← PAYOFF·FIT

Privacy Policy

Effective: [EFFECTIVE DATE] · Last updated: [LAST UPDATED]

This Privacy Policy explains how Model Answer Pty Ltd (ABN [ABN]) (“Model Answer”, “we”, “us”, “our”) collects, uses, discloses, and protects personal information in connection with the PAYOFF·FIT workshop scoring tool (the “Service”) at payoff.modelanswer.com.au.

We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Policy should be read together with our Terms of Service.

1. What personal information we collect

We collect the following categories of personal information:

We do not intentionally collect sensitive information (as defined in the Privacy Act, including health, racial or ethnic origin, political opinions, or biometric data). Please do not include such information in scores, justifications, or uploaded Use Cases.

2. How we collect it

We collect personal information directly from you when you sign in as a Facilitator, join a Workshop as an Attendee, submit scores, or upload content. Some technical data is collected automatically by our hosting and authentication infrastructure when you access the Service.

3. Why we collect and use it

We use personal information to:

4. Who we share it with (sub-processors)

We use a small number of trusted service providers to operate the Service. These providers process personal information on our behalf and only as required to deliver the Service:

We may also disclose personal information where required by law, where necessary to protect our legal rights, or in connection with a corporate transaction (such as a merger or sale of assets). We do not sell personal information.

5. Where personal information is stored

Workshop data, account information, and authentication records are stored in our Supabase project, hosted in [SUPABASE_REGION]. Application traffic is served from Railway’s infrastructure. Magic-link emails are dispatched via Resend. Each provider may operate or replicate data in additional regions for redundancy and disaster recovery purposes.

Where personal information is transferred outside Australia, we take reasonable steps to ensure that the recipient handles it in a manner consistent with the Australian Privacy Principles, including by selecting providers with substantive privacy commitments in their own terms.

6. How long we keep it

We retain personal information for as long as is necessary to provide the Service and to meet our legal, accounting, and contractual obligations. In practice:

7. How we secure it

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, and disclosure, including:

No method of electronic transmission or storage is completely secure. While we apply commercially reasonable safeguards, we cannot guarantee absolute security.

8. Cookies and similar technologies

The Service uses cookies that are strictly necessary for its operation, including:

We do not use third-party advertising cookies or cross-site tracking. We may add privacy-friendly analytics in the future; if we do, this Policy will be updated to describe what is collected and how to opt out.

9. Your rights

Subject to applicable law, you have the right to:

Attendees who wish to exercise these rights with respect to a specific Workshop should contact the Facilitator who invited them in the first instance, and may also contact Model Answer directly using the details below.

10. Children

The Service is not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have collected personal information from a child, please contact us and we will take steps to delete it.

11. Changes to this Policy

We may update this Policy from time to time. Material changes will be communicated by updating the “Last updated” date above and, where appropriate, by other reasonable means.

12. How to contact us & lodge a complaint

For privacy questions, requests, or complaints, contact:

We aim to respond to privacy enquiries within a reasonable time, generally within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):