1. Introduction

Ausbiz Consulting Pty Ltd (ABN: 73 654 457 057) ("Company", "we", "our", or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI Bootcamp Assistant platform ("Service").

We comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), as well as the EU General Data Protection Regulation (GDPR) where applicable.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us, including:

• Account Information: Email address, full name, user role (admin, content-manager, super_admin)
• Authentication Data: Login credentials, session tokens, account creation and last login timestamps
• Profile Information: User permissions, account preferences, role-based access settings
• Communication Data: Messages, inquiries, and correspondence sent to us

2.2 Information Collected Automatically

When you use our Service, we automatically collect certain information:

• Search Queries: Search terms, filters applied, search results viewed
• Usage Data: Pages visited, features used, time spent on platform, click patterns
• Technical Data: IP address, browser type and version, device information, operating system
• Performance Data: System logs, error reports, performance metrics
• Session Data: Authentication sessions, login/logout times, session duration

2.3 Content and Administrative Data

For authorized users with administrative privileges:

• Content Management: Q&A entries created/modified, testimonials managed, content validation activities
• User Management: User accounts created/modified, permission changes, role assignments
• System Administration: Data validation activities, embedding management, system settings changes
• Audit Trail: All administrative actions are logged with timestamps and user identification

3. How We Use Your Information

We use your personal information for the following purposes:

• Service Provision: Provide AI-powered search functionality, deliver relevant bootcamp information
• Account Management: Create and maintain user accounts, authenticate users, manage permissions
• Platform Improvement: Analyze usage patterns, improve search algorithms, enhance user experience
• Security: Monitor for unauthorized access, prevent fraud, maintain system security
• Compliance: Meet legal obligations, maintain audit trails, ensure regulatory compliance
• Communication: Respond to inquiries, provide support, send important service updates
• Analytics: Generate usage statistics, performance reports, system health monitoring

4. Legal Basis for Processing (GDPR)

For users in the European Union, we process your personal data based on:

• Contractual Necessity: Processing necessary to provide our services and fulfill our contract with you
• Legitimate Interests: Improving our services, security monitoring, analytics (where not overridden by your interests)
• Legal Obligations: Compliance with applicable laws and regulations
• Consent: Where you have explicitly consented to specific processing activities

5. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

• Service Providers: Third-party vendors who assist in operating our platform (hosting, analytics, security)
• Legal Requirements: When required by law, court order, or government regulation
• Business Protection: To protect our rights, property, or safety, or that of our users
• Business Transfers: In connection with any merger, sale, or transfer of company assets
• Consent: With your explicit consent for specific disclosures

All third-party service providers are contractually bound to protect your information and use it only for specified purposes.

6. Data Storage and Security

6.1 Data Storage

• Data is stored on secure cloud infrastructure with encryption at rest and in transit
• Primary data storage is located in Australia with GDPR-compliant backup systems
• Vector embeddings and search indices are maintained on specialized AI infrastructure

6.2 Security Measures

• Industry-standard encryption for data transmission and storage
• Multi-factor authentication for administrative accounts
• Regular security audits and vulnerability assessments
• Access controls and permission-based system architecture
• Automated monitoring and intrusion detection systems
• Regular security training for personnel with data access

7. Data Retention

We retain your personal information for different periods depending on the type of data:

• Account Data: Retained while your account is active, plus 7 years after account closure
• Search Queries: Aggregated search data retained for 2 years for analytics purposes
• Administrative Logs: System and audit logs retained for 7 years for compliance
• Technical Data: IP addresses and technical logs retained for 12 months
• Communication Records: Support and inquiry records retained for 3 years

Data is securely deleted or anonymized once the retention period expires, unless longer retention is required by law.

8. Your Privacy Rights

Under Australian Privacy Law and GDPR (where applicable), you have the following rights:

• Access: Request copies of your personal information
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal obligations)
• Portability: Request transfer of your data in a structured, machine-readable format
• Restriction: Request restriction of processing in certain circumstances
• Objection: Object to processing based on legitimate interests
• Consent Withdrawal: Withdraw consent where processing is based on consent
• Complaint: Lodge a complaint with relevant privacy authorities

To exercise these rights, please contact our Privacy Officer using the details provided below.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

• Essential Cookies: Required for authentication and basic platform functionality
• Performance Cookies: Collect anonymous data about platform usage and performance
• Functional Cookies: Remember your preferences and settings
• Session Management: Maintain your login state and security

You can control cookie settings through your browser, though disabling essential cookies may affect platform functionality.

10. International Data Transfers

If you are located outside Australia, your information may be transferred to and processed in Australia. We ensure appropriate safeguards are in place for international transfers, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where applicable
• Equivalent privacy protections in destination countries
• Encryption and security measures for data in transit

11. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to remove that information from our systems.

12. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

13. Complaints and Disputes

If you have concerns about our privacy practices, you can:

1. Contact our Privacy Officer directly using the details below
2. Lodge a complaint with the Australian Privacy Commissioner (OAIC)
3. For EU residents, contact your local Data Protection Authority
4. Seek resolution through our formal complaints process