Privacy Policy 

Edu-Nomad Pty Ltd

(www.edu-nomad.education)

Effective date: 1 January 2026
Entity: Edu-Nomad Pty Ltd (11382435979), ACN (6237927425), a registered company under the Corporations Act 2011 in Victoria, Australia.

Contact: [email protected]

Policy

Edu-Nomad Pty Ltd (“Edu-Nomad”, “we”, “us”, “our”) delivers online learning via our learning platform at www.edu-nomad.education, which is hosted on Thinkific. We respect your privacy and handle personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where relevant, we also outline additional rights for individuals in the EU/EEA, UK, and certain US jurisdictions.

Children & young people
Our services are designed for adults and workplace learners. If you are under the age of digital consent in your country (typically 13–16), a parent or guardian must consent to your use of our services. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact [email protected] so we can delete it.

This policy explains:

• The personal information we collect about learners, customers, site visitors, partners, and prospective clients.
• How and why we collect, use, disclose, store, and protect that information.
• International data transfers (including storage and processing by Thinkific and other processors outside Australia).
• Your choices and rights, including access, correction, deletion, and marketing preferences.
• How to contact us or lodge a complaint, including with the Office of the Australian Information Commissioner (OAIC)

2. The information we collect

2.1 Information you provide directly

• Identification & contact: name, email, phone, organisation, job title.
• Account/enrolment: course selections, cohort/group membership, time zone.
• Learning data: progress, completions, quiz/assessment attempts, discussion/community posts, uploaded assignments, survey responses, certificates.

• Marketing preferences: newsletter opt-in/opt-out, topic interests.

2.2 Information collected automatically

• Usage and device data: IP address, device type, browser, operating system, approximate location, pages viewed, time on page, referring URLs.
• Cookies & similar technologies: see Section 10 (Cookies & analytics).

2.3 Information from third parties

• Platform & integrations: Thinkific (LMS), payment processors (e.g., Stripe/PayPal), email tools/CRM, analytics providers (e.g., Google Analytics), webinar tools (e.g., Zoom).
• Partners/clients: where a company enrols you (e.g., corporate training), we may receive your name and work email and related details to set up access.
• Payment data: We do not store full card numbers. Payments are processed by third-party gateways that apply their own security and privacy controls.

3. Why we collect and how we use your information

We use personal information to:

• Provide and improve our services: create accounts, process enrolments, deliver courses, track progress, issue certificates, personalise content, and troubleshoot issues.
• Operate communities: enable forums, peer circles, Q&A, moderation, and apply community standards.
• Communicate with you: transactional emails (enrolment, progress, certificates), service updates, surveys, product or policy changes.
• Marketing (with choice): send updates about new courses, resources, events, and offers, where permitted by law; you can opt out at any time.
• Compliance & risk: record-keeping, fraud prevention, enforcing terms, responding to lawful requests.
• Analytics & product development: understand usage, improve user experience and content quality.

Legal bases (EU/UK only)

Where the EU/UK data protection laws apply, our legal bases for processing include:

• Performance of a contract (for example, to provide access to your enrolled courses).
• Legitimate interests (for example, to operate and improve our services, secure our platform, and communicate necessary service information).
• Consent (for example, for certain marketing communications and non‑essential cookies).
• Compliance with legal obligations (for example, record‑keeping or responding to lawful requests).

4. Sharing and disclosure

We share information only as needed to deliver and support our services:

• Platform provider: Thinkific Labs Inc. (Canada) hosts our LMS and stores user accounts and learning data. Thinkific may use infrastructure (e.g., AWS) in other countries (including the USA).
• Payment processors, such as Stripe or PayPal, to process payments and help prevent fraud.
• Email & CRM tools: to send transactional and marketing emails, manage preferences, and track deliverability.
• Analytics & support tools: e.g., Google Analytics, error monitoring, helpdesk.
• Professional advisers & service providers: legal, accounting, IT security, where bound by confidentiality.
• Legal & safety: where required by law, court order or regulatory request, or where necessary to protect rights, property, safety, and security.

We do not sell personal information.

In the unlikely event that our site, courses, or business is sold, merged, or otherwise subject to a change in ownership, your personal information may be transferred to the new owner so that the services can continue to be provided to you and other learners. Where practicable, we will notify our subscribers of any such change in ownership or control.

5. International data transfers

Your personal information may be stored or processed in Canada, the United States, the EU/EEA/UK, and other locations where our service providers operate. Where required, we use appropriate safeguards such as contractual protections (e.g., Standard Contractual Clauses or equivalent) with our vendors. By using our services, you acknowledge that overseas recipients may not be subject to the APPs and you consent to such transfers where your consent is required under Australian law.

For information on Thinkific’s data protection commitments, please refer to Thinkific’s data processing and security documentation available on Thinkific’s website.

6. Retention

We retain personal information for as long as necessary to:

• deliver courses and related services,
• comply with legal/financial record requirements,
• resolve disputes and enforce agreements.

When no longer required, we take reasonable steps to de-identify or securely destroy the information.

7. Security

We apply administrative, technical, and organisational measures designed to protect personal information (e.g., access controls, encryption in transit where supported, role-based permissions, least-privilege accounts, vendor due diligence). No method of transmission or storage is entirely secure; we continually review controls to reduce risk.

8. Your choices and rights

In Australia (APPs):

• Access & correction: You may request access to, or correction of, your personal information, subject to applicable legal exceptions.
• Complaints: See Section 12.

EU/UK (GDPR/UK GDPR):

Where these laws apply, you may have the right to:

• access your personal data and obtain a copy,
• request rectification of inaccurate data,
• request erasure (in certain circumstances),
• request restriction of processing,
• data portability, and
• object to certain processing, including direct marketing.

Where we rely on consent, you can withdraw consent at any time, although this will not affect processing that has already occurred lawfully. You may also lodge a complaint with your local supervisory authority.

Certain US states (e.g., CA):

Depending on your state of residence, you may have rights to access, delete or correct certain personal information and to opt out of certain types of processing. Please submit requests to [email protected].

Marketing opt-out (all regions):

You can opt out of marketing communications by using the unsubscribe link in our emails or by contacting us. We will still send necessary transactional or service emails. We comply with the Spam Act 2003 (Cth) and other applicable marketing laws.

9. Children and young people

Our services are designed for adults and workplace learners. If you are under the age of digital consent in your country (typically 13–16), a parent or guardian must consent to your use of our services. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact [email protected] so we can delete it.

10. Cookies & analytics

We use cookies and similar technologies to operate our site, remember preferences, secure accounts, and analyse usage.

• Necessary cookies – required for login, checkout, security and core functionality.
• Functional cookies – remember preferences (for example, language or time zone).
• Analytics cookies – help us understand site performance and usage so we can improve our content and services.
• Marketing cookies (if used) – support remarketing, campaign attribution and similar activities.

You can control cookies via your browser or device settings, which may limit some site features. Where required (for example, for EU/UK visitors), we present a consent mechanism for non‑essential cookies and honour your choices.

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, the Thinkific platform does not alter our data collection and usage practices when we detect such a signal from your browser.

11. Data breaches (Australia – Notifiable Data Breaches scheme)

If we experience a data breach that is likely to result in serious harm, we will promptly assess the incident and, where required by law, notify affected individuals and the Office of the Australian Information Commissioner (OAIC). We also work with our vendors (including Thinkific and payment processors) to investigate and mitigate the impact.

12. How to contact us or make a complaint

• Contact us:[email protected] 
• Complaints: If you believe we have breached the APPs or this policy, please contact us in writing with details of your concern. We will acknowledge your complaint and aim to respond within 30 business days.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) to lodge a complaint.

13. Third-party links and communities

Our courses and communities may link to external websites or integrate third‑party services. Those third parties are responsible for their own privacy practices, which are governed by their own privacy policies. You should review those policies before providing personal information or participating in their services.

14. Changes to this policy

We may update this policy from time to time to reflect changes in law, our services or technology. Material changes will be highlighted on this page where practicable. The “Effective date” at the top of this policy indicates the latest version.

15. Summary of key third-party processors (illustrative)

• Thinkific Labs Inc. (LMS host) – account, course and learning data; may use infrastructure located in Canada, the USA or other regions.
• Payment gateway (e.g., Stripe/PayPal) – payment processing and fraud prevention; limited billing information.
• Email/CRM  – transactional and marketing communications, list management and preference tracking.
• Analytics (e.g., Google Analytics) – site usage and performance insights, often in de‑identified or aggregated form.
• Webinar/meeting tools (e.g., Zoom) – live sessions, recordings (if applicable) and related participation data.

We review vendor privacy and security materials and implement contractual and technical controls where practicable.

16. Governing law

This policy is governed by the laws of Victoria, Australia, and applicable Australian law.