LYRAA
LEGAL DOCUMENTS
Terms of Service
Privacy Policy
The AI receptionist that actually sounds human.
Version 1.0
Effective: 20 April 2026
A Hyperion Tech product · Melbourne, Australia
ABN 20 646 814 048
DOCUMENT 01
Terms of Service
These Terms govern your access to and use of Lyraa, our AI voice receptionist service. Read them carefully. By using Lyraa, you agree to be bound by them.
|
Provider |
Hyperion Tech Pty Ltd (ABN 20 646 814 048) |
|
Product |
Lyraa — AI voice receptionist |
|
Website |
lyraa.io |
|
Contact (general) |
info@lyraa.io |
|
Contact (support) |
support@lyraa.io |
|
Registered address |
Ground Floor, 470 St Kilda Road, Melbourne VIC 3004, Australia |
|
Governing law |
Victoria, Australia |
|
Version |
1.0 |
|
Effective date |
20 April 2026 |
|
SUMMARY IN PLAIN ENGLISH This is a binding contract between you (the customer) and Hyperion Tech Pty Ltd. It covers what Lyraa does, what you’re allowed to do with it, how billing works, what happens to your data, and what happens if things go wrong. The long version is below. If you don’t agree with any of this, don’t use the service. |
1. Acceptance and parties
1.1 These Terms of Service (Terms) form a legally binding agreement between Hyperion Tech Pty Ltd (ACN 646 814 048, ABN 20 646 814 048), a company registered in Australia and trading as Lyraa (we, us, our), and the person or entity agreeing to these Terms (you, your, Customer).
1.2 By accessing or using the Service, by clicking to accept these Terms during account creation, or by paying any fee for the Service, you confirm that: (a) you have read and agree to be bound by these Terms; (b) if you are accepting on behalf of an entity, you have authority to bind that entity; and (c) you are at least eighteen (18) years of age.
1.3 These Terms incorporate by reference our Privacy Policy, Acceptable Use Policy, and any Service-specific terms published on lyraa.io from time to time.
2. Definitions
In these Terms, the following terms have the meanings set out below:
“Account” means the account you create to access the Service.
“Caller” means any natural person whose call, message, or interaction is handled by the Service.
“Customer Data” means all data, content, voice recordings, transcripts, contact information, and other material submitted to or processed by the Service by you, your end users, or Callers.
“Fees” means all subscription fees, usage fees, overage charges, and other amounts payable for the Service.
“Personal Information” means has the meaning given in the Privacy Act 1988 (Cth) and, where applicable, the General Data Protection Regulation 2016/679 (GDPR).
“Service” means the Lyraa AI voice receptionist platform, including the dashboard, mobile applications, telephony features, integrations, APIs, and any documentation or associated materials we provide.
“Subprocessor” means any third-party service provider we engage to process Customer Data in connection with the Service, including those listed in the Privacy Policy.
“Subscription” means your paid recurring plan to access the Service.
3. The service
3.1 Lyraa is an AI-powered voice receptionist platform that answers inbound calls, captures enquiries, books appointments, sends follow-up communications, and integrates with third-party business tools on behalf of the Customer’s business.
3.2 We grant you a non-exclusive, non-transferable, revocable licence to access and use the Service during the term of your Subscription, subject to these Terms.
3.3 The Service is currently offered to customers located in Australia. We may expand to other jurisdictions in the future. Use of the Service outside Australia is at your own risk and subject to local laws.
3.4 We may modify, suspend, or discontinue features of the Service at any time. Where a change materially reduces functionality, we will give you at least thirty (30) days’ notice and, if you do not accept the change, you may terminate your Subscription without penalty and receive a pro-rata refund of any prepaid Fees for the unused period.
4. Eligibility and account
4.1 You must be a legal entity or an individual of at least eighteen (18) years of age operating a legitimate business in Australia to use the Service.
4.2 You are responsible for: (a) maintaining the confidentiality of your account credentials; (b) all activity under your Account; (c) ensuring information you provide is accurate, complete, and current; and (d) promptly notifying us of any unauthorised access at security@lyraa.io.
4.3 We may refuse registration, suspend, or terminate any Account at our discretion if we reasonably believe the Account is being used in breach of these Terms or applicable law.
5. Free trial
5.1 We offer a fourteen (14) day free trial of the Service. No credit card is required to commence the trial.
5.2 Usage during the trial is subject to fair-use limits which we may publish and vary from time to time. At the end of the trial, your Service will be downgraded to a read-only state until you select a paid plan and provide payment details.
5.3 We reserve the right to limit the number of trials per person, business, or payment method, and to terminate any trial we reasonably believe is being used in bad faith.
6. Fees, billing and auto-renewal
6.1 Fees for the Service are set out on the Pricing page at lyraa.io/pricing and apply in Australian Dollars (AUD) exclusive of GST. GST will be added to all invoices at the applicable rate.
6.2 Subscriptions are billed monthly in advance. Your Subscription commences on the date you provide payment details and is charged on the same date each calendar month thereafter.
6.3 Your Subscription automatically renews each month until cancelled. You may cancel at any time from your Account settings. Cancellation takes effect at the end of the current billing cycle; you retain access until that date.
6.4 If your usage exceeds the allowance of your selected plan, we will automatically upgrade you to the next appropriate plan and charge the difference to your payment method on file. We will notify you by email when an automatic upgrade occurs. You may downgrade back to your previous plan at the start of the next billing cycle.
6.5 All Fees are non-refundable. We do not offer refunds for partial months, unused allowance, downgrades, or cancellations except where required by the Australian Consumer Law or other applicable law.
6.6 If a payment fails, we will attempt to reprocess the payment. If the payment remains unpaid after seven (7) days, we may suspend the Service. If payment remains unpaid after thirty (30) days, we may terminate your Account and retain any Customer Data in accordance with clause 16.
6.7 We may increase Fees at any time by giving you at least thirty (30) days’ notice. If you do not accept the increase, you may terminate your Subscription before the increase takes effect.
6.8 You are responsible for all taxes, duties, and governmental charges applicable to your use of the Service, other than taxes on our income.
7. Acceptable use
7.1 You must not use the Service to: (a) violate any law or regulation; (b) infringe any intellectual property or privacy right; (c) transmit harmful, unlawful, defamatory, obscene, or threatening content; (d) interfere with or disrupt the Service or the networks used to provide it; (e) reverse engineer, decompile, or create derivative works from the Service; (f) use automated means to access the Service other than via published APIs; or (g) resell, sublicense, or otherwise commercially exploit the Service without our written consent.
7.2 You must not use the Service for the following categories of activity: (a) adult or sexually explicit services; (b) gambling or wagering services; (c) any activity that violates the telecommunications or consumer laws of Australia or any jurisdiction in which Callers are located.
7.3 You are solely responsible for the content of all calls, messages, and interactions facilitated by the Service, including compliance with the Spam Act 2003 (Cth), the Do Not Call Register Act 2006 (Cth), the Australian Consumer Law, and any equivalent laws in other jurisdictions where your Callers are located.
7.4 We may suspend or terminate your Account immediately and without notice if we reasonably believe you have breached this clause 7. We may report any suspected unlawful activity to the relevant authorities.
8. Call recording and AI disclosure
8.1 The Service records, transcribes, and processes inbound calls to provide its functionality. You acknowledge that Australian law imposes call recording obligations which vary by State and Territory. In Victoria, New South Wales, Western Australia, and the Australian Capital Territory, the consent of all parties to a call is generally required before a call may be recorded.
8.2 We provide an optional opening disclosure message that can be configured to play at the start of every call to inform Callers that the call is being handled by an AI assistant and/or recorded. You are responsible for selecting an appropriate disclosure configuration for your jurisdiction and for the jurisdictions of your Callers.
8.3 By using the Service, you warrant that you have obtained, or will obtain, all consents required under applicable law before using Lyraa to handle calls. You indemnify us against any claim, loss, or liability arising from your failure to obtain such consents.
8.4 The Service may identify itself as an AI assistant to Callers on request or automatically, depending on your configuration. Where your Callers are located in the European Union or United Kingdom, applicable law (including the EU AI Act) may require clear and proactive AI disclosure regardless of configuration, and you must configure the Service accordingly.
9. Customer data and privacy
9.1 As between you and us, you retain all right, title, and interest in and to Customer Data. You grant us a worldwide, non-exclusive, royalty-free licence to host, store, process, transmit, and display Customer Data solely to the extent necessary to provide, maintain, secure, and improve the Service and to comply with law.
9.2 We do not use Customer Data, including call recordings or transcripts, to train our artificial intelligence or machine-learning models, nor do we permit our Subprocessors to do so. This is a contractual commitment.
9.3 We may use aggregated and de-identified data derived from your use of the Service for analytics, product improvement, benchmarking, and marketing purposes. Such data will not identify you, your business, any individual, or any Caller.
9.4 Our collection, use, disclosure, and handling of Personal Information is governed by our Privacy Policy, which is incorporated into these Terms by reference.
9.5 Customer Data is hosted in Amazon Web Services infrastructure in the Sydney, Australia region (ap-southeast-2). Call recordings are retained for six (6) months from the date of the call unless you delete them earlier from your Account, or unless a longer retention period is required by law.
9.6 You may at any time export Customer Data from your Account in a machine-readable format. You are responsible for maintaining your own backup copies of Customer Data.
10. Intellectual property
10.1 We and our licensors retain all right, title, and interest in and to the Service, including all software, algorithms, designs, trademarks (including Lyraa, the Lyraa logo, and the waveform mark), documentation, and related materials. Except for the licence expressly granted in clause 3.2, no rights are granted to you.
10.2 You may provide feedback, suggestions, or ideas about the Service. You grant us a perpetual, irrevocable, worldwide, royalty-free licence to use such feedback for any purpose without obligation to you.
10.3 You may use the Lyraa name and logo solely to identify that you use the Service, in accordance with our brand guidelines available on request. We may use your name and logo in our customer lists, marketing materials, and case studies only after receiving your express written consent, which you may withdraw at any time by emailing info@lyraa.io.
11. Third-party services and subprocessors
11.1 The Service integrates with or relies on third-party services, including Amazon Web Services (hosting), Twilio Inc. (telephony), and ElevenLabs Inc. (voice synthesis). A current list of our Subprocessors is maintained in the Privacy Policy.
11.2 You acknowledge that your use of the Service is subject to the terms and limitations of these third-party services, and that we are not responsible for their acts, omissions, outages, or changes.
11.3 We may engage additional Subprocessors at our discretion. We will update the Privacy Policy to reflect any such change. Your continued use of the Service after the change constitutes acceptance of the updated Subprocessor list.
12. Service levels and support
12.1 We provide customer support via email at support@lyraa.io. We aim to acknowledge support requests within twenty-four (24) to seventy-two (72) business hours, where business hours are 9:00am to 5:00pm Australian Eastern Time on Australian business days.
12.2 The Service is provided on an “as available” basis. We do not warrant uninterrupted or error-free operation. Planned maintenance will be notified in advance where reasonably practicable. We do not provide a contractual uptime commitment under these Terms; enterprise-grade service level agreements are available on request.
12.3 We may, at our discretion, offer credits or other compensation for unplanned outages as a gesture of goodwill. Any such offer is not an admission of liability.
13. Warranties and consumer guarantees
13.1 We warrant that we will provide the Service with due care and skill and in accordance with these Terms. Except as expressly set out in these Terms, and to the maximum extent permitted by law, we exclude all other representations, warranties, conditions, and guarantees, whether express or implied, including warranties of merchantability, fitness for a particular purpose, and non-infringement.
13.2 Certain consumer guarantees under the Australian Consumer Law (Schedule 2 to the Competition and Consumer Act 2010 (Cth)) may apply and cannot be excluded. Where the Service is supplied to a consumer, our liability for any breach of a non-excludable consumer guarantee is limited, at our option, to: (a) re-supplying the Service; or (b) refunding the Fees paid for the Service in the twelve (12) months preceding the claim.
14. Limitation of liability
14.1 To the maximum extent permitted by law, and subject to clause 13.2, our total aggregate liability to you arising out of or in connection with these Terms or the Service, whether in contract, tort (including negligence), statute, or otherwise, is limited to the Fees paid by you to us in the twelve (12) months immediately preceding the event giving rise to the liability.
14.2 In no event will we be liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profits, loss of business, loss of revenue, loss of goodwill, loss of data (other than as required by law), or loss of opportunity, even if advised of the possibility of such damages.
14.3 You agree that the allocations of liability in this clause 14 reflect the commercial bargain between the parties and are reasonable given the Fees payable under these Terms.
15. Indemnity
15.1 You will defend, indemnify, and hold us, our affiliates, and our personnel harmless from and against any claim, loss, liability, damage, fine, or expense (including reasonable legal fees) arising out of or in connection with: (a) your use of the Service in breach of these Terms or applicable law; (b) Customer Data submitted to the Service; (c) your failure to obtain any consent required under clause 8; or (d) your infringement of any third-party right.
16. Term and termination
16.1 These Terms commence on the date you first accept them and continue until terminated in accordance with this clause 16.
16.2 You may cancel your Subscription at any time from your Account settings. Cancellation takes effect at the end of the current billing cycle.
16.3 We may suspend or terminate the Service immediately by notice if: (a) you materially breach these Terms, including any breach of clause 7 (Acceptable Use); (b) you fail to pay Fees when due and the failure continues for thirty (30) days; (c) we are required to do so by law; or (d) you become insolvent, bankrupt, or subject to analogous proceedings.
16.4 On termination: (a) your right to access the Service ceases immediately; (b) we will retain Customer Data for a period of six (6) months to allow for export and dispute resolution; (c) after that six (6) month period we will permanently delete Customer Data, except where retention is required by law; and (d) clauses that by their nature are intended to survive termination (including clauses 9, 10, 13, 14, 15, 16.4, 18, 19, and 20) will survive.
17. Force majeure
17.1 Neither party is liable for any failure or delay in performance caused by circumstances beyond its reasonable control, including acts of God, war, terrorism, civil unrest, pandemic, labour dispute, failure of public utilities, telecommunications outage, or governmental action. This clause does not excuse payment of Fees.
18. Changes to these terms
18.1 We may amend these Terms from time to time. We will give at least thirty (30) days’ notice of material changes by email to your registered contact address and by posting the updated Terms at lyraa.io/legal/terms. Non-material changes take effect immediately on posting.
18.2 Your continued use of the Service after the effective date of the updated Terms constitutes your acceptance of the updates. If you do not accept the updates, you must cancel your Subscription before they take effect.
19. Dispute resolution
19.1 Before commencing any proceeding, each party must give the other written notice of the dispute at the addresses set out in these Terms and must attempt in good faith to resolve the dispute by negotiation for at least thirty (30) days.
19.2 If the dispute is not resolved through negotiation, the parties agree to attempt to resolve it by mediation administered by the Resolution Institute under its Mediation Rules before commencing court proceedings, unless urgent injunctive or interlocutory relief is required.
20. Governing law and jurisdiction
20.1 These Terms are governed by the laws of the State of Victoria, Australia. Each party irrevocably submits to the exclusive jurisdiction of the courts of Victoria and any courts having appellate jurisdiction from them.
21. General
21.1 These Terms, together with the documents they incorporate, constitute the entire agreement between the parties and supersede all prior agreements on the subject matter.
21.2 A failure or delay in exercising any right under these Terms does not constitute a waiver of that right.
21.3 If any provision of these Terms is held to be invalid or unenforceable, the remaining provisions will continue in full force and effect.
21.4 You may not assign these Terms or any rights under them without our prior written consent. We may assign these Terms to any affiliate, or in connection with a merger, acquisition, corporate restructure, or sale of all or substantially all of our assets.
21.5 Nothing in these Terms creates a partnership, joint venture, agency, or employment relationship between the parties.
21.6 Any notice under these Terms must be given in writing and sent by email to info@lyraa.io (for us) or the email address registered in your Account (for you). Notices are deemed received on the day of sending if sent on a business day during business hours, or on the next business day otherwise.
ACCEPTANCE
By creating an Account or using the Service, you acknowledge that you have read, understood, and agreed to be bound by these Terms of Service.
These Terms of Service were last updated on 20 April 2026. Version 1.0.
DOCUMENT 02
Privacy Policy
Your privacy is not a feature we bolt on. It is how Lyraa is built. This Privacy Policy explains what we collect, why we collect it, and the controls you have.
|
Data controller |
Hyperion Tech Pty Ltd (ABN 20 646 814 048) |
|
Product |
Lyraa — AI voice receptionist |
|
Privacy Officer |
Arthua Ramsy Saikrishna, Director |
|
Privacy contact |
info@lyraa.io · 0422 400 373 |
|
Registered address |
Ground Floor, 470 St Kilda Road, Melbourne VIC 3004 |
|
Data hosting |
Amazon Web Services, Sydney, Australia (ap-southeast-2) |
|
Governing law |
Privacy Act 1988 (Cth) and GDPR 2016/679 where applicable |
|
Version |
1.0 |
|
Effective date |
20 April 2026 |
|
SUMMARY IN PLAIN ENGLISH We collect data so Lyraa can do its job — answer calls, book jobs, and integrate with your tools. We do not sell your data. We do not train AI models on your calls. We host in Australia. You can export or delete your data at any time. If you have questions, email info@lyraa.io. |
1. About this Privacy Policy
1.1 This Privacy Policy explains how Hyperion Tech Pty Ltd (ABN 20 646 814 048), trading as Lyraa (we, us, our) collects, holds, uses, discloses, and protects Personal Information in connection with the Lyraa AI voice receptionist service (Service).
1.2 We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where the General Data Protection Regulation 2016/679 (GDPR) or the United Kingdom General Data Protection Regulation (UK GDPR) applies to a particular individual, we treat those requirements as additional to, not a replacement for, our obligations under Australian law.
1.3 This Privacy Policy forms part of our Terms of Service. Capitalised terms used but not defined here have the meaning given in the Terms of Service.
2. Who we collect information about
We collect Personal Information about three categories of people:
- Customers — business owners, operators, and authorised users of Lyraa accounts.
- Callers — individuals who call, text, or otherwise interact with a phone number handled by the Service on behalf of a Customer.
- Website visitors — individuals who visit lyraa.io or related web properties.
The nature and extent of Personal Information we collect differs by category and is set out below.
3. What information we collect
3.1 From Customers
We collect the following Personal Information from Customers during registration and use of the Service:
- Name, business name, role, email address, and phone number.
- Billing information processed by our payment provider (we do not store full payment card details).
- Business profile information you provide to configure Lyraa, including services offered, hours of operation, pricing, and FAQs.
- Authentication information, including password hashes and multi-factor authentication tokens.
- Technical information such as IP address, device identifiers, browser type, and operating system.
- Usage data including dashboard interactions, feature usage, and log records.
3.2 From Callers
When a Caller contacts a phone number handled by the Service, we collect:
- Voice recordings of the call.
- Transcripts generated by our speech-to-text Subprocessor.
- The Caller’s phone number, and any Caller ID information provided by the telecommunications network.
- Information disclosed during the call, which may include the Caller’s name, address, email, booking details, and other information relevant to the enquiry.
- Metadata such as call time, duration, location of the telecommunications endpoint, and sentiment analysis derived from the call content.
3.3 From website visitors
We collect the following information automatically when you visit lyraa.io:
- IP address, browser type, device type, operating system, and approximate location derived from IP address.
- Pages visited, referring URL, time spent on site, and interaction events (clicks, form submissions).
- Cookie identifiers, including those set by Google Analytics.
We do not use Meta Pixel, TikTok Pixel, LinkedIn Insight Tag, or other advertising tracking pixels at the time of issuing this Privacy Policy. If we add such technologies, we will update this Policy and request fresh consent where required.
4. How we use your information
We use Personal Information for the following purposes:
- To provide, maintain, secure, and improve the Service.
- To authenticate Customers and authorised users.
- To handle inbound calls on behalf of Customers, including answering, booking, transferring, and following up.
- To generate summaries, transcripts, and analytics for the Customer.
- To process payments and recover unpaid Fees.
- To communicate with Customers about the Service, including operational notices, security alerts, and Service updates.
- To send marketing communications where you have opted in, and to enable you to opt out at any time.
- To comply with legal obligations, respond to lawful requests from authorities, and enforce our Terms of Service.
- To detect, prevent, and respond to fraud, abuse, security incidents, and breaches of our Acceptable Use Policy.
5. Legal bases for processing (GDPR)
Where GDPR or UK GDPR applies, we rely on the following legal bases to process Personal Information:
- Contract — processing is necessary to provide the Service to Customers and to respond to Callers on their behalf.
- Legitimate interests — processing is necessary for our legitimate interests in operating, securing, and improving the Service, provided those interests are not overridden by your rights.
- Consent — for marketing communications and for any processing where we expressly request your consent.
- Legal obligation — where processing is required to comply with applicable law.
6. AI, call recording, and training
6.1 The Service uses artificial intelligence and machine-learning technologies, including large language models, speech-to-text, and voice synthesis, to answer and process calls.
6.2 Calls are recorded and transcribed by default so that Customers can review the interactions handled on their behalf. Customers may configure the Service to play a disclosure message informing Callers that the call is handled by an AI assistant and/or recorded.
6.3 We do not use Customer Data, call recordings, transcripts, or any other content generated by or for Customers to train, fine-tune, or evaluate our AI or machine-learning models, nor do we permit our Subprocessors to do so. This is both a contractual commitment and a technical control.
6.4 We may use aggregated and de-identified data derived from Service use for analytics, benchmarking, and product improvement. Such data will not identify any individual.
6.5 Callers located in jurisdictions subject to the EU AI Act or analogous laws may have additional rights, including the right to be clearly informed that they are interacting with an AI system. Customers are responsible for configuring the Service in compliance with those laws.
7. How we share information
7.1 We share Personal Information only where it is necessary to provide the Service, required by law, or expressly authorised by you.
7.2 We share Personal Information with our Subprocessors, set out in clause 8 below, solely for the purpose of providing the Service. Each Subprocessor is contractually bound to appropriate data protection and confidentiality terms.
7.3 We do not sell Personal Information to third parties. We do not disclose Personal Information to advertisers, data brokers, or other commercial parties for their own marketing or profiling purposes.
7.4 We may disclose Personal Information where required by law, court order, or to lawful requests from government or regulatory authorities. Where legally permitted, we will notify the affected Customer before disclosing.
7.5 In the event of a corporate transaction, such as a merger, acquisition, or asset sale, Personal Information may be transferred as part of that transaction. We will notify affected individuals and their rights under this Policy will be preserved.
8. Subprocessors
We engage the following Subprocessors to deliver the Service. Each has been assessed for data protection and security compliance:
|
Provider |
Service |
Location |
|---|---|---|
|
Amazon Web Services |
Hosting, storage, compute, database services |
Sydney, Australia |
|
Twilio Inc. |
Telephony, SMS, and voice connectivity |
United States (with AU PoPs) |
|
ElevenLabs Inc. |
AI voice synthesis and text-to-speech |
United States |
|
Stripe Payments Australia |
Subscription billing and payment processing |
Australia |
|
Google LLC |
Website analytics (Google Analytics) |
United States |
The current list of Subprocessors is maintained at lyraa.io/legal/subprocessors. We will update this list and notify Customers by email at least thirty (30) days before a new Subprocessor begins processing Customer Data.
9. International data transfers
9.1 Customer Data is stored in Amazon Web Services infrastructure in the Sydney region (ap-southeast-2).
9.2 Where Subprocessors are located outside Australia, transfers of Personal Information to those Subprocessors are made under contractual protections, including Standard Contractual Clauses where the recipient is in a jurisdiction without an adequacy decision under GDPR.
9.3 Under Australian Privacy Principle 8, we take reasonable steps to ensure that overseas recipients of Personal Information do not breach the APPs. In most cases we remain accountable for the acts of our Subprocessors in relation to Personal Information.
10. Data retention
10.1 We retain Personal Information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.
10.2 Call recordings and transcripts are retained for six (6) months from the date of the call, unless the Customer deletes them earlier from the Account, or retention is required to meet a legal, regulatory, tax, accounting, or dispute resolution obligation.
10.3 On termination of a Customer Account, Customer Data including call recordings and transcripts are retained for six (6) months to enable export and to resolve any outstanding matters. After that period, Customer Data is permanently deleted or de-identified, except where retention is required by law.
10.4 Billing and transactional records are retained for seven (7) years from the date of the transaction to comply with taxation and corporate record-keeping laws.
11. Security
11.1 We implement reasonable technical and organisational measures to protect Personal Information from unauthorised access, disclosure, alteration, and destruction. These include encryption in transit (TLS 1.2 or higher) and at rest (AES-256), access controls, role-based permissions, audit logging, secure development practices, and regular security reviews.
11.2 No method of transmission or storage is completely secure. While we take reasonable steps to protect Personal Information, we cannot guarantee absolute security.
11.3 If we become aware of a data breach that is likely to result in serious harm, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required by the Notifiable Data Breaches scheme in Part IIIC of the Privacy Act. Where GDPR applies, we will notify the relevant supervisory authority within seventy-two (72) hours of becoming aware of the breach.
12. Your rights
12.1 You have the following rights in relation to your Personal Information, subject to applicable law:
- Access — you may request a copy of the Personal Information we hold about you.
- Correction — you may request correction of inaccurate or incomplete Personal Information.
- Deletion — you may request that we delete Personal Information we hold about you, subject to our right to retain data as required by law or legitimate business purposes.
- Objection — you may object to our processing of Personal Information where we rely on legitimate interests as the legal basis.
- Restriction — you may request that we restrict the processing of your Personal Information in certain circumstances.
- Portability — where GDPR applies, you may request to receive Personal Information you have provided to us in a structured, commonly used, machine-readable format.
- Withdraw consent — where processing is based on consent, you may withdraw that consent at any time.
12.2 To exercise any of these rights, email info@lyraa.io with your request. We will respond within thirty (30) days. We may require you to verify your identity before actioning the request.
12.3 If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (www.oaic.gov.au) or, where GDPR applies, with your local data protection authority.
13. Direct marketing
13.1 We may send marketing communications to Customers about new features, pricing updates, and related products. We only send marketing communications with your consent, which is given when you register for the Service or explicitly opt in.
13.2 You may opt out of marketing communications at any time by clicking the unsubscribe link in any marketing email or by emailing info@lyraa.io. Operational communications about your Account (such as billing notices and security alerts) will continue regardless of marketing preferences.
14. Cookies and tracking
14.1 Our website uses cookies and similar technologies to operate the site, remember your preferences, and analyse usage. The primary third-party cookie provider we use is Google Analytics.
14.2 You may control cookies through your browser settings. Disabling cookies may affect the functionality of the website.
14.3 We do not use cookies for cross-site advertising or retargeting at the time of issuing this Privacy Policy. If we add such cookies, we will update this Policy and request fresh consent where required by law.
15. Changes to this Privacy Policy
15.1 We may amend this Privacy Policy from time to time. We will give at least thirty (30) days’ notice of material changes by email to your registered contact address and by posting the updated Policy at lyraa.io/legal/privacy.
15.2 Non-material changes take effect on posting. Your continued use of the Service after the effective date of the updated Policy constitutes acceptance of the updates.
16. Contact us
For any questions about this Privacy Policy or to exercise any of your rights:
Hyperion Tech Pty Ltd (trading as Lyraa)
Attention: Privacy Officer — Arthua Ramsy Saikrishna
Ground Floor, 470 St Kilda Road, Melbourne VIC 3004, Australia
Email: info@lyraa.io
Phone: 0422 400 373
This Privacy Policy was last updated on 20 April 2026. Version 1.0.