xbg.solutions

Group Terms of Service & Privacy Policy

XBG Solutions Pty Ltd — ABN 31 688 945 913

Effective: 15 March 2026


These terms apply to the following domains:

  • xbg.solutions
  • input.xbg.solutions
  • build.xbg.solutions
  • crm.xbg.solutions
  • xbg.ventures
  • xbg.holdings

Part 1 — Terms of Service

1. About Us and Scope

XBG Solutions Pty Ltd ABN 31 688 945 913 (“XBG Solutions”, “we”, “us”, “our”) operates the following domains and services (collectively, the “Services”): xbg.solutions, input.xbg.solutions, build.xbg.solutions, crm.xbg.solutions, xbg.ventures, and xbg.holdings.

These Terms of Service (“Terms”) govern your use of all Services operated by XBG Solutions Pty Ltd across these domains. Where a specific Service has additional terms set out in a Schedule to these Terms, those Schedule terms apply in addition to and, in the event of any inconsistency, in preference to these master Terms.

By accessing or using any Service, you agree to be bound by these Terms. If you are accepting on behalf of a business or other legal entity, you represent that you have authority to bind that entity. If you do not agree, please do not use the Services.

Note: xbg.ventures and xbg.holdings are currently operated by XBG Solutions Pty Ltd. These domains may in future be transferred to separate legal entities within the XBG group, at which point separate or updated terms will be published.

2. Account Registration

Certain Services require you to create an account. Not all Services use account-based access; for example, input.xbg.solutions uses GUID-based access links in place of login credentials. Where an account is required, you agree to:

  • provide accurate, current, and complete information when registering
  • keep your password confidential and not share it with any third party
  • notify us immediately at legal@xbg.solutions if you become aware of any unauthorised use of your account or access link
  • accept responsibility for all activity that occurs under your credentials or access link

We reserve the right to suspend or terminate accounts or revoke access links that breach these Terms or that present a security or data integrity risk, without prior notice where necessary.

3. Acceptable Use

You may use the Services only for lawful purposes and in accordance with these Terms. You agree not to:

  • use the Services in any way that violates applicable Australian or international law or regulation
  • attempt to gain unauthorised access to any account, system, dataset, or access link belonging to another user
  • reverse-engineer, decompile, or disassemble any part of the Services
  • use automated means (bots, scrapers, crawlers) to access the Services without our prior written consent
  • upload or transmit viruses, malware, or any other harmful or disruptive code
  • resell, sub-licence, or commercialise access to any Service without our prior written consent
  • interfere with the security, integrity, or availability of the Services or underlying infrastructure
  • submit false, misleading, or fraudulent information through any Service

4. Payments and Subscriptions

Some Services are provided free of charge; others require a paid subscription. The applicable pricing and billing terms for each Service are set out in the relevant Schedule. General payment terms are as follows:

  • Payments are processed by Stripe, Inc. We do not store, process, or transmit your full payment card details. Your use of Stripe is subject to Stripe’s own terms (stripe.com/au/privacy).
  • All fees are quoted in Australian dollars (AUD) and are exclusive of GST unless otherwise stated.
  • Subscription fees are billed in advance on the agreed billing cycle (monthly or annual).
  • We may change pricing on at least 30 days’ written notice. Continued use after that period constitutes acceptance.
  • Refunds are not available for partial billing periods unless required by the Australian Consumer Law.

5. Intellectual Property

All content, software, interfaces, tools, data compilations, and other materials forming part of the Services are the property of XBG Solutions Pty Ltd or its licensors and are protected by Australian intellectual property laws.

We grant you a limited, non-exclusive, non-transferable licence to access and use the relevant Service solely for your internal business purposes during the term of your subscription or engagement. This licence does not include any right to sub-licence, copy, modify, or create derivative works.

Any data, content, or materials you upload or submit through the Services (“Your Content”) remain your property. You grant us a limited licence to process, store, and where applicable transcribe or analyse Your Content solely in order to provide the Services to you.

6. AI and Automated Processing

Certain Services use artificial intelligence and machine learning tools to process Your Content. Specifically, and as further described in the applicable Schedule:

  • input.xbg.solutions may transcribe audio and video responses using OpenAI Whisper, and may analyse transcriptions using Anthropic Claude.
  • build.xbg.solutions uses Anthropic Claude as a core component of its development pipeline. Users may elect to use XBG Solutions’ API access (subject to usage-based fees) or provide their own API key.

AI processing is used to provide the Services and is not used to train third-party models on Your Content without your explicit consent. You should not submit through the Services any content that you are not authorised to process using third-party AI tools.

AI-generated outputs are provided as-is and may contain errors or inaccuracies. You are responsible for reviewing and validating any AI-generated content before relying on it.

7. Confidentiality

Each party acknowledges that in the course of using the Services it may receive confidential information belonging to the other party. Each party agrees to hold such information in strict confidence and not to disclose it to any third party without prior written consent, except as required by law.

Data submitted by clients through input.xbg.solutions and any client delivery tool is treated as client confidential information and is used solely for the purposes of the relevant engagement.

8. Availability

We will use commercially reasonable efforts to maintain availability of the Services. We do not guarantee uninterrupted or error-free access and reserve the right to carry out scheduled or emergency maintenance. Services in beta (including build.xbg.solutions) are provided without any availability guarantee and may be modified, suspended, or discontinued at any time.

9. Third-Party Services and Integrations

The Services integrate with or depend on third-party platforms including Stripe (payments), Firebase / Google Cloud Platform (infrastructure), OpenAI Whisper (transcription), and Anthropic Claude (AI processing). We have no control over those third-party services and accept no liability for their availability, accuracy, or conduct. Your use of third-party services is governed by their own terms and policies.

10. Disclaimer of Warranties

The Services are provided on an “as is” and “as available” basis without any warranties, express or implied. To the maximum extent permitted by law, we disclaim all warranties including implied warranties of merchantability, fitness for a particular purpose, and non-infringement. We make no warranty as to the accuracy, completeness, or reliability of any AI-generated output.

11. Limitation of Liability

To the maximum extent permitted by the Australian Consumer Law and other applicable legislation, XBG Solutions Pty Ltd’s aggregate liability to you for all claims arising out of or relating to the Services will not exceed the total fees paid by you to us in the 12 months preceding the relevant claim. Where no fees have been paid (including during any free or beta period), our aggregate liability is limited to AUD $100.

We will not be liable for any indirect, incidental, special, consequential, or punitive loss, including loss of profits, data, business, or goodwill, even if we have been advised of the possibility of such loss.

Nothing in these Terms excludes, restricts, or modifies any guarantee, warranty, or other right or remedy conferred by the Australian Consumer Law that cannot lawfully be excluded or limited.

12. Termination

Either party may terminate an account or subscription by providing written notice. On termination:

  • your right to access the relevant Service ceases immediately (or at end of the current billing period, where applicable)
  • we will retain Your Content for 30 days post-termination to allow for export, after which it may be deleted or de-identified
  • clauses that by their nature survive termination (including IP, confidentiality, AI processing acknowledgements, liability, and governing law) remain in force

We may suspend or terminate your access immediately if you breach these Terms, if required by law, or if your use poses a security, data integrity, or legal risk to us or other users.

13. Governing Law

These Terms are governed by the laws of New South Wales, Australia. You irrevocably submit to the exclusive jurisdiction of the courts of New South Wales and the Federal Court of Australia.

14. Changes to These Terms

We may update these Terms and their Schedules from time to time. For material changes, we will provide at least 14 days’ notice via email or in-product notification. Continued use after that period constitutes acceptance. For Services in beta, we reserve the right to update terms with shorter notice given the nature of the development phase.

15. Contact

For any questions about these Terms: legal@xbg.solutions

Schedule A — input.xbg.solutions

These additional terms apply to your use of input.xbg.solutions (the “Input Tool”) and supplement the master Terms of Service above.

A1. Nature of the Service

The Input Tool is a multi-modal questionnaire platform used by XBG Solutions to collect structured input from clients prior to workshops and consulting engagements. It supports text responses, video recording via browser API, and voice-to-text transcription. The Input Tool is not a public-facing product; access is granted by XBG Solutions on a per-engagement basis.

A2. Access Model

The Input Tool does not use account-based login. Access is provided via a unique, time-limited URL containing a GUID (globally unique identifier). You are responsible for keeping your access link confidential. Sharing your access link with unauthorised persons may result in your responses being accessible to those persons.

Publication windows are set by XBG Solutions for each engagement. Once you submit your completed questionnaire, the access link is immediately unpublished and your responses become accessible only to authorised XBG Solutions personnel.

A3. Media Capture and Storage

By using the Input Tool you acknowledge and consent to the following:

  • Video responses are recorded using your device’s browser API. Recording only occurs when you actively initiate it within the tool.
  • Video files are stored in WebM format in Firebase Storage, located in the australia-southeast1 region (Sydney).
  • You are responsible for ensuring you have the right to record and submit any content captured, including ensuring the consent of any other individuals visible or audible in your recording.

A4. AI Transcription and Analysis

By submitting responses through the Input Tool you consent to the following processing:

  • Audio and video responses may be transcribed using OpenAI Whisper. Transcription is performed to support workshop preparation and analysis.
  • Transcriptions may be analysed using Anthropic Claude to identify themes, summarise responses, or otherwise support the delivery of your engagement.
  • Responses and transcriptions are used solely for the purposes of your engagement with XBG Solutions and are not used to train AI models.

Third-party AI processing is governed by the respective providers’ terms: openai.com/policies/privacy-policy and anthropic.com/privacy.

A5. Data Retention

Questionnaire responses, video files, and transcriptions are retained for the duration of your engagement and for a reasonable period thereafter (typically 12 months) to support any follow-up work or dispute resolution, unless you request earlier deletion or a different retention period is agreed in writing.

A6. No Payment

Access to the Input Tool is provided as part of XBG Solutions’ consulting service delivery. There is no direct charge for use of the Input Tool; fees are governed by the applicable consulting engagement agreement.

Schedule B — build.xbg.solutions

These additional terms apply to your use of build.xbg.solutions (the “Build Platform”) and supplement the master Terms of Service above.

B1. Nature of the Service

The Build Platform is an LLM-assisted development pipeline that supports idea qualification, market research, risk assessment, solution design, and software build activities. It is currently in active development.

B2. Beta Access

The Build Platform is currently in closed beta. Beta access is provided free of charge by invitation only. By accepting beta access you agree to:

  • use the platform in good faith and provide feedback to help improve the product
  • accept that the platform may contain bugs, incomplete features, or unexpected behaviour
  • grant XBG Solutions a licence to use anonymised, aggregated feedback and usage data to improve the platform (no personally identifiable information will be shared publicly)

Beta access may be revoked at any time at XBG Solutions’ discretion. XBG Solutions makes no warranty as to the availability, accuracy, or fitness for purpose of the Build Platform during the beta period.

B3. Accounts and Projects

The Build Platform supports multi-user, multi-project accounts. Account administrators are responsible for managing user access within their organisation. Subscription tiers (once live) will define the number of users, projects, and features available per account.

B4. Subscription Tiers — General

Paid subscription tiers will be introduced following the beta period. Pricing, feature inclusions, and billing terms for each tier will be published at build.xbg.solutions prior to launch. The following principles apply across all paid tiers:

  • subscriptions are billed in advance, monthly or annually
  • annual subscriptions attract a discount over monthly billing
  • downgrading mid-cycle may result in feature restrictions; refunds are not provided for the unused portion
  • each tier includes a cap on XBG Solutions team labour and support hours as described in the tier definition
  • additional labour and support hours beyond the tier cap may be purchased separately at the then-current day rate

B5. AI API Usage

The Build Platform uses Anthropic Claude as a core processing component. Users may choose one of two modes:

Managed API (XBG Solutions key)

XBG Solutions provides API access as part of the subscription. AI usage fees are charged on a cost-plus basis, calculated from Anthropic’s published token pricing plus a margin disclosed at the time of billing. Usage is metered and billed monthly in arrears.

BYOK (Bring Your Own Key)

Users may provide their own Anthropic API key. In BYOK mode, AI usage fees are charged directly by Anthropic to the user under their own Anthropic account. XBG Solutions does not mark up API usage in BYOK mode. The user is solely responsible for managing their API key, usage limits, and Anthropic billing.

XBG Solutions stores BYOK API keys in encrypted form and uses them solely to make API calls on behalf of the user within the Build Platform. Keys are never shared with third parties.

B6. Data and Project Confidentiality

Project data, idea submissions, research outputs, and build artefacts created within the Build Platform are Your Content and remain your property. XBG Solutions personnel may access project data only where explicitly invited to do so by the account administrator or where required to provide support.

B7. Labour and Support Caps

Each subscription tier includes a defined allocation of XBG Solutions team involvement (advisory, review, build support, or partner referrals). The specific cap for each tier will be published in the tier definition prior to paid launch. Labour caps reset monthly. Unused hours do not carry over between billing periods.

Schedule C — Future Domains

The following domains are operated by XBG Solutions Pty Ltd but do not yet have active services. This Schedule will be updated with specific terms as each domain launches.

crm.xbg.solutions

A federated CRM platform currently in the design phase. Terms for partner access, lead management, and any subscription model will be published prior to launch.

xbg.ventures

A marketing and portfolio site for XBG Solutions’ venture-building activities. Currently operates as a marketing site under the master Terms. If build.xbg.solutions migrates to this domain, Schedule B will be updated accordingly.

xbg.holdings

A marketing site for the XBG holdings entity. Currently operates as a marketing site under the master Terms. If investor or investment partner services are introduced, specific terms will be added to this Schedule.

Part 2 — Privacy Policy

1. Overview

XBG Solutions Pty Ltd ABN 31 688 945 913 is committed to protecting the privacy of individuals who interact with any of our websites and Services. This Privacy Policy explains how we collect, use, hold, and disclose personal information across all domains operated by XBG Solutions Pty Ltd in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This policy covers: xbg.solutions, input.xbg.solutions, build.xbg.solutions, crm.xbg.solutions, xbg.ventures, and xbg.holdings.

By using any of our Services, you consent to the collection and use of information as described in this policy.

2. What Information We Collect

2.1 Information you provide directly

Depending on which Service you use, we may collect:

  • name, email address, and job title
  • company name and ABN
  • login credentials (passwords stored as a one-way cryptographic hash; plaintext passwords are never stored or transmitted in recoverable form)
  • billing name, email, and postal address; full payment card details are handled entirely by Stripe and never transmitted to or stored on our systems
  • content of messages, enquiries, or support requests
  • questionnaire responses including text, video, and audio recordings submitted via input.xbg.solutions
  • project data, idea submissions, research inputs, and build artefacts submitted via build.xbg.solutions

2.2 Information collected automatically

When you access our Services, we may collect:

  • IP address
  • browser type and version, device type, and operating system
  • pages and features accessed, session duration, and navigation paths
  • referring URL
  • session tokens and cookie identifiers

3. How We Use Your Information

We use personal information to:

  • create and manage accounts and verify identity
  • provide, operate, maintain, and improve the Services
  • process payments and manage billing via Stripe
  • deliver consulting engagement tools and process client submissions
  • transcribe and analyse questionnaire responses to support workshop and engagement delivery
  • power AI-assisted workflows within build.xbg.solutions
  • respond to enquiries and support requests
  • send transactional notifications (account alerts, billing receipts, service updates)
  • detect, investigate, and prevent security incidents, fraud, and abuse
  • comply with legal and regulatory obligations

We do not use personal information for direct marketing without your explicit consent. We do not engage in automated decision-making that produces legal or similarly significant effects without human review.

4. AI Processing of Personal Information

Certain Services involve processing of Your Content using third-party AI tools. This constitutes a disclosure of personal information to those third-party processors.

OpenAI Whisper (input.xbg.solutions)

Audio and video content submitted via input.xbg.solutions may be sent to OpenAI for transcription using the Whisper API. OpenAI processes this data under its API data usage policies. OpenAI does not use API-submitted data to train its models by default.

Anthropic Claude (input.xbg.solutions and build.xbg.solutions)

Transcriptions and project content may be processed by Anthropic Claude via API. Anthropic processes this data under its usage policies. Anthropic does not use API-submitted data to train its models by default.

You should not submit through our Services any personal information that you are not authorised to process using third-party AI tools, including personal information of third parties.

5. Disclosure of Personal Information

We do not sell, trade, or rent personal information. We may disclose it to:

  • Stripe, Inc. for payment processing (PCI DSS Level 1 certified)
  • Google LLC / Firebase for cloud hosting, authentication, and storage (australia-southeast1 region, Sydney); see Section 6 for cross-border details
  • OpenAI, LLC for audio/video transcription via Whisper API
  • Anthropic, PBC for AI analysis via Claude API
  • Other sub-processors necessary to operate the Services, each bound by appropriate data processing terms
  • Law enforcement, regulators, or courts where required or authorised by applicable law
  • A successor entity in connection with a merger, acquisition, or asset sale, subject to equivalent privacy protections being maintained

6. Data Storage and Cross-Border Transfers

Primary storage — Australia

Application data, user accounts, and uploaded files (including video recordings) are stored in Firebase (Google Cloud Platform) in the australia-southeast1 region (Sydney). Your primary personal data is held in Australia.

AI processors — Overseas

Where we use OpenAI Whisper or Anthropic Claude to process content, that content is transmitted to servers operated by OpenAI (United States) and Anthropic (United States) respectively. This constitutes an overseas disclosure under APP 8.

Before making these disclosures, we take reasonable steps to ensure each provider handles personal information consistently with the APPs. Both OpenAI and Anthropic maintain privacy programs and contractual commitments consistent with international data protection standards.

By using input.xbg.solutions or build.xbg.solutions, you consent to your content being processed by these overseas providers for the purposes described in this policy.

Firebase platform operations

Certain Firebase platform-level operations (such as authentication) may involve Google infrastructure outside Australia. Google participates in recognised cross-border data transfer frameworks.

7. Payments and PCI DSS

All payment card transactions are processed entirely by Stripe, Inc. We do not store, process, or transmit cardholder data and are not in scope for PCI DSS as a merchant. See stripe.com/au/privacy for Stripe’s privacy practices.

8. Cookies and Session Tokens

We use cookies and session tokens to:

  • maintain authenticated login sessions
  • store GUID-based access state for input.xbg.solutions
  • collect aggregate, anonymised analytics on Service usage

You can disable cookies through your browser settings, though this will prevent login and access-link-based features from working. We do not use cookies for advertising, retargeting, or any sale of personal information.

9. Data Security

We implement reasonable technical and organisational security measures including:

  • passwords hashed using a strong one-way algorithm; plaintext passwords are never logged or stored
  • all data encrypted in transit using TLS 1.2 or higher
  • data at rest encrypted by Firebase/GCP infrastructure in australia-southeast1
  • Firebase security rules enforcing per-user and per-engagement access controls
  • GUID-based access links for input.xbg.solutions, with immediate unpublishing on submission
  • BYOK API keys stored in encrypted form and used solely to make calls on behalf of the relevant user
  • access to production systems limited to authorised personnel on a need-to-know basis

In the event of a data breach likely to result in serious harm, we will notify affected individuals and the OAIC under the Notifiable Data Breaches scheme (Privacy Act 1988, Part IIIC).

10. Retention

We apply the following retention periods:

  • Account data: retained while your account is active; deleted or de-identified 30 days after account closure
  • Financial records (invoices, transaction records): 7 years as required by the Tax Administration Act 1953 (Cth)
  • Input Tool responses, video files, and transcriptions: duration of engagement plus 12 months, unless earlier deletion is requested
  • Build Platform project data: retained while the project is active; deleted or de-identified 30 days after account closure or project deletion
  • Marketing site contact form submissions: up to 24 months, or until the enquiry is resolved

11. Access, Correction, and Deletion

Under the Privacy Act, you have the right to access personal information we hold about you and to request correction of inaccuracies. You may also request deletion of your data, subject to our legal retention obligations.

To make a request, contact us at legal@xbg.solutions. We will respond within 30 days.

12. Complaints

If you believe we have breached the APPs, please contact us at legal@xbg.solutions. We will acknowledge within 5 business days and aim to resolve within 30 days.

If unsatisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

13. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by posting an updated version with a revised effective date and, where appropriate, by email. Continued use of the Services after notification constitutes acceptance.

14. Contact Us

For any privacy-related questions, requests, or concerns:

XBG Solutions Pty Ltd
ABN 31 688 945 913
legal@xbg.solutions
xbg.solutions, input.xbg.solutions, build.xbg.solutions, crm.xbg.solutions, xbg.ventures, xbg.holdings

These are interim placeholder documents and have not been reviewed by a qualified legal practitioner. XBG Solutions intends to replace them with solicitor-drafted documents. Priority items for legal review: (1) Privacy Act applicability given annual turnover threshold; (2) data processing agreements for client engagements involving third-party end-user data; (3) BYOK API key terms and liability allocation; (4) beta participant agreements for build.xbg.solutions; (5) separate entity structure for xbg.ventures and xbg.holdings if that changes.