Privacy Policy
At Darlo Higher Education (“we”, “us”, or “our”), we are committed to protecting your privacy and handling your personal information in a transparent, secure, and lawful manner. This Privacy Policy explains how we collect, use, store, disclose, and safeguard your personal information when you use our legal services related to higher education registration and compliance. We comply with the Australian Privacy Act 1988 (Cth) (“Privacy Act”), the General Data Protection Regulation (GDPR), and other relevant international privacy laws to ensure that your data is protected.
1. Collection of Personal Information
In the course of providing our legal services, we may collect personal information, including but not limited to:
- Identification Details: Name, date of birth, passport number, and government-issued identification.
- Contact Information: Address, phone number, email address.
- Education Details: Academic qualifications, student registration details, education history, and professional certifications.
- Financial Information: Billing and payment details, credit card or bank information.
- Legal Information: Information relevant to legal services provided, including contracts, correspondence, and compliance documentation.
- Usage Data: Information related to your interactions with our website or online services, such as IP addresses, device information, and browsing history.
2. Use of Personal Information
We may use your personal information for the following purposes:
- Providing Legal Services: To assess, advise, and represent you in matters related to higher education registration and compliance.
- Compliance and Regulatory Obligations: To comply with legal and regulatory requirements under Australian law or other applicable jurisdictions.
- Communication: To communicate with you regarding legal advice, case updates, and necessary information about our services.
- Billing and Payment: To process payments for services provided and issue invoices.
- Marketing and Newsletters: With your consent, to send promotional material, legal updates, or newsletters. You can opt-out of these communications at any time.
3. Legal Basis for Processing (GDPR Compliance)
For clients based in the European Union, we process personal data on the following legal grounds under the GDPR:
- Contractual Necessity: The processing is necessary for the performance of our contract with you or in preparation to enter into a contract.
- Legal Obligation: To comply with a legal or regulatory obligation.
- Legitimate Interests: To pursue legitimate business interests (e.g., providing effective legal services, maintaining client relationships), except where such interests are overridden by your rights and interests.
- Consent: In cases where your consent is required for the processing of specific information.
4. Disclosure of Personal Information
We may disclose personal information in the following situations:
- Third-Party Service Providers: To companies or contractors who provide services such as IT support, payment processing, legal expertise, or document storage on our behalf. These providers are bound by confidentiality and privacy obligations.
- Legal Requirements: Where disclosure is required by law, regulation, court order, or in response to a subpoena or other legal process.
- Business Transfers: In the event of a merger, acquisition, or sale of business assets, personal information may be transferred to the new owners.
- Consent: With your explicit consent for specific disclosures.
5. Data Security
We implement robust administrative, technical, and physical security measures to protect personal information from unauthorized access, misuse, loss, or disclosure. These measures include encryption, access controls, and secure storage systems. However, no method of transmission over the internet is fully secure, and we cannot guarantee absolute security.
6. Data Retention
We will retain personal information for as long as it is necessary to fulfill the purposes for which it was collected, or as required by law. This includes retaining information for compliance with our legal obligations, dispute resolution, and enforcement of agreements.
7. Your Rights
In accordance with the Privacy Act and the GDPR, you have the following rights concerning your personal data:
- Right to Access: Request access to the personal information we hold about you.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure: Request deletion of personal data when it is no longer necessary or when consent has been withdrawn.
- Right to Restrict Processing: Request limitation of data processing in specific circumstances.
- Right to Data Portability: Request a copy of your personal data in a structured, commonly used format.
- Right to Object: Object to the processing of your data for direct marketing purposes or where your data is processed on legitimate interest grounds.
To exercise your rights, please contact us at brendan@darlo.com.
8. International Data Transfers
If you are located outside of Australia, we may transfer personal information to jurisdictions with different data protection laws. Where necessary, we will ensure appropriate safeguards are in place for such transfers in compliance with the Privacy Act and the GDPR, such as standard contractual clauses.
9. Cookies and Tracking Technologies
Our website uses cookies and other tracking technologies to enhance your user experience, analyze website traffic, and tailor content to your interests. You can manage your cookie preferences through your browser settings. Please see our [Cookie Policy] for more information.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any significant changes will be communicated to you directly or through a prominent notice on our website.
11. Contact Us
If you have any questions or concerns about this Privacy Policy or how your personal information is handled, please contact us at brendan@darlo.com.