Last updated: 6 July 2026
This policy explains how the Stylync and Pavlync platform ("the Platform"), operated by Narinder Singh as a sole trader (ABN: 20 181 541 570), Melbourne, Australia, collects, uses, and protects personal information. It covers both our direct customers (design firms and their staff) and individuals whose information those firms store in the Platform (their clients and suppliers).
Customer account data — names, emails, and login details of the firm's team members, plus billing records. For this data, we are the data controller.
Firm workspace data — the project details, client names and contacts, supplier records, messages, and financial entries a firm stores in its workspace. For this data, the firm is the controller and we act as its processor: we store and process it solely on the firm's behalf and instructions. Individuals whose details appear in a firm's workspace should direct privacy requests to that firm first; we will assist the firm in fulfilling them.
Messages submitted to the AI ingest feature are sent to Google's Gemini API solely to extract project-relevant actions (e.g. "the sofa order arrived"). Outputs are validated against the firm's existing records before any change is made, and every AI-suggested change is written to an audit log visible to the firm. Gemini API data handling is governed by Google's API terms, which do not permit use of submitted content for model training.
Workspace data is stored in a PostgreSQL database hosted by Supabase. Protections include:
Hosting providers (Supabase, Vercel) may store data on infrastructure located outside Australia. By using the Platform, firms consent to this transfer, which is protected by the providers' own security and compliance programs.
Workspace data is retained while the firm's subscription is active, and for 60 days after cancellation to allow reactivation or export, after which it is deleted from production systems. Firms may request earlier deletion. Backup copies age out on our providers' standard backup rotation.
Individuals may request access to, correction of, or deletion of personal information we hold, regardless of their location or jurisdiction. If your information was entered by a design firm using the Platform, we may refer your request to that firm as the controller of that data, and will assist them in actioning it. Contact: hello@stylync.com.
Supabase (database hosting), Vercel (application hosting), Google Gemini (AI processing), Stripe (payments), and — where a firm enables them — an email inbound provider and WhatsApp Business Platform (Meta) for message ingestion. Each processes data under its own privacy policy.
In the event of a data breach likely to result in serious harm, we will notify affected firms and the OAIC in accordance with the Notifiable Data Breaches scheme, and provide firms the information they need to notify their own clients where required.
The Platform is a business tool and is not directed at children.
Material changes to this policy will be notified by email or in-app before taking effect.
Privacy requests and questions: hello@stylync.com — Melbourne, Australia (ABN: 20 181 541 570)