Legal

Privacy Policy

Effective date: 11 March 2026 ยท Triont Pty Ltd (ACN pending)

This Privacy Policy explains how Triont Pty Ltd (Triont, we, us) collects, uses, and protects information in connection with the plainfra service and the plainfra.com website. By using our services, you agree to the practices described here.

1. Who we are

Triont Pty Ltd is an Australian company providing AWS infrastructure intelligence services under the plainfra brand. Your account data, conversation history, generated reports, and infrastructure metadata are stored on AWS infrastructure in Sydney (ap-southeast-2). Your data is never used to train AI models.

Contact: support@plainfra.com

2. What we collect

Account information. When you sign up for plainfra, we collect your name, email address, company name, AWS account ID, and AWS region. This is required to create and manage your account.

Infrastructure telemetry. plainfra queries your AWS environment using a read-only IAM role you deploy in your account. We collect infrastructure metadata including resource inventories, health states, alarm states, scaling events, Cost Explorer data, CloudWatch alarm states, security group rules, and S3 bucket configuration. We do not access application data, S3 object contents, database rows, DynamoDB items, Secrets Manager secret values, secure SSM parameters, queue messages, or log event contents.

Query logs. We log the natural language queries you submit to plainfra and the responses generated. These logs are used for service operation, debugging, abuse detection, and service improvement.

Usage data. We collect usage metrics including query counts, token consumption, API response times, and error rates. This data is used for billing, capacity planning, and product improvement.

Website analytics. We use Google Analytics to collect anonymised information about how visitors use plainfra.com, including pages visited and approximate location. No personally identifiable information is collected through this mechanism.

3. How we use your information

  • To provide, operate, and maintain the plainfra service
  • To process billing and manage your subscription
  • To send service-related communications including account setup instructions, billing receipts, and important service notices
  • To debug issues and respond to support requests
  • To detect and prevent abuse, fraud, and unauthorised access
  • To improve detection rules, prompts, investigation recipes, and product reliability using aggregated and anonymised usage patterns
  • To produce anonymised case studies, examples, and marketing materials as described in Section 5

4. AI and query data

plainfra uses managed AI services to process your queries and generate responses. The query, relevant infrastructure metadata, and response are processed to produce the answer or report. They are not used to train AI models.

We may analyse query patterns in aggregate to improve plainfra's capabilities. This analysis uses aggregated data only and does not involve reviewing individual customer queries for commercial purposes outside of the debug or support context described above.

plainfra stores conversation history and query logs as described in Sections 2 and 7. AI processing does not change those retention periods.

5. Anonymised examples and case studies

We may use findings, query patterns, or infrastructure discoveries from real plainfra assessments as anonymised examples in our marketing materials or documentation. Before doing so, we remove all identifying information including company names, AWS account IDs, resource identifiers, and any information that could reasonably identify your organisation.

To opt out, email support@plainfra.com. We will honour all opt-out requests within 14 days.

6. Data sharing and third parties

We do not sell your data. We share data only in the following limited circumstances:

  • Service providers. We use AWS for hosting and infrastructure, Stripe for payment processing, and Amazon SES for transactional email. These providers process data only as necessary to deliver services to us.
  • Legal obligations. We may disclose information if required by Australian law, court order, or regulatory authority.
  • Business transfers. In the event of a merger, acquisition, or sale of assets, customer data may transfer to the acquiring entity. We will notify affected customers.

7. Data retention

We retain account information for the duration of your subscription and for 90 days following account closure. Conversation history and infrastructure telemetry snapshots are retained for 90 days. Generated reports are retained for 365 days. Query logs are retained for 12 months. Billing records are retained for 7 years as required by Australian tax law.

8. Data security

Stored customer data is kept on AWS infrastructure in Sydney (ap-southeast-2). Access to production systems is restricted to authorised Triont personnel. API keys are stored as SHA-256 hashes, so we cannot recover your plaintext key. All data in transit is encrypted using TLS.

9. Your rights

Under the Australian Privacy Act 1988, you have the right to access, correct, or request deletion of personal information we hold about you. Contact us at support@plainfra.com. We will respond within 30 days.

10. Cookies

We use Google Analytics cookies on plainfra.com to understand site usage. These cookies do not collect personally identifiable information. You can opt out using the Google Analytics Opt-out Browser Add-on.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will notify customers of material changes by email and update the effective date above. Continued use of the service after changes are notified constitutes acceptance of the updated policy.

12. Contact

For privacy-related questions or requests, contact us at support@plainfra.com.