Privacy Policy
We collect the minimum personal information needed to run the Cradlescan waitlist and (later) your subscription: your name and email at signup, plus billing and usage data when you subscribe. We use it to contact you about Cradlescan, run your account, and improve the product.
We use Clerk (United States) for authentication, Stripe (United States) for billing, Render (United States) for hosting, and Drip (United States) for email marketing and waitlist data. Your data is transferred outside Australia in the course of using these services.
You can ask us what we hold about you, ask us to correct it, or ask us to delete it, at any time, by emailing growme@thegrowmeco.com. This summary is not part of the binding policy. The numbered sections below are.
1. About this Policy APP 1
This Privacy Policy explains how The Grow Me Co Pty Ltd (ABN 27 652 696 369), trading as MarketIntern and operating the Cradlescan service (we, us, our), handles personal information. We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) set out in Schedule 1 of that Act.
This Policy applies to personal information we collect through the Cradlescan website, the Cradlescan dashboard and product, our waitlist, our customer support, and any other interaction you have with us.
This Policy works alongside our Terms and Conditions.
2. Anonymity and Pseudonymity APP 2
Where it is lawful and practicable, you may interact with us anonymously or under a pseudonym — for example, when browsing the public marketing site or making a general enquiry. However, to join the waitlist, take out a subscription, or receive support tied to an account, we need to identify you. Anonymous transactions of those kinds are not practicable.
3. What we collect and how APP 3, APP 5
We only collect personal information that is reasonably necessary for the purposes set out in section 4. We collect:
- Identity and contact information — first name and email address (collected at waitlist signup);
- Account information — login credentials, account preferences, and the timestamp/version of the Terms and Privacy Policy you accepted at signup;
- Billing information (when subscriptions launch) — name on card, billing address, and partial card details. Full card numbers are handled by our payment processor and are not stored on our systems;
- Usage and product data — pages visited, features used, watchlists, journal entries, and other content you create inside Cradlescan;
- Technical data — IP address, device type, browser type, time zone, referring URL, and similar metadata generated automatically when you use our website or product;
- Marketing-attribution data — UTM parameters and referral source attached to your signup, where present;
- Communications — the content of emails and support messages you send us.
We collect personal information directly from you whenever possible — for example, when you fill out the waitlist form, create an account, subscribe, or contact support. We may also receive technical metadata from your browser, and engagement data (opens, clicks) from our email-marketing platform when you interact with our emails.
We do not knowingly collect sensitive information (as defined in the Privacy Act) such as health data, racial or ethnic origin, or biometric information. If you submit such information to us by accident, please notify us so we can delete it.
At or around the time of collection we will, where practicable, tell you who is collecting the information, why, who we may share it with, and how to access this Policy — typically through a notice at the point of collection (for example, beneath the waitlist form).
4. Why we collect it (purposes) APP 6
We use personal information to:
- operate the Cradlescan waitlist, including ranking confirmed signups for founding-150 eligibility;
- send you product launch and lifecycle communications you have asked for;
- create and authenticate your account once subscriptions are live;
- process your subscription, take payment, and issue receipts;
- provide customer support and respond to enquiries;
- improve, secure, and troubleshoot the Service (including product analytics, debugging, and abuse-prevention);
- send service-related notices (for example, security alerts, T&Cs updates, billing notices);
- comply with legal obligations and enforce our Terms.
We will only use or disclose your personal information for a secondary purpose (different from the one for which it was collected) where you would reasonably expect us to, where you have consented, or where the use or disclosure is otherwise permitted under APP 6.
5. Unsolicited information APP 4
If we receive personal information that we did not solicit (for example, a CV sent unprompted), we will determine within a reasonable time whether we could have collected it under APP 3. If not, and provided it is lawful and reasonable to do so, we will destroy or de-identify the information as soon as practicable.
6. Direct marketing APP 7
We use your contact details to send you marketing about Cradlescan only where:
- you have opted in (for example, by joining the waitlist or ticking the consent option at signup); and
- each marketing message includes a clear and functional unsubscribe option.
You can opt out of marketing at any time by clicking the unsubscribe link in any marketing email or by emailing growme@thegrowmeco.com. Opting out of marketing does not opt you out of essential service messages (for example, billing receipts, security notices, or material changes to the Terms).
We do not sell your personal information. We do not share it with third parties for their own marketing.
7. Disclosure and third-party processors APP 6
We share personal information only with service providers who help us run Cradlescan, and only to the extent they need it for that purpose. Each is contractually required to handle data securely and in line with applicable privacy law. The processors we use today are:
| Processor | Purpose | Data shared | Location |
|---|---|---|---|
| Clerk (Clerk.com) | Authentication, account management, sign-in / sign-up flow, session token issuance | Name, email, password (hashed and stored by Clerk; never seen by us), sign-in events, session tokens, IP address, browser/device metadata | United States |
| Stripe (Stripe.com) | Subscription billing, one-time Learn add-on purchase, card processing, billing-portal self-serve (cancellation, payment-method updates) | Name, email, billing address, payment method details (full card details are handled directly by Stripe; we never store full card numbers), invoice and subscription history | United States |
| Render (Render.com) | Application hosting, request routing, server-side application data storage (account records, subscription state, trade journal entries), system and request logs | All application data you submit or generate while using Cradlescan, plus IP address and request metadata captured in standard server logs | United States |
| Drip (Drip.com) | Email marketing, waitlist storage, and CRM | Name, email, signup metadata, marketing-engagement events, accepted T&Cs version | United States |
We may also disclose personal information where required or permitted by law — for example, in response to a valid subpoena or court order, to enforce our Terms, to protect our or others' safety or rights, or in connection with a sale or restructure of our business (subject to confidentiality undertakings).
8. Cross-border disclosure APP 8
Our service providers (Clerk, Stripe, Render, and Drip) are all located in the United States. When you provide us with personal information through Cradlescan, you consent to your information being disclosed to and processed in the United States for the purposes set out above.
Where we disclose personal information overseas, we take reasonable steps to ensure the recipient handles it in a way that is consistent with the APPs, including by selecting providers with recognised security and privacy practices and by entering into appropriate contractual protections where applicable.
9. Government identifiers APP 9
We do not adopt, use, or disclose any government-issued identifier (such as a tax file number, driver's licence, or passport number) as our identifier of you, except as permitted by the Privacy Act.
10. Data quality APP 10
We take reasonable steps to ensure the personal information we collect, use, and disclose is accurate, up-to-date, complete, and (in the case of use or disclosure) relevant. You can help by keeping your account information current and notifying us of any changes (see section 13).
11. Security APP 11
We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, and disclosure. These steps include:
- encrypting traffic in transit (HTTPS/TLS);
- restricting access to systems holding personal information to authorised personnel;
- using reputable infrastructure and service providers (Clerk, Stripe, Render, Drip) with documented security practices;
- not storing full card numbers on our systems — payment data is handled by the payment processor;
- reviewing security practices as the product evolves.
No system is perfectly secure, and you provide information to us at your own risk. If we become aware of an eligible data breach within the meaning of Part IIIC of the Privacy Act, we will assess and respond in accordance with the Notifiable Data Breaches scheme — including, where required, notifying you and the Office of the Australian Information Commissioner (OAIC).
12. Retention and deletion
We keep personal information only for as long as we need it for the purposes set out in this Policy, or for as long as we are required to keep it under law (for example, tax and financial records). Indicative retention windows:
- Waitlist records — retained while the waitlist is active and for a reasonable period after launch to support founding-150 ranking and audit; deleted on request;
- Account and billing records — retained for the life of the subscription plus any period required for tax, accounting, or dispute purposes;
- Marketing engagement data — retained while you remain subscribed to marketing, and for a reasonable period thereafter to honour unsubscribe requests;
- Logs and security data — retained for short rolling windows used for troubleshooting and abuse prevention.
When we no longer need personal information, we will take reasonable steps to delete it or de-identify it, except where law requires us to retain it.
13. Access, correction, and complaints APP 12, APP 13
Access. You have the right to ask us what personal information we hold about you. We will respond within a reasonable time (usually within 30 days). In limited circumstances permitted by the Privacy Act we may decline access; if we do, we will explain why and how you can complain.
Correction. If information we hold about you is inaccurate, out-of-date, incomplete, irrelevant, or misleading, you can ask us to correct it and we will take reasonable steps to do so.
Deletion. You can ask us to delete your personal information at any time. We will comply unless we are required to retain it by law.
How to ask. Email growme@thegrowmeco.com and tell us what you want to access, correct, or delete. There is no fee for these requests.
Complaints. If you think we have breached the APPs or this Policy, please raise it with us first by emailing growme@thegrowmeco.com. We will acknowledge promptly and aim to resolve the complaint within 30 days. If you are not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC):
- Web: oaic.gov.au
- Phone: 1300 363 992
- Post: GPO Box 5288, Sydney NSW 2001
14. Cookies and similar technologies
We use a small number of cookies and similar technologies — for essential site functionality (including authentication session cookies set by Clerk and billing-portal session cookies set by Stripe) and to remember preferences. Where we add product analytics in the future, we will update this Policy and, where required, present a cookie consent prompt before non-essential tracking is set. You can control cookies through your browser settings; disabling them may affect site functionality.
15. Children
Cradlescan is not directed at children. The Service requires you to be 18 or older. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take reasonable steps to delete it.
16. Changes to this Policy
We may update this Policy from time to time. The version, effective date, and last-updated date are shown at the top of the document. Where a change is material, we will notify you (typically by email or in-product notice) before it takes effect. Continued use of the Service after the effective date constitutes acceptance of the updated Policy.
17. Contact
For privacy queries, requests, or complaints under this Policy, contact us at:
- The Grow Me Co Pty Ltd, trading as MarketIntern
- ABN: 27 652 696 369
- Email: growme@thegrowmeco.com
- Registered in: New South Wales, Australia