Privacy, Data, Copyright & Complaints
How YUSATECH collects, uses, stores, and protects personal information; cookie use; IP ownership; and how to raise concerns.
Classification: PUBLIC · Version: 1.0 · Effective: April 2026 · Next review: April 2027
| Part | Title | Consolidates |
|---|---|---|
| A | Privacy Policy | Privacy Act 1988 (Cth) · APPs · NDB Scheme |
| B | Cookies & Tracking Policy | Privacy Act 1988 (Cth) · APP 3 |
| C | Copyright & Intellectual Property | Copyright Act 1968 (Cth) |
| D | Complaints & Dispute Resolution | ACL · Privacy Act 1988 (Cth) |
Part A — Privacy Policy
How we collect, use, store, and protect your personal information.
A1. Who we are and what this policy covers
Yubsara Investments Pty Ltd trading as YUSATECH (ABN 32 660 772 896, ACN 660 772 896) ("we", "us", "Edunixo") is committed to protecting your privacy. This Policy explains how we handle personal information in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). It applies to students, educators, assessors, administrators, partner institutions, and visitors to www.yusatech.com.au.
A2. Key definitions
| Term | Definition |
|---|---|
| Personal Information | Information or an opinion about an identified individual or one who is reasonably identifiable (Privacy Act 1988 (Cth), s 6). |
| Platform | The Edunixo AI Grading Platform operated by YUSATECH. |
| Customer | An RTO or educational institution with a SaaS Services Agreement with YUSATECH. |
| APPs | The 13 Australian Privacy Principles in Schedule 1 of the Privacy Act 1988 (Cth). |
| NDB Scheme | Notifiable Data Breaches scheme — Part IIIC of the Privacy Act 1988 (Cth). |
| OAIC | The Office of the Australian Information Commissioner — www.oaic.gov.au. |
A3. What we collect and how
We collect: identity information (name, username, student or employee ID); contact information (email, phone, institutional address); account credentials (encrypted); assessment data (student submissions and academic work); grading and feedback data (AI-generated and assessor-reviewed outcomes); enrolment data (course and qualification information); technical and usage data (IP addresses, session logs, browser type, access timestamps); and support correspondence.
We collect directly from users, from Customer institutions uploading data, automatically via cookies and system logs, through LMS integrations (LTI protocols), and through support communications.
A4. Why we use your information
A4.1 Primary Purposes
- Providing AI-assisted assessment grading, feedback, and workflow management;
- Processing student submissions and assessment records;
- Enabling assessor review, moderation, and override of AI outputs;
- Generating academic reports and analytics; and
- Administering accounts, access permissions, and technical support.
A4.2 AI and Automated Processing Transparency
The Platform uses AI to generate indicative assessment outputs — all subject to human review by qualified assessors. No AI-generated output is used as a final academic decision without human confirmation. In accordance with the Privacy and Other Legislation Amendment Act 2024 (Cth), we maintain transparency about automated processes. Request a plain-language description of how AI is used: edunixo@yusatech.com.au.
A5. Who we share information with
We disclose personal information to: Customer institutions and their authorised assessors; cloud infrastructure providers (Australia-based where practicable); third-party service providers under data processing agreements; and regulatory authorities where required by law. We do not sell personal information. We do not use student data to train external AI models. Cross-border disclosures comply with APP 8.
A6. Security, retention, and your rights
Security measures include: TLS encryption in transit, AES-256 at rest, role-based access controls, MFA for administrators, regular vulnerability scanning, and audit logs. On termination of a Customer agreement, data is exportable for 60 days and then securely deleted or anonymised within 90 days. You have the right to access, correct, and in appropriate circumstances request deletion of your personal information.
Contact our Privacy Officer for requests (response within 30 days):
| Privacy Officer | info@yusatech.com.au · 0452 188 101 · 17 Hansel Drive, Werribee VIC 3030 |
|---|
A7. Data breaches and updates
If an eligible data breach occurs, we will notify affected individuals and the OAIC as soon as practicable, and notify Customer institutions within 72 hours. We comply with the Cyber Security Act 2024 (Cth) ransomware reporting requirements. We review this Policy annually; material changes are published on our website.
Part B — Cookies & Tracking Policy
Technologies we use to operate the Platform and your choices.
B1. What cookies are and what we use
Cookies are small text files placed on your device by websites. We use them to operate the Platform and improve your experience.
| Type | Purpose | Duration | Can you disable? |
|---|---|---|---|
| Essential | Authentication, session management, security. Required for Platform operation. | Session / up to 1 year | No — required |
| Functional | Remembers preferences and display settings to improve your experience. | Up to 1 year | Yes — may affect features |
| Analytics | Anonymised, aggregated usage data to improve Platform performance. | Up to 2 years | Yes |
| Security | Detects and prevents fraudulent access and bot attacks. | Session | No — required |
B2. Your cookie choices
You can view, delete, and block cookies via your browser settings. Disabling essential cookies prevents Platform access. Non-essential cookies can be disabled without preventing access, though some features may be reduced. Preferences can also be managed through the consent banner displayed on first access. We do not currently respond to Do Not Track signals, but all tracking data is handled under this Policy.
Part C — Copyright & Intellectual Property Policy
What YUSATECH owns, what you own, and permitted use.
C1. YUSATECH intellectual property
The following are owned by or licensed to YUSATECH and protected by the Copyright Act 1968 (Cth): the Edunixo Platform including all software code, architecture, UI, and functionality; AI models, algorithms, system logic, and workflows; marketing materials, documentation, and website content; trademarks and branding including the Edunixo and Yusatech names; and all improvements developed during any agreement term.
C2. Your content ownership and permitted use
Assessment rubrics, learning materials, and academic content created by or for Customer institutions remain the property of the Customer. Student submissions remain the property of the student or their institution. Nothing in any YUSATECH agreement transfers ownership of Customer Content or student work to YUSATECH. By uploading content, you grant YUSATECH a limited licence to process it solely for delivering contracted services.
Without prior written consent from YUSATECH, you may not: copy, reproduce, or distribute any part of the Platform; reverse engineer or decompile the Platform; use Platform content for commercial purposes outside contracted services; or remove any copyright notices.
C3. AI-generated outputs and third-party IP
AI-generated grading feedback and reports are owned by YUSATECH under the SaaS Services Agreement. Users should apply professional judgement before further distributing AI-generated content. Users are solely responsible for ensuring any third-party content included in their submissions is used with authorisation or under a lawful exception (such as fair dealing under ss 40, 41, 43, or Part VB of the Copyright Act 1968 (Cth)).
To report a copyright infringement: email info@yusatech.com.au with a description of the work, the location on the Platform, your contact details, and a statement of good-faith belief.
Part D — Complaints & Dispute Resolution Policy
How to raise concerns and how we resolve them.
D1. Scope and how to lodge a complaint
This Part applies to: service delivery and billing complaints from Customer institutions; privacy complaints about personal information handling; user complaints about Platform functionality or data accuracy; and disputes under the SaaS Services Agreement.
Lodge a complaint by:
- Email — info@yusatech.com.au or edunixo@yusatech.com.au
- Phone — 0452 188 101 or 03 8763 1390
- Post — Attn: Complaints Officer, 17 Hansel Drive, Werribee VIC 3030
Include: your name and contact details; a description of the issue and relevant dates; any supporting documents; and your preferred outcome.
D2. Complaints handling
| Stage | Timeframe | What happens |
|---|---|---|
| Acknowledgement | Within 2 business days | Written acknowledgement with a reference number |
| Investigation | Within 15 business days | Assessment of complaint; additional information may be requested |
| Resolution | Within 30 days | Written response with outcome and any remedial action |
| Escalation | After 30 days if unresolved | Escalated to Managing Director for final internal determination |
D3. SaaS Agreement dispute resolution (clause 12)
- Issue a written Dispute Notice detailing the nature, desired outcome, and required action.
- Within 7 days, both parties endeavour in good faith to resolve by negotiation.
- If unresolved after 21 days, appoint a mediator and attend mediation in Melbourne, Victoria. Mediation costs are shared equally; each party bears its own legal costs.
- If unresolved after 30 days of mediation, either party may commence legal proceedings in the courts of Victoria. These Terms are governed by the laws of Victoria, Australia.
D4. External escalation
- Privacy complaints: Office of the Australian Information Commissioner — www.oaic.gov.au · 1300 363 992.
- ACL complaints: Australian Competition and Consumer Commission — www.accc.gov.au.
Nothing in this Policy limits any rights under the Australian Consumer Law, including the right to remedies for failures of consumer guarantees.
Key legislation
- Privacy Act 1988 (Cth) — Personal information, APPs, and NDB Scheme
- Privacy and Other Legislation Amendment Act 2024 (Cth) — Automated decision-making transparency
- Cyber Security Act 2024 (Cth) — Ransomware reporting obligations
- Copyright Act 1968 (Cth) — IP protection and fair dealing
- Australian Consumer Law — Schedule 2, Competition and Consumer Act 2010 (Cth)