Last updated: 1 June 2026
This Data Processing Agreement ("DPA") is entered into between Validly Pty Ltd (ACN 660 129 939) trading as Juno ("Juno", "we", "us") and the Customer, and forms part of and is governed by the User Terms of Use between Juno and the Customer (the "Agreement"). This DPA supplements the Agreement and applies to Juno's handling of Customer Personal Data in providing the Services. Where this DPA conflicts with the Agreement on the handling of Customer Personal Data, this DPA prevails to the extent of the inconsistency. Capitalised terms used but not defined in this DPA have the meaning given in the Agreement.
This DPA reflects that Juno operates Hey Juno, a digital research platform that uses artificial intelligence to conduct structured, conversational interviews on behalf of Customers with their Participants. It is not intended to reduce the Customer's own obligations in respect of Personal Information under Applicable Privacy Laws.
1.1 In this DPA:
Applicable Privacy Laws means the Privacy Act and any other privacy or data protection law that applies to Juno's handling of Customer Personal Data in providing the Services.
APPs or Australian Privacy Principles means the Australian Privacy Principles in Schedule 1 to the Privacy Act.
Commissioner means the Australian Information Commissioner, and the Office of the Australian Information Commissioner (OAIC) as the context requires.
Customer means the User, as defined in the Agreement.
Customer Data means the data, including Personal Information, that the Customer or its Authorised Users or Participants input into, or generate through, the Services.
Customer Personal Data means Personal Information that forms part of the Customer Data and is handled by Juno on the Customer's behalf in providing the Services. An overview is set out in Annex 1.
Data Breach means unauthorised access to, unauthorised disclosure of, or loss of, Customer Personal Data held by Juno or a Sub-processor.
Eligible Data Breach has the meaning given in section 26WE of the Privacy Act.
NDB Scheme means the Notifiable Data Breaches scheme in Part IIIC of the Privacy Act.
Participant means an individual invited to take an interview on Hey Juno on the Customer's behalf.
Permitted Purpose means handling Customer Personal Data to provide the Services in accordance with the Agreement and the Customer's documented instructions, as further described in clause 3.
Personal Information has the meaning given in the Privacy Act.
Privacy Act means the Privacy Act 1988 (Cth).
Security Measures means the technical and organisational security measures described in Annex 2, as updated from time to time in accordance with clause 5.