Privacy Policy

Your privacy is important to us. This policy outlines how Terrabox.ai collects, uses, and protects your information.

Last Updated: February 2026

1. Information We Collect

1.1 Contact Information

When you contact us through our website, we may collect:

  • Name and job title
  • Business email address
  • Company name and sector
  • Information about your sovereign AI infrastructure needs

1.2 Technical Information

We automatically collect certain technical information when you visit our website:

  • IP address and browser type
  • Device information and operating system
  • Referring website and pages viewed
  • Time and date of access

2. How We Use Your Information

We use the information we collect to:

  • Respond to your inquiries and provide technical information about our platform
  • Schedule demos and technical consultations
  • Improve our website and services
  • Send you relevant updates about sovereign AI infrastructure (with your consent)
  • Comply with legal obligations

3. Data Sovereignty and Storage

Terrabox.ai is committed to Australian data sovereignty. Your data:

  • Never leaves Australian shores unless explicitly required for service delivery
  • Is stored on infrastructure located in Sydney, Australia
  • Is protected with tenant-isolated encryption keys (no master keys)
  • Is processed in Trusted Execution Environments (TEE) where applicable

Our platform architecture ensures that even with physical access, data remains encrypted and isolated by tenant.

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

  • Service Providers: With trusted partners who assist us in operating our platform (e.g., NVIDIA Elite Partners for hardware deployment)
  • Legal Requirements: When required by law, court order, or government regulation (including APRA and IRAP compliance requirements)
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

We implement industry-leading security measures to protect your information:

  • Hardware Root of Trust: NVIDIA Remote Attestation Service (NRAS) verifies GPU identity
  • Trusted Execution Environments: TEE protects data even from administrators with root access
  • Immutable Audit Logs: WORM storage provides tamper-proof logging for compliance
  • Tenant-Isolated Encryption: Each tenant has unique encryption keys with no master key access

Despite these measures, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Your Rights Under Australian Law

Under the Privacy Act 1988 and the Notifiable Data Breaches (NDB) scheme, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your personal data (where legally permissible)
  • Opt-out of marketing communications
  • Be notified of eligible data breaches within 30 days

To exercise these rights, contact us at ceo@terrabox.ai

7. Compliance and Regulatory Reporting

As a sovereign AI infrastructure provider for regulated sectors, we maintain compliance with:

  • APRA CPS 234: 24-hour incident reporting for banking sector
  • ISM-1486: Unauthorized change detection for government sector
  • Notifiable Data Breaches (NDB): OAIC breach notification requirements

Our platform automates compliance logging and SIEM integration to meet these regulatory requirements.

8. Cookies and Tracking

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Analyze website traffic and usage patterns
  • Improve website functionality and user experience

You can control cookie settings through your browser preferences. Note that disabling cookies may affect website functionality.

9. Children's Privacy

Our services are designed for business and government use. We do not knowingly collect information from children under 16. If we become aware of such collection, we will take immediate steps to delete it.

10. International Data Transfers

Terrabox.ai is an Australian sovereign cloud provider. We do not transfer personal data outside Australia except as necessary for:

  • Service delivery with your explicit consent
  • Compliance with legal obligations
  • Protection of our rights or the rights of others

11. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of significant changes by:

  • Posting the new policy on our website
  • Sending an email notification (where applicable)

Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

For questions about this privacy policy or our data practices, contact us at:

We will respond to privacy inquiries within 5 business days.