Last updated: 9 July 2026 Effective date: 6 July 2026
This statement sets out, in plain terms, exactly what data Warren collects, why we collect it, how long we keep it, who processes it, and how we protect it. It sits alongside our Privacy Policy and Terms of Service, and is intended to be the reference a partner, auditor, or enterprise buyer can read to understand our data practices.
Warren is a product of HopX Pty Ltd (ABN 50 683 525 813). We handle personal information under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, with additional coverage for the GDPR/UK GDPR and the CCPA/CPRA where they apply.
Data protection contact: hugoc@warrenship.com
The short version
- We collect the minimum needed to run deal rooms, seal records, build reputation, take payment, and keep the Service secure.
- Every category below has a stated purpose and retention period.
- We use a small set of named sub-processors (hosting, AI, email, analytics, payments). We don't sell data.
- We encrypt data in transit, restrict access, and follow Australia's Notifiable Data Breaches scheme if something goes wrong.
| # | Data category | Examples | Why we collect it (purpose) | Legal basis (GDPR) | Retention |
|---|---|---|---|---|---|
| 1 | Account & identity | First name, email, workspace/brand name, hashed password or auth token | Create and secure your account; identify you across sessions | Contract | Life of account + 12 months after closure, then deleted/de-identified |
| 2 | Partner & invitation | Invited partner's name, optional email, invite link status | Let you invite a partner and open a shared room | Contract; legitimate interests | Life of the room; invite metadata up to 12 months |
| 3 | Deal room content (unsealed) | Deal title, deliverables, dates, notes, terms, draft confirmations | Run the deal room and its shared scoreboard | Contract | While room is active; deletable by you (subject to shared-room nature) |
| 4 | Co-signatures & confirmations | Who co-signed/confirmed what, and when | Record the deliberate agreement and confirmation actions of both parties | Contract | Retained as part of the deal record; joint record if sealed |
| 5 | Sealed records | Finalised who-did-what record, both-party confirmations, seal timestamp | Provide the durable, mutual record that is Warren's core value | Contract; legitimate interests | Retained as a joint record while either party keeps an account; both parties may export |
| 6 | Reputation record | Private track record; shareable profile (if enabled) | Build your portable track record; enable optional public sharing | Contract; consent for public sharing | Life of account; public sharing stops when disabled |
| 7 | Onboarding / ICP preferences | Partnership types selected (brand deals, co-marketing, referrals, etc.) | Configure your room; understand product-market demand | Legitimate interests | Life of account; aggregated for analytics |
| 8 | Payment & billing | Plan, billing status, last 4 card digits, billing name (full card data held by processor, not us) | Take subscription payments; meet tax/record obligations | Contract; legal obligation | Tax records 5–7 years per Australian law |
| 9 | Usage & analytics | Page views, feature usage, CTA and signup-funnel events (via GA4) | Improve the product; measure demand and funnel drop-off | Legitimate interests; consent for non-essential cookies | Typically 14–26 months, then aggregated/deleted |
| 10 | Device & log data | IP address, browser, device, OS, referrer, timestamps | Security, fraud/abuse prevention, debugging | Legitimate interests; legal obligation | Generally up to 12 months |
| 11 | Cookies & identifiers | Session cookies, analytics cookies/IDs | Keep you logged in; remember preferences; analytics | Necessary; consent for non-essential | Per cookie; session to 26 months |
| 12 | AI processing content | The specific room content sent to AI providers for a task | Extract deliverables, generate nudges/summaries | Contract; legitimate interests | Transient processing; not retained by providers for training beyond our contract terms |
| 13 | Support & comms | Support emails, booked-call records, product-update opt-ins | Respond to you; send service and (opt-in) marketing messages | Legitimate interests; consent for marketing | Up to 24 months after resolution |
Data we deliberately avoid: Warren is not designed to collect sensitive information / special category data (health, race, political views, biometrics, etc.). Please don't enter it. We also don't knowingly collect data from children (Service is 16+/18+).
We process personal data to: (a) provide the Service (rooms, co-signing, confirmations, sealing); (b) enable the multiplayer/shared-room experience; (c) build and, at your option, share reputation records; (d) run AI-assisted features; (e) take payments; (f) communicate with you; (g) secure, debug, and improve the Service; and (h) comply with law. We do not sell personal information, and we do not "share" it for cross-context behavioural advertising under the CPRA.
We use the following categories of third-party providers to run the Service. Each acts on our documented instructions under a data-processing agreement with appropriate confidentiality and security obligations, and international-transfer safeguards where relevant (Section 6).
| Category | Purpose | Provider(s) | Data exposed |
|---|---|---|---|
| Database & backend | Store data; run backend functions | Supabase (hosted on AWS, ap-northeast-1 / ap-southeast-2) | Categories 1–13 as needed |
| Authentication | Passwordless (magic-link) log-in and sessions | Supabase Auth | Account & identity |
| Website & CDN hosting | Serve the app; edge delivery | Cloudflare (Pages / CDN) | Device & log data |
| Email / notifications | Transactional invite and record emails | Resend | Name, email, message content |
| Analytics | Usage and funnel measurement | Google Analytics 4 | Usage, device, cookie data |
| AI / model providers | Extract deals, generate summaries (planned — not active in the current release) | Anthropic (when AI features are enabled) | Category 12 (task-specific room content) |
| Payments | Subscription billing (planned — not active until paid plans launch) | Stripe (when billing is enabled) | Billing data (full card data held by processor) |
Note: the AI and payments rows activate only when those features launch; the live product today uses Supabase, Cloudflare, Resend, and GA4. Keep this list current and consider publishing it at a stable URL (e.g. warrenship.com/subprocessors), notifying customers of changes.
We require sub-processors to: process data only for the stated purpose; keep it confidential and secure; not use it to train their own models except as our agreements permit; and assist us with data-subject requests and breach handling.
Beyond sub-processors, we disclose personal data only: (a) to your deal partner, by design, within shared rooms; (b) on a public reputation profile, only the parts you choose to share and only if you enable it; (c) in a business transfer (merger/acquisition/financing), subject to the Privacy Policy; and (d) for legal reasons, where reasonably required by law or to protect rights and safety. We do not sell data.
We apply reasonable technical and organisational measures appropriate to our size and the sensitivity of the data, including:
Action for Warren: as you scale (especially toward the Business tier's SSO/audit-log promises), formalise a written information-security policy, access-review cadence, vendor-risk process, and consider SOC 2 / ISO 27001 readiness. This statement should be updated to reflect controls you actually have in place.
No method of transmission or storage is perfectly secure, and we can't guarantee absolute security.
Warren is operated from Australia; sub-processors may process data in Australia, the United States, the EU, and elsewhere.
Individuals can request to access, correct, delete, export, restrict, or object to processing of their personal data, opt out of marketing, and (GDPR) withdraw consent or lodge a complaint with a supervisory authority. California residents have the rights to know, delete, correct, and opt out of sale/sharing (we don't sell or share). Full detail, including how we verify requests and our response timeframes (generally 30 days), is in the Privacy Policy (Sections 11–13).
Shared-record limitation: for mutual records (e.g. sealed records), we act on requests about your own personal information and your copy, but cannot erase a partner's legitimate copy of the shared facts.
How to make a request: email hugoc@warrenship.com.
If we become aware of a data breach:
We keep an internal record of breaches and our assessments.
This statement is provided for transparency and general information; it is not legal advice, and it describes intended and current practices that should be kept accurate as the Service grows. HopX Pty Ltd should keep the sub-processor list current and have this statement reviewed by a qualified Australian legal practitioner before publication.
HopX Pty Ltd — Level 22, Tower 1, 101 Grafton Street, Bondi Junction NSW 2022, Australia · ABN 50 683 525 813 · hugoc@warrenship.com