This document exists because you deserve to know how torivaxelna handles details about you when you work with our budgeting education platform. Think of it as the rule book we wrote for ourselves — one we intend to follow every time we interact with your information.
We're not discussing cookies or tracking scripts here. That's a different conversation altogether, covered in our separate cookie policy.
What We Learn About You
When someone signs up for our budgeting courses or requests program information, certain facts emerge naturally through that interaction. We don't collect data just because we can — we gather what's needed to deliver what you've asked for.
Identity Elements
Your name surfaces when you register. Email addresses appear when you create an account or reach out. Phone numbers sometimes come through when you prefer a call instead of digital correspondence.
Learning Journey Records
Course progress gets captured automatically. Assignment submissions leave traces. Quiz results and completion milestones become part of your educational record with us.
Payment Information
Billing addresses emerge during enrollment. Transaction records appear when course fees are processed — though card details themselves never touch our systems directly.
Communication Content
Support messages you send contain whatever details you've chosen to share. Forum posts and peer discussions add context to your learning experience.
Some facts arrive automatically through system logs — IP addresses, browser types, access timestamps. These technical breadcrumbs help us spot problems and keep the platform running smoothly, but they don't tell us much about you as a person.
Why This Information Matters to Us
Every piece of data we hold serves a specific operational function. Nothing gets kept "just in case" or hoarded for vague future possibilities.
Delivering Educational Services
Your enrollment details allow us to grant course access. Progress tracking helps you pick up where you left off. Assignment records let instructors provide meaningful feedback tailored to your work.
Maintaining Platform Operations
Login credentials keep your account secure from unauthorized access. Technical logs help our team diagnose when something breaks. Performance metrics tell us which parts of the platform need improvement.
Meeting Legal Obligations
Australian regulations require certain record-keeping. Taxation authorities need transaction documentation. Consumer protection laws demand specific disclosures and safeguards.
A Note on Marketing
We'll occasionally send emails about new course offerings or educational resources that might interest current students. These messages only go to people who've engaged with our platform before. You can opt out anytime — and when you do, that preference is honored immediately.
How We Work With Your Information
Information doesn't just sit in a database doing nothing. Various people and systems interact with it in specific, limited ways.
Internal Access Controls
Instructors see student names, submitted work, and participation records — they need this to teach effectively. Support staff access contact details and account information when resolving issues. Our technical team works with system logs and anonymized usage patterns to maintain infrastructure.
Not everyone who works here can see everything. Access gets restricted based on what's necessary for each role. Financial records stay separate from educational records unless there's a specific billing question.
Automated Processing
Course completion certificates generate automatically when you finish all required modules. Progress emails trigger based on milestones you reach. Payment confirmations go out immediately after successful transactions.
These automated systems follow predefined rules. There's no hidden decision-making or profiling happening behind the scenes.
When Information Leaves Our Organization
Most of your data stays within torivaxelna's systems. But certain operational realities require sharing with carefully selected external parties.
| External Party Type | Information Shared | Purpose |
|---|---|---|
| Payment Processors | Billing name, email, transaction amount | Processing course enrollment payments securely |
| Email Service Providers | Email address, first name, enrollment status | Delivering course notifications and updates |
| Cloud Hosting Services | All platform data (encrypted at rest) | Maintaining secure infrastructure for course delivery |
| Legal Authorities | Whatever courts or regulators specifically request | Complying with lawful demands and legal processes |
Every external service provider operates under contractual obligations to protect your information. They can't use it for their own purposes or share it further without explicit authorization.
We don't sell student information to third parties. We don't trade contact lists. We don't provide your details to marketing firms or data brokers. That's not how we operate.
Security Measures We've Implemented
Protection against unauthorized access involves multiple layers of technical and organizational safeguards. But security isn't about guarantees — it's about reducing risk to acceptable levels.
Technical Protections
All data transmissions between your browser and our servers happen over encrypted connections. Passwords get hashed using current best practices — we can't read them even if we wanted to. Database access requires authentication and logs every query.
Regular security audits help identify vulnerabilities before they become problems. Software updates get applied promptly when security patches release. Backup systems ensure we can recover from hardware failures or data corruption.
Human Protocols
Staff members receive regular training on information handling procedures. Access credentials get reviewed quarterly and revoked when no longer needed. Laptops and devices require encryption and strong authentication.
Acknowledging Limitations
No system is perfectly secure. Sophisticated attackers might find ways around our defenses. Human error occasionally creates vulnerabilities. External services we depend on could experience breaches.
If a security incident occurs that affects your information, we'll notify you directly via email within 72 hours of discovering the problem. That notification will explain what happened, what information was involved, and what steps we're taking to prevent recurrence.
Your Control Over Your Information
You maintain certain rights regarding data we hold about you. These aren't just theoretical — they're practical capabilities you can exercise whenever you want.
Request a complete copy of your information at any time. We'll provide it within 30 days in a readable digital format. This includes enrollment records, course progress, communications, and any other details we've captured.
Found something wrong in your profile? Tell us and we'll fix it immediately. Misspelled names, outdated email addresses, incorrect billing information — all of these can be updated directly or through a quick support request.
Ask us to remove your information entirely and we'll comply unless legal obligations require retention. Course completion records might need to stay for regulatory purposes, but most other data can disappear permanently.
Object to certain uses of your information, like marketing communications. We'll honor these restrictions except where processing is essential for service delivery or legally mandated.
Request your information in a portable format that you can transfer to another educational platform. We'll export everything in standard file formats that other systems can import easily.
Exercising these rights doesn't cost anything or require lengthy justification. Simply contact us at support@torivaxelna.com and tell us what you want. We'll process your request and respond within one month.
How Long Information Sticks Around
Different categories of information have different lifespans based on operational necessity and legal requirements.
Active Enrollment Period
While you're taking courses with us, all information remains readily accessible. Course materials, progress records, submitted assignments — everything stays available throughout your learning journey and for a reasonable period afterward.
Post-Completion Retention
Educational records typically stay in our systems for seven years after course completion. This duration aligns with Australian business record requirements and allows us to verify credentials if employers or institutions request confirmation.
Financial transaction records follow similar retention rules — kept long enough to satisfy tax obligations and handle potential disputes, then systematically purged.
Marketing Communications
If you've opted into receiving updates about new courses, your contact preferences remain active until you unsubscribe. After opting out, those records get suppressed immediately — though we keep a record of your opt-out preference itself to prevent accidentally re-subscribing you.
Technical Logs
Server logs and access records typically get archived after 90 days and deleted entirely after one year. These provide short-term diagnostic capability without creating permanent surveillance records.
Legal Foundations Supporting Our Processing
Australian privacy law requires organizations to identify legitimate grounds for handling personal information. We rely on several distinct legal bases depending on the situation.
Contractual Necessity
When you enroll in a course, we enter into a contractual relationship. Processing your enrollment details, delivering course access, and tracking your progress are all essential to fulfilling that contract. We can't provide the education you've paid for without handling this information.
Legal Compliance
Taxation authorities require transaction records. Consumer protection regulations mandate certain disclosures and safeguards. Professional accreditation bodies need verification of completed coursework. These legal obligations justify retaining specific categories of information.
Legitimate Interests
Maintaining platform security serves both your interests and ours. Preventing fraud protects all students and the integrity of our courses. Improving educational content based on aggregated usage patterns benefits future learners.
These legitimate interests get balanced against potential privacy impacts. Where processing might be intrusive or unexpected, we either obtain explicit consent or refrain from the activity entirely.
Consent-Based Processing
For activities beyond core educational services — like receiving promotional emails about new courses — we ask for your explicit agreement. This consent remains freely given, specific, and revocable at any moment.
International Considerations
Our operations primarily occur within Australia, but certain technical realities mean information occasionally crosses borders.
Cloud Infrastructure Location
Course materials and student records are stored on servers physically located in Australian data centers. However, our cloud hosting provider maintains global infrastructure, meaning backup copies might temporarily exist in other jurisdictions during replication processes.
These hosting arrangements include contractual protections ensuring that Australian privacy standards apply regardless of where data physically resides.
Student Access From Abroad
If you access our platform while traveling overseas, information naturally flows to wherever you happen to be. That's unavoidable when delivering online education to people who move around.
No Deliberate Offshore Transfers
We don't intentionally send your information to international offices, foreign partners, or overseas processing centers. Everything stays within our Australian operational framework unless technical infrastructure necessitates otherwise.
Updates to This Document
Privacy practices evolve as regulations change, technology advances, or our services expand. When substantial modifications occur, we'll notify current students via email and post a revised version here.
The "Last reviewed" date at the top indicates when we last examined this policy for accuracy and completeness. Minor clarifications might happen without notification, but significant changes always trigger direct communication.
Continuing to use our platform after receiving update notifications means you've accepted the revised terms. If changes substantially alter how we handle your information and you disagree, you maintain the right to close your account and request deletion.
Questions? Problems? Need to Exercise Your Rights?
Reach us through any of these channels. Privacy inquiries typically get responses within two business days.
Port Macquarie NSW 2444
Australia
If you believe we've mishandled your information or violated privacy obligations, you also maintain the right to lodge a complaint with the Office of the Australian Information Commissioner. We'd prefer to resolve concerns directly first, but that external avenue always remains available.