Privacy Policy

Information Collection, Use and Disclosure

uEducateUs is a school management system. When you use our platform, your school is the Data Controller (the entity that decides how and why your data is collected). uEducateUs acts as a Data Processor operating strictly under the instruction of your school.

If you have questions about how your school configures permissions, retains records, or manages your personal information, please contact your school administration directly.

The collection, management, and security of all information on our platform is conducted strictly in accordance with the Privacy Act 1988

We require specific information related to registered users of our platform to facilitate, maintain, and secure the core functions of our school management services. When ordering, registering, or utilizing uEducateUs, you may be asked to enter personal or sensitive information required to meet school administrative needs and legal compliance under the Australian Education Act 2013.

Types of Personal and Sensitive Information Collected

To fulfill our obligations to schools, we process data across three distinct categories

  1. Standard Personal & Administrative Information:

    • Account Profile Data: Names, email addresses, mailing addresses, telephone numbers, digital signatures, and official identification documentation.
    • Financial Data: Billing details, payment processing data, and school fee transaction records.
    • Government & School Identifiers: State or federal government-assigned identifiers, attendance records, and documented reasons for student absence.
  2. Student Performance & Welfare Records:

    • Official academic marks, semester report cards, individualized support arrangements, and professional case notes.
    • Communication history, behaviour observations, and school incident tracking logs.
  3. Highly Sensitive Legal & Health Information:

    We only process these restricted data types where a school explicitly inputs them for student safety, legal compliance, or duty of care:

    • Health & Medical: Medical conditions, management plans (e.g., anaphylaxis, asthma), and formal mental health diagnoses for students, staff, or parents.
    • Legal & Custodial: Court-issued protection orders, legal custody arrangements, informal care structures, and out-of-home care status.
    • Background & Beliefs: Racial or ethnic origin, or religious beliefs and affiliations, where relevant to school records or funding requirements.
    • Well-being: Sensitive social, emotional, or mental health and well-being information.

De-Identified Analytics and Technical Data

From time to time, we automatically collect de-identified technical information via our website and applications for system optimization, security monitoring, and analytics purposes. This data cannot be used to identify individuals and includes:

  • Web browser type, version, and language configuration.
  • Operating system type and version.
  • Specific pages viewed within our website or web applications.
  • Page access times and platform loading speeds.
  • Referring website addresses.

How We Use Your Information

We process your data strictly to fulfill our contractual obligations to your school. This includes:

  • Operating, maintaining, and providing the features of the uEducateUs platform.
  • Facilitating secure communication between schools, teachers, parents, and students.
  • Generating student semester reports and managing digital signature approvals.
  • Ensuring system security, preventing unauthorized access, and troubleshooting technical issues.

We never sell your data, and we never use student or parent personal information to target advertisements.

Staff and System Obligations

All uEducateUs personnel are bound by strict, legally enforceable confidentiality agreements. This ensures your personal and sensitive information is protected at all times and is accessed only for purposes to which your school has contractually agreed or as required by law.

Relevant government-legislated data transactions will be completed securely on behalf of the client and respective government bodies. All such transmissions are executed in strict accordance with government security parameters and data sharing frameworks.

What does this policy cover?

This policy describes the information that we process to provide uEducateUs products.
These include:

  • uEducateUs
  • uEducateUs Mobile

What do we use your information for?

We only use de-identified information unless specifically requested by the client or school that the information is in relation to.

Any of the information we collect from you may only be used in any of the following ways:

  1. To improve and maintain our website and service/s

  2. To perform and improve customer service.

Who can we share your personal information with?

We will never sell, trade, or rent your personal information to anyone. We do not use your data for advertising.

We only share data in the following three situations to make our platform work:

  1. Our Trusted Service Providers (Sub-processors)

    We use a small number of trusted companies to help run our services—like secure cloud storage providers, payment processors, and SMS/email delivery networks.
    • They only get the exact information they need to do their job.
    • They are required to keep your data safe and comply with Australian privacy laws.
  2. Legal and Government Requirements

    We will only share data with state or federal government bodies when your school requires us to do so by law, or if we are legally forced to by a court order.
  3. Access Controlled by Your School

    Your school is in complete control of who sees what inside the app. School administrators choose which teachers, staff, parents, and students have permission to view records.
    uEducateUs cannot change these school settings. To learn more about who has access within your specific school, please check your school’s own privacy policy.

Security of your information

We implement appropriate security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.

Information is stored in a secure server located within Australia as required by Australian law.

All direct access to your information is only accessed by authorised parties whom are required to keep the information confidential.

Personal information is handled in accordance with Victorian privacy legislation and is stored and disposed of in accordance with Department’s Record Keeping Policy.

Our service/s may contain links to external websites such as links to mobile app stores, support software, search engines and others. Please review the privacy policy of these websites as we are not responsible for their privacy practices.

Consequences of Not Providing Information

If requested personal information is not provided:
  • We may be unable to provide access to the platform or certain features
  • School administrative functions and reporting may be impacted
  • Communication and service delivery may be limited

Access and Correction

Individuals may request access to personal information we hold about them and request corrections if it is inaccurate, out-of-date, incomplete, or misleading.

Requests can be made using the contact details below. We will respond within a reasonable timeframe.

Complaints

If you believe your privacy has been breached, you may submit a complaint to us using the contact details below. We will:
  • Acknowledge the complaint within a reasonable timeframe
  • Investigate the matter
  • Provide a response outlining the outcome and any actions taken

Sub-processors (Third-Party Service Providers)

We use trusted third-party service providers (“Sub-processors”) to support the delivery of our services. These Sub-processors may process personal information on our behalf and only for purposes that are necessary to provide, maintain, and improve our services.

All Sub-processors are contractually required to:

  • Process personal information only in accordance with our instructions
  • Implement appropriate technical and organisational security measures
  • Comply with applicable privacy and data protection laws, including the Australian Privacy Principles (APPs)

Categories of Sub-processors

Our Sub-processors may provide services in the following categories:

  • Cloud hosting and infrastructure
  • Data storage and backup
  • Email and communications
  • Payment processing
  • Customer support systems
  • System monitoring and analytics

List of Sub-processors

Sub-processor Purpose Personal information processed Data Location Processes Sensitive Data?
AWS Application hosting, core database, and infrastructure. Full user account profiles, system data, school records, and application logs. Australia (Sydney Region) YES (Core Database)
STRIPE Secure school fee and billing payment processing. Payment card details, billing addresses, names, and transaction metadata. Australia, United States, and global locations as determined by Stripe. NO (Restricted to Financial Data)
ATLASIAN (Jira) Internal support ticketing, bug tracking, and system development. Customer contact information, administrator details, and technical support ticket descriptions. Australia (Sydney Region) and global locations as determined by Atlassian. NO (Staff/Admin contact only)
Microsoft Azure Secure user identity verification and login authentication. User account credentials, login metadata, and baseline authentication tokens. Australia (Sydney Region) and global locations as determined by Microsoft. NO (Restricted to Credentials)
Sendgrid Transactional and system automated email delivery. Customer and user email addresses, names, and message body contents. United States (Secured regional data centre) NO (Email transmission only)
SMS Broadcast Transactional school notification text message delivery. User mobile phone numbers and outbound SMS communication content. Australia (Routed via Telstra, Optus, and Vodafone networks) NO (SMS transmission only)
Firebase (Google) Real-time push notification routing for mobile applications. Hardware device identifiers, notification payloads, and system push tokens. Australia, United States, and global locations as determined by Google. NO (Restricted to Device IDs)
Apple Push notification delivery for iOS devices. Hardware device identifiers and mobile app notification push tokens. Australia, United States, and global locations as determined by Apple. NO (Restricted to Device IDs)

Use of Cookies

Cookies are small files that a site or its service provider transfers to your computer through your browser, if allowed, that enables the site’s or service provider’s systems to recognise your browser and capture and remember certain information.

We use cookies to understand and save your preferences for future visits and implement both internal and third party cookies like Google Analytics, to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

No personally identifiable information is held within these cookies.

A user can, at any time, opt-out of receiving some or all cookies on their device. However, please be aware that we cannot guarantee full functionality of our service/s should this be done.

Terms and Conditions

Please also visit our Terms and Conditions section establishing the use, disclaimers, and limitations of liability governing the use of our website.

Your Agreement and Consent

By checking the agreement box during account registration and using our services, you explicitly agree to our [Terms and Conditions] and consent to the collection, use, and disclosure of your information as outlined in this Privacy Policy.

Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below:

Updated: June 15, 2026