Privacy Policy
Last updated: 2 July 2026
This policy explains how CAAN Consulting Pty Ltd (ABN 80 696 734 693), trading as TableOne Flow, handles personal information collected through this website.
What we collect
When you submit the contact form we collect your email address (required), and optionally your name, role, organisation, and a description of your current Table 1 workflow. We collect only what you choose to provide.
Why we collect it
Our primary use is to respond to your enquiry. If you register your interest, we also send you product updates, early access communications, and pricing information when available — you can opt out of these at any time (see Marketing emails and unsubscribing below), and opting out does not affect a reply to a direct enquiry. We do not use your information for marketing to third parties, and we do not use it to train machine learning models.
Product data — Table 1 content and audit trails
Table 1 content, criterion responses, evidence files, audit trail records, and any other data you create or upload within the TableOne Flow application are your data. We do not use that content for any AI or machine-learning purpose — not for model training, model evaluation, internal QA training sets, search-index training, or tuning of any kind. Your content is not transmitted to any third-party AI or model-training service.
The Solo tier stores all project data on your device only. Cloud sync (Pro and above) is planned and not yet available; when activated, synced product data will be hosted on Australian-region infrastructure. The processor stack for product data (Table 1 content, audit trails, evidence files) will be fully disclosed in product terms of service, which will be published before any paid tier is activated. No paid tier is currently active.
How we store it
Your information is stored on infrastructure provided by Cloudflare, Inc., which is based in the United States. By submitting the form you acknowledge that your information may be stored or processed outside Australia. Overseas recipients may not be subject to the Australian Privacy Principles, though Cloudflare maintains its own privacy and security commitments.
Email addresses submitted through this website are also transmitted to Brevo (Sendinblue SAS), an email marketing platform headquartered in France, which is used to send confirmation and notification emails. Under the Privacy Act 1988 (Cth) (specifically Australian Privacy Principle 8), we are required to disclose that your personal information may be disclosed to this overseas recipient. Brevo maintains its own privacy and security commitments; details are at brevo.com.
When you request access to the TableOne Flow demo, the one-time access link is sent using Resend, an email delivery service based in the United States. As above, this means your email address may be disclosed to an overseas recipient under Australian Privacy Principle 8. Resend maintains its own privacy and security commitments; details are at resend.com.
We retain registration and contact data for three years from collection, after which it is deleted.
Marketing emails and unsubscribing
Every product update, early access, or pricing email we send includes a one-click unsubscribe link, handled through Brevo. You can also opt out at any time using the contact form on our homepage. Unsubscribing needs no account or password, we action requests within five business days, and the unsubscribe link in each email stays active for at least 30 days after it is sent. Opting out of these updates does not affect a direct reply to an enquiry you have sent us.
Your rights
You may request access to the personal information we hold about you, ask us to correct it, or ask us to delete it. To do any of these, use the contact form on our homepage.
Analytics and cookies
This website uses Cloudflare Web Analytics to measure page views and understand how visitors find and use the site. This service is operated by Cloudflare, Inc. (the same infrastructure provider disclosed above). It does not set cookies, does not store IP addresses, and does not identify individual visitors.
The contact form uses a security widget to prevent automated submissions. This widget may set a short-lived functional cookie. No other cookies are set by this website.
Contact
Questions about this policy: use the contact form on our homepage.