Privacy Policy

Information We Collect

We gather different types of information depending on how you interact with us. Here's what that looks like in practice:

• Personal identifiers: Your name, email address, phone number, and residential address when you register or contact us.
• Educational background: Details about your current knowledge level, learning goals, and professional experience to tailor course recommendations.
• Payment information: Billing details processed securely through our payment providers—we don't store complete credit card numbers.
• Technical data: IP addresses, browser type, device information, and how you navigate our website to improve user experience.
• Course progress: Records of completed modules, assessment results, and time spent on materials to track your learning journey.
• Communication records: Emails, chat messages, and support tickets to provide better assistance and maintain service quality.

We collect most of this directly from you. Some technical data comes automatically through cookies and similar technologies when you visit our site.

How We Use Your Information

Your data helps us deliver better educational experiences. We're not in the business of selling your information—that's not our model. Here's what we actually do with it:

We occasionally send educational content and course announcements. You can opt out of marketing emails anytime, though we'll still need to send essential service notifications.

Data Sharing and Disclosure

We don't hand over your information without good reason. When we do share data, it's limited and purposeful:

• Service providers: Payment processors, email platforms, and hosting services that help us operate. These companies are bound by strict confidentiality agreements.
• Legal requirements: When Australian law requires disclosure, or if we receive a valid subpoena from authorities.
• Business transfers: If BraynKraaft is acquired or merged, your information would transfer to the new entity—but your rights under this policy would continue.

Your Rights Under Australian Privacy Law

The Australian Privacy Principles give you specific rights regarding your personal information. Here's what you can do:

• Access your data: Request a copy of the personal information we hold about you. We'll provide this within 30 days, usually at no cost.
• Correct inaccuracies: If something's wrong or outdated, let us know and we'll update it promptly.
• Request deletion: Ask us to remove your information when it's no longer needed—though we might need to keep some records for legal reasons.
• Withdraw consent: Change your mind about how we use your data. This won't affect any processing that happened before withdrawal.
• Lodge complaints: If you're unhappy with how we've handled your information, you can complain to us directly or contact the Office of the Australian Information Commissioner.

To exercise these rights, email us at [email protected] with your request. We'll verify your identity before processing any changes—just a standard security measure.

Data Security Measures

Protecting your information is something we take seriously. Our security approach includes multiple layers:

• Encrypted connections (SSL/TLS) for all data transmission between your browser and our servers.
• Secure password storage using industry-standard hashing algorithms—we can't see your actual password.
• Regular security audits and vulnerability assessments to identify potential weaknesses.
• Access controls that limit who on our team can view personal information, with activity logging.
• Secure backup systems with encryption to prevent unauthorized access to stored data.
• Staff training on data protection practices and security awareness.

No system is completely bulletproof, but we respond quickly if something goes wrong. In the unlikely event of a data breach affecting your information, we'll notify you and the relevant authorities as required by law.

Data Retention and Storage

We don't keep your information forever. Here's our approach to data retention:

After these periods, we securely delete or anonymize your data. Anonymized information—stripped of anything that identifies you personally—might be kept longer for statistical analysis and course improvement.

Our primary servers are located in Australia, but we use cloud services that may store backups internationally. All our providers meet strict data protection standards, regardless of location.

Cookies and Tracking Technologies

Like most websites, we use cookies—small text files stored on your device. They help us remember your preferences and understand how people use our site.

• Essential cookies: Required for basic functionality like logging in and navigating courses. These can't be disabled without breaking the site.
• Performance cookies: Collect anonymous data about page visits and user paths to improve our platform.
• Preference cookies: Remember your settings and choices for a better experience.

You can control cookies through your browser settings, though some features might not work properly if you block them. We don't use advertising cookies or track you across other websites.

Children's Privacy

Our services are designed for adults interested in investment education. We don't knowingly collect information from anyone under 18 without verified parental consent.

If you're a parent and believe your child has provided us with personal information, contact us immediately. We'll delete it from our systems within 48 hours of verification.

International Data Transfers

While we're based in Australia and most data stays here, some of our service providers operate internationally. When information leaves Australia, we ensure:

• The recipient country has privacy protections comparable to Australian standards, or
• We've implemented contractual safeguards that require the same level of protection we provide.

If you're accessing our services from outside Australia, your information will be transferred here and processed according to Australian privacy law.

Changes to This Policy

We update this policy occasionally to reflect new practices or legal requirements. When we make significant changes, we'll notify you by email and post a prominent notice on our website.

The "Last Updated" date at the top shows when we last revised this document. Continuing to use our services after changes take effect means you accept the updated policy.

Previous versions are archived and available upon request if you need to reference older terms.