Privacy Policy
Effective date: 18 May 2026
Version: 1.2
Entity: Edvora (ABN 66 773 492 536), Melbourne, Australia
1. Who we are
Edvora is an AI-driven adaptive learning platform that helps students prepare for Australian Years 3-9 examinations. We are headquartered in Melbourne, Victoria, and regulated by the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
Privacy Officer: support@edvora.com.au
2. What this policy covers
- What personal information we collect
- How we use it, including for AI model training
- Who we share it with
- How we keep it secure
- Your rights under Australian law
3. Personal information we collect
3.1 Information you give us directly
- Account details: email, display name, birth year, year level, state, optional school name
- Subscription details: billing name and address (processed by Stripe — we do not store card numbers)
- Profile preferences: exam focus, timezone
3.2 Information we collect as you use the platform
- Learning interactions: questions shown, answers submitted, correctness, time per question
- Optional self-reported data: pre-written reason chips (e.g. “I made a calculation mistake”)
- Usage data: pages visited, features used, session duration
- Device data: browser, OS, IP address (security and abuse prevention only)
3.3 Information we do NOT collect
- Card numbers (handled by Stripe)
- Voice or video
- Photos or images
- Precise location (only approximate country from IP)
- Data from other apps on your device
- Free-text answer reasoning (no such field exists; only the pre-written chips)
4. How we use your information
4.1 To run the platform
- Authenticate your account and deliver the learning experience
- Adapt practice to your specific error patterns
- Generate progress reports
- Process payments
4.2 To train and improve our AI models (opt-in only)
If you explicitly opt in, we use the following to train our misconception-diagnosis AI:
- The question text shown
- The correct answer
- The answer you selected
- Whether your answer was correct
- Your year level and subject (in aggregate form)
- Your self-reported reason chip (if you tapped one)
We never include in training data:
- Your name, email, or school
- Your IP address or device identifier
- Free text of any kind
- Data from users under 16 without explicit parental opt-in
Training data is pseudonymised at the architectural level: each record is linked only to a random pseudonym ID, stored in a separate mapping table from your account details. When you delete your account or withdraw AI training consent, the link between your pseudonym and your user record is severed, making your past contributions fully anonymous.
The resulting fine-tuned model powers the Edvora platform, including both the free research program and the paid subscription tiers.
4.3 For security and fraud prevention
We may review account activity to detect abuse, shared accounts, or automated scraping.
5. Consent and opt-out
5.1 Your consent
Participation in AI training is entirely optional. You choose whether to opt in during account setup, and you can change your mind at any time in Settings → Privacy. We will never assume consent on your behalf. The AI training toggle defaults to off for new users.
5.2 Withdrawing consent
- We stop collecting training data from your future sessions immediately
- The pseudonym link is severed within 30 days, so past contributions are no longer tied to you
- Your progress records remain so your learning history is preserved
6. Children and young people
6.1 Minimum age
Self-registered Edvora accounts are for users aged 16 and over. Users under 16 must have a parent or legal guardian create the account. The parent is the account holder of record.
6.2 Parental consent
- We require the parent's email and explicit confirmation they are the parent or legal guardian
- AI training data is not collected without a separate, explicit parental opt-in
- Parents can view, export, and delete their child's data at any time
6.3 School accounts
Where a school licenses Edvora, the school is responsible for obtaining any necessary parental consent under its own information-handling practices. Edvora acts as a data processor for the school.
7. Who we share your information with
7.1 Service providers
- Supabase (AWS Sydney / ap-southeast-2) — database hosting
- Firebase Authentication (Google, US region) — login
- Stripe (US / Australia) — payments
- Vercel (US) — website hosting
- Render (US) — API hosting
- Anthropic, Google (Gemini), Groq — AI inference providers for generating explanations
All providers are contractually bound to handle your data only for the purposes we specify and to maintain security controls equivalent to those required by Australian law.
7.2 Cross-border data transfers
By using Edvora, you consent to your personal information being transferred to and stored in the following jurisdictions, subject to the safeguards described below:
| Destination | Data | Provider | Legal basis / safeguard |
|---|---|---|---|
| Australia (ap-southeast-2, Sydney) | Primary database, all personal information | Supabase (AWS) | Domestic — APP 11 |
| United States | Authentication tokens only | Firebase (Google) | APP 8.1 — contractual controls, Google DPA |
| United States / Australia | Payment metadata (no card numbers stored by us) | Stripe | APP 8.1 — Stripe AU entity, contractual controls |
| United States | Static site hosting (no PII in transit) | Vercel | APP 8.1 — Vercel DPA |
| United States | API/backend compute, transient request data | Render | APP 8.1 — Render DPA |
| United States | AI inference payloads (question + answer, no PII) | Anthropic, Groq | APP 8.1 — provider DPAs, zero-retention where available |
| United States / European Union | AI inference payloads (question + answer, no PII) | Google (Gemini) | APP 8.1 — Google DPA |
AI inference requests contain only the question, answer choices, and diagnostic context — never your name, email, or identifiers. We take reasonable steps under APP 8.1 to ensure all overseas recipients handle your personal information in a way consistent with the Australian Privacy Principles. Where a provider's contractual terms fall short of APP equivalence, we rely on the APP 8.2(a) exception (you have consented after being expressly informed the APPs will not apply) — your acceptance of this policy constitutes that informed consent.
If you do not consent to these transfers, do not use the platform. You can withdraw consent at any time by deleting your account under Settings → Privacy.
7.3 We do not sell your data
We never sell, rent, or trade personal information to advertisers or data brokers.
7.4 Legal disclosures
We will disclose information if required by an Australian court, government agency, or law enforcement authority.
7A. Cookies and local storage
We use a small number of cookies and browser localStorage keys, strictly for platform operation — we do not use advertising cookies, tracking pixels, or third-party analytics that build user profiles.
| Item | Purpose | Duration |
|---|---|---|
| Firebase auth token (localStorage) | Keep you signed in | Until sign-out |
edvora_beta cookie | Beta access gate | 30 days |
| Session preferences (localStorage) | Remember UI preferences (theme, year level) | Until cleared |
| Stripe session cookies | Process payment on checkout pages only | Per Stripe policy |
| Vercel infrastructure cookies | Load-balancing and DDoS protection | Session |
You can clear cookies and localStorage at any time through your browser settings. Doing so will sign you out but will not delete any data held server-side.
8. How we keep your data secure
- Encrypted in transit (TLS 1.2+) and at rest (AES-256)
- Primary database hosted in Australia (Supabase ap-southeast-2)
- MFA available for all accounts
- Production data access restricted to named staff with logged access
- Automated encrypted backups retained for 30 days
- Identity and behavioural data architecturally separated via pseudonym mapping
9. How long we keep your data
| Data type | Retention |
|---|---|
| Personally identifying information (email, display name, school name, state, year level, authentication provider IDs) | Retained while your account is active; destroyed within 24 hours of an account-deletion request. After destruction your account row is retained with all PII fields anonymised — the row cannot be re-identified to you and cannot be logged into. |
| Learning progress + question responses (your answers, timings, difficulty exposure history) | Retained indefinitely in pseudonymised form so the platform's adaptive engine, item-quality analytics, and cohort comparisons remain valid. Once your account-PII is destroyed, the link from these records back to you is permanently severed and the records are no longer "personal information" under the Australian Privacy Act 1988 — see APP 11.2 on de-identification as an alternative to destruction. You can still request hard-deletion of these records on request; contact us if you want that. |
| Training contributions (opted-in) | Retained indefinitely in fully anonymised form; the link to your user record is severed on withdrawal or deletion, so past contributions remain in the corpus but cannot be linked back to you. |
| Payment records | 7 years (mandatory under Australian taxation law) |
| Support tickets | 3 years |
| Security logs | 12 months |
| Consent audit trail | 7 years from each consent record (immutable, retained even after account deletion to satisfy APP audit obligations) |
10. Your rights
- Access the personal information we hold about you
- Correct information that is inaccurate
- Delete your account and associated data
- Withdraw consent for AI training at any time
- Export your data in a portable format (JSON)
- Complain to us or to the OAIC
To exercise any of these rights: support@edvora.com.au. We respond within 30 days.
To complain to the OAIC: www.oaic.gov.au · 1300 363 992
11. Data breaches
If a data breach occurs that is likely to cause you serious harm, we will notify you and the OAIC within 30 days, as required by the Notifiable Data Breaches scheme.
12. EU / UK residents (GDPR / UK GDPR notice)
Edvora is designed for, and offered to, residents of Australia preparing for Australian school examinations. The platform is not intended for, marketed to, or actively targeted at residents of the European Union, European Economic Area, United Kingdom, or any other jurisdiction outside Australia.
We have not undertaken a formal compliance assessment against the EU General Data Protection Regulation (Regulation (EU) 2016/679), the UK General Data Protection Regulation, or comparable foreign data-protection regimes, and we do not claim compliance with any of them. If you are a resident of the EU, EEA, or UK, please do not register an account or submit personal information through Edvora; if you have already done so, please contact support@edvora.com.au.
Deletion requests from EU / UK residents. If we receive a deletion request from an account holder who states they are resident in the EU, EEA, or UK, we will action that request within 30 days by destroying all personally identifying information in your account (email, name, school, year level, authentication identifiers) and irreversibly severing the link between your user row and any learning-progress records, training contributions, and pseudonymous identifiers. Records we are required by Australian law to retain (for example, payment records under tax law and consent audit-trail records) are kept for their statutory periods but are not used for any other purpose, and the personally identifying fields within those records are also anonymised where the statute permits. Once the deletion is complete, your account cannot be re-linked to you and we will confirm completion in writing.
For all users globally, the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles apply to the personal information we hold. Where third-party processors operate from the EU, EEA, UK, or United States (for example, Google for AI inference, Stripe for payments), those processors apply their own data-protection frameworks to the data we transmit to them. See section 5 for the cross-border transfer table.
13. Changes to this policy
We may update this policy. For material changes we notify you by email and require you to re-accept before continuing to use the platform. Historical versions remain at /privacy/v<number>.
14. Contact
Privacy Officer
support@edvora.com.au
Edvora, Melbourne, Victoria, Australia
15. Changelog
| Version | Date | Changes |
|---|---|---|
| 1.2 | 18 May 2026 | Switched account-deletion model from hard cascade to PII-anonymisation + pseudonymous-data retention. Personally identifying information is still destroyed within 24 hours of a deletion request, but anonymised learning-progress and pseudonymous training contributions are now retained indefinitely to support platform analytics and the AI training corpus the user opted into. Updated section 9 retention table; updated section 12 EU/UK deletion path. |
| 1.1 | 17 May 2026 | Added section 12 (EU / UK residents — out-of-scope notice; no GDPR compliance claim). Renumbered sections 13–15. |
| 1.0 | 15 April 2026 | Initial policy. AI training opt-in. Pseudonym architecture. 16+ default; parent-mediated flow for under-16. |
See also: Terms of Use · AI & Data Use Transparency