Trust & compliance

Compliant by design.
Data onshore.

Schools and businesses trust Yindi with sensitive calls. Here's exactly how we handle privacy, call recording, data sovereignty and child safety — in line with Australian law.

In short

Yindi is an Australian AI receptionist that stores all call data onshore in Melbourne (with an AWS Sydney backup), operates in line with the Privacy Act 1988 and its Australian Privacy Principles, discloses call recording to callers, and never handles student welfare or emergencies itself — those are escalated straight to a human.

Privacy Act 1988

Australian Privacy Principles

Yindi collects only what's needed to handle a call and act on it. We operate in line with APP 5 (notification of collection), APP 6 (use & disclosure for the purpose collected) and APP 8 (cross-border disclosure). We don't sell call data or use it to train shared models.

Reference: OAIC — Australian Privacy Principles

Call recording

Disclosure & consent

Where calls are recorded or transcribed, callers are informed at the start of the call, consistent with Australian recording-disclosure requirements. Recordings and transcripts are encrypted and retained only as long as needed.

Reference: OAIC — guidance on recording

Data sovereignty

Stored onshore in Australia

Your call data is stored onshore in Melbourne, with an AWS Sydney backup. It's encrypted in transit and at rest. Where any sub-processor operates offshore, it's disclosed and handled under APP 8.

Backup region: AWS Asia Pacific (Sydney)

Child safety

Configured for adult callers

Yindi handles parents, staff and suppliers. It does not hold substantive conversations with student callers, and welfare or safety concerns are escalated immediately to your designated staff — never handled by the AI. Configured in line with Child Safe Standards.

Reference: Victorian Child Safe Standards

What this means for you

For schools

  • No student-facing AI conversations — welfare concerns go straight to a human.
  • Configured in line with Child Safe Standards.
  • Parent and student details kept onshore, under Australian law.

For businesses

  • Customer and caller data kept onshore, never sold or used to train shared models.
  • Call recordings and CRM/CommTrak records encrypted in transit and at rest.
  • Clear recording disclosure to every caller, consistent with Australian law.
Privacy Act 1988 (Cth)APP 5 / 6 / 8Onshore — MelbourneAWS Sydney backupChild Safe StandardsEncrypted in transit & at rest

For schools specifically, see our child safety & compliance page. For businesses, see how Yindi handles calls and CRM data. Or read our full privacy policy.

Privacy Act 1988 & the Australian Privacy Principles

The Privacy Act 1988 (Cth) and its 13 Australian Privacy Principles (APPs) govern how organisations collect, use, store and disclose personal information. Three matter most to a phone service. APP 5 requires that people are told when their information is being collected and why — Yindi discloses this at the start of a call. APP 6 limits use of that information to the purpose it was collected for — handling and actioning the call — so your call data is never repurposed or sold. APP 8 covers cross-border disclosure; because Yindi stores data onshore, this rarely applies, and where any sub-processor operates offshore it is disclosed and handled under APP 8.

Where your data actually lives

Data sovereignty is simple to state and hard to fake: can you tell a parent or customer, honestly, which country their information sits in and whose laws protect it? For Yindi the answer is Australia. Call recordings, transcripts and any details captured are stored onshore in Melbourne, with a backup in AWS's Sydney region, encrypted in transit and at rest. Many AI voice tools route audio to servers in the US or Europe; Yindi does not.

Call recording and consent

Australian recording rules vary by state, but the safe standard is clear disclosure. Where a call is recorded or transcribed, Yindi informs the caller at the start, so consent is informed. Recordings and transcripts are retained only as long as needed to action the call and meet your record-keeping needs, then handled under your retention settings.

Child safety by design

For schools this is the part that matters most. Yindi is configured for adult callers — parents, staff and suppliers. It does not hold substantive conversations with student callers, and it does not counsel, assess or investigate. Any welfare or safety concern, or a genuine emergency, is escalated immediately to your designated staff following the rules you set, in line with the National Principles for Child Safe Organisations and state Child Safe Standards. The AI's job is to get a person involved faster, never to stand in the way. See our child safety & compliance page for the school-specific detail.

Questions about compliance?

We're happy to walk your office manager, business owner or designated child-safety officer through exactly how Yindi handles data, recording and child safety.

Talk to us