ScopeIT Academy

1. Who We Are ScopeIT Academy is an online education platform owned, managed and operated by ScopeIT Education (“ScopeIT”, “we”, “us”, “our”). ScopeIT Education is based in Australia and complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where applicable, we also comply with the EU General Data Protection Regulation (GDPR), UK GDPR, and relevant United States privacy laws including COPPA. Contact details are provided at the end of this policy. 2. Scope of This Policy This Privacy Policy explains how we collect, use, store, disclose, and protect personal information when you: Visit our website Enrol in a course Create an account Purchase services Participate in lessons Interact with customer support Engage with our marketing communications This policy applies worldwide to all users of ScopeIT Academy. 3. What Personal Information We Collect We may collect the following categories of personal information: A. Identity Information Full name Username Date of birth (where required) Parent/guardian details (for minors) B. Contact Information Email address Phone number Postal address (if required) C. Account Information Login credentials (encrypted) Course progress Assessment results Certificates issued D. Payment Information Billing name and address Transaction details (Payment card details are processed securely by Stripe and are not stored by us.) E. Technical Information IP address Browser type and version Device type Operating system Pages viewed Referring website Session duration F. Marketing & Communication Preferences Newsletter subscriptions Communication preferences 4. How We Collect Information We collect information: Directly from you during account creation or purchase From parents/guardians where students are minors Through automated technologies (cookies, analytics) From schools or institutions where enrolment occurs through a school agreement 5. Lawful Basis for Processing (GDPR) Where GDPR applies, we rely on the following lawful bases: Contract – to deliver courses and services purchased Consent – for marketing communications and cookies (where required) Legitimate Interests – improving our platform, security monitoring Legal Obligation – compliance with tax and regulatory laws You may withdraw consent at any time. 6. Children’s Privacy ScopeIT Academy provides educational services for children and young people. If enrolling directly (not via school): For children under 13 (US) or under 16 (EU/UK where applicable), we require verifiable parental consent. Parents may request access to, correction of, or deletion of their child’s data. We do not knowingly collect more information than reasonably necessary. If enrolling via school: Data may be provided under a school agreement consistent with applicable laws. 7. How We Use Personal Information We use personal information to: Provide access to courses Process payments Issue certificates Provide customer support Communicate important updates Improve platform performance Comply with legal obligations Prevent fraud and ensure security We do not sell personal information. 8. Disclosure of Personal Information We may share information with: Payment processors (e.g., Stripe) Cloud hosting providers Learning management system providers Email service providers Analytics providers Professional advisors (legal, accounting) Regulators where legally required All third parties are required to protect personal information under contractual obligations. 9. International Data Transfers As an Australian-based organisation using global service providers, your data may be transferred to and stored in countries including: Australia United States European Union Other jurisdictions where our service providers operate Where required by law, we implement safeguards such as: Standard Contractual Clauses (SCCs) Data Processing Agreements Vendor due diligence processes Under Australian law, we remain accountable for overseas disclosures. 10. Data Retention We retain personal information only as long as necessary for: Providing services Legal and regulatory compliance Resolving disputes Enforcing agreements Typical retention periods: Account data: retained while active plus reasonable archival period Financial records: retained in accordance with Australian tax law (generally 7 years) Marketing data: until unsubscribe or consent withdrawal After retention periods, data is securely deleted or anonymised. 11. Security We implement reasonable technical and organisational security measures including: SSL/TLS encryption Encrypted password storage Restricted internal access controls Secure payment processing via Stripe Regular system monitoring Data minimisation practices In the event of a data breach, we will comply with applicable data breach notification laws, including Australia’s Notifiable Data Breaches scheme and GDPR requirements where applicable. 12. Cookies and Tracking Technologies We use cookies and similar technologies to: Maintain session functionality Analyse website traffic Improve user experience Support marketing (where consented) Users in certain jurisdictions (e.g., EU/UK) will be presented with cookie consent options. You can control cookies through browser settings. 13. Marketing Communications We may send marketing communications where: You have opted in You are an existing customer and permitted under applicable law All marketing emails include an unsubscribe mechanism. We comply with: Spam Act 2003 (Australia) GDPR CAN-SPAM Act (USA) 14. Your Rights Depending on your jurisdiction, you may have rights to: Access your personal information Correct inaccurate information Request deletion Restrict processing Object to processing Data portability Withdraw consent Lodge a complaint with a supervisory authority To exercise rights, contact us using the details below. 15. Access and Correction (Australia) You may request access to or correction of your personal information. We may require written verification for security purposes. If you believe we have breached the Australian Privacy Principles, you may: Contact us directly; and Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au 16. Automated Decision-Making We do not engage in automated decision-making that produces legal or similarly significant effects on users. 17. Changes to This Policy We may update this Privacy Policy from time to time. Changes will be published on our website with the updated revision date. 18. Contact Us ScopeIT Academy Owned, managed and operated by ScopeIT Education Email: [email protected] Postal Address: 7/69 Webb Street, East Gosford NSW Australia 2251 Website: www.scopeITeducation.edu.au For privacy-related enquiries, please contact us in writing.