How we handle your data

We collect four broad categories of information. Each is described below with examples and the purpose it serves.

We collect personal information only for the purposes set out below, consistent with Australian Privacy Principle 3. Where we want to use information for a new, unrelated purpose, we will ask for consent or rely on a permitted exception under the Privacy Act 1988 (Cth).

• Account and user data — to provide the Service, authenticate access, enforce role-based permissions, and send transactional notifications.
• Client and bank data — to perform the bookkeeping work the practice is engaged for: coding, reconciliation, BAS preparation, P&L generation and client reporting.
• Source documents — to provide an audit trail from the raw statement to the posted entry, and to allow the practice to re-process if a parsing issue is later identified.
• Usage and operational data — to keep the Service running, debug issues, detect abuse, and inform product improvements at the aggregate level.

Retention is purpose-bound. We retain information only for as long as is necessary to serve the purpose for which it was collected, plus any further period required by Australian law (notably the seven-year record-keeping obligations that apply to most accounting records under the Income Tax Assessment Act).

• Active account data — kept for the life of the practice’s account.
• Bank transactions and coding history — kept for at least seven years after the relevant financial year to support the practice’s record-keeping obligations, unless the practice instructs earlier deletion and the instruction is consistent with their own legal obligations.
• Source documents — retained on the same seven-year cycle as the parsed transactions they support, then purged via a scheduled job.
• Logs and operational data — retained for up to 90 days for security and debugging, then purged.
• Closed accounts — when a practice closes its account, account data is retained for a 30-day grace period to support recovery, then deleted or anonymised except for records we are legally required to keep.

We do not sell personal information. We do not share it for advertising or marketing by third parties. The sub-processors who handle data on our behalf — hosting, email delivery, bank data feeds, large-language-model inference for the auto-coding stack — are listed in section 6 of our Privacy Policy. Each is contractually bound to handle data consistently with the Australian Privacy Principles.

We will disclose information without consent only where we are legally compelled to do so (court order, lawful agency request) or where disclosure is necessary to prevent or investigate serious threats to safety or to the integrity of the Service.

ReconLink’s auto-coding stack uses a large language model as the third of four coding layers (after deterministic rules and a per-practice machine-learning model). Practices control whether this layer is enabled. When it is enabled, the following applies:

• What we send — the bank transaction description, the amount, the transaction date, and a limited set of contextual signals (e.g. the practice’s most-common codings for similar descriptors). We do not send full statements, account numbers, customer identifiers, or contact details.
• What we receive back — a suggested account code and GST treatment, plus a confidence score. The model does not write to your data; the suggestion is queued for human or rule-engine confirmation.
• What the provider does with it — our agreement with the provider prohibits training on the data we submit. The provider stores requests transiently for abuse-monitoring purposes, on a short rolling window published in their data-processing addendum.
• Opting out — practices can disable the LLM layer at any time from the auto-coding settings page. With it disabled, the platform falls back to rules and per-practice ML; performance varies by client mix and history.

ReconLink data is hosted with enterprise-grade cloud providers operating in the Asia-Pacific region. The specific providers, the regions in which they hold our data, and the steps we have taken under APP 8 to ensure overseas recipients handle personal information consistently with the APPs are detailed in section 6 of our Privacy Policy. On-shore (AWS Sydney) hosting is available under enterprise agreements.

Under the Australian Privacy Principles, individuals whose personal information ReconLink holds have the following rights, exercisable at no charge:

• Access — request a copy of the personal information we hold about you (APP 12).
• Correction — request correction of information that is inaccurate, out of date, incomplete, irrelevant or misleading (APP 13).
• Deletion — request deletion of information we are not legally required to retain. Where retention is legally required (e.g. tax record-keeping obligations of the practice), we will explain what we cannot delete and why.
• Complaint — complain to us first at info@reconlink.com.au; if you are not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Most data we hold about a client of a practice has been provided to us by that practice. Where you are a client of a practice and want to exercise an access or correction right, we will typically refer the request to your practice in the first instance, since they are the entity that engaged us and holds the underlying relationship with you.

ReconLink processes information on behalf of practices. Practices remain the entity responsible to their clients under the Privacy Act and their professional standards. In plain terms, this means:

• You are responsible for ensuring your engagement letter and client-onboarding flow give your clients sufficient notice that their bank transaction data and supporting documents will be processed in ReconLink.
• You are responsible for managing client consent to bank data sharing, and for revoking that consent if requested.
• You are responsible for the accuracy of codings, BAS classifications, and the financial reports your clients rely on. ReconLink provides tooling and suggestions; professional judgement remains with you.

Where an incident gives rise to a notifiable data breach under Part IIIC of the Privacy Act, we will notify affected individuals and the OAIC as soon as practicable and in any event within the statutory timeframe. Practice administrators are notified by email; where the breach relates to a specific practice’s data, we coordinate with the practice on the form and timing of notice to their affected clients.

Privacy and data-handling questions: info@reconlink.com.au.

Suspected security vulnerabilities: info@reconlink.com.au.

The full architecture, controls and incident-response posture are described on our Security page. The full legal handling notice is in our Privacy Policy.