Privacy Policy

Effective 1 May 2025 · Last updated 23 June 2026

Off Rhodes Pty Ltd (ACN 669 782 030, ABN 27 669 782 030) 24 Holroyd Street, Kew, Victoria 3101, Australia

1. Who we are

Off Rhodes Pty Ltd ("we", "us", "our") runs the Ads to AI membership and community, the websites at ads2ai.com, m.ads2ai.com, and agency.ads2ai.com, and the Agency Brain desktop application (the App). This policy explains how we handle personal information in line with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). Where members are in the EU or UK, section 9 explains the additional position.

This policy is part of, and should be read with, our Terms of Service.

2. The short version

  • We collect the minimum we need to run your membership, the websites, the community, and the App.
  • We do not host your "brain", and we cannot read its contents, your files, your prompts, or your AI sessions. The App runs on your own device using your own accounts.
  • We do not track how much AI any individual uses.
  • We never sell your personal information.

The rest of this policy is the detail behind those points.

3. What we collect

Account and membership information. Your name, email address, and the details you give us when you sign up, fill in onboarding, or contact us. For team or agency memberships, this includes the role assigned to each member (owner, scout, or team).

Billing information. Subscription and payment records. Payments are processed by Stripe; we receive confirmation of payment and subscription status but do not store your full card number.

Website and portal usage. When you use the members portal (m.ads2ai.com) we record usage information such as login times, login count, pages visited, onboarding choices (for example your stated experience level and chosen path), and your progress through courses. We use standard web analytics and cookies on our Sites (see section 7).

Community and email. If you join our community (Circle) or receive our emails (sent via Brevo), those platforms hold the information needed to provide them, such as your profile and email engagement.

App connection signals. When you use the Agency Brain App, the only information that reaches us about your use of it is a small set of technical signals per member:

  • a connection/sync heartbeat timestamp (that your App is connected);
  • a timestamp when you have contributed content, together with your team identifier only; and
  • a timestamp when installation completed, plus the App version you are running.

That is the complete list of what the App reports to us.

4. What we do NOT collect or have access to

Because of how the App is built, we want to be explicit about what we never receive:

  • The contents of your brain repository, your files, notes, client data, or documents. You host these on your own version-control account; we have no access to your repository and cannot read, write to, or download it.
  • Your prompts or your AI sessions. You run Claude on your own device through your own Anthropic account. We do not proxy, store, or see your conversations.
  • Your credentials. Connection tokens used by the App are short-lived, scoped to the operation, and never sent to us in a form we store. We do not collect your passwords or API keys.
  • Per-person AI usage. We deliberately do not track or surface how many AI tokens any individual team member uses.
  • What your team built or how they worked. We do not receive skill contents, skill counts, run counts, or activity detail. Usage analytics for your own team are computed locally on your own machines and stay within your own repository.

5. How we use your information

We use personal information to:

  • provide and administer your Membership, the Sites, the community, and the App;
  • process payments and manage renewals;
  • provide support and respond to your enquiries;
  • send you service messages and, where you have not opted out, relevant updates and offers (you can unsubscribe at any time);
  • understand and improve how the Services are used, at an aggregate level; and
  • meet our legal obligations and protect our rights and the Services.

We rely on your provision of information to perform our contract with you, your consent (for example for marketing), and our legitimate business interests in running and improving the Services.

6. Who we share it with

We share personal information only as needed to run the Services, with providers acting on our behalf, including:

  • Stripe — payment processing;
  • GitHub — you host your own repository there; we broker short-lived scoped access only;
  • Anthropic — AI models you use through your own account;
  • Circle — community platform;
  • Brevo — email delivery;
  • Analytics and affiliate-tracking providers (for example Google Analytics and our affiliate platform) — to measure how our public sites are used and to credit referrals from affiliates;
  • Cloudflare, Neon, Google Firestore, and our hosting providers — infrastructure that runs our websites and back-end.

We may also disclose information if required by law, to enforce our Terms, or in connection with a sale or reorganisation of our business. We do not sell your personal information.

Some of these providers, and our infrastructure, may store or process data outside Australia (see section 9).

7. Cookies and analytics

Our Sites use cookies and similar technologies to keep you logged in, remember preferences, and measure usage so we can improve the Services. You can control cookies through your browser settings; turning some off may affect how the Sites work.

8. How we store and protect your information

We take reasonable steps to protect personal information from misuse, loss, and unauthorised access. Data we hold is stored with reputable providers that encrypt data at rest and in transit. Information you hold yourself (in your own repository, on your own device, and in your own connected accounts) is secured by you and by those services; we describe the App's security posture in our Terms and supporting materials. No system is perfectly secure, and we cannot guarantee absolute security.

We keep personal information only as long as we need it for the purposes above or as required by law, then delete or de-identify it.

9. International members (EU/UK) and overseas transfers

Our business is based in Australia and some of our providers operate overseas, so your information may be transferred to and processed in countries other than your own. Where we transfer personal information, we take reasonable steps to ensure it is handled consistently with this policy.

If you are in the EU or UK, you may have additional rights under the GDPR or UK GDPR, including rights to access, correct, erase, restrict, or object to processing, and to data portability. The legal bases we rely on are performance of our contract with you, your consent, and our legitimate interests. To exercise these rights, contact us using the details below.

10. Your rights and choices

You can:

  • ask for access to the personal information we hold about you;
  • ask us to correct it if it is wrong or out of date;
  • ask us to delete it, where we are not required to keep it;
  • unsubscribe from marketing emails at any time using the link in the email; and
  • make a complaint if you think we have mishandled your information.

To do any of these, email mike@ads2ai.com. We will respond within a reasonable time. If you are not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

11. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top shows when it last changed. If a change is material, we will take reasonable steps to let you know.

12. Contact us

Off Rhodes Pty Ltd 24 Holroyd Street, Kew, Victoria 3101, Australia mike@ads2ai.com

Off Rhodes Pty Ltd · Privacy Policy · v1.0 (last updated 23 June 2026).

Terms of ServiceHome