Legal
Privacy policy
Last updated 10 July 2026
This policy explains how Peak State (“Peak State”, “we”, “us”) handles personal information in connection with Kilipress, our AI-first content management system. We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1. What we collect
- Account information — your name, email address, and authentication details when you sign up or sign in.
- Content and brand context — the pages, articles, briefs, brand and voice notes, design preferences, and other material you provide or connect so the Service can draft and publish on your behalf.
- Repository and site data — content stored as commits in the Git repository you connect, and configuration for the site we host for you.
- Billing information — subscription and payment records. Card details are handled by our payment processor; we do not store full card numbers.
- Technical data — log, device, and usage data, and diagnostic data (including error reports) generated as you use the Service.
We use cookies and similar technologies only for authentication, security, and essential functionality, and to measure site performance. We do not use advertising or tracking cookies, and we do not sell your personal information.
2. How we collect it
We collect information directly from you (when you sign up, provide content, or contact us), automatically as you use the Service, and through the third-party services you authorise us to connect on your behalf (such as your GitHub repository), using read and write access only as needed to provide the Service.
3. How we use it
We use personal information to:
- provide, operate, and improve the Service, including drafting, editing, and publishing your content;
- authenticate you and keep the Service secure;
- process billing and manage your subscription;
- provide support and respond to your requests;
- diagnose errors and monitor performance and reliability; and
- comply with our legal obligations.
4. AI processing
To generate drafts and suggestions, the content and brand context you provide, together with your prompts, are sent to our AI provider (Anthropic) solely to produce the output you requested. Our AI provider is not permitted to use your inputs or outputs to train its models. AI output is generated from the material you supply and should be reviewed before you publish it.
5. Who we share it with
We share personal information with service providers who help us run the Service, each bound to use it only to provide services to us. By category, these include:
- Authentication and database — our hosting and database provider (Supabase).
- Content storage and version control — GitHub, where your site content is stored as commits.
- AI processing — Anthropic, as described above.
- Payments — Stripe.
- Transactional email — Resend.
- Application hosting and performance analytics — Vercel.
- Error diagnostics — Sentry.
We may also disclose personal information where required by law or a valid legal request, or as part of a genuine business sale or transfer (in which case we will take reasonable steps to ensure it remains protected).
6. Overseas disclosure (APP 8)
Some of our service providers store and process data outside Australia, including in the United States. Where we disclose personal information to an overseas recipient, we take reasonable steps to ensure it is handled consistently with the Australian Privacy Principles.
7. Security
We protect personal information with encryption in transit, access controls, and scoped credentials for connected services. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. We participate in the Notifiable Data Breaches scheme: if a data breach is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required.
8. Retention and deletion
We retain personal information while your account is active and as needed to provide the Service. You can ask us to delete your personal information, subject to information we are required to keep by law or that remains in routine backups for a limited period. Note that disconnecting a source or deleting content in the Service does not automatically delete copies already stored in your connected repository or in short-term backups.
9. Access and correction (APP 12 and 13)
You can request access to the personal information we hold about you, ask us to correct it, or ask for a copy, by emailing hello@peakstate.global. We will respond within a reasonable period and may need to verify your identity first.
10. Complaints
If you have a privacy concern, contact us first at hello@peakstate.global and we will work to resolve it. If you are not satisfied, you can escalate to the Office of the Australian Information Commissioner at oaic.gov.au or 1300 363 992.
11. Children
The Service is not directed to, and is not intended for use by, anyone under 18. We do not knowingly collect personal information from children.
12. Changes to this policy
We may update this policy from time to time. If a change is material, we will take reasonable steps to notify you. The “last updated” date above shows when this policy was last revised.
13. Contact
Questions about your privacy? Email us at hello@peakstate.global. See also our Terms and conditions.