PRIVACY POLICY
OZPATH PTY LTD
1. We respect your privacy
(a) OZPATH PTY LTD respects your right to privacy and is committed to safeguarding the privacy of our customers and software application users. We adhere to the Australian Privacy Principles (APPs) established by the Privacy Act 1988 (Cth). This policy sets out how we collect and treat your personal information.
(b) Personal information means information we hold which is identifiable as being about you.
2. Collection of personal information
(a) OZPATH PTY LTD will, from time to time, OzPath Pty Ltd will, from time to time, receive and store personal information you enter onto our software application OzPath, provide to us directly, through Google Sign-in or Sign in with Apple authentication, interact with our AI-powered chatbot, or give to us in other forms. This includes information stored securely in our Firebase database and processed through Google Gemini AI technology.
(b) You may provide basic information such as your name, phone number, address and email address to enable us to send information, provide updates and process your service requests. We may collect additional information at other times, including but not limited to, when you:
(i) Upload documents for translation
(ii) Interact with our AI chatbot for visa-related queries
(iii) Use Google Sign-in or Sign in with Apple authentication
(iv) Submit student visa and migration-related information
(v) Provide feedback or communicate with customer support
(vi) Change your content or email preferences
(vii) Respond to surveys and/or promotions
(viii) Provide payment information for translation services - payments are processed securely through Stripe. We do not store your payment card details on our servers. For information about how Stripe handles your payment information, please refer to Stripe's Privacy Policy at https://stripe.com/au/privacy
(c) Additionally, we may also collect any other information you provide while interacting with our services, including chat histories, document processing preferences, and authentication data. This information is used to improve your experience with the OzPath platform and provide personalized assistance for your study and migration journey in Australia.
(d) As a platform supporting international students, we collect and process additional information specific to your educational and migration journey, including:
(i) Educational background and study plans
(ii) Visa status and application history
(iii) Immigration documentation
(iv) Study preferences and requirements
(e) Our application uses the following third-party services:
(i) Google Sign-in for authentication
(ii) Sign in with Apple for authentication. When you use Sign in with Apple, you havethe option to hide your email address. If you choose this option, Apple will create aunique, random email address that forwards to your actual email address, allowingyou to maintain your privacy while still receiving communications from us
(iii) Google Gemini AI for our chatbot functionality
(iv) Firebase for secure data storage
(f) When you use our AI chatbot:
(i) AI chatbot interactions are processed by Google Gemini AI, which may store andprocess data outside of Australia. According to Google's API terms, your chat datais not used to train their AI models. All data transmitted to Google Gemini isencrypted and processed in accordance with Google's security standards.
3. How we collect your personal information
OZPATH PTY LTD collects personal information from you in a variety of ways, including when you interact with us electronically or in person, when you access our software application and when we provide our services to you. We may receive personal information from third parties. If we do, we will protect it as set out in this Privacy Policy.
4. Use of your personal information
(a) OZPATH PTY LTD may use personal information collected from you to provide you with information, updates and our services. We may also make you aware of new and additional products, services and opportunities available to you. We may use your personal information to improve our products and services and better understand your needs.
(b) The Application may make third party social media features available to its users. We cannot ensure the security of any information you choose to make public in a social media feature. Also, we cannot ensure that parties who have access to such publicly available information will respect your privacy.
(c) OZPATH PTY LTD may contact you by a variety of measures including, but not limited to telephone, email, sms or mail. -personal info is onlny used for translators solely, not for marketing or ai training, automatically deleted after period
5. Disclosure of your personal information
(a) We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this Policy. This includes sharing uploaded documents with certified translators for translation services. All third-party service providers, including translators, are contractually bound by strict data protection agreements that mandate:
(i) implementation of industry-standard encryption for data transmission and storage,
(ii) restricted access protocols limiting data visibility to essential personnel only,
(iii) mandatory deletion of documents within 30 days of service completion, and
(iv) regular compliance audits
These providers must maintain data protection standards equivalent to or exceeding Australian Privacy Principles, with specific emphasis on secure document handling and confidentiality preservation.
(b) We may from time to time need to disclose personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.
(c) We may also use your personal information to protect the copyright, trademarks, legal rights, property or safety of OZPATH PTY LTD, its application, website and customers or third parties.
(d) OzPath uses Firebase, a Google Cloud service, to store and manage user data. Information that we collect is stored and processed as follows:
(i) Firestore data (such as user profiles, visa information, and app metadata) is stored in secure Google Cloud data centres located in Australia
(ii) Uploaded documents and files (such as translations and visa materials) are stored in secure storage facilities located in the United States
All data is transmitted securely using encryption (HTTPS/TLS) and protected by Firebase's built-in access controls and authentication. By using OzPath, you acknowledge that some of your information may be transferred to and processed in data centres outside Australia, including the United States. We ensure that any such transfers comply with the Australian Privacy Principles (APP 8 – Cross-border disclosure of personal information) and are subject to strict data protection safeguards.
(e) If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.
(f) By providing us with personal information, you consent to the terms of this Privacy Policy and the types of disclosure covered by this Policy. Where we disclose your personal information to third parties, we will request that the third party follow this Policy regarding handling your personal information. By using our Application and providing your personal and sensitive information, you consent to:
(i) The collection and use of your personal information for the purposes described in this Policy
(ii) The disclosure of your personal information to our service providers, including certified translators
(iii) The processing of your information through our third-party services, including Google services
(iv) The storage of your information in our secure databases
You may withdraw your consent at any time by contacting us at privacy@ozpath.au, though this may affect our ability to provide certain services.
(g) All third-party service providers, including translators, are contractually bound by strict data protection agreements that mandate: (i) implementation of industry-standard encryption for data transmission and storage, (ii) restricted access protocols limiting data visibility to essential personnel only, (iii) mandatory deletion of documents within 30 days of service completion with written confirmation of deletion required from translators, and (iv) regular compliance audits. These providers must maintain data protection standards equivalent to or exceeding Australian Privacy Principles, with specific emphasis on secure document handling and confidentiality preservation.
(h) Your data is stored securely in Google Cloud Platform servers.
(i) We maintain the following retention periods:
- Account information: Until account deletion
- Chat histories: 6 months
- Translation documents: 30 days
- System logs: 18 months
(ii) After deletion is requested:
- Data removal process begins immediately
- Complete removal may take up to 30 days
- Backup systems may retain encrypted data for up to 6 months
(iii) We may retain certain information for longer periods where required by law or for legitimate business purposes such as security, fraud prevention, and financial record-keeping.
6. Security of your personal information
(a) OZPATH PTY LTD is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
(b) In accordance with Australian Privacy Principle 11, we implement robust technical and organisational measures to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. While the transmission of information over the internet inherently involves some risk, we employ multiple layers of security controls including:
(i) Technical measures such as encryption protocols, secure access controls, and regular security audits
(ii) Organisational measures including staff training, security policies, and documented procedures
(iii) Continuous monitoring and updates to our security practices
(iv) Regular assessment and verification of our security controls
These measures are regularly reviewed and updated to ensure the ongoing security of your personal information throughout its lifecycle, from collection to destruction or de-identification.
(c) We implement industry-standard security measures, including encryption, access controls, and regular security audits, to protect your personal information. In the event of a notifiable data breach, we will notify affected users and the Office of the Australian Information Commissioner (OAIC) as soon as practicable, in accordance with our obligations under the Privacy Act 1988 (Cth) and the Notifiable Data Breaches scheme.
(d) In the event of any data breach, we will notify affected users and provide detailed information including: the nature and extent of compromised data, potential risks to affected users, steps taken to contain the breach, recommended actions for users to protect themselves, and a dedicated support channel for inquiries. For breaches that are likely to result in serious harm, we will also notify the Office of the Australian Information Commissioner (OAIC) as required by law. We will maintain ongoing communication throughout the incident resolution process and implement additional security measures to prevent future occurrences.
(e) We maintain appropriate data processing agreements with Google, including the Cloud Data Processing Addendum (CDPA), which establishes our role as the Data Controller and Google's role as the Data Processor. These agreements ensure compliance with applicable data protection laws, including the Australian Privacy Principles.
7. Access to your personal information
(a) You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act 1988(Cth). A small administrative fee may be payable for the provision of information. If you would like a copy of the information which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at privacy@ozpath.au.
(b) We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.
8. Complaints about privacy
If you have any complaints about our privacy practices, please feel free to send in details of your complaints to privacy@ozpath.au. We take complaints very seriously and will respond shortly after receiving written notice of your complaint.
9. Opt-out right
You can stop all collection of information by the Application easily by uninstalling the Application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network. Additionally, you have the right to delete your account and associated personal information through the Application's account settings. Upon account deletion, we will remove your personal information from our active databases, subject to any legal obligations to retain certain data. You may request deletion of translated documents at any time by contacting us at privacy@ozpath.au. You can also request to opt-out of our services via the same email address.
10. Additional Privacy Rights
You have the right to request access to your personal information, correct any inaccurate data, and receive a copy of your information in a structured format. You may also request restriction of processing or object to automated decision-making. We will respond to such requests within 30 business days. To exercise these rights, contact our Privacy Officer at privacy@ozpath.au. If you are unsatisfied with our response, you have the right to lodge a complaint with the Office of the Australian Information Commissioner.
11. Changes to Privacy Policy
Please be aware that we may change this Privacy Policy in the future. We may modify this Policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check back from time to time to review our Privacy Policy.
12. Software Application
12.1. When you use our Application
When you use our application, we collect certain information such as mobile unique device ID, the IP address of your mobile device, mobile operating system, the type of mobile internet browsers you use, and information about the way you use the Application. We also collect data related to your interactions with our AI-powered chatbot, document uploads for translation and verification, and authentication through Google Sign-in. This information is stored securely in our Firebase database and is used to improve our services and provide personalised assistance for your study and migration journey.
12.2. Cookies
We may from time to time use cookies on our software application. Cookies are very small files which a website uses to identify you when you come back to the application and to store details about your use of the application. Cookies are not malicious programs that access or damage your computer, tablet or smartphone. Most devices automatically accept cookies but you can choose to reject cookies by changing your device settings. However, this may prevent you from taking full advantage of our application.
12.3. Automatic collection
The software Application may collect certain information automatically. This automatic collection does not include any personal documents, which are only collected when explicitly submitted by you for translation services. Automatically collected information includes:
(a) Device and system information including device type, operating system, application version, and unique device identifiers
(b) Authentication and session data including login events, logout events, and password reset requests
(c) Usage patterns and interaction data including timestamps and feature usage statistics
(d) Notification preferences and scheduling information including reminder settings and delivery status
(e) Application performance data including error logs and diagnostic information
(f) Chat interaction data including message history and timestamps
(g) Document metadata including file names, types, and sizes (personal documents are not automatically collected and are only processed when explicitly submitted for translation)
(h) Profile information including visa stream selection, notification preferences, and relevant dates
(i) Checklist and questionnaire responses including completion status and answers
(j) AI service interaction data processed through our third-party providers
12.4. Third parties
Our software application integrates with trusted third-party services including Google Sign-in, Firebase, and Google Gemini AI. While these services help us provide and improve our features, we maintain strict data protection standards. Links to other applications or websites not owned or controlled by us are provided for convenience only. Please be aware that OZPATH PTY LTD is not responsible for the privacy practices of other applications or websites. We encourage our users to read the privacy statements of each application or website that collects personal identifiable information.
12.5. Document Translation Process
(a) When you upload documents for translation through our Application, these documents are securely stored in our system and made available to certified translators. We implement comprehensive security measures to protect your documents throughout the translation process:
(i) Documents are securely transmitted to authorised translators through our encrypted platform
(ii) Translators download documents through secure, tracked authentication. While we cannot control how translators store documents after download, they are contractually required to delete them within 30 days and maintain appropriate security measures
(iii) All document handling is logged and monitored for security compliance
(iv) Translators are bound by strict confidentiality and data protection agreements
(b) Our translator selection and oversight process includes:
(i) Verification of NAATI certification and professional credentials through the official NAATI register
(ii) Regular performance and compliance monitoring
(c) In the event of a confidentiality breach by a translator:
(i) We will immediately investigate and take appropriate action
(ii) Affected users will be notified as soon as practicable
(iii) We will assist users in taking steps to protect their information
(iv) Users may lodge complaints through our dispute resolution process
While we take all reasonable steps to protect your documents and ensure translator compliance, you retain rights under the Australian Consumer Law and Privacy Act 1988 (Cth). For specific concerns about document handling, please contact us at privacy@ozpath.au.