Privacy Policy and Consent

Version 2 · Effective 1 June 2026 · Policy version 2026-06-01

1. Introduction

In this Privacy Policy, “us”, “we” or “our” means ARCHI UPSKILL, ABN 37757028178. We are committed to respecting your privacy.

We are bound by, and will deal with your personal information in accordance with, the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act). You can read the APPs at the Office of the Australian Information Commissioner (OAIC): https://www.oaic.gov.au/privacy/australian-privacy-principles-guidelines/

This Policy sets out how we collect, use, store and disclose your personal information when you use the ARCHI UPSKILL courses, technical onboarding services, website and related services.

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether or not true and whether or not recorded in a material form.

2. Information we collect

We collect the personal information reasonably necessary to provide the Services. This may include:

  • name;
  • email address;
  • telephone or mobile number;
  • account login details and learning records (such as courses accessed, progress, assessment results and certificates);
  • billing information (see clause 3 below: we do not store full credit card numbers);
  • your business or employer details, role and professional information (relevant to our technical onboarding and B2B services);
  • content you create within the Services, such as notes, saved items and submissions;
  • records of your communications with us (including emails, support requests and survey responses); and
  • technical and usage information (see clause 5, Log data and cookies).

We collect only what we reasonably need for the purposes described in this Policy, and we take reasonable steps to avoid collecting sensitive information unless it is necessary and you have consented.

3. Payment information

Payments for the Services are processed by third-party payment processors. We do not collect or store your full credit card numbers or bank account details on our systems. Your payment information is handled by the relevant payment processor in accordance with their own terms and privacy policy and applicable payment-card security standards.

4. How we collect personal information

We collect personal information directly from you when you:

  • register for, or purchase, a Course or Service;
  • create or manage an account;
  • communicate with us by email, phone, chat or support request;
  • complete a survey or provide feedback; or
  • otherwise interact with the Services.

Where access is purchased by a Firm (for example, an architecture practice enrolling its graduates or staff), we may also collect personal information about individual learners from that Firm. Where you provide us with personal information about another person (such as your staff or graduates), you warrant that you have obtained that individual’s consent to share their personal information with ARCHI UPSKILL for onboarding and course-delivery purposes, that you are entitled to provide it, and that you have made the individual aware of this Policy.

We may also collect technical information automatically through your use of the Services, as described below.

5. Log data and cookies

Log data. When you use the Services, we may collect information your browser or device sends, such as your IP address, browser type and version, device information, the pages you visit, and the date, time and duration of your visit.

Cookies. We may use cookies and similar technologies to operate the Services, remember your preferences and understand usage. Cookies are small data files stored on your device. You can set your browser to refuse cookies or to alert you when cookies are being used, but some parts of the Services may not function properly if you do.

Analytics. We may use analytics tools to understand how the Services are used and to improve them. Where information collected via cookies is linked to your account, we treat it as personal information under this Policy.

6. Why we collect, use and disclose your information

We may collect, hold, use and disclose your personal information to:

  • provide, administer and deliver the Courses and Services you have purchased or requested;
  • create and manage your account and verify your identity;
  • where your access was purchased or sponsored by a Firm or employer, disclose your enrolment, course progress, completion status and assessment results to that Firm or employer;
  • operate, protect, improve and optimise the Services and users’ experience;
  • process payments (via our payment processor) and manage billing;
  • respond to your enquiries and provide support, service and administrative messages;
  • send you marketing communications where permitted (see clause 7);
  • comply with our legal obligations, resolve disputes and enforce our agreements; and
  • Maintain the security and integrity of the Services.

7. Direct marketing

We may send you marketing communications about our Courses and Services by email or other means, in accordance with the Spam Act 2003 (Cth) and the Privacy Act. Every marketing message will include a way to opt out (such as an unsubscribe link), and you can also opt out at any time by contacting us using the details below. We will not sell your personal information or disclose it to third parties for their own direct marketing.

Your marketing consent is separate and optional; see the consent section at the end of this Policy.

8. Disclosure of your information

We may disclose your personal information, for the purposes described in this Policy, to:

  • our personnel and related entities;
  • third-party service providers who help us operate the Services (for example, hosting, payment processing, email delivery, analytics and support tools), who are only permitted to use it to perform those services for us;
  • professional advisers;
  • a purchaser or potential purchaser of our business or assets, provided they agree to handle it consistently with this Policy; and
  • government agencies, regulators or law enforcement, or other parties, where required, authorised or permitted by law (including in response to a subpoena or court order).

9. Disclosure outside Australia

Some of our service providers (such as cloud hosting, payment processing, email delivery and analytics providers) may store or process personal information outside Australia, primarily in the United States and regions utilised by our cloud infrastructure partners.

Before disclosing personal information overseas, we take reasonable steps to ensure the recipient handles it consistently with the Australian Privacy Principles, except where you consent to the disclosure, or it is otherwise permitted under the Privacy Act.

10. Security and data breaches

We take reasonable steps to protect your personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure, using a range of physical, administrative and technical measures. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

If a data breach occurs that is likely to result in serious harm, we will respond in accordance with the Notifiable Data Breaches scheme under the Privacy Act, including notifying affected individuals and the OAIC where required.

11. Accessing and correcting your information

You may request access to the personal information we hold about you, and ask us to correct it if it is inaccurate, out of date or incomplete, by contacting our Privacy Officer using the details below. We will verify your identity before providing access. In some cases, we may not be able to provide access (for example, where the law permits us to refuse), and if so, we will tell you why.

12. Children’s privacy

The Services are intended for users aged 18 and over and are directed at professionals and businesses. We do not knowingly collect personal information from anyone under 18. If you believe a person under 18 has provided us with personal information, please contact us, and we will take reasonable steps to delete it. (Note: Australia does not set a single statutory age for privacy consent; capacity is assessed individually, and the OAIC is developing a Children’s Online Privacy Code that may introduce further requirements over time.)

13. Links to other sites

The Services may contain links to websites operated by third parties. We are not responsible for the content or privacy practices of those sites, and we encourage you to review their privacy policies before using them.

14. Automated tools

The Services may include features that use automated systems or artificial intelligence to assist with searching, organising or summarising information.

15. Complaints

If you believe we have breached the Privacy Act or mishandled your personal information, please contact our Privacy Officer using the details below, including your contact details and a description of your complaint. We will acknowledge it and respond within a reasonable time. If you are not satisfied with our response, you may contact the OAIC at www.oaic.gov.au.

16. Changes to this Policy

We may update this Policy from time to time by posting the updated version on our website, with a new effective date. Where changes are material, for example, a change to the kinds of personal information we collect or to the third parties we disclose it to, we will notify you directly via the email address associated with your account at least 14 days before the changes take effect. We encourage you to review the Policy periodically for minor or non-material updates.

17. Contact us

ARCHI UPSKILL Privacy Officer Email: admin@archiupskill.com

ARCHI UPSKILL — Privacy Policy and Consent · Version 2 · 1 June 2026