Privacy Policy
Simplo Software Systems – Last updated June 2026
Introduction
Simplo Software Systems (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our invoicing applications, Simplo NDIS and Simplo Tradie (collectively “Simplo”).
Information We Collect
We collect information you provide directly to us, including:
- Account information (email address, password)
- Business details (name, address, phone, ABN)
- Banking details (for display on invoices)
- Client information (names, addresses, contact details)
- Invoice data (services, dates, amounts)
- Subscription and payment information
Simplo NDIS users additionally provide:
- Participant NDIS numbers
- Session and scheduling records
- Service agreement details
- Compliance records including incident reports, case notes and qualifications
- Support item codes and NDIS pricing information
- Voice recordings, when using voice dictation (processed transiently for AI transcription, not stored by Simplo)
We collect this additional information solely to provide the NDIS compliance and invoicing features of the app. We do not use participant information for any other purpose.
How We Use Your Information
We use the information we collect to:
- Provide and maintain the Simplo service
- Generate and send invoices on your behalf
- Process your subscription and payments
- Send you important updates about your account
- Respond to your support requests
- Improve and develop new features
Data Storage and Security
Your data is stored securely using industry-standard encryption. We use Supabase (SOC 2 Type 2 certified, Australian region) for data storage and Stripe for payment processing. Both services maintain strong security practices and compliance standards. As some data may be processed overseas, we take reasonable steps to ensure it is handled in accordance with the Australian Privacy Principles.
We do not sell, rent, or share your personal information with third parties for marketing purposes.
We use third-party AI services to power voice dictation features. When you use voice dictation, your audio recording is sent to OpenAI (Whisper) for transcription, and the resulting text is sent to Anthropic (Claude) for formatting. These recordings and transcripts are processed transiently and are not stored by Simplo. OpenAI and Anthropic maintain their own privacy and security practices. For more information, see the OpenAI Privacy Policy (openai.com/privacy) and the Anthropic Privacy Policy (anthropic.com/privacy).
AI Features and Voice Dictation
Simplo includes optional AI-powered voice dictation for session notes and SOAP case notes. When you use this feature, your audio is sent securely to OpenAI for transcription, and the transcript is sent to Anthropic for formatting into structured notes. This processing happens in real time and neither your audio nor your transcript is stored by Simplo or its AI providers beyond what is needed to complete the request. Use of AI features is optional. You can type notes manually at any time.
Email Communications
When you send an invoice through Simplo, we use Resend to deliver the email on your behalf. The recipient receives the invoice from Simplo with your details included. You can opt to receive a copy of all sent emails via the “CC me on all emails” setting.
NDIS Participant Data
For Simplo NDIS users, participant information (including NDIS numbers and support records) is stored securely and accessible only to the support worker account holder. This data is never shared with third parties and is used solely to generate compliant invoices and maintain records as required by NDIS Practice Standards.
Your Rights
You have the right to:
- Access your personal data at any time through your account
- Update or correct your information in Settings
- Export your invoices and data
- Request deletion of your account and data
To request account deletion or a copy of your data, please contact us at support@simplo.com.au.
Data Retention
Your data is retained for as long as your account is active. If you request account deletion, your data will be permanently removed from our systems within 60 days. Invoice data may be retained for a shorter or longer period if required by law.
Data Breach Response
In the event of a data breach that affects your personal information, we will notify affected users as soon as practicable and no later than 30 days after becoming aware of the breach, in accordance with the Notifiable Data Breaches scheme under the Australian Privacy Act 1988. We will also notify the Office of the Australian Information Commissioner (OAIC) where required.
Cookies and Local Storage
Simplo uses browser local storage to remember your session and preferences. We do not use tracking cookies or third-party analytics that follow you across the web.
Changes to This Policy
We may update this Privacy Policy from time to time. If we make significant changes, we will notify you through the app or by email. Your continued use of Simplo after changes are posted means you accept the updated policy.
Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please contact us:
