Legal
Effective April 28, 2026. Last updated July 1, 2026.
TurnkeyAI, a trading name of Black and White Renos Pty Ltd (ABN 82 665 395 791) ("TurnkeyAI", "we", "us", "our"), respects your privacy. This Privacy Policy explains how we collect, use, store, and disclose personal information in compliance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).
When you submit our contact form, request a quote, or engage us for a deployment, we may collect:
We use personal information to:
We do not use your personal information for unrelated marketing without your consent. We do not sell your data.
Form submissions are processed by Netlify (deployment hosting) and Resend (transactional email), both of which are subject to their own privacy commitments. Operational data during a deployment is processed locally on our build infrastructure in Australia and on the Mac Mini hardware delivered to your office. Once the hardware leaves us, your operational data lives only on your premises.
We disclose personal information only:
Some of our service providers and analytics/advertising partners (e.g. Resend, Netlify, Google, Microsoft, OpenAI) operate in the United States. Where data is transferred overseas, we take reasonable steps to ensure the recipient is bound by privacy commitments substantially equivalent to the APPs.
Our website uses cookies and similar technologies, including from the third-party providers below, to understand how the site is used and to measure the performance of our advertising. We use this data in aggregate to improve the site and our campaigns. We do not use it to build profiles of you for unrelated marketing, and we do not sell it.
These providers may process data on servers in the United States. You can opt out of analytics cookies via your browser settings, the Google Analytics opt-out add-on, and Google's Ads Settings. Disabling these cookies will not affect your ability to read the site or submit our form.
We protect personal information using industry-standard security: encryption in transit (TLS), encryption at rest for credentials, principle of least privilege for our team's access, and physical security of our build infrastructure. No system is 100% secure; if a breach affects you, we will notify you in line with the Notifiable Data Breaches scheme.
We retain contact and engagement data for the duration of our relationship with you and for 7 years after the last engagement to comply with Australian record-keeping obligations. Operational data sampled during a deployment is deleted within 14 days of handover. You may request earlier deletion subject to our legal obligations.
Under the Privacy Act 1988, you have the right to:
To exercise any of these rights, email start@tkai.com.au. We respond within 30 days.
Our Services are intended for businesses and their authorised representatives. We do not knowingly collect personal information from individuals under the age of 18.
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent version. Material changes will be communicated to active clients by email.
Privacy questions or requests: start@tkai.com.au. Our postal address is available on request.