Privacy Policy
Effective date: 23 June 2026 · Last updated: 23 June 2026
1. Introduction
PacketCert ("we," "us," or "our") is an Australian business committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our platform.
2. What Is Personal Information?
Under the Privacy Act, "personal information" means information or an opinion about an identified individual, or an individual who is reasonably identifiable. This includes your name, email address, IP address, and usage data linked to your account.
3. Information We Collect
Information you provide: Account registration data (name, email address — managed by Clerk Authentication); quiz and practice test answers and scores; payment information (processed by Stripe; we do not store your card details); any optional profile information you choose to provide.
Information collected automatically: Log data (IP address, browser type, pages visited, referring URL, time and date of requests); device information; usage data (lessons completed, quiz scores, time spent per session, progress milestones); cookies and similar tracking technologies.
Information from third parties: We use Clerk for authentication. When you sign in using a third-party provider (e.g., Google), Clerk may share basic profile data (name, email, profile picture) with us.
4. How We Use Your Information
We use your personal information to: provide, operate, and maintain the Service; personalise your learning experience and track your progress; power the adaptive review system; communicate with you about updates, security alerts, or support requests; process payments and manage your licence; analyse usage patterns and improve content quality; detect, prevent, and address fraud or abuse; and comply with our legal obligations under Australian law.
5. Disclosure of Information
We do not sell, trade, or rent your personal information to third parties. We may disclose personal information to: service providers (Clerk, Stripe, hosting providers); Australian or overseas regulatory or law enforcement authorities when required by law; and in connection with a merger, acquisition, or sale of assets.
6. Overseas Disclosure
Some of our service providers (including Clerk and Stripe) may store or process your personal information outside Australia. Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient does not breach the APPs in relation to that information (APP 8).
7. Data Quality and Security
We take reasonable steps to ensure that the personal information we hold is accurate, up-to-date, complete, and relevant (APP 10). We implement commercially reasonable technical and organisational measures to protect your data, including encrypted connections (HTTPS/TLS), hashed credentials, and access controls.
8. Data Retention
We retain your account data and progress records for as long as your account remains active or as needed to provide the Service. When personal information is no longer needed, we take reasonable steps to destroy or de-identify it (APP 11.2).
9. Your Rights Under the Australian Privacy Principles
Under the Privacy Act and the APPs, you have the right to: access the personal information we hold about you (APP 12); request correction of inaccurate personal information (APP 13); request deletion of your account and associated personal information; opt out of direct marketing communications (APP 7); and make a complaint about how we have handled your personal information.
To exercise any of these rights, contact our Privacy Officer. We will respond within 30 days as required by the Privacy Act.
10. Privacy Complaints
If you believe we have breached the APPs or the Privacy Act, please contact us in the first instance. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
11. Children's Privacy
The Service is not directed to children under 15 years of age. We do not knowingly collect personal information from children under 15.
12. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will post the revised policy on this page with a new effective date.
13. Contact Our Privacy Officer
For all privacy-related questions, requests, or complaints, contact our Privacy Officer here.