Privacy Policy
Last updated: 11 June 2026
ThermalVariations ("we", "us", "our") provides AI-assisted thermal fault detection for solar assets (the "Service"). We are committed to protecting your privacy and handling personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains what we collect, why we collect it, how it is stored, and your rights.
1. Information we collect
- Account information. Your email address and authentication identifiers, managed through AWS Cognito. We never see or store your password.
- Inspection data. Job names, site labels, panel counts and the aerial thermal imagery you upload.
- Payment information. Payments are processed by Stripe. We do not collect, store or have access to your full card details. We retain records of invoices and payment status.
- Technical data. Standard server logs (IP address, browser type, timestamps) used for security monitoring and service operation.
2. How we use your information
- To provide the Service: processing your imagery, generating fault reports and managing your account.
- To process payments and issue invoices.
- To secure the Service, detect abuse and meet legal obligations.
- To communicate with you about your inspections, your account and service updates.
We do not sell your data. We do not share your imagery with other customers. Your imagery is not used to train models shared with other customers.
3. Storage and security
- All data is stored in the AWS Sydney region (ap-southeast-2), Australia.
- Imagery is encrypted in transit (TLS) and at rest (AWS S3 server-side encryption).
- Data is logically isolated per customer. Access is restricted to your authenticated account.
- Report downloads use short-lived signed links that expire automatically.
- Authentication is handled by AWS Cognito with industry-standard token security.
No method of transmission or storage is completely secure. While we apply commercially reasonable safeguards, we cannot guarantee absolute security. If we become aware of a data breach that is likely to result in serious harm, we will notify affected users and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme.
4. Third-party services
We rely on a small number of processors to operate the Service:
- Amazon Web Services (hosting, storage, authentication), Sydney region.
- Stripe (payment processing). See the Stripe privacy policy for how they handle payment data.
- Vercel (web application hosting and delivery).
Some of these providers may process limited technical data outside Australia as part of their global infrastructure. Where this occurs, we take reasonable steps to ensure they handle it consistently with the APPs.
5. Retention and deletion
We retain inspection data for as long as your account is active so you can revisit past reports. You may request deletion of your imagery, reports or entire account at any time by contacting us. We will action deletion requests within 30 days, except where we are required to retain records for legal, tax or accounting purposes.
6. Your rights
You may at any time:
- Request access to the personal information we hold about you.
- Request correction of inaccurate information.
- Request deletion of your data (subject to legal retention requirements).
- Request a copy of your imagery and reports.
- Complain about our handling of your information.
To exercise any of these rights, contact us at support@thermalvariations.com. If you are not satisfied with our response, you may lodge a complaint with the OAIC at oaic.gov.au.
7. Cookies
We use strictly necessary, first-party cookies only: session cookies to keep you signed in and a short-lived security cookie used during sign-in to prevent cross-site request forgery. We do not use advertising or cross-site tracking cookies.
8. Changes to this policy
We may update this policy from time to time. Material changes will be flagged on this page with an updated date. Continued use of the Service after changes take effect constitutes acceptance of the revised policy.
9. Contact
Questions about this policy or our data practices: support@thermalvariations.com