, registered agents, sole traders, partners, trustees, beneficial owners (where lawfully published), administrators, liquidators, receivers, deed administrators, and other officeholders, together with the public ABN/ACN, registered or principal address, entity status, appointment dates, notice details, and related event metadata. Most of this information is sourced from public registers or lawfully publicly available news sources;
  • Marketing and communications information — name, business email address, employer, role, and your communication preferences and engagement history with our marketing communications;
  • Support and feedback information — contents of support tickets, emails, calls, demo requests, and feedback you provide; and
  • Recruitment information — information contained in your application, CV, cover letter, interview notes, and pre-engagement checks if you apply to work with us as an employee or contractor.

Distintel’s services are not directed to, and we do not knowingly collect personal information from, individuals under the age of 18. If we become aware that we have inadvertently collected personal information directly from a minor, we will take reasonable steps to delete or de-identify that information.

How do we collect personal information?

Where it is reasonable and practicable to do so, we collect personal information directly from the individual concerned. We collect personal information directly from you when you:

  • access or browse our website or the Platform;
  • register for, trial, or subscribe to the Platform, or have an account provisioned for you by your employer or another customer;
  • book a demo, request information, download a resource, or fill in a form on our website;
  • subscribe to our newsletter, alerts, or other marketing communications;
  • contact us by email, phone, web form, or via support channels;
  • respond to a survey or participate in user research;
  • connect Distintel to a third-party service (for example, a CRM, single sign-on provider, or webhook destination) that you authorise; or
  • apply to work with, or are engaged by, us.

We also collect personal information from sources other than the individual, including:

  • public registers and government-published datasets, including the ABR, the ASIC Companies and ASIC Business Names datasets on data.gov.au, and ASIC Published Notices (asic.gov.au);
  • other lawfully publicly available sources, including news, trade press, court lists, and corporate announcements relating to insolvency, distress, acquisitions, and corporate change events;
  • our service providers, integration partners, and data enrichment providers (for example, business data and contact-enrichment services we use to verify or augment company-level information);
  • third parties acting on your behalf, such as a colleague who refers you, a recruiter, or a referee you nominate; and
  • analytics, advertising, and marketing platforms in connection with our website and outbound campaigns.

We may combine information collected from these sources to perform entity resolution (for example, linking ABNs to ACNs and to insolvency notices), to derive risk and event signals, and to maintain the accuracy of our datasets.

Cookies and similar technologies

Our website and Platform use cookies, log files, web beacons, and similar technologies to:

  • keep you signed in and maintain session state;
  • remember your preferences;
  • measure traffic, performance, and feature usage; and
  • protect against fraud and abuse.

You can configure your browser to refuse cookies or to alert you when cookies are being sent. If you disable cookies, some parts of the website or Platform may not function correctly. Some third-party services we use (such as analytics, error monitoring, and edge/CDN providers, including Cloudflare) may set their own cookies; those cookies are governed by the third party’s own privacy policy.

Dealing with us anonymously or by pseudonym

Where lawful and practicable, you may interact with us anonymously or under a pseudonym — for example, when making a general enquiry. However, we will usually need to know who you are to set up an account, process a subscription, deliver paid services, respond to detailed enquiries, or comply with our legal obligations.

Government-related identifiers

Distintel ingests Australian Business Numbers (ABNs) and Australian Company Numbers (ACNs) from public registers and uses them to perform entity resolution and to link records across datasets. Where an ABN or ACN, or another identifier published on an Australian government register, relates to an identifiable individual (for example, a sole trader’s ABN), we treat that information in accordance with the Privacy Act.

We do not adopt a government-related identifier of an individual as our own identifier of that individual unless we are required or authorised to do so by or under an Australian law or a court or tribunal order. We do not collect tax file numbers, Medicare numbers, driver licence numbers, passport numbers, or similar government-issued identifiers from individuals through the Platform, and we do not perform identity verification (for example, via the Document Verification Service) as part of our standard service.

How do we use your personal information?

We use personal information for purposes connected with operating our business and providing the Platform, including to:

  • provide, maintain, secure, and improve the Platform and our other products and services;
  • perform entity resolution, link records across datasets, classify entity types, and derive risk and event signals (for example, classifying notices as closure, stress, planned closure, or acquisition signals);
  • display, search, and analyse corporate, business, and insolvency information for our customers, and generate reports, exports, alerts, dashboards, and APIs based on that information;
  • verify identity for account access and prevent unauthorised use;
  • process payments and manage subscriptions and billing, including via our payment processor;
  • respond to your enquiries, provide support, and manage our relationship with you;
  • detect, investigate, and prevent suspicious, fraudulent, or unlawful activity, and protect the rights, property, and safety of Distintel, our customers, and others;
  • comply with our legal obligations, including under the Privacy Act, the Corporations Act 2001 (Cth), the Spam Act 2003 (Cth), tax law, and other applicable laws, and to respond to lawful requests from courts, regulators, and law-enforcement bodies;
  • conduct research, analytics, training of internal models, and product development, including by producing aggregated and de-identified datasets and statistics;
  • send you direct marketing about Distintel’s products, content, events, and offerings, where permitted (see “Direct marketing” below); and
  • contact you about the matters above, by email, phone, SMS, in-Platform messaging, or other lawful means.

Where we use personal information in connection with corporate intelligence content drawn from public registers, our purpose is to make that information accessible, accurate, current, and useful to professional users with a legitimate need to assess corporate counterparties, monitor insolvency events, and conduct due diligence. We use this information consistently with the public character of the source registers and applicable Australian law.

Automated processing and AI

The Platform uses automated processes — including rules-based logic, statistical models, and machine-learning and large-language-model systems — to ingest, classify, link, enrich, score, and summarise corporate and insolvency data. For example, we use these techniques to classify entity types, detect signals from published notices, generate plain-language summaries of records, and surface relevant entities and events.

These outputs are intended as professional decision-support tools, not as automated decisions about individuals. We do not use the Platform to make solely automated decisions that have legal or similarly significant effects on individuals (such as automated credit, employment, or eligibility decisions). Customers using the Platform are responsible for their own decisions and for their use of any information they obtain through the Platform, including compliance with the Privacy Act and any other applicable laws.

To whom do we disclose personal information?

We may disclose personal information to third parties in connection with the purposes described above, including:

  • Customers and authorised users — corporate intelligence content (which may include personal information drawn from public registers and lawfully publicly available sources) is made available to our paying customers and the users they authorise, in accordance with our Terms of Service;
  • Service providers and processors — including cloud infrastructure providers (Google Cloud Platform), edge, DNS, and security providers (Cloudflare), database and storage providers, email and messaging providers, our payment processor (Stripe), customer support tools, analytics and error-monitoring tools, and similar operational vendors;
  • Data and integration partners — providers we use to enrich, validate, or supplement company-level information, and integration partners that connect to the Platform on your authorisation;
  • Professional advisers and insurers — including our lawyers, accountants, auditors, and insurance providers;
  • Acquirers and successors— any actual or proposed purchaser of Distintel’s business or assets, and their advisers, in connection with a sale, merger, restructure, financing, or insolvency event;
  • Government, regulatory, and law-enforcement bodies — where we are required or authorised by law, by court or tribunal order, or by a permitted general or health situation under the Privacy Act; and
  • Other parties with your authorisation — for example, where you authorise us to share information with a referee, integration partner, or advisor.

Where we engage a service provider to handle personal information on our behalf, we use commercially reasonable efforts to ensure the provider handles that information in a manner consistent with this Privacy Policy and applicable law, including by entering into appropriate contractual terms.

Direct marketing

We send marketing communications about Distintel — including product updates, content, events, webinars, and offers — only where we are permitted to do so under the Privacy Act and the Spam Act 2003 (Cth). This is typically based on your consent or, in a B2B context, on the inferred consent that arises where the recipient’s functional business contact details have been published or provided in connection with their professional role.

Every marketing email we send includes a functional unsubscribe option. You can also opt out at any time by emailing privacy@distintel.ai. We will give effect to opt-out requests within a reasonable period.

How do we store and protect personal information?

Personal information is stored in encrypted databases, object storage, and backups operated for us by reputable cloud infrastructure providers, and in business systems used to run our operations (such as email, CRM, support, billing, and accounting tools).

We implement reasonable technical and organisational measures to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. These include:

  • hosting on secure cloud infrastructure with role-based access controls, network segmentation, and firewalling;
  • encryption of data in transit (TLS) and at rest where supported by the relevant service;
  • strong authentication for administrative and production access, including SSO, multi-factor authentication, and the principle of least privilege;
  • audit logging of administrative and sensitive operations;
  • regular patching, dependency monitoring, and vulnerability review of our systems;
  • contractual confidentiality and security obligations on our staff, contractors, and service providers; and
  • processes to delete or de-identify personal information when it is no longer needed (see “Retention” below).

No method of transmission or storage on the internet is completely secure. While we take protection of your information seriously, we cannot guarantee absolute security. If you become aware, or reasonably suspect, that your personal information has been the subject of a data breach or unauthorised activity in connection with Distintel, please contact us immediately at privacy@distintel.ai. We will respond to eligible data breaches in accordance with our obligations under the Notifiable Data Breaches scheme in Part IIIC of the Privacy Act.

How long do we keep personal information?

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, including to provide the Platform, comply with our legal, accounting, tax, and audit obligations, resolve disputes, and enforce our agreements.

For corporate intelligence content drawn from public registers and lawfully publicly available sources, we retain historical records and event histories for as long as is appropriate to provide a useful longitudinal view of an entity (for example, prior directorships, deregistered companies, and historical insolvency events). Where source registers correct, restore, or remove a record, we update our datasets in line with the source on our normal ingest cadence.

When personal information is no longer required, we take reasonable steps to delete or de-identify it, except where retention is required or authorised by law.

Cross-border disclosure of personal information

Distintel’s primary production infrastructure is hosted on Google Cloud Platform in the United States (us-central1 region). As a result, personal information you provide to us, and personal information we handle in connection with the Platform, is stored and processed on servers located in the United States.

In addition, some of our service providers, integration partners, and corporate group functions are located outside Australia, including in the United States and the European Union / United Kingdom (for example, our payment processor, edge/CDN provider, email and analytics providers, and certain support tooling). The list of countries to which personal information may be disclosed therefore includes, at the date of this Privacy Policy, the United States, the United Kingdom, and member states of the European Union, and may include other countries from time to time.

Before disclosing personal information to an overseas recipient, we take steps that are reasonable in the circumstances to ensure that the recipient does not breach the Australian Privacy Principles in relation to that information, except where an exception applies under the Privacy Act.

Accessing and correcting your personal information

You may request access to the personal information we hold about you, and ask us to correct it if it is inaccurate, out of date, incomplete, irrelevant, or misleading, by contacting privacy@distintel.ai. We will respond within a reasonable period and in accordance with the Privacy Act, subject to any exceptions that apply (for example, where access would be unlawful or would unreasonably impact the privacy of others).

For corporate intelligence content sourced from public registers (such as ABR, ASIC Companies, ASIC Business Names, and ASIC Published Notices), the underlying source of truth is the relevant government register. Where a record on a public register is inaccurate, the most effective remedy is usually to have the record corrected at source — for example, via the ATO (for ABR records) or ASIC (for company, business name, and published notice records). Once the source is corrected, the change will flow through to our datasets on our normal ingest cadence. We will also consider, on request, whether it is reasonable to suppress, annotate, or correct an entry in our Platform pending source-level correction.

We may charge a reasonable administrative fee to give effect to a complex access request; we will tell you in advance if a fee will apply and on what basis. We do not charge for making a correction or for receiving a complaint.

Questions and complaints

If you have a question, concern, or complaint about how Distintel has handled your personal information, please contact our Privacy Officer at privacy@distintel.ai. Please include enough detail to allow us to investigate (for example, the nature of the concern, any relevant entity or notice, and how we can contact you).

We will acknowledge your complaint promptly, investigate it in good faith, and respond within a reasonable period — generally within 30 days. If we cannot respond within that period, we will tell you why and when you can expect a response.

If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC):

How to contact us

For privacy queries, access and correction requests, complaints, or any other matter under this Privacy Policy, please contact:

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our services, or the law. The current version is always available at https://distintel.ai/privacy-policy. Where the changes are material, we will give reasonable notice by posting a prominent notice on our website or by emailing the address associated with your account. Your continued use of the Platform after a change takes effect indicates your acceptance of the updated Privacy Policy.