Privacy Policy


Effective Date: November 6, 2025

This Privacy Policy and Collection Notice explains how Possibility Studios Pty Ltd (ACN 690 900 497) trading as Aftermark collects, uses, discloses, and protects personal information in connection with our products, websites, applications, integrations, and online services, together the Services. By providing personal information to us, or by using the Services, you consent to the collection, use, and disclosure of your personal information in accordance with this Privacy Policy.

Enterprise use only. Our Services are designed for enterprise customers and their representatives. We do not offer products or services for personal, household, or family use. We treat personal information that we collect as pertaining to individuals in their capacity as representatives of an enterprise customer.

We may update this Privacy Policy by posting a revised version with a new Effective Date. Material changes may be notified by email or in product notices where reasonable.

1. Who we are

Aftermark is an Australian technology company that provides an AI powered marketing platform for businesses and teams. Possibility Studios Pty Ltd is incorporated in New South Wales and is an APP entity under the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

This Privacy Policy applies to:

  • Our websites, including aftermark.ai and related domains.

  • Web and mobile applications.

  • Browser extensions, APIs, and integrations.

  • Social media pages and promotional campaigns.

  • Any other digital property that links to this Privacy Policy.

2. What personal information we collect

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not and whether recorded in a material form or not.

We collect personal, business, and technical information directly from you, automatically, and from third parties. The categories include:

  • Identity and contact data, name, job title, employer, email address, phone, mailing or street address.

  • Account and profile data, account credentials, profile picture, preferences, roles, organisation settings, content you post, send, receive, or share through the Services.

  • Billing and financial data, billing address, ABN, transaction data, payment card data processed by Stripe.

  • Content data, prompts, uploads, images, videos, campaign materials, and outputs you create.

  • Interaction data, survey responses, competition entries, event registrations, support requests, and communications with us by email, chat, phone, or social media.

  • Technical and usage data, device identifiers, IP address, browser type, operating system, session duration, pages viewed, clicks, referrers, access times, telemetry, diagnostics, error reports, and AI feature usage.

  • Marketing and communications data, your preferences for receiving marketing and your communication preferences.

  • Professional and applicant data, resumes, employment history, references, background checks where permitted by law, authorisations and licences.

  • Sensitive information, we do not actively seek to collect sensitive information. If we ever need to, we will obtain consent unless otherwise permitted by law and will use it only as required or authorised by law.

You warrant that the personal information you provide is your own, or that you are authorised to provide it.

3. How we collect personal information

We collect information when you:

  • Create an account, sign in, or use the Services.

  • Connect third party accounts and integrations.

  • Communicate with us by email, chat, phone, or in person.

  • Participate in surveys, promotions, events, or research.

  • Apply for a job or engage with us as a contractor or supplier.

  • Visit our websites or platforms, where we use cookies, pixels, SDKs, and similar technologies.

We also collect information from:

  • Single sign on providers, for example Google or Microsoft, consistent with your settings with that provider, such as name, email, profile image, and identifiers.

  • Analytics and advertising vendors, such as Google Analytics and Meta tools.

  • Integration partners and data providers that you choose to connect.

  • Public sources, social networks, business directories, and affiliates.

4. Why we use personal information

We use personal information to:

  • Deliver, operate, secure, and maintain the Services.

  • Personalise features, recommendations, and content.

  • Process payments and issue invoices.

  • Provide customer support and communicate about the Services.

  • Conduct analytics, usage measurement, research, and product development.

  • Detect and prevent fraud, abuse, and unauthorised access.

  • Perform due diligence for investment, financing, or a sale of all or part of our business.

  • Comply with law and enforce our Terms of Use.

Consumer insights. We may disclose personal information to a trusted partner that also holds information about you so that we and the partner can generate consumer insights. For clarity, any consumer insights shared with customers will exclude the identifiable personal information of authorised users.

5. AI usage, training, and transparency

How AI is used. Our Services use AI and machine learning to process inputs, prompts, and other data to generate outputs, suggestions, and insights. We also analyse aggregate and anonymised usage to improve features and performance.

Training our systems. We may use data you provide, including prompts, uploads, outputs, logs, and telemetry, to train, fine tune, and improve our proprietary AI systems and related features. We may aggregate or anonymise data for analytics and benchmarking. Aggregated or anonymised data is not personal information.

Third party AI providers. We may share certain data with trusted third party AI model and infrastructure providers that power or support the Services. These providers may process prompts, inputs, and outputs to deliver the Services. Some providers may use data for their own system improvement in accordance with their terms. We select partners that maintain appropriate confidentiality and security standards, but we do not control their independent practices.

Customer controls and enterprise override. Customers may request configuration that restricts use of their data for third party training where supported by the relevant provider. Enterprise contracts may override or narrow AI training uses. Contact privacy@aftermark.ai to discuss available controls.

Transparency and user responsibility. AI generated outputs are probabilistic and may be inaccurate. Do not input personal, confidential, or sensitive information unless necessary. Validate outputs before relying on them for important decisions.

6. Direct marketing

We may send product updates, promotional offers, and other marketing messages by email or other channels. You can opt out at any time using the unsubscribe link or by contacting us.

If you start but do not complete a transaction, we may send reminders to help you complete your purchase.

7. Cookies, tracking technologies, and Consent Manager

We use cookies, web beacons, SDKs, and similar tools to authenticate users, remember preferences, measure performance, analyse traffic, and support advertising and retargeting. A Consent Manager may present options to accept or reject non essential cookies. Your selections are stored for future visits. You can manage cookies in your browser. Some features may not function if cookies are disabled.

Do Not Track. Some browsers send Do Not Track signals. We currently do not respond to Do Not Track signals.

Analytics and advertising tools. We may use Google Analytics Advertising Features and Meta tools such as Meta Pixel, advanced matching, and Conversions API to measure performance and deliver relevant ads. You can manage Google and Meta ad preferences in your account settings with those providers.

Cookie and SDK details are set out in Appendix A, Cookie Policy.

8. Third party platforms and integrations

Where you choose to connect a third party account, we process the data necessary to provide the integration.

  • Google Authentication and YouTube API Services. If you sign in with Google or connect YouTube, we may receive your Google username, profile image, and tokens needed to operate features such as uploading content to YouTube on your behalf. Your use of YouTube features is subject to the YouTube Terms of Service and Google Privacy Policy. You can revoke our access at any time via your Google security settings. Upon your request to remove authorisation, we will promptly delete associated tokens stored by us.

  • Other platforms, such as Meta, TikTok, Reddit, LinkedIn, and Zapier, are used only if you opt in and connect them. Their use is subject to their own terms and privacy policies.

Reference links, Google Privacy Policy, YouTube Terms of Service, and Google security settings, are available from Google and YouTube.

9. User generated content outside the platform

If you post reviews, comments, photos, or other content on public sites or social media, that content may be accessible to anyone. We are not responsible for the privacy, security, or accuracy of user generated content you choose to make public.

10. Payment processing

Payments are processed by third party providers such as Stripe. Stripe receives the data necessary to process payments and may share data with service providers, banks, and credit agencies for identity and fraud checks. See Stripe Privacy Policy for details.

11. How we share personal information

We may disclose personal information to:

  • Service providers and vendors for hosting, analytics, email delivery, customer support, AI processing, payment processing, and infrastructure.

  • Affiliates and subsidiaries of Possibility Studios for internal operations.

  • Advertising and analytics partners to deliver and measure campaigns.

  • Professional advisers, lawyers, accountants, bankers, and insurers.

  • Payment systems operators.

  • Existing or potential agents, business partners, and partners.

  • Prospective purchasers, investors, and their advisers for due diligence, and to transferees in connection with a merger, acquisition, financing, reorganisation, or sale of assets.

  • Courts, tribunals, regulators, and law enforcement where required, authorised, or permitted by law, or to protect rights, property, or safety.

  • Other users where you intentionally make content public.

We do not sell personal information. We may share de identified or aggregated data for analytics, research, or marketing.

12. International transfers

Your information may be transferred and processed outside Australia, including in the United States, Europe, or Asia, where privacy laws may differ. We use appropriate safeguards, such as contractual clauses or equivalent measures, to protect personal information during international transfers.

13. Security

We use technical and organisational measures, including encryption in transit, access controls, and secure infrastructure, to protect personal information. No system is completely secure. You are responsible for keeping your credentials confidential.

14. Retention

We keep personal information only as long as necessary for the purposes described in this Privacy Policy and to meet legal, accounting, or reporting obligations. Factors include the amount, nature, and sensitivity of the data, the risk of harm, the purposes of processing, and whether those purposes can be achieved by other means. When no longer needed, data is deleted, anonymised, or securely archived. Backups are retained only for disaster recovery cycles.

15. Your choices and rights in Australia

Under the Privacy Act 1988 and the Australian Privacy Principles you may:

  • Request access to personal information we hold about you.

  • Request correction if information is inaccurate, incomplete, or outdated.

  • Opt out of marketing communications.

  • Make a privacy complaint.

Contact us at privacy@aftermark.ai. If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner, see oaic.gov.au.

Notifiable Data Breaches scheme. If we experience an eligible data breach that is likely to cause serious harm, we will assess, and where required, notify affected individuals and the OAIC.

16. European Union and United Kingdom users

If you are located in the EU or UK, the GDPR and UK GDPR grant additional rights.

Controller. Possibility Studios Pty Ltd is the controller for processing covered by this Privacy Policy.

Legal bases. We rely on one or more of the following:

  • Contractual necessity, to provide and operate the Services you request.

  • Legitimate interests, such as improving the Services, ensuring security, communicating with you, and promoting our Services, balanced against your interests and rights.

  • Compliance with law.

  • Consent, where required.

Your rights. Subject to limits in law you may request access, rectification, deletion, restriction, portability, and you may object to processing based on legitimate interests. You may withdraw consent at any time where processing relies on consent.

International transfers. Where we transfer your data outside the EU or UK we use appropriate safeguards, for example Standard Contractual Clauses or an adequacy decision.

To exercise rights, contact privacy@aftermark.ai. You also have the right to lodge a complaint with your local data protection authority.

Automated decision making. We do not use automated decision making that produces legal or similarly significant effects.

17. Your obligation to provide data

You are not required to provide personal information. However, if you do not provide certain information, we may be unable to create or maintain your account, provide access to specific features, respond to inquiries, or perform a contract with you.

18. Children

The Services are not directed to individuals under 18. We do not knowingly collect data from children. If we learn that a child has provided information, we will delete it.

19. Other sites and services

The Services may contain links to third party websites or services. We are not responsible for the privacy practices of those third parties. Review their policies before providing personal information.

20. Contact us

Possibility Studios Pty Ltd (ACN 690 900 497)

trading as Aftermark

17-19 Bridge Street, Sydney NSW 2000

Email: hello@aftermark.ai

21. Disclaimer of liability

To the maximum extent permitted by law, the Services are provided on an as is basis and we disclaim all warranties, express or implied. We are not liable for indirect, incidental, special, exemplary, or consequential loss arising from use or misuse of information, unauthorised access, disclosure or alteration, downtime, errors, or data loss. Nothing in this Privacy Policy limits rights you may have under the Privacy Act 1988 or other non excludable Australian consumer laws.

Appendix A, Cookie Policy

We use cookies, pixels, SDKs, and similar technologies on our websites and in our applications.

Categories.

  • Strictly necessary cookies, enable core functionality such as authentication, security, and network management.

  • Analytical and performance cookies, help us understand usage and improve user experience.

  • Functionality cookies, remember choices such as language and region.

  • Targeting and advertising cookies, support retargeting and measurement of ad performance.

  • Social media cookies, support sharing and engagement with social platforms.sdsd