Privacy Policy
We respect your privacy and are committed to keeping your personal information secure and transparent. Here's how we collect, store, and use your data.
MEUN PTY LTD
PRIVACY POLICY
Effective Date: 05/05/2026
Who We Are
Meun is a software company that provides CRM, automation, and AI services tailored to help businesses streamline operations, improve lead handling, and grow efficiently. This Privacy Policy explains how we manage your personal information when you use our services, website, or communicate with us.
1. Introduction
1.1 This Privacy Policy sets out how Meun Pty Ltd (ABN: 13 688 898 053) ("Meun", "we", "us", "our") collects, holds, uses and discloses Personal Information.
1.2 We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. Where Customers or End Users are based in jurisdictions with additional privacy laws (including US state privacy laws), the Customer remains responsible for their own compliance, and the Services provide tooling that may assist them.
2. Definitions
In this Privacy Policy:
Customer means the entity that contracts with Meun for the Services.
Customer Account means a Customer's account and configuration within the Services.
Customer Data means data (including Personal Information) uploaded, imported, generated, stored or processed by or on behalf of a Customer via the Services.
End User means an individual who interacts with a Customer using the Services (including a Customer's staff/contractors and the Customer's leads/customers/contacts).
Personal Information has the meaning given in the Privacy Act.
Sensitive Information has the meaning given in the Privacy Act.
Services means Meun's CRM, automation, messaging and AI-enabled services, including related onboarding, support, and professional services.
Upstream Platform means third-party software, infrastructure, and service providers used to deliver parts of the Services (including hosting, messaging/telephony, email delivery/verification, analytics, security, and AI services).
3. Scope
3.1 This Privacy Policy applies to Personal Information relating to:
(a) visitors to our websites, landing pages, forms, calendars, funnels and chat widgets;
(b) individuals who enquire about or purchase the Services;
(c) authorised users of Customer Accounts; and
(d) End Users whose Personal Information is processed in a Customer Account.
4. How the Services are Delivered and Roles
4.1 The Services are delivered using an Upstream Platform and supporting providers. Personal Information may be processed and stored within those systems to provide and maintain the Services.
4.2 Role allocation: (a) Meun account/admin data: for information relating to subscriptions, billing, support, and account management, Meun generally determines the purposes and means of processing. (b) Customer Data: for Customer Data processed within a Customer Account, the Customer generally determines the purposes and means of processing, and Meun processes Customer Data to provide the Services.
4A. Health Service Providers, Health Information and PHI
4A.1 Australian health service providers are APP entities under the Privacy Act regardless of annual turnover. Where the Customer is an Australian health service provider, the Customer is responsible for: (a) obtaining valid consent for collection of health information; (b) complying with their own NDB obligations; and (c) ensuring End Users are notified of the Customer's privacy practices.
4A.2 US Protected Health Information (PHI) is not authorised for processing through the Services unless a signed Business Associate Agreement (BAA) is in place with Meun. Customers must not upload or transmit PHI without a BAA.
4A.3 Meun does not provide medical or clinical advice, and AI-generated outputs must not be relied upon for clinical decisions
5. Personal Information We Collect
5.1 We may collect the following categories of Personal Information:
(a) Identity and contact details (e.g., name, email, phone number, business name, role);
(b) Enquiry and booking information (e.g., service requested, booking details, notes and outcomes);
(c) Communications (e.g., SMS/email/chat content, call metadata, and where enabled recordings/transcripts/AI summaries);
(d) Account information (e.g., user accounts, permissions, settings, audit logs, support interactions);
(e) Billing information (e.g., billing contacts, invoices);
(f) Technical and usage data (e.g., IP address, device/browser information, cookies, analytics, and activity logs).
5.2 We do not intentionally collect Sensitive Information unless required and lawful and, where required, with consent.
6. How We Collect Personal Information
6.1 We collect Personal Information:
(a) directly from you (e.g., website forms, enquiries, onboarding, support);
(b) automatically via website and platform logs, cookies and analytics;
(c) from Customers where they import or enter Customer Data into the Services;
(d) through integrations connected by Customers.
7. Purposes of Collection, Use and Disclosure
7.1 We collect, use and disclose Personal Information for purposes including:
(a) providing, operating, maintaining and supporting the Services;
(b) configuring messaging, automations, call handling, AI agents, and reporting;
(c) account administration, billing, and support;
(d) security, fraud prevention, troubleshooting, and service improvement; and
(e) compliance with legal obligations and enforcement of our agreements.
8. Direct Marketing
8.1 Where permitted by law, we may send marketing communications. You may opt out at any time using the unsubscribe method provided (email unsubscribe link, replying "STOP" to SMS, or contacting us).
8.2 Customers are responsible for ensuring their own marketing and communications via the Services comply with applicable laws in the jurisdictions they operate in.
8.3 Where US recipients are involved, Customers remain responsible for compliance with the CAN-SPAM Act, TCPA, Telemarketing Sales Rule, state Do Not Call rules, and state autodialer/recording laws when using the Services to contact US recipients.
9. Disclosure to Third Parties
9.1 We may disclose Personal Information to third parties only as necessary to provide the Services, including providers of:
(a) cloud hosting and infrastructure;
(b) messaging and telephony;
(c) email delivery and verification;
(d) analytics, monitoring and customer support tools;
(e) AI services; and
(f) payment processing.
9.2 We do not sell Personal Information.
9.3 We do not "share" Personal Information for cross-context behavioural advertising as that term is defined under applicable US state privacy laws.
10. Overseas Processing
10.1 Because we use an Upstream Platform and global service providers, Personal Information may be processed or stored outside Australia.
10.2 Countries: Personal Information may be disclosed to overseas recipients in the United States (where our Upstream Platform and several of its sub-processors are located). Depending on the providers used by our Upstream Platform for hosting, support, messaging/telephony, email verification and AI services, disclosures may also occur in other countries from time to time. Because we deliver the Services through an Upstream Platform, the specific countries and sub-processors are determined by that platform and may change. Where practicable, we will update this Privacy Policy to reflect material changes.
10.3 APP 8 reasonable steps. We rely on our Upstream Platform's contractual and security commitments to its sub-processors as part of taking reasonable steps under APP 8.
10.4 For Customers and End Users outside Australia: transfers of Personal Information from your country to Australia or other countries occur in accordance with applicable law and the contractual commitments described in this Privacy Policy.
11. Security
11.1 We take reasonable steps to protect Personal Information from misuse, interference and loss and from unauthorised access, modification or disclosure.
11.2 No method of transmission or storage is completely secure and we cannot guarantee absolute security.
12. Data Breach Notification
12.1 If we become aware of a data breach involving Personal Information, we will assess the breach promptly and respond in accordance with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth) where it applies to us or to our Customers.
12.2 Even where the NDB scheme does not strictly apply to Meun, we will, as a matter of practice: (a) notify affected Customers without undue delay where their Customer Data is involved; (b) cooperate with Customers who are themselves APP entities (including health service providers) so they can meet their own NDB obligations; (c) cooperate with US Customers to support their compliance with applicable US state breach notification laws and, where applicable, HIPAA breach notification rules where a BAA is in place; and (d) take reasonable steps to contain, investigate, and remediate the breach.
12.3 We rely on the Upstream Platform and its sub-processors to notify us of breaches affecting their systems. Notification timing to Customers depends on when we receive notice from upstream providers.
13. Access and Correction
13.1 You may request access to or correction of Personal Information we hold about you (subject to legal exceptions).
13.2 Where your Personal Information is held within a Customer Account (e.g., you contacted a business using Meun), we may refer your request to the relevant Customer.
14. Retention
14.1 We retain Personal Information only as long as reasonably necessary for service delivery, legal compliance, dispute resolution and legitimate business purposes, then delete or de-identify where appropriate.
15. Changes
15.1 We may amend this Privacy Policy from time to time. The latest version will be available on our website and will apply from the Effective Date shown above.
16. Contact and Complaints
16.1 Contact: [email protected]
16.2 How we handle complaints: If you make a privacy complaint, we will acknowledge it within 5 business days and aim to resolve it within 30 days. If we need more time, we will tell you why and provide an updated timeframe.
16.3 If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).
17. US State Privacy Laws — Limited Statement
17.1 Where Customers or End Users are subject to US state privacy laws (including CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA, and TDPSA), the Customer is the "business" or "controller" with respect to Customer Data, and Meun acts in a service-provider/processor capacity to the extent it processes Customer Data on the Customer's documented instructions.
17.2 The Customer is responsible for their own compliance, including responding to consumer rights requests, providing required disclosures (such as a CCPA-compliant privacy notice on the Customer's own properties), maintaining records of consent, and honouring opt-out signals such as Global Privacy Control where applicable to the Customer.
17.3 The Services may include features that assist Customers with compliance, but Meun does not act as the Customer's compliance solution and makes no representation that the Services alone satisfy any obligation under any US state privacy law.
17.4 Children. We do not knowingly collect Personal Information from individuals under 16. Customers must not configure the Services to collect such information without compliant verifiable parental consent.
17.5 Where Personal Information is held within a Customer Account, requests for access, correction, deletion, portability, or opt-out should be directed to the relevant Customer. Where Meun holds Personal Information in our own capacity (e.g., website visitors, prospects, or our own account holders), you may contact us using the details in section 16 to exercise rights available to you under applicable law.
Contact us
Want to partner or collaborate with us? Let’s talk.
For help with your orders, payments, or general queries.
Facing issues with our website or app? Our tech team is here to help.