Last Modified: 28th August 2025

Back

Privacy Policy

1. Our Commitment to Privacy

Tandem Learning Pty Ltd ("Tandem Learning", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you use our services, including the Tandem Learning platform for HSC students and the Tandem Tertiary platform for university and institutional users (collectively, the "Services").

We manage your personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). By using our Services, you agree to the collection and use of your information in accordance with this policy.

2. Our Role: Data Controller vs. Data Processor

It is important to understand our role, as it affects how your information is managed and how you can exercise your privacy rights.

  • For our Direct Users (e.g., HSC students): When you sign up for our Tandem Learning service directly, we act as the data controller. We determine the purposes and means of processing your personal information.
  • For our Authorised Users (e.g., university students and staff): When you use our Tandem Tertiary service through your university or educational institution ("Subscribing Organisation"), the Subscribing Organisation is the data controller. We act as a data processor on their behalf, processing your information according to their instructions and our agreement with them.

3. The Information We Collect

We collect information necessary to provide and improve our Services.

3.1. Personal Information:

This is information that identifies you as an individual. The type of information we collect depends on which Service you use and may be provided by you directly or by your Subscribing Organisation:

  • Identity Data: Full name, email address.
  • Contact Data: Phone number, contact details.
  • Institutional Data: School or university information.
  • Academic Data: Course enrolment, progress, grades, performance data, and submissions.
  • Financial Data: Payment details (for Direct Users only).

3.2. Usage and Technical Data:

We automatically collect information when you interact with our Services:

  • IP address, browser type, device information, operating system.
  • Pages visited, features used, time spent on the platform.

3.3. Cookies:

We use cookies and similar technologies to maintain your session, remember preferences, and analyse usage to improve the Services. You can control the use of cookies at the browser level.

4. How We Use Your Information

Our use of your information depends on our role as controller or processor.

4.1. When We Are the Data Controller (for Direct Users):

  • To create and manage your account and process payments.
  • To provide, personalise, and track your learning experience.
  • To communicate with you about your account, service updates, and (with your consent) marketing promotions.
  • To analyse usage and improve our Services.

4.2. When We Are the Data Processor (for Authorised Users):

  • To provide the Services to you on behalf of and under the instruction of your Subscribing Organisation.
  • To host and display academic content and your academic data for access by you and authorised personnel at your Subscribing Organisation (e.g., lecturers, administrators).
  • To generate analytics and reports for your Subscribing Organisation.
  • To maintain and secure the platform.

We will never use personal information collected on behalf of a Subscribing Organisation for our own independent marketing purposes.

5. Information Sharing and Disclosure

We do not sell your personal information. We may share it in the following limited circumstances:

  • With Your Subscribing Organisation: If you are an Authorised User, we share your personal information (including Academic Data) with your Subscribing Organisation as a core part of the Service.
  • With Third-Party Service Providers: We use trusted third parties to perform functions such as payment processing, cloud hosting (e.g., Vercel, NeonDB), and analytics. These providers are contractually bound to protect your information and only use it for the services they provide to us.
  • For Legal Reasons: We may disclose information if required by law, or if we believe in good faith that it is necessary to protect our rights, your safety, or the safety of others.

6. Data Storage, Security and Retention

We implement industry-standard technical and organisational security measures to protect your information from unauthorised access, use, or disclosure. This includes measures such as data encryption.

We store your information on secure servers, which may be located in Australia or overseas. We retain your personal information for as long as necessary to provide the Services and fulfil our legal obligations. For Authorised Users, our retention period is governed by our agreement with your Subscribing Organisation.

7. Your Privacy Rights

You have rights under Australian law to manage your personal information.

  • For our Direct Users: You have the right to request access to, correction of, or deletion of your personal information that we hold. You can also opt-out of marketing communications at any time. Please contact us directly at support@tandemlearning.com.au to exercise these rights.
  • For our Authorised Users: As your Subscribing Organisation is the data controller, you should direct any requests for access, correction, or deletion of your personal information to your university's or institution's Privacy Officer or administrator. We will provide reasonable assistance to your Subscribing Organisation to respond to your request.

8. Children's Privacy

Our Services are generally not directed to individuals under the age of 13. For our Tandem Learning (HSC) service, users may be under 18. In these cases, we recommend that a parent or guardian is involved in their use of the service.

9. Data Breach Notification

We comply with the Notifiable Data Breaches (NDB) scheme in Australia. In the event of a data breach likely to result in serious harm, we will assess the situation and notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required. If a breach involves data we are processing for a Subscribing Organisation, we will notify them promptly to coordinate any required response.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and, where appropriate, through email or a notice on the platform.

11. Contact Us and Complaints

If you have any questions about this Privacy Policy or our privacy practices, please contact us at support@tandemlearning.com.au.

If you believe we have breached the Australian Privacy Principles, please contact our Privacy Officer at admin@tandemlearning.com.au. We will investigate your complaint and respond within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).