Cluo Logo

    Privacy Policy

    Last updated: 29 May 2026

    1. Introduction

    Cluo ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) when you visit our website or use our digital marketing services, including SEO, Google Ads management, AI search optimisation, and website development.

    We are based in Sydney, New South Wales, Australia.

    2. Information We Collect

    Personal Information

    We may collect personal information that you voluntarily provide to us when you:

    • Fill out a contact form or request a consultation
    • Subscribe to our newsletter or marketing communications
    • Engage our services as a client
    • Communicate with us via email, phone, or other channels

    This information may include:

    • Name and job title
    • Email address and phone number
    • Company name, ABN, and website URL
    • Billing and payment information
    • Business address

    Automatically Collected Information

    When you visit our website, we may automatically collect:

    • IP address and browser type
    • Device information and operating system
    • Pages visited and time spent on our site
    • Referring website addresses

    3. How We Use Your Information

    We use the information we collect to:

    • Provide, operate, and maintain our services
    • Respond to your enquiries and provide customer support
    • Send marketing and promotional communications (with your consent)
    • Improve our website and services
    • Analyse usage patterns and trends
    • Protect against fraudulent or unauthorised activity
    • Comply with Australian legal obligations

    4. Use of Google API Services (OAuth)

    Our software product, the Cluo Portal (at agencystats.co), uses Google APIs to read advertising and analytics data on your behalf so we can show it back to you inside the Portal. We do this through Google's OAuth 2.0 sign-in flow.

    What you grant access to

    When you click "Connect Google Ads", "Connect Google Analytics", or "Connect Search Console" inside the Portal, Google asks you to grant Cluo permission to read data using one or more of the following scopes: the Google Ads scope (https://www.googleapis.com/auth/adwords) to read your Google Ads account data including impressions, clicks, cost, conversions, and campaign performance; the Google Analytics read-only scope (https://www.googleapis.com/auth/analytics.readonly) to read your Google Analytics 4 reporting data including sessions, traffic sources, and page performance; and the Search Console read-only scope (https://www.googleapis.com/auth/webmasters.readonly) to read your Google Search Console data including search impressions, clicks, queries, and rankings. We only request read scopes. We do not create, modify, or delete data in your Google accounts.

    What we do with that data

    We use the data only to display your performance in your Cluo Portal dashboard, to generate the rank-tracking and traffic-pairing visualisations the Portal exists to provide, and to calculate aggregate trend data on your own data. We do not sell this data. We do not share it with third parties for advertising. We do not use it to train AI models.

    Limited Use compliance

    Cluo's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

    Storage and retention

    The data Google returns is stored in our database for as long as your Portal account is active. We retain a rolling 18 months of report data so we can show progress-over-time graphs. Older snapshots are automatically deleted. OAuth refresh tokens are stored encrypted and used only by our backend to refresh access. They are never exposed to the browser or to other users.

    Revoking access and deleting your data

    You can disconnect Cluo from your Google account at any time. Inside the Portal, open Settings then Connections and click Disconnect on the relevant connection. From Google directly, visit https://myaccount.google.com/permissions and remove Cluo from the list of apps with access. When you disconnect, we stop fetching new data immediately. To request deletion of historical data we have already stored, email [email protected] with the subject "Delete my data". We action these requests within 30 days.

    5. Cookies and Tracking Technologies

    We use cookies and similar tracking technologies to collect information about your browsing activities. You can control cookies through your browser settings, though this may affect your experience on our website.

    We may use:

    • Essential cookies for website functionality
    • Analytics cookies to understand how visitors use our site
    • Marketing cookies to deliver relevant advertisements

    6. Disclosure of Your Information

    We may share your information with:

    • Service providers who assist in operating our business (e.g., hosting, analytics, payment processing)
    • Professional advisers such as lawyers and accountants
    • Government authorities when required by Australian law

    We do not sell your personal information to third parties.

    Overseas Disclosure

    Some of our service providers may be located overseas. Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure they comply with the APPs or are subject to a substantially similar privacy regime.

    7. Data Security

    We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

    8. Your Rights Under Australian Law

    Under the Privacy Act 1988 and the Australian Privacy Principles, you have the right to:

    • Access the personal information we hold about you
    • Request correction of inaccurate, incomplete, or outdated information
    • Request we stop using your information for direct marketing
    • Make a complaint about how we handle your personal information

    To exercise these rights, please contact us using the details below. We will respond to your request within a reasonable timeframe.

    9. Data Retention

    We retain your personal information for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. When no longer required, we will securely destroy or de-identify your information.

    10. Third-Party Links

    Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites and encourage you to review their privacy policies.

    11. Changes to This Policy

    We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

    12. Complaints

    If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us. We will investigate and respond within 30 days.

    If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

    13. Contact Us

    If you have any questions about this Privacy Policy or our data practices, please contact us:

    Cluo
    Sydney, NSW, Australia
    Email: [email protected]