Privacy Policy

Last updated: 6 July 2026

01

About Us

Ragsha Pty Ltd ("Ragsha", "we", "us", "our") provides an AI-powered commercial lending assessment platform to financial services businesses including mortgage brokers, commercial brokers, and non-bank lenders in Australia.

Contact: hello@ragsha.com | ragsha.com

02

What Information We Collect

2.1 Information About Our Customers

  • Business name, ABN, and contact details
  • Names and email addresses of authorised users
  • Billing information where applicable
  • Usage data and platform activity logs

2.2 Information Processed on Behalf of Our Customers

Our customers (brokers and lenders) upload financial documents relating to their own clients (borrowers) to our platform for credit assessment purposes. These documents may contain personal information including:

  • Names, dates of birth, and contact details of borrowers and guarantors
  • Financial information including income, assets, and liabilities
  • Tax file numbers and ABNs
  • Bank account details and transaction history
  • Company and trust structure information

We process this information solely as a service provider on behalf of our customers. Our customers are responsible for ensuring they have obtained appropriate consent from their clients before uploading information to our platform.

03

How We Use Personal Information

3.1 For Our Customers (Brokers and Lenders)

  • To provide and improve the Ragsha platform
  • To create and manage user accounts
  • To send service-related communications
  • To respond to enquiries and provide support
  • To comply with legal obligations

3.2 For Borrower Information Uploaded by Our Customers

  • To perform automated credit assessment analysis
  • To generate financial spreading and ratio calculations
  • To identify and flag potential credit risks
  • To generate credit assessment reports and memos

We do not sell or share borrower information with third parties. We do not use customer data, borrower information, or assessment outputs to train or improve AI models. All AI processing is performed on infrastructure hosted in Australia.

04

How We Store and Protect Personal Information

All data processed and stored by Ragsha — including all uploaded documents, extracted data, assessment outputs, and AI processing — is hosted on cloud infrastructure located in Australia and is retained at rest in Australia. The one exception is transactional email (such as account invitations): we send it via a provider configured for Australian data residency, but — as is inherent to how email works — messages in transit may be routed through global mail infrastructure to reach the recipient.

  • All customer and borrower data retained at rest within Australian data centres
  • All AI document analysis performed on Australian-hosted infrastructure
  • Encryption of all data at rest using AES-256 encryption
  • Encryption of all data in transit using TLS 1.2 or higher
  • Multi-tenant data isolation between customer accounts
  • Access to production infrastructure restricted to authorised personnel
  • Continuous automated monitoring for known vulnerabilities in our software dependencies

We retain customer account information for the duration of the customer relationship and for 7 years following termination, in accordance with Australian financial records retention requirements.

Borrower information uploaded to the platform is retained for 7 years following the date of the credit assessment and may be deleted earlier on written request from the relevant customer.

05

Disclosure of Personal Information

We may disclose personal information to:

  • Our employees and contractors who require access to provide the service, subject to confidentiality obligations
  • Our cloud infrastructure and email providers, configured for Australian data residency
  • Law enforcement or regulatory authorities where required by law

We do not disclose personal information to any other third parties without the consent of the relevant customer.

Other than transactional email in transit (see "How We Store and Protect Personal Information"), we do not transfer personal information outside of Australia.

06

Overseas Disclosure

Ragsha retains all customer and borrower data at rest within Australia, and performs all data storage, processing, and AI analysis on cloud infrastructure located in Australia. The one exception is transactional email: our email provider is configured for Australian data residency, but email messages in transit may be routed through global mail infrastructure, as is inherent to email delivery.

If our data-residency arrangements change in any other respect in the future, we will update this Privacy Policy and notify customers before any such change takes effect.

07

Access and Correction

Individuals have the right to access and request correction of their personal information held by Ragsha.

For information about yourself as a Ragsha customer, please contact us at hello@ragsha.com.

For information about borrowers uploaded to the platform by a broker or lender, please contact the relevant broker or lender directly. They are responsible for responding to access requests from their clients.

08

Complaints

If you believe we have handled your personal information in a way that does not comply with the Australian Privacy Principles, you may make a complaint by contacting us at hello@ragsha.com.

We will respond to your complaint within 30 days. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

09

Notifiable Data Breaches

Ragsha complies with the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth). In the event of a data breach that is likely to result in serious harm to any individual, we will notify the affected individual and the OAIC as required by law, as soon as practicable after becoming aware of the breach, and within 30 days of first suspecting an eligible data breach.

10

Cookies and Analytics

We use a small number of cookies and privacy-aware analytics to operate the platform and understand how our website is used. We do not use cookies for advertising, and we do not sell your information.

10.1 Essential cookies

We use first-party cookies that are strictly necessary to operate the platform — principally to keep you signed in and to secure your session (authentication tokens). The platform will not function correctly without them.

  • Authentication and session cookies (first-party, set by Ragsha)

10.2 Analytics

To understand aggregate usage — such as how many people visit our website and which pages they view — we use Vercel Analytics:

  • Vercel Analytics — privacy-focused and cookieless; it does not use tracking cookies, does not identify you individually, and collects only aggregate, anonymous usage statistics

This analytics information is aggregate and anonymous, relates to website visitors only, and does not include the customer or borrower data uploaded to the platform. You can block or delete cookies via your browser settings; blocking essential cookies may prevent you from signing in.

11

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify customers of material changes by email. Continued use of the platform after notification constitutes acceptance of the updated policy.

The current version of this policy is always available at ragsha.com/privacy.

12

Contact Us

For any questions about this Privacy Policy or how we handle personal information, please contact:

Deepak Sharma

Founder & CEO, Ragsha Pty Ltd

hello@ragsha.comragsha.com