Privacy Policy

Last updated: November 2022

Nooli is a productivity platform for modern households. Our mission is to help you get control over your household’s information, safely and without losing your right to the privacy of that data.

This policy was written in plain English to ensure everyone can easily read and how we will comply with both our moral and legal obligations to you.   Please send any questions or feedback on this policy to say@hellonooli.com.  We would love to hear from you.

Some Background Info

Nooli is a software product created by Miame Labs Pty Ltd, based in Brisbane, Queensland, Australia.  Miame Labs was founded in 2021 by Dean RobertsonAdam Craven. The first version of the Nooli app will be released to the public in January 2023.

This policy explains how Miame Labs Pty Ltd, the Australian company behind Nooli, will access, manage, and protect your personal information so you can rest assured your information is safe.

When this policy mentions ‘Nooli' we are referring to the Nooli product in all its forms: mobile app, web application and associated add-on tools that may access your personal information. When we refer to ‘Miame Lab Pty Ltd' (ACN 642 250 511) or ‘us' or ‘we' or ‘our' or ‘staff’, we're referring to the company, Dean and Adam, and the team behind the Nooli product.

We also refer to the Australian Privacy Principles (APPs) and the Privacy Act 1988 (The Act) in this policy. These govern our obligations around our personal information handling practices.

Personal information, as per The Act, includes a broad range of information that could identify an individual. For example, an individual's name, address, sensitive information, photographs, internet protocol (IP) addresses and location information from a mobile device.

How we Treat Your Connected Accounts

Nooli requires secure access to your email and calendar accounts to function. This section explains how we comply with those platform's data protection policies.

Google API Services User Data Policy

Any information we receive from Google API's will adhere to the Google API Services User Data Policy inclduding the Limited Use Requirements.

Our Approach to Your Information Privacy

Your Trust is Earned

We take information privacy very seriously, because if we didn’t you and your community would not trust us to access, collect and manage personal household data on your behalf.   We intend to both earn & keep your trust by always acting in the best interests of your personal data privacy.

The people behind Miame Labs Pty Ltd are users of the Nooli product too.  We are acutely aware that personal information, such as emails and calendar events, can contain sensitive and private information which is very personal and very important to all of us.

Securely Connecting Your Accounts to Nooli

Nooli helps you tame the volume of information that comes into your household daily.  To do this, we necessarily ask your permission to securely access your personal email, calendar, and chat messaging accounts so Nooli can present your own information to you from those services.

To do this we use the industry-standard OpenID Connect identity protocol, which in turn leverages the industry-standard OAuth 2.0 protocol which is implemented by most cloud services such as Microsoft, Google, Facebook, WhatsApp and others.

These secure protocols allow Nooli to verify your identity with the underlying service provider.  It also allows you to give Nooli permission to access your account on your behalf.

Because we are relying on the industry-standard OpenID Connect identity protocol, we do not need (or want) to capture your secure passwords to any of your connected accounts.

You can disconnect Nooli’s access to these services at any time by visiting the security settings of each service.  For example, you can disconnect your Google account from Nooli using this link.

Minimal Data Capture, Always

Nooli will only access, collect & manage the minimum of information that's necessary to deliver on our functional & brand promise to you.  We do not capture additional personal information that is unnecessary to the functioning of Nooli.

We collect information from you when you access or use Nooli. This may be when you use the Nooli mobile app or web app, or when you visit the Nooli website.  We may also collect information from you when you interact with us on social media, or send us an email.

In the event that you contact us with an issue, we may collect some information about you to help us either resolve the issue or communicate with you about the issue.  An example may be us requesting a screen shot of your Nooli app while you’re having an issue, which may contain sensitive information that you otherwise would not want others to see (e.g. the contents of an email).

It is always your decision whether to send additional information to us, and we will always endeavour to resolve the issue without requiring you disclose sensitive information to us wherever possible.

Secure Technology Platform & Practices

Nooli has been developed using modern software and database development practices to ensure multiple layers of information security protection.

Nooli is built & hosted entirely in Microsoft’s Azure cloud data centres in Sydney, NSW, Australia.  All customer-facing software & personal data is deployed securely behind multiple layers of network security provided by Microsoft themselves.  Nooli has additional security measures in implemented specifically by our team for additional layers of data protection security.

By design and policy, none of our staff have direct access to the Nooli databases where customer data is kept.  Personal data in Nooli is encrypted using SHA-2 (Secure Hash Algorithm 2) before it is stored into the database, providing an extra layer of security should anyone ever gain unauthorised access to the database directly.

Principle of Least Privilege

When dealing with our customer's personal data, our staff are only given sufficient privileges needed to complete the task.

We do not allow any of your personal information in our databases to be accessed, viewed, exported, or otherwise accessed by any representative of our business at any time, unless it’s for a temporary, specific bug-fixing or diagnostic purpose.

Where possible and practical, any data accessed during diagnostic investigation will be deidentified to ensure user anonymity.

Any diagnostic access to your personal data will be done under the supervision of company leadership to ensure proper information security protocols are followed.

Any temporary instances of your personal information created during the diagnostic process (including log files) will be immediately and permanently deleted as soon as the issue is resolved.

Contractor Service Agreements & Staff Employment Agreements

All agreements signed by company employees or temporary contractors include non-disclosure agreements, including their commitment to protect the information privacy rights of our Nooli users.

Data Sharing

Your information is secure and protected with Nooli.  We do not sell your information to third parties.

We will also never willingly or knowingly release your personal information to any party outside our company unless we have your prior consent, or if we are compelled to do so by law.

In the event that other entities acquire ownership or operation of Nooli, your information will be transferred to the control of those entities.

Information Collection Details

Data We Collect From You

The following table explains the specific types of information we collect from you while you use Nooli, and why it is required.

What we collect Why we collect it

Your contact information

e.g. name and email address

  • To create and maintain your account

  • To verify your identity

  • To help you understand how to use Nooli

  • To communicate with you

Your household members

e.g. names of your children that you provide to us

  • To allow other users you’re connected to know it’s you

  • To help you personalise your user and household profile

Your contacts

e.g. your device phone book

  • To help you send invites from Nooli to your contacts

  • To help you understand who of your contacts are also Nooli users

Your images

e.g. photos you upload or send through Nooli

  • To help you personalise your user and household profile

  • To allow other users you’re connected to know it’s you

  • To send content to other Nooli users

Your content

e.g. some specific emails and calendar events

  • To give you access to your own email and calendar items via Nooli.

  • To allow you to share selected items with other Nooli users

Your communications with other Nooli users

e.g. chat messages

  • To give you access to your own email and calendar items via Nooli.

  • To allow you to share selected items with other Nooli users

Your communications with us

  • To help resolve technical issues you might experience with Nooli

  • To understand how Nooli is and isn't providing value to you

  • To optimise your future experience with Nooli

Non-sensitive Nooli usage data

e.g. device information, cookies and data analytics

  • To understand how you interact with Nooli

  • To make Nooli better and easier to use in the future

  • To help resolve technical issues you might experience with Nooli

Approximate location information

e.g. Brisbane, Sydney, Melbourne

  • To help us understand (approximately) when and where Nooli is being used

Technical diagnostic data

e.g. crash logs, performance data

  • To help resolve issues you might experience with Nooli

  • To make Nooli better and easier to use in the future

  • To help resolve technical issues you might experience with Nooli

Research data

e.g. user interviews and surveys

  • To understand how Nooli is and isn't providing value to you

  • To make Nooli better and easier to use in the future



Data We Do NOT Collect

The following list explains the specific examples of information that we do not collect from you.

Some of this information may inadvertently be in your own emails or calendar items which you access via Nooli.  However, Nooli does not specifically collect this information.

Data Breaches

If Nooli were to ever suffer from a data breach we will take all necessary steps to comply with the Notifiable Data Breaches scheme as per The Act.  We would enact our internal Data Breach Response Plan, as well as notify all affected individuals and the Australian Information Commissioner if the data breach is likely to result in serious harm.

If you believe that your personal information has been accessed or disclosed without authorisation or has been lost, please email say@hellonooli.com immediately with details so we can immediately investigate.

Deleting Your Information

To delete your account, please send us an email to say@hellonooli.com.  Once we have verified you are the legitimate account owner and a Household Organiser of your household, we can do it for you.

As a Nooli user:

When you delete an account, we will take reasonable steps to ensure that all account data is removed from our systems and permanently destroyed within 7 days.

Nooli may retain personal information in circumstances where we have legal and regulatory obligations to do so. We may also retain anonymised information for analytic and service development purposes.

Policy changes

This Privacy Policy will change from time to time to ensure our privacy practices are up to date.  All changes will be updated on https://hellonooli.com/privacy and communicated to all Household Organiser users via email.

Contacting us

If you've got any questions or concerns about how your information is being protected, please email say@hellonooli.com. We will respond as quickly as possible.

In the event that you're not satisfied with our response, or you'd like to make a formal complaint, you can also contact the Office of the Australian Information Commissioner (OAIC) by phoning 1300 363 992 or email enquiries@oaic.gov.au