Privacy Policy

ScopeIT Academy
(Owned, managed and operated by ScopeIT Education)

Last Updated: 03.03.2026

1. Who We Are

ScopeIT Academy is an online education platform owned, managed and operated by ScopeIT Education (“ScopeIT”, “we”, “us”, “our”).

ScopeIT Education is based in Australia and complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where applicable, we also comply with the EU General Data Protection Regulation (GDPR), UK GDPR, and relevant United States privacy laws including COPPA.

Contact details are provided at the end of this policy.

2. Scope of This Policy

This Privacy Policy explains how we collect, use, store, disclose, and protect personal information when you:

• Visit our website

• Enrol in a course

• Create an account

• Purchase services

• Participate in lessons

• Interact with customer support

• Engage with our marketing communications

This policy applies worldwide to all users of ScopeIT Academy.

3. What Personal Information We Collect

We may collect the following categories of personal information:

A. Identity Information

• Full name

• Username

• Date of birth (where required)

• Parent/guardian details (for minors)

B. Contact Information

• Email address

• Phone number

• Postal address (if required)

C. Account Information

• Login credentials (encrypted)

• Course progress

• Assessment results

• Certificates issued

D. Payment Information

• Billing name and address

• Transaction details
  (Payment card details are processed securely by Stripe and are not stored by us.)

E. Technical Information

• IP address

• Browser type and version

• Device type

• Operating system

• Pages viewed

• Referring website

• Session duration

F. Marketing & Communication Preferences

• Newsletter subscriptions

• Communication preferences

4. How We Collect Information

We collect information:

• Directly from you during account creation or purchase

• From parents/guardians where students are minors

• Through automated technologies (cookies, analytics)

• From schools or institutions where enrolment occurs through a school agreement

5. Lawful Basis for Processing (GDPR)

Where GDPR applies, we rely on the following lawful bases:

• Contract – to deliver courses and services purchased

• Consent – for marketing communications and cookies (where required)

• Legitimate Interests – improving our platform, security monitoring

• Legal Obligation – compliance with tax and regulatory laws

You may withdraw consent at any time.

6. Children’s Privacy

ScopeIT Academy provides educational services for children and young people.

If enrolling directly (not via school):

• For children under 13 (US) or under 16 (EU/UK where applicable), we require verifiable parental consent.

• Parents may request access to, correction of, or deletion of their child’s data.

• We do not knowingly collect more information than reasonably necessary.

If enrolling via school:

Data may be provided under a school agreement consistent with applicable laws.

7. How We Use Personal Information

We use personal information to:

• Provide access to courses

• Process payments

• Issue certificates

• Provide customer support

• Communicate important updates

• Improve platform performance

• Comply with legal obligations

• Prevent fraud and ensure security

We do not sell personal information.

8. Disclosure of Personal Information

We may share information with:

• Payment processors (e.g., Stripe)

• Cloud hosting providers

• Learning management system providers

• Email service providers

• Analytics providers

• Professional advisors (legal, accounting)

• Regulators where legally required

All third parties are required to protect personal information under contractual obligations.

9. International Data Transfers

As an Australian-based organisation using global service providers, your data may be transferred to and stored in countries including:

• Australia

• United States

• European Union

• Other jurisdictions where our service providers operate

Where required by law, we implement safeguards such as:

• Standard Contractual Clauses (SCCs)

• Data Processing Agreements

• Vendor due diligence processes

Under Australian law, we remain accountable for overseas disclosures.

10. Data Retention

We retain personal information only as long as necessary for:

• Providing services

• Legal and regulatory compliance

• Resolving disputes

• Enforcing agreements

Typical retention periods:

• Account data: retained while active plus reasonable archival period

• Financial records: retained in accordance with Australian tax law (generally 7 years)

• Marketing data: until unsubscribe or consent withdrawal

After retention periods, data is securely deleted or anonymised.

11. Security

We implement reasonable technical and organisational security measures including:

• SSL/TLS encryption

• Encrypted password storage

• Restricted internal access controls

• Secure payment processing via Stripe

• Regular system monitoring

• Data minimisation practices

In the event of a data breach, we will comply with applicable data breach notification laws, including Australia’s Notifiable Data Breaches scheme and GDPR requirements where applicable.

12. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain session functionality

• Analyse website traffic

• Improve user experience

• Support marketing (where consented)

Users in certain jurisdictions (e.g., EU/UK) will be presented with cookie consent options.

You can control cookies through browser settings.

13. Marketing Communications

We may send marketing communications where:

• You have opted in

• You are an existing customer and permitted under applicable law

All marketing emails include an unsubscribe mechanism.

We comply with:

• Spam Act 2003 (Australia)

• GDPR

• CAN-SPAM Act (USA)

14. Your Rights

Depending on your jurisdiction, you may have rights to:

• Access your personal information

• Correct inaccurate information

• Request deletion

• Restrict processing

• Object to processing

• Data portability

• Withdraw consent

• Lodge a complaint with a supervisory authority

To exercise rights, contact us using the details below.

15. Access and Correction (Australia)

You may request access to or correction of your personal information.
We may require written verification for security purposes.

If you believe we have breached the Australian Privacy Principles, you may:

1. Contact us directly; and

2. Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au

16. Automated Decision-Making

We do not engage in automated decision-making that produces legal or similarly significant effects on users.

17. Changes to This Policy

We may update this Privacy Policy from time to time.
Changes will be published on our website with the updated revision date.

18. Contact Us

ScopeIT Academy
Owned, managed and operated by ScopeIT Education

Email: [email protected]
Postal Address: 7/69 Webb Street, East Gosford NSW Australia 2251
Website: www.scopeITeducation.edu.au

For privacy-related enquiries, please contact us in writing.