Cetra

Privacy Policy

Last updated: April 2026

1. Introduction

Cetra ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our online reputation management service at cetra.com.au.

2. Information We Collect

Account information:

  • Email address and password (or Google OAuth credentials)
  • Full name or business name
  • Location and profession/industry

Service data:

  • Google search results for your tracked keywords (public data)
  • Reputation scores and sentiment analysis
  • Platform gap analysis and claim status
  • AI-generated content created through the Service
  • Resume or bio text you upload for content generation

Technical data:

  • IP address, browser type, and device information
  • Usage data (pages visited, features used, timestamps)
  • Cookies for authentication and session management

Payment data:

  • Billing information is processed by Stripe and not stored on our servers
  • We store your Stripe customer ID and subscription status only

3. How We Use Your Information

  • To provide the reputation management service (scanning, analysis, content generation)
  • To authenticate your account and manage your subscription
  • To send transactional emails (welcome, scan alerts, billing notifications)
  • To improve the Service based on usage patterns
  • To comply with legal obligations

We do not sell, rent, or share your personal information with third parties for marketing purposes.

4. Data Storage and Security

Your data is stored in Supabase (PostgreSQL) with row-level security (RLS) policies. This means your search results, platform data, and generated content are isolated to your account and cannot be accessed by other users.

We use industry-standard security measures including HTTPS encryption, secure cookie handling, and server-side authentication. Payment processing is handled by Stripe, a PCI DSS Level 1 certified provider.

5. Third-Party Services

We use the following third-party services to operate Cetra:

  • Supabase — authentication and database hosting
  • Stripe — payment processing
  • Serper.dev — Google search result data
  • Anthropic (Claude) — AI content generation and sentiment analysis
  • Resend — transactional email delivery
  • Vercel — application hosting

Each provider has their own privacy policy governing their handling of data.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law. Search result snapshots and generated content are deleted when your account is deleted.

7. Your Rights

Under the Australian Privacy Act 1988, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your account and data
  • Withdraw consent for optional data processing
  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

To exercise these rights, contact us at privacy@cetra.com.au

8. Cookies

We use essential cookies for authentication and session management. These are necessary for the Service to function and cannot be disabled. We do not use tracking or advertising cookies.

9. Children

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last updated" date at the top indicates when the policy was last revised.

11. Contact

For privacy-related enquiries, contact us at privacy@cetra.com.au

Cetra is operated by the team behind ORMA (Online Reputation Management Australia). Visit orma.com.au for more information.