Skip to main content

Privacy Policy

Last updated: November 2025

1. Overview

StudentIgnite ("we", "us", or "our") is a SaaS platform operated by Career FAQs Pty Ltd (ACN 111 754 799) trading as Course Finder Group. It enables registered training organisations (RTOs) and education providers ("Providers") to capture, qualify, and convert student leads using AI-powered messaging and CRM integrations.

We are committed to protecting the privacy of all users, including Providers and their leads ("Students"), and complying with the Australian Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and applicable data protection laws.

2. Information We Collect

We collect and process the following types of information:

a. Provider Data

  • Account and contact details (name, email, phone, company name)
  • Billing and payment information (processed securely via Stripe)
  • CRM, calendar, and integration credentials (API keys, OAuth tokens)

b. Student Lead Data

  • Contact information (name, email, phone)
  • Course of interest, enquiry source, and conversation history
  • Booking and response data from integrated calendars (e.g. Calendly)
  • CRM-provided lead status and enrolment outcomes

c. Usage Data

  • System logs, error reports, and AI message costs
  • Performance metrics (response rate, booking rates, engagement)
  • Device, browser, and access information via analytics tools

3. How We Use Information

We use information to:

  • Deliver and maintain the StudentIgnite service
  • Enable CRM, calendar, and SMS integrations
  • Facilitate AI-led communication with leads
  • Provide reports and dashboards to Providers
  • Detect and resolve errors, and monitor performance
  • Comply with legal and billing obligations

No user-identified personal data is used to train AI models. AI interactions are processed in real-time through licensed APIs (OpenAI GPT-5, Anthropic Claude, or Google Gemini) under strict data protection agreements.

4. Data Storage and Security

  • All data is hosted in AWS Sydney, with a US fallback region for disaster recovery.
  • TLS 1.3 encryption is enforced for all connections.
  • Personally identifiable data (name, email, phone) is encrypted at rest.
  • Access is controlled through role-based access protocols (RBAC) and mandatory 2FA.
  • Audit logs are maintained internally for security and compliance.

5. Data Retention and Deletion

Inactive leads and conversation data are retained for 24 months on a rolling basis. Providers are notified prior to deletion and can export their data. Audit logs and aggregated metrics may be retained for compliance.

6. Sharing and Disclosure

We may share limited information with:

  • Integration partners (e.g. HubSpot, Calendly, MessageMedia) for service delivery
  • Payment processors (e.g. Stripe)
  • Legal or regulatory authorities if required by law

We do not sell or rent personal data to any third party, including Course Finder Group affiliates, without explicit consent.

7. Provider Responsibilities

Each Provider acts as a Data Controller for its leads and must:

  • Obtain valid consent from students before submitting their data
  • Maintain compliance with all relevant spam and privacy laws (including SMS opt-outs)
  • Configure integrations and data-sharing responsibly

StudentIgnite acts as a Data Processor, handling information only as instructed by Providers.

8. International Data Transfers

Data is processed in Australia with secure fallback infrastructure in the United States. All cross-border transfers comply with the APPs and equivalent safeguards.

9. Contact Us

For privacy or data protection questions:
Email: [email protected]
Mail: Course Finder Group, Sydney, NSW, Australia