Baseline · Roadmap Engineers
Account information. Your name, work email address, and role in the Service. For pilot organisations, this is usually provided to us by your organisation’s administrator when they nominate you for access — not collected from you directly.
Sign-in information. Sign-in to Baseline is via your Microsoft account. We receive your email address, display name, and unique Microsoft identifiers from Microsoft when you sign in. We never see or store your password — authentication is handled entirely by Microsoft. We record sign-in times and link your Microsoft identity to your Baseline account.
Usage and audit records. Actions taken in the Service (for example signing in, issuing a program, changing a user’s role, accepting the terms of use) are recorded with your account and a timestamp. These records exist for security, accountability, and support.
Project data. The content your organisation enters into Baseline — programs, activities, work areas, resources, distribution lists — may incidentally include personal information about your organisation’s personnel, subcontractors, or other project participants (such as names, roles, and work contact details). We process this data on your organisation’s behalf to provide the Service; your organisation controls it.
Support and feedback. If you contact us or use the in-app feedback channel, we collect what you send us — which may include your message, contact details, and (only if you attach one) a screenshot.
Website data. Standard technical information when you visit our websites: IP address, browser type, pages visited, and similar log data. The Service uses cookies and browser storage to keep you signed in and remember your preferences — not for advertising.
What we do NOT collect: sensitive information (such as health information, beliefs, or ethnicity); payment or financial information during the free pilot (if paid subscriptions are introduced, payments will be processed by a payment provider and this policy will be updated first); information from advertising or tracking networks — we do not participate in any.
Anonymity. Because Baseline is an invite-only tool for named project team members, it is impracticable to provide the Service anonymously or by pseudonym. You may make general enquiries to us anonymously.
Mostly directly: from your organisation’s administrator when they nominate you, from Microsoft when you sign in, from your use of the Service, and from your communications with us. If we receive unsolicited personal information we could not lawfully have collected, we will destroy or de-identify it where lawful and reasonable.
We collect, hold, and use personal information only as reasonably necessary to: provide and operate the Service; authenticate you and keep accounts secure; provide support and respond to feedback; maintain audit and security records; administer pilot agreements and (in future) subscriptions; develop and improve the Service; and meet legal obligations. We may occasionally tell pilot users about Service updates relevant to their use; you can opt out of non-essential communications by emailing us.
We do not sell personal information. We do not use it for third-party advertising.
We disclose personal information only as needed to operate the Service:
Where a disclosure to an overseas recipient is necessary, we take reasonable steps to ensure the recipient handles the information consistently with the APPs.
Personal information is held electronically in the systems described above. Safeguards include encryption in transit and at rest, role-based access controls within the Service, invite-only account provisioning, audit logging, and access limited to those who need it. No system is perfectly secure; we will notify affected organisations and individuals without undue delay of any eligible data breach, consistent with the Notifiable Data Breaches scheme.
We retain personal information only as long as reasonably necessary for the purposes above or as required by law. For pilot organisations: when access ends, organisation data is preserved for at least 90 days (during which the organisation may request an export), after which we may delete it on 30 days’ written notice — consistent with the Pilot Terms. When personal information is no longer needed, we delete it from our systems or permanently de-identify it using secure methods.
You may request access to, or correction of, the personal information we hold about you by emailing us (details below) with the specifics of your request. We expect to comply in most cases; if we refuse, we will give written reasons (for example, where access would unreasonably impact another person’s privacy or prejudice our legal rights). Most account details can also be corrected by your organisation’s administrator directly in the Service.
Direct any complaint about our handling of personal information to us first (details below); we will respond in accordance with the Privacy Act. You may also complain to the Office of the Australian Information Commissioner (oaic.gov.au).
We may revise this policy from time to time. The current version will always be published at roadmaptech.com.au/privacy, and material changes affecting Service users will be notified in the Service.
Roadmap Engineers — Shamran Hummadi
Email: sham@roadmapeng.com
Web: roadmapeng.com.au
Version 1.0 — 5 June 2026