SEM Samurai – Privacy Policy

Date Published: 21st January 2026

This Privacy Policy explains how we collect, use, store and disclose personal information when you visit the SEM Samurai marketing site, create an account or use the SEM Samurai URL Mapping Platform and related services (together, the Services).

By using the Services, you agree to this Privacy Policy.

    1.          Who “we” are

1. The Services are provided by Yennah Pty Ltd (ACN 146 901 895) as trustee for the Leigh Hanney Family Trust (ABN 91 558 813 116), trading as “SEM Samurai”, of 23 Zander Avenue, Nunawading, Victoria 3131, Australia (SEM Samurai, we, us, our).
2. For the purposes of the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs), we are an “organisation” and handle “personal information” in accordance with that legislation, as amended from time to time.
3. This Policy applies to personal information we handle in Australia and, where relevant, in other jurisdictions. Additional rights may apply under the laws of some countries (for example, the UK or EU). Where those laws apply, we will comply with them in addition to this Policy.

   2.          About the Services and Customer Data

1. SEM Samurai provides an online URL Mapping Platform which processes CSV files of URLs from a customer’s “old” website and “new” website using staged matching methods (including Exact Match, Fuzzy Match and Semantic Match) to help customers plan website migrations and redirects.
2. In using the Services, customers upload:
   (a) CSV Files of Old Website URLs and CSV Files of New Website URLs (together, Customer Data); and
   (b) related technical metadata such as titles, meta descriptions and headings.
3. The Services are designed to process URLs and related technical metadata, not to process large volumes of personal information. You must not intentionally include unnecessary personal information, sensitive information or other information about identifiable individuals in the CSV files or other data you upload, except to the minimum extent unavoidable (for example, where an email address forms part of a URL).
4. Where Customer Data contains information about an identified or reasonably identifiable individual (for example, an email address embedded in a URL), we treat that information as personal information and handle it in accordance with this Policy.

   3.          The kinds of personal information we collect

We may collect and handle the following types of personal information:

      3.1.          Account and contact information

1. Name
2. Email address
3. Password or login credentials (stored in hashed form)
4. Company name, role and similar professional details
5. Time zone and language preferences

     3.2.         Billing and transaction information

1. Billing name and contact details
2. Records of credit packs purchased and URL Mapping Credits held and used
3. Limited payment information (such as billing country, last four digits of a card, transaction IDs) supplied by our payment processor (Stripe).
4. We do not store full credit card numbers; Stripe handles card data and payment processing on our behalf.

     3.3.         Customer Data

1. URLs from Your Old Website
2. URLs from Your New Website
3. Associated metadata (titles, meta descriptions, headings and similar fields)
4. Any personal information unavoidably embedded in those URLs or fields (for example, where a URL path includes a name or email address).

     3.4.         Usage and technical information

1. IP address, device identifiers, browser type and version, operating system
2. Pages visited, actions taken in the app, date and time of visits
3. Log files, diagnostic and performance data
4. Information collected via cookies and similar technologies (see Cookie Policy).

     3.5.         Support, feedback and communications

1. Content of emails, support tickets and other communications with us
2. Feedback about the Services, including survey responses
3. Information you provide when taking part in beta tests or pilot programs.

     3.6.          Marketing preferences

1. Records of your consent (or refusal) to receive marketing
2. Your interaction with marketing emails (opens, clicks, unsubscribes).

We generally do not seek to collect sensitive information (such as health, political or biometric information) and ask you not to include it in Customer Data or communications with us.

   4.           How we collect personal information

We collect personal information in several ways:

      4.1.          Directly from you

1. When you sign up for an account or join a waitlist
2. When you create jobs or upload CSV files to the URL Mapping Platform
3. When you purchase credit packs or otherwise interact with billing features
4. When you contact us for support, provide feedback or participate in demos, meetings and tests (including video calls).

     4.2.         Automatically

1. Through your use of the marketing site and the URL Mapping Platform, via cookies, pixels and similar technologies
2. Through server logs and application telemetry.

     4.3.         From third parties

1. From payment processors (e.g. Stripe) providing transaction confirmations and limited payment metadata
2. From analytics and error monitoring providers that report on app performance and usage
3. From your organisation or colleagues, if they set you up as a user or share Customer Data that includes your information.

   5.          Why we collect, use and disclose personal information

We may collect, use and disclose personal information for the following purposes:

       5.1.         To provide and operate the Services

1. Creating and managing user accounts
2. Providing the URL Mapping Services, including processing CSV files using staged matching methods (Exact Match, Fuzzy Match, Semantic Match) and returning result CSVs and Confidence Indicators
3. Allocating and tracking URL Mapping Credits and Projects
4. Providing customer support and resolving issues.

     5.2.         To process payments and manage billing

1. Facilitating credit pack purchases and free credit allocations
2. Issuing tax invoices and managing accounts receivable
3. Working with payment providers to process transactions and prevent fraud.

     5.3.         To improve and develop the Services

1. Analysing how users interact with the marketing site and Platform
2. Testing, troubleshooting and optimising performance and matching quality
3. Generating anonymised or aggregated data sets (which do not identify individuals or customers) to improve the URL Mapping Platform and to develop new products and services.

     5.4.         To provide information and marketing

1. Sending service messages (for example, about account changes, credits or important updates)
2. Sending marketing communications about features, pricing and related tools, where permitted by law and your preferences
3. Running surveys, beta tests and user research.

     5.5.         To protect security and comply with law

1. Detecting and mitigating malicious or abusive behaviour (for example, attempts to upload unreasonably large URL sets to exhaust compute resources)
2. Enforcing the URL Mapping Agreement and other terms
3. Managing and responding to suspected or actual security incidents and data breaches
4. Complying with legal obligations, regulatory requirements and law enforcement requests.

   6.          Use of AI and machine-learning providers

1. To provide Semantic Match functionality, the Platform converts URL elements and relevant metadata into numerical embeddings using third-party AI and machine-learning providers (for example, OpenAI’s text embedding models).
2. In doing so, we may transmit portions of Customer Data—including URLs from Your Old Website and URLs from Your New Website and associated metadata—to those providers so they can generate similarity scores, embeddings or other outputs used by the Platform.

   7.          Disclosures to third parties and overseas recipients

1. We may disclose personal information to:
   (a) Hosting and infrastructure providers
   (b) AI and machine-learning providers
   (c) Analytics, monitoring and error tracking services
   (d) Payment processors (such as Stripe)
   (e) Professional advisers (lawyers, accountants, auditors, insurers)
   (f) Government agencies, regulators and law enforcement bodies where required or authorised by law
   (g) A purchaser or successor as part of a merger, acquisition or other restructuring of SEM Samurai.
2. Some of these service providers are located outside Australia, and Customer Data used for semantic matching may also be processed in other countries.
3. Where we disclose personal information overseas, we will take reasonable steps to ensure that the recipient does not breach the Australian Privacy Principles in relation to that information, or that another exception under the Privacy Act applies (for example, where you expressly consent or where the recipient is subject to a comparable privacy regime).

   8.          Cookies and similar technologies

1. We use cookies and similar technologies on the marketing site and within the Platform to:
   (a) Authenticate users and maintain sessions
   (b) Remember preferences (such as language and time zone)
   (c) Analyse use of the site and Services, including to improve performance and usability
   (d) Integrate with payment and analytics providers.
2. For more detail, see the SEM Samurai Cookie Policy, which forms part of the URL Mapping Agreement and this Privacy Policy.

   9.          Security and data retention

1. We take reasonable steps to protect personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure, having regard to our obligations under the Australian Privacy Principles.
2. Measures we use include:
   (a) Role-based access controls
   (b) Encryption in transit (for example, TLS) and at rest where appropriate
   (c) Segregation of production and development environments
   (d) Regular updates and monitoring of infrastructure.
3. We keep personal information:
   (a) For as long as reasonably necessary to provide the Services and for related legitimate business purposes (such as record-keeping, security and fraud prevention); and
   (b) For any longer period required by law.
4. In relation to Customer Data (URLs and associated metadata), we may retain anonymised or aggregated forms that no longer identify any individual or customer, for product improvement and analytics.

 10.          Data breaches

1. If we become aware of an eligible data breach involving personal information held in connection with the URL Mapping Services, we will comply with our obligations (if any) under the Notifiable Data Breaches scheme in the Privacy Act, including any required notifications to affected individuals and to the Office of the Australian Information Commissioner (OAIC).
2. We may also contact you directly where we consider it appropriate to help you manage any associated risks.

  11.          Access to and correction of personal information

1. You may request access to the personal information we hold about you, and request that we correct any information that is inaccurate, out-of-date, incomplete, irrelevant or misleading.
2. To make a request, contact us using the details in section 13. We may ask you to verify your identity before acting on the request.
3. In some cases we may refuse access or correction (for example, where required or authorised by law). If we do so, we will tell you why (unless it is unreasonable to do so) and how you can complain.

  12.          Direct marketing

1. We may use your contact details to send you marketing communications about the Services and related products, in accordance with applicable laws (including the Australian Spam Act).
2. You can opt out of marketing communications at any time by:
   (a) Clicking the “unsubscribe” link in an email; or
   (B) Contacting us using the details in section 13.
3. We may still send you non-marketing communications that are important to your use of the Services (for example, billing or security notices).

  13.          Contacting us, complaints and further information

1. If you have questions, want to access or correct your personal information, or wish to make a privacy complaint, contact:
   Privacy Officer – SEM Samurai
   Yennah Pty Ltd ATF Leigh Hanney Family Trust (trading as SEM Samurai)
   23 Zander Avenue, Nunawading VIC 3131, Australia
   Email: hello@semsamurai.com
   
2. We will respond to privacy complaints as soon as reasonably practicable.
3. If you are not satisfied with our response, you may contact the OAIC or, where relevant, any other privacy regulator in your jurisdiction. Details for the OAIC are available on its website.

---

 14.          Relationship with the Cookie Policy and URL Mapping Agreement

1. Information collected through cookies and similar technologies may, in some circumstances, constitute personal information. Our use of cookies is also governed by the SEM Samurai Cookie Policy.
2. The SEM Privacy Policy forms part of, and is incorporated into, the URL Mapping Agreement and the Cookie Policy.
3. Capitalised terms in this Privacy Policy, unless otherwise defined in this Privacy Policy, have the same meanings as in the URL Mapping Agreement.

  15.          Changes to this Privacy Policy

1. We may update or replace this Privacy Policy from time to time. The most current version will be published on the SEM Samurai website or within the Platform.
2. If the changes are material, we will take reasonable steps to notify you (for example, by email or in-app notice).
3. Your continued use of the Services after the effective date of any updated Privacy Policy will constitute your acceptance of the changes. If you do not agree, you should stop using the Services and close your account.