We collect personal information when you create an account, complete assessments, use our Platform features, contact our support team, or otherwise interact with Rise Permit. This includes:

• Contact Information: Name, email address, phone number, country of residence, and other contact details.
• Profile Information: Occupation, education history, work experience, English language test results, and migration preferences.
• Assessment Information: Data entered into eligibility assessments, points calculators, visa pathway tools, and other migration-related services.
• Supporting Documents: Identification documents, educational qualifications, employment records, language test results, resumes, and other materials relevant to your migration journey.
• Payment Information: Transaction details processed through secure, PCI-DSS-compliant third-party payment providers. Rise Permit does not store full payment card details.
• Technical Information: IP address, device type, operating system, browser type, app version, session duration, usage statistics, and diagnostic data collected automatically when you use our Platform.

We only collect personal information that is reasonably necessary to deliver our services effectively.

We use your personal information to provide, maintain, and improve the Rise Permit Platform. Specifically, your information may be used to:

• Provide PR eligibility assessments and migration-related insights.
• Calculate points scores and display relevant visa pathway information.
• Create and manage your account and personal profile.
• Store and manage documents you have uploaded.
• Provide customer support and respond to enquiries.
• Send account notifications, service updates, and important Platform communications.
• Improve Platform functionality, user experience, and service performance.
• Conduct analytics, research, and product development.
• Process payments where applicable.
• Comply with legal, regulatory, and security requirements.
• Detect, investigate, and prevent fraudulent or unlawful activity.

We will not use your personal information for any incompatible purpose without first obtaining your consent, unless otherwise required or permitted by law.

Rise Permit may send you updates regarding Platform improvements, new features, service announcements, or migration-related information we believe may be of interest to you.

In accordance with the Spam Act 2003 (Cth), marketing communications will only be sent where you have provided express or inferred consent, or where another lawful basis applies. Every marketing communication will include a clear and functional unsubscribe mechanism.

You may withdraw your consent and unsubscribe at any time by:

• Clicking the "unsubscribe" link in any marketing email; or
• Contacting us directly at info@risepermit.com.au.

Opting out of marketing communications will not affect transactional or service-related messages necessary for the operation of your account.

Rise Permit does not sell, rent, or trade your personal information to third parties. We may disclose personal information to trusted third-party service providers who assist us in operating our business, including:

• Cloud hosting and infrastructure providers.
• Website and mobile application analytics providers.
• Customer support and CRM platforms.
• Email and communications service providers.
• Payment processing providers.
• IT and cybersecurity service providers.
• Professional advisers, including legal, accounting, and compliance consultants.
• Government authorities or regulatory bodies where required or authorised by law.

All third-party providers are bound by contractual obligations to maintain appropriate security measures and are only authorised to use your information for the specific purposes for which it is disclosed.

Some third-party service providers we engage may be located or operate infrastructure outside of Australia, including in countries such as the United States and the European Union. Where personal information is disclosed to overseas recipients, we take reasonable steps to ensure those recipients handle your information consistently with the Australian Privacy Principles (APPs).

By using the Platform, you acknowledge and consent to the possibility that your personal information may be transferred to and processed in countries outside Australia. Please note that overseas countries may have privacy laws that differ from those in Australia. Where we cannot ensure an equivalent level of protection, we will notify you and, where required, obtain your explicit consent before the transfer.

Rise Permit uses cookies and similar tracking technologies to improve website performance, enhance your user experience, remember your preferences, and understand how visitors interact with the Platform. Cookies may be used to:

• Maintain secure and authenticated user sessions.
• Remember your account preferences and settings.
• Analyse website traffic and Platform performance.
• Support the functionality of third-party analytics and advertising tools.

You can control or disable cookies through your browser or device settings at any time. Please note that disabling certain cookies may affect the functionality or performance of some Platform features.

When using the Rise Permit mobile application, we may request certain device permissions to support Platform functionality. These permissions may include:

• Camera access — for document uploads and identity verification processes.
• Storage / file access — for uploading and managing your supporting documents.
• Notification permissions — for account updates, reminders, and service communications.

All device permissions are optional where not required for core service delivery and can be managed or revoked at any time through your device settings.

The Platform may contain links to third-party websites, applications, or services that are not owned or controlled by Rise Permit. This Privacy Policy does not apply to those third-party platforms. We encourage you to review the privacy policies of any third-party services you access through links on our Platform.

Rise Permit is not responsible for the privacy practices, content, or data handling of any third-party websites or services.

The Rise Permit Platform is not directed at children under the age of 18. We do not knowingly collect personal information from individuals under 18 years of age. If you are a parent or guardian and believe your child has provided personal information to us without your consent, please contact us at info@risepermit.com.au and we will take prompt steps to delete that information.

We take reasonable technical and organisational measures to protect your personal information. Our security measures include:

• Secure, encrypted cloud infrastructure.
• Data encryption in transit (TLS) and at rest.
• Access controls, role-based permissions, and multi-factor authentication.
• Regular security monitoring, vulnerability assessments, and updates.
• Restricted internal access to personal information on a need-to-know basis.
• Confidentiality obligations and security training for all staff.

While we implement these safeguards, no method of internet transmission or electronic storage is completely secure. We encourage you to take steps to protect your own information.

We retain personal information only for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and maintain business records:

When personal information is no longer required, it will be securely deleted, destroyed, or de-identified in accordance with our data management procedures.

Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the following rights:

To exercise any of these rights, please submit a written request using the contact details in Section 13. We may require proof of identity before processing your request. We will respond to all verified requests within 30 days of receipt, as required under the Privacy Act 1988 (Cth). In complex cases, we may extend this by a further 30 days and will notify you accordingly.

In the event of a data breach involving personal information, Rise Permit will comply with its obligations under the Notifiable Data Breaches (NDB) Scheme under Part IIIC of the Privacy Act 1988 (Cth).

Where a data breach is likely to result in serious harm to one or more affected individuals, we will notify those individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable, and in any event within 30 days of becoming aware of the eligible data breach. Notifications will include a description of the breach, the kinds of information involved, and recommended steps individuals may take to protect themselves.

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal information, please contact our Privacy Officer:

We aim to respond to all privacy-related enquiries within 30 days of receipt. If you are not satisfied with our response, you may lodge a complaint with:

We may update this Privacy Policy from time to time to reflect changes in our services, technology, legal obligations, or business practices. Any material changes will be communicated to users via email or a prominent notice on the Platform prior to the change taking effect.

The updated Privacy Policy will be published on this page with a revised "Last Updated" date. Where required by law, we will obtain your consent before making material changes to the way we process your personal information. We encourage you to review this Privacy Policy periodically.