Privacy Policy
Effective Date: November 1, 2024
Last Updated: November 1, 2024
Drive Paragon Pty Ltd (ABN: 12 345 678 901) ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.
1. Information We Collect
Personal Information We Collect Directly
When you interact with our services, we may collect the following personal information:
- Contact Information: Name, email address, phone number, mailing address
- Account Information: Username, password, course enrollment details
- Payment Information: Credit card details, billing address (processed securely through third-party providers)
- Communication Data: Messages, feedback, support requests, newsletter subscriptions
- Professional Information: Employment status, income level (for course recommendations)
- Educational Information: Course progress, completion certificates, assessment results
Information We Collect Automatically
When you visit our website, we automatically collect certain information:
- Technical Data: IP address, browser type and version, operating system
- Usage Data: Pages visited, time spent on pages, click patterns, referring websites
- Device Information: Device type, screen resolution, device identifiers
- Location Data: General geographic location based on IP address
Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your experience. For detailed information about our cookie practices, please refer to our Cookie Policy.
2. How We Use Your Information
We use your personal information for the following purposes:
Service Provision
- Providing access to our financial literacy courses and educational content
- Processing course enrollments and managing your account
- Delivering course materials, certificates, and progress tracking
- Providing customer support and technical assistance
Communication
- Sending you course updates, newsletters, and educational content
- Responding to your inquiries and support requests
- Notifying you about service changes, updates, or promotions
- Conducting surveys and gathering feedback
Business Operations
- Processing payments and managing billing
- Analyzing website usage to improve our services
- Conducting research and developing new educational content
- Ensuring security and preventing fraud
Legal and Compliance
- Complying with legal obligations and regulatory requirements
- Protecting our rights and interests
- Resolving disputes and enforcing agreements
3. Legal Basis for Processing (GDPR)
For users in the European Union, we process your personal data based on the following legal grounds:
- Consent: You have given clear consent for processing (e.g., newsletter subscriptions)
- Contract: Processing is necessary for contract performance (e.g., course delivery)
- Legal Obligation: Processing is required by law (e.g., tax records)
- Legitimate Interest: Processing is necessary for our legitimate business interests (e.g., website analytics)
4. Information Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:
Service Providers
We may share information with trusted third-party service providers who assist us in:
- Payment processing (Stripe, PayPal)
- Email delivery services (Mailchimp, SendGrid)
- Website hosting and cloud storage (AWS, Google Cloud)
- Customer support platforms
- Analytics and performance monitoring
Legal Requirements
We may disclose your information when required by law or to:
- Comply with legal processes, court orders, or government requests
- Protect our rights, property, or safety
- Prevent fraud or illegal activities
- Respond to emergency situations
Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to this Privacy Policy.
5. Data Security
We implement comprehensive security measures to protect your personal information:
Technical Safeguards
- SSL/TLS encryption for data transmission
- Encrypted data storage and regular security audits
- Multi-factor authentication for administrative access
- Regular software updates and security patches
- Firewall protection and intrusion detection systems
Administrative Safeguards
- Limited access to personal information on a need-to-know basis
- Regular security training for employees
- Background checks for personnel with data access
- Incident response procedures for security breaches
Physical Safeguards
- Secure data centers with access controls
- Locked filing cabinets for physical documents
- Visitor access controls and monitoring
6. Your Rights and Choices
Access and Portability
You have the right to:
- Request access to your personal information
- Receive a copy of your data in a portable format
- Request details about how we process your information
Correction and Updates
You can:
- Update your account information through your user dashboard
- Request correction of inaccurate or incomplete data
- Contact us to update your preferences
Deletion and Restriction
You have the right to:
- Request deletion of your personal information
- Restrict processing of your data in certain circumstances
- Object to processing based on legitimate interests
Communication Preferences
You can:
- Unsubscribe from marketing emails using the link in each email
- Update your communication preferences in your account settings
- Opt out of certain types of communications while maintaining your account
7. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
Retention Periods
- Account Information: Retained while your account is active and for 7 years after closure for legal compliance
- Course Records: Retained for 7 years to provide ongoing access to certificates and transcripts
- Payment Information: Retained for 7 years for tax and accounting purposes
- Marketing Data: Retained until you opt out or 3 years of inactivity
- Website Analytics: Anonymized after 26 months
8. International Data Transfers
We may transfer your personal information to countries outside Australia for processing by our service providers. When we do so, we ensure adequate protection through:
- Adequacy decisions by relevant authorities
- Standard contractual clauses approved by regulatory bodies
- Certification schemes and codes of conduct
- Binding corporate rules for group companies
9. Children's Privacy
Our services are designed for adults and we do not knowingly collect personal information from children under 13 years of age. If we discover that we have inadvertently collected personal information from a child under 13, we will delete it immediately.
Parental Notice
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can remove the information.
10. Australian Privacy Principles Compliance
As an Australian company, we comply with the Australian Privacy Principles under the Privacy Act 1988. This includes:
- Open and transparent management of personal information
- Anonymity and pseudonymity options where practicable
- Collection limitations and purpose specification
- Data quality and security requirements
- Access and correction rights
- Cross-border disclosure safeguards
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:
- Posting the updated policy on our website
- Sending an email notification to registered users
- Displaying a prominent notice on our website
- Providing in-app notifications for mobile users
The updated policy will be effective immediately upon posting, unless otherwise specified. Your continued use of our services after the effective date constitutes acceptance of the revised policy.
12. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Drive Paragon Pty Ltd
Privacy Officer
Level 12, 680 George Street
Sydney NSW 2000
Australia
Email: [email protected]
Phone: +61 2 8234 5678
Business Hours: Monday to Friday, 9:00 AM - 6:00 PM AEST
Data Protection Officer
Email: [email protected]
Response Time: We aim to respond to all privacy inquiries within 30 days
13. Complaints and Regulatory Authorities
If you believe we have breached your privacy rights, you can lodge a complaint with us using the contact information above. If you are not satisfied with our response, you may lodge a complaint with:
Australia
Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au
Phone: 1300 363 992
Email: [email protected]
European Union
For EU residents, you may lodge a complaint with your local supervisory authority or the lead supervisory authority in Ireland:
Data Protection Commission (Ireland)
Website: www.dataprotection.ie
This Privacy Policy was last updated on November 1, 2024. We encourage you to review this policy periodically to stay informed about how we protect your information.