1. About This Policy
This Privacy Policy explains how Maior Natu Pty Ltd ACN 649 020 039 as trustee for Sancus Trust ABN 46 507 741 242 trading as TechInnocens (we, us, our) collects, uses, stores, and discloses personal information through the TechInnocens training platform at techinnocens.com (the Platform).
We are committed to handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where the General Data Protection Regulation (GDPR) applies to you as a user located in the European Economic Area or United Kingdom, we also comply with our obligations under that regulation.
This Policy should be read together with our Terms and Conditions, which govern your use of the Platform.
2. Information We Collect
2.1 Information You Provide
When you create an account and use the Platform, we collect the following personal information:
- Account information: your name and email address, as provided during registration through Clerk (our authentication provider).
- Payment information: payment is processed entirely by Stripe. We receive confirmation of successful payment and the associated transaction reference. We do not receive, process, or store your credit card number, CVV, or other payment card details.
2.2 Information Generated Through Your Use
When you access Course content, the Platform generates the following data:
- Enrolment records: which Courses you have purchased, the date of purchase, and the expiry date of your Access Period.
- Progress data: whether you have started or completed individual Lessons within a Module, and the dates of those events.
- First-access record: on the first occasion you load a Lesson page within a purchased Course, we record the date and time, your IP address, and the browser user agent string. This single record is used to evidence the loss of your refund entitlement under clause 6 of the Terms and Conditions. We do not record this information on subsequent visits.
This data is stored in Supabase (our database provider, hosted in Sydney, Australia) and is linked to your Clerk account identifier. It does not include the content of your responses to interactive components (such as reflection prompts), which are stored locally in your browser via localStorage and are never transmitted to our servers.
2.3 Information We Do Not Collect
We want to be clear about what we do not collect:
- We do not use analytics, tracking pixels, or behavioural tracking tools on the Platform.
- We do not use cookies for advertising or tracking purposes. The only cookies used are those essential for authentication (managed by Clerk) and session management.
- We do not maintain ongoing browsing history, device fingerprints, or location data for our own purposes. The single first-access record described in clause 2.2 is the only point at which we record your IP address and user agent.
- We do not store your responses to interactive learning components (TextInput reflections, confidence ratings). These are stored in your browser's localStorage and remain entirely under your control.
3. How We Use Your Information
We use the personal information we collect for the following purposes:
| Data | Purpose | Legal Basis |
|---|---|---|
| Name and email | Account creation, login, and communication about your purchases (e.g., refund confirmations, version updates, content retirement notices, Access Period expiry reminders) | Performance of contract. Legitimate interest for service communications. |
| Stripe transaction reference and purchase date | Processing your purchase, calculating Access Period expiry, issuing refunds, and maintaining financial records as required by law | Performance of contract. Legal obligation (tax and financial record-keeping). |
| Enrolment records | Granting and managing your access to purchased content during your Access Period | Performance of contract. |
| Progress data (started/complete with dates) | Displaying your progress within the Platform interface. Resolving disputes. | Performance of contract. Legitimate interest in providing a functional learning experience and resolving disputes. |
| First-access record (timestamp, IP address, user agent) | Recorded once, on the first time you load a Lesson within a purchased Course. Used solely as evidence that the refund entitlement under clause 6 of the Terms and Conditions has been extinguished, and to resolve any related dispute. | Legitimate interest in maintaining an evidentiary record of contract performance and protecting against disputed refund claims. |
We do not use your personal information for marketing purposes, profiling, automated decision-making, or any purpose not described in this table.
4. Third-Party Service Providers
We use the following third-party services to operate the Platform. Each processes personal information on our behalf or as an independent controller as described:
| Provider | Purpose | Data Shared | Location |
|---|---|---|---|
| Clerk | User authentication and account management | Name, email address, authentication credentials (managed by Clerk) | United States |
| Stripe | Payment processing | Payment card details (provided directly to Stripe by you), transaction amounts, purchase dates | United States |
| Supabase | Enrolment and progress data storage | Clerk account identifier, enrolment records, course progress status and dates | Australia (Sydney) |
| Vercel | Platform hosting | Standard web server request data (IP address, request headers) processed transiently for page delivery | Global edge network |
Each provider operates under its own privacy policy and terms of service. We encourage you to review these if you have specific concerns about how these providers handle data.
5. Overseas Disclosure
As described in section 4, your personal information may be processed by third-party providers located outside Australia, specifically Clerk and Stripe (both in the United States) and Vercel (global edge network). Before engaging these providers, we have taken reasonable steps to ensure they handle personal information consistently with the Australian Privacy Principles.
Your enrolment and progress data is stored in Australia (Supabase, Sydney) and is not subject to overseas disclosure.
Under the GDPR, transfers of personal data outside the EEA are supported by Standard Contractual Clauses or equivalent mechanisms maintained by our service providers.
6. Data Retention
We retain your personal information for as long as your Account remains active and for a reasonable period afterwards to fulfil our legal obligations (including tax record-keeping requirements), resolve disputes, and enforce our Terms.
Specific retention periods:
- Account information (name, email): retained for the life of your Account plus 2 years after Account closure to handle any post-closure queries or disputes.
- Enrolment records: retained for the life of your Account plus 7 years to satisfy Australian tax record-keeping requirements.
- Progress data (started/complete with dates): retained for the life of your Account plus 2 years after Account closure. This extended retention supports dispute resolution.
- First-access record (timestamp, IP address, user agent): retained for the life of your Account plus 2 years after Account closure, to support resolution of any disputed refund claim.
- Stripe transaction references: retained for 7 years in accordance with Australian tax law.
7. Data Security
We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. These steps include:
- Authentication managed by Clerk with industry-standard security practices.
- Payment processing handled entirely by Stripe, which maintains PCI DSS Level 1 compliance.
- Enrolment and progress data stored in Supabase (Sydney, Australia) with access controls limited to authorised personnel.
- The Platform served over HTTPS (TLS encryption in transit).
No method of transmission over the internet or electronic storage is completely secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
8. Your Rights
8.1 Under the Australian Privacy Principles
You have the right to:
- Access the personal information we hold about you.
- Request correction of any personal information that is inaccurate, out of date, incomplete, or misleading.
- Make a complaint if you believe we have breached the APPs.
8.2 Under the GDPR (where applicable)
If you are located in the EEA or United Kingdom, you also have the right to:
- Request erasure of your personal data.
- Request restriction of processing.
- Data portability (receive your data in a structured, commonly used format).
- Object to processing based on legitimate interest.
- Lodge a complaint with your local data protection authority.
8.3 Exercising Your Rights
To exercise any of these rights, contact us at [email protected]. We will respond to access and correction requests within 30 days. We may ask you to verify your identity before processing a request.
9. Children's Privacy
The Platform is designed for professional adults. We do not knowingly collect personal information from children under 16 years of age. If we become aware that we have inadvertently collected personal information from a child under 16, we will take steps to delete that information promptly.
10. Cookies and Local Storage
10.1 Cookies
The Platform uses only essential cookies required for authentication and session management, set by Clerk. We do not use advertising cookies, analytics cookies, or third-party tracking cookies.
10.2 Local Storage
Some interactive learning components (such as reflection prompts and confidence ratings) use your browser's localStorage to save your responses between page visits. This data never leaves your browser and is not transmitted to our servers. You can clear this data at any time through your browser settings.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be notified via the email address associated with your Account at least 14 days before they take effect. The “Last updated” date at the top of this document will be revised accordingly.
Continued use of the Platform after the notification period constitutes acceptance of the updated Policy. If you do not agree with the changes, you may close your Account as described in our Terms and Conditions.
12. Complaints
If you believe we have breached the Australian Privacy Principles or handled your personal information inappropriately, you may lodge a complaint with us at [email protected]. We will acknowledge your complaint within 7 days and aim to resolve it within 30 days.
If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
Office of the Australian Information Commissioner
GPO Box 5218, Sydney NSW 2001
Phone: 1300 363 992
13. Contact
If you have any questions about this Privacy Policy or how we handle your personal information, please contact us at:
TechInnocens
Operated by Maior Natu Pty Ltd ACN 649 020 039 as trustee for Sancus Trust ABN 46 507 741 242
Email: [email protected]