Privacy & Data Security

At a glance

• Email bodies, attachments and calendar content stay in your Microsoft 365 tenant at all times.
• Your Microsoft credentials never reach our servers — each organisation connects its own Azure AD app.
• The only personal data we persist is what you give us on signup (name, email, billing details) and a small amount of per-user configuration.
• Dedup markers are deleted 30 days after a draft is finalised.

Who we are

BJ Assistant is operated by BrettlJausn Pty Ltd (ACN 695 372 304), a company registered in New South Wales, Australia (postcode 2010). In this policy, "we", "us" and "our" refer to BrettlJausn Pty Ltd.

When you use BJ Assistant, BrettlJausn Pty Ltd acts as the data processor on your behalf; your organisation remains the data controller for the mailbox and calendar data the assistant is granted access to. Under the Australian Privacy Act 1988 (Cth), BrettlJausn Pty Ltd is the "APP entity" responsible for your personal information.

For any privacy question, data request, or security report, write to contact@brettljausn.consulting or post to BrettlJausn Pty Ltd, NSW 2010, Australia.

What data we collect

Account & organisation data

• Organisation name, email domain, billing address and tax ID (entered at signup).
• Your name, work email address, role within the organisation, and a hashed password (bcrypt, never stored in plaintext).
• Per-user settings: signature fields (name, job title, phone, LinkedIn), WhatsApp number if enabled, assistant on/off toggles.

Microsoft 365 integration

• Your organisation's Azure AD tenant ID, app (client) ID and client secret, stored encrypted at the application layer.
• A Microsoft Graph refresh token issued by your own Azure app, used to fetch new emails and write drafts. Access tokens are short-lived and held only in memory.
• We request the minimum Graph scopes required: Mail.ReadWrite, Mail.Send, Calendars.ReadWrite, OnlineMeetings.ReadWrite, People.Read, offline_access.

Email processing (transient)

• Every few minutes the assistant fetches up to 20 recent inbox messages via Microsoft Graph, classifies priority and intent, and drafts a reply.
• The message body and subject are processed in-memory only. The resulting draft is written back to your Outlook via Microsoft Graph — we do not store the email body on our servers.
• While a draft is pending, a minimal record (subject, sender, plain-text draft) is held temporarily so you can refine it via WhatsApp. As soon as the draft is sent, skipped, or deleted, that content is wiped from our database and only a non-content dedup marker remains.

Usage statistics

• Daily aggregated counts per user: emails read, emails answered, drafts written, meetings scheduled, WhatsApp messages sent.
• These are counters only — no email content, sender data, or message-level detail is kept.

Billing

• Invoicing is handled through Xero. We share the organisation's billing name, address, tax ID and invoice line items with Xero in order to issue invoices.

Operational logs

• HTTP access logs (via Morgan) and error logs containing IP address, request path, status code and timestamp. Logs are retained for a maximum of 30 days for security and debugging.

Why we process it (lawful basis)

We handle your information in line with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), and, for users in the European Union and United Kingdom, in line with the GDPR. The relevant bases are:

• Performance of our contract (GDPR Art. 6(1)(b) / APP 3 & 6): to deliver the assistant service to your organisation.
• Legitimate interest (GDPR Art. 6(1)(f)): to secure the platform, prevent abuse, and produce aggregated usage statistics.
• Legal obligation (GDPR Art. 6(1)(c)): to issue invoices and keep accounting records for the statutory retention period required by Australian tax and corporations law.

How long we keep data

• Account records: for the duration of your subscription and deleted within 30 days of account termination, except where longer retention is required by law (e.g. invoicing records).
• Email dedup markers: deleted 30 days after the associated draft is finalised. The underlying email content never leaves your Microsoft 365 mailbox.
• Learning notes: short style instructions you give the assistant. Kept on your user record and capped at the last 50 lines; you can clear them at any time.
• Invoices: retained for the legal retention period applicable to accounting records.
• Access and error logs: rolling 30-day retention.

Third-party sub-processors

To run the service we rely on a small set of vetted providers. Data shared with each is limited to what the feature requires.

Security measures

• Per-tenant Azure AD integration: your organisation owns the Microsoft app registration, so Microsoft authorises the assistant directly — we never see user passwords or MFA tokens.
• Encryption in transit: all traffic served over HTTPS; all third-party calls (Graph, Anthropic, Twilio, Xero) use TLS.
• Authentication: JWT-signed session tokens delivered as HTTP-only, SameSite=Lax cookies with a 24-hour lifetime. Passwords hashed with bcrypt.
• Hardening: security headers enforced via Helmet; role-based authorisation on every non-public route; billing-lockout middleware for non-paying tenants.
• Data minimisation: email content is held only while a draft is pending, then nulled in the same UPDATE that marks the draft finished.
• Access controls: database access limited to the application service account; operational access is restricted to a small number of administrators under a duty of confidentiality.
• Backups: encrypted database backups taken by the hosting provider.

Your rights

Depending on where you live, you may have the following rights in respect of your personal information:

• Access the personal information we hold about you.
• Ask us to correct inaccurate or out-of-date information.
• Ask us to delete your account and associated personal data (subject to statutory retention duties).
• Receive a copy of your data in a portable format.
• Object to or restrict certain processing.
• Lodge a complaint with your local data protection authority — in Australia, the Office of the Australian Information Commissioner (OAIC); in the EU/UK, your national supervisory authority.

To exercise any of these rights, contact contact@brettljausn.consulting. We respond within 30 days.

Children's data

BJ Assistant is a business tool and is not directed at anyone under the age of 16. We do not knowingly process personal data of children.

International data transfers

BrettlJausn Pty Ltd is based in Australia and uses sub-processors located in Australia, the European Economic Area and the United States. When personal information is transferred overseas, we take reasonable steps under APP 8 to ensure the overseas recipient handles the information consistently with the Australian Privacy Principles. For transfers out of the EEA or UK, we rely on Standard Contractual Clauses or an equivalent lawful transfer mechanism.

Security incidents

If a security incident affects your data, we will notify the client admin of the affected organisation without undue delay and, where required, the competent supervisory authority within 72 hours.

Changes to this policy

We update this page when our practices or sub-processors change. Material changes are announced to the client admins by email at least 14 days before they take effect.

Contact

Questions, requests, or security reports:

• Email: contact@brettljausn.consulting
• Post: BrettlJausn Pty Ltd (ACN 695 372 304), NSW 2010, Australia