Privacy Policy

At Caipabuild, your privacy is our priority. This policy explains how we collect, use, and protect your information — with full transparency across Australia, New Zealand and Asia.

Last updated: 1 July 2026

Back to home

1. Introduction

Caipabuild.ai (“Caipabuild”, “we”, “us” or “our”) provides an artificial intelligence platform that helps organisations build capability frameworks, run capability assessments and generate personalised, on-the-job learning plans (the “Service”). We are committed to protecting the privacy of the individuals whose personal information we handle and to being transparent about how we collect, use, disclose and safeguard that information.

This Privacy Policy explains our practices in connection with the Service, our website at caipabuild.ai and our web application at app.caipabuild.ai (together, our “Platform”). It should be read together with our Terms of Service.

By accessing or using the Platform, or by otherwise providing personal information to us, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with it, please do not use the Platform.

2. A Service for Business Use

Caipabuild is designed and made available for business, professional and organisational use. The Platform is intended to be used by businesses, employers and other organisations (each a “Customer”) and by the employees, contractors and other authorised personnel that a Customer permits to access it (“Authorised Users”). It is not directed to, or intended for, personal, household or consumer use, and it is not intended for children.

Where you use the Platform as an Authorised User, your organisation is generally responsible for your account and for the personal information processed through it. In many cases your organisation determines the purposes for which your information is handled, and its own privacy policy will also apply to you. If you have questions about how your employer or organisation uses your information, please contact them directly.

3. Scope of This Policy

This Privacy Policy applies to personal information we collect through the Platform and in the course of our business, including from website visitors, prospective customers, Authorised Users, and people who contact us or join our waitlist.

The Platform may contain links to, or integrate with, third-party websites and services that we do not control. This Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review the privacy notices of any third party before providing them with personal information.

4. Information We Collect

The types of personal information we collect depend on how you interact with us. We collect information in the following ways.

4.1 Information you provide to us

  • Account and profile information — such as your name, work email address, job title, role, team or department, and the organisation you belong to.
  • Waitlist and enquiry information — such as the email address you submit to request access, and any details you include when you contact us for sales, support or general enquiries.
  • Assessment and capability data — inputs you provide when creating frameworks, completing self-assessments, responding to questions, and generating or scheduling learning plans, including self-assessed and AI-assessed proficiency information.
  • Communications — the content of messages, feedback, survey responses and support requests you send us.
  • Billing information — where you purchase a paid plan, billing contact details and transaction records. Card payments are processed by our payment providers; we do not store full card numbers.

4.2 Information we collect automatically

  • Device and connection data — such as IP address, browser type and version, operating system, device identifiers and language settings.
  • Usage data — such as the pages and features you view, the actions you take, dates and times of access, referring URLs and other interaction data.
  • Cookies and similar technologies — as described in Section 6 below.

4.3 Information from third parties

  • Your organisation — a Customer may create an account for you or provide information about you so that you can use the Platform.
  • Authentication providers — if you sign in using a third-party identity or single sign-on provider, we may receive basic profile information from that provider.
  • Analytics and marketing partners — we may receive aggregated or de-identified insights about how our Platform is found and used.

You do not have to provide the personal information we request, but if you do not, we may be unable to provide you with the Platform or respond to your enquiry.

5. How We Use Your Information

We use personal information to:

  • provide, operate, maintain and secure the Platform;
  • create and administer accounts, authenticate users and manage access;
  • generate capability frameworks, assessments, proficiency insights and personalised learning plans;
  • respond to enquiries, provide customer support and manage our waitlist;
  • process transactions and administer subscriptions and billing;
  • monitor, analyse and improve the performance, quality and features of the Platform, and develop new products and services;
  • send you administrative, service and (where permitted) marketing communications;
  • detect, investigate and prevent fraud, security incidents, misuse and other prohibited or unlawful activity; and
  • comply with our legal obligations and enforce our agreements, including our Terms of Service.

Where the law of your jurisdiction requires a lawful basis or your consent for particular processing, we will rely on the appropriate basis (for example, performance of a contract, our legitimate business interests, compliance with a legal obligation, or your consent) and, in Australia, handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (“APPs”).

6. Cookies, Analytics and Advertising

We and our service providers use cookies, pixels, local storage and similar technologies to operate the Platform, remember your preferences, keep you signed in, measure performance and understand how the Platform is used.

6.1 Types of technologies we use

  • Strictly necessary — required for core functionality such as security, authentication and load balancing.
  • Preferences — remember choices such as language and display settings.
  • Analytics — help us understand usage and improve the Platform.
  • Advertising — where used, help us measure marketing campaigns and show relevant information about our Service on other sites.

6.2 Google Analytics and advertising services

We may use Google Analytics and Google advertising products (such as Google Ads and related conversion and remarketing features) to measure how visitors find and use our website and to promote our Service. These tools may set cookies and collect information such as your IP address, device information and interactions with our website. This information helps us and Google understand website performance and, in some cases, deliver and measure advertising.

You can control this collection in the following ways:

6.3 Managing cookies

Most browsers let you refuse or delete cookies through their settings. Where required by law, we will seek your consent before setting non-essential cookies. Blocking some cookies may affect how the Platform functions. If we display a cookie banner or preference manager, you can update your choices there at any time.

7. AI Features and Automated Processing

The Platform uses artificial intelligence and machine-learning techniques to help generate capability frameworks, evaluate assessment responses, estimate proficiency levels and produce personalised learning plans. To deliver these features, relevant inputs may be processed by us and by trusted third-party AI and cloud providers acting on our behalf under contractual confidentiality and security obligations.

AI-generated outputs are intended to support human judgement, not to replace it. They may contain errors or omissions and should be reviewed by an appropriately qualified person before being relied upon. We do not intend for the Platform to make decisions that produce legal or similarly significant effects about an individual without human involvement. Where automated processing is used in a way that a Customer directs, the Customer is responsible for ensuring appropriate human oversight and for meeting any notice or consent obligations that apply to its personnel.

8. How We Share and Disclose Information

We do not sell your personal information. We disclose personal information only as described below:

  • Within your organisation — with the Customer that controls your account and its authorised administrators, consistent with the Customer’s configuration of the Platform.
  • Service providers and sub-processors — with vendors who perform services for us, such as cloud hosting, AI processing, analytics, email delivery, payment processing and customer support. These providers are permitted to use personal information only to provide services to us.
  • Professional advisers — with our lawyers, accountants, auditors and insurers where reasonably necessary.
  • Legal and safety reasons — where we believe disclosure is required or permitted by law, or is necessary to protect our rights, your safety or the safety of others, or to investigate fraud, security or misuse.
  • Business transfers — in connection with a merger, acquisition, financing, reorganisation or sale of assets, in which case personal information may be transferred subject to this Policy.

9. Third-Party Services and Links

The Platform may integrate with, or contain links to, third-party products and websites (for example, single sign-on providers, calendar services to which you sync learning plans, payment processors and analytics tools). Those third parties handle your information in accordance with their own terms and privacy policies. We are not responsible for the content, practices or privacy of third parties, and your dealings with them are at your own risk.

10. International Data Transfers

We operate across Australia, New Zealand and the Asia-Pacific region, and our service providers may store or process personal information in countries other than the one in which you are located. As a result, your personal information may be transferred to, and processed in, jurisdictions with data protection laws that differ from those in your own country.

Where we disclose personal information overseas, we take steps that are reasonable in the circumstances to ensure it is handled in a manner consistent with this Policy and applicable law, including APP 8 under the Australian Privacy Act 1988 (Cth) and, for New Zealand, the requirements of the Privacy Act 2020. Where required, we use contractual and technical safeguards with the recipients of that information.

11. Data Retention

We retain personal information for as long as necessary to provide the Platform, fulfil the purposes described in this Policy, comply with our legal, tax and accounting obligations, resolve disputes and enforce our agreements. Retention periods vary depending on the type of information and the context in which it was collected.

Where we hold information on behalf of a Customer, we retain and delete it in accordance with our agreement with that Customer. When personal information is no longer required, we will take reasonable steps to destroy or de-identify it.

12. Security

We take reasonable technical and organisational measures to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure. These measures may include encryption in transit, access controls, network protections and ongoing monitoring.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your login credentials confidential and for notifying us promptly if you suspect any unauthorised use of your account. If we become aware of a data breach that is likely to result in serious harm, we will respond in accordance with applicable laws, including the Notifiable Data Breaches scheme in Australia.

13. Your Privacy Rights and Choices

Subject to applicable law, you may have rights to access the personal information we hold about you, to ask us to correct information that is inaccurate, out of date or incomplete, and to make a complaint about how we handle your information. In some jurisdictions you may also have rights to request deletion of, or to restrict or object to, certain processing.

To exercise these rights, contact us using the details in Section 17. We may need to verify your identity before responding, and we will respond within the timeframes required by law. Where you are an Authorised User and the information is controlled by your organisation, we may refer your request to that organisation or ask you to direct it to them.

If we decline a request, we will explain our reasons where we are required to do so.

14. Direct Marketing

We may send you marketing communications about our products and services where you have opted in or where we are otherwise permitted to do so. You can opt out at any time by using the unsubscribe link in our emails or by contacting us. We will process opt-out requests within a reasonable time. We will continue to send you essential service and administrative messages relating to your account, as these are not marketing communications.

15. Children's Privacy

The Platform is intended for business use by individuals who are at least 18 years old. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take appropriate steps to delete it.

16. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements or other factors. When we do, we will revise the “Last updated” date at the top of this page. If we make material changes, we will take reasonable steps to notify you, such as by posting a notice on the Platform or contacting you directly. Your continued use of the Platform after an update takes effect constitutes acceptance of the revised Policy.

17. How to Contact Us

If you have questions, requests or concerns about this Privacy Policy or our handling of your personal information, please contact us at:

We will acknowledge your enquiry and aim to resolve it promptly. If you are not satisfied with our response, you may be entitled to escalate your complaint to the relevant privacy regulator. In Australia, that is the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au. In New Zealand, that is the Office of the Privacy Commissioner at privacy.org.nz. Individuals in other countries may contact their local data protection authority.

18. Governing Law

This Privacy Policy is governed by the laws of Australia. Nothing in this Policy limits any rights you may have under mandatory privacy or consumer laws that apply to you in your own jurisdiction, including in New Zealand and other countries in which we operate.