Generative AI is transforming vocational training in Australia. Here are 8 practical ways to enhance training delivery, save time, and boost learner outcomes ethically.
Privacy policy
Privacy Policy
Effective 1/9/2025
The Learning Resources Group (TLRG) is committed to safeguarding your privacy online. This Privacy Policy outlines how we collect, hold, use, disclose, and manage your personal information when you interact with our website (http://www.tlrg.com.au) and our internally developed SAAS systems.
Personal Information We Collect and Hold
The Learning Resources Group does not collect personally identifiable information about individuals except when such individuals specifically provide such information on a voluntary basis. For example, such personally identifiable information may be gathered from the registration process for subscription or services and in connection with content submissions, community postings (e.g., forums), suggestions and transactional areas.
TLRG collects limited personal information necessary for our business operations:
- SAAS Platforms: First name, surname, email address, and scoring data from online assessments related to Language, Literacy and Numeracy, and Digital Capability.
- Website Accounts: Contact name, phone number, business name, business address, and nominated email address.
Financial payment information collected through our Shopify E-Commerce site is managed directly by Shopify and PayPal and governed by their respective privacy policies.
How We Collect Personal Information
We collect personal information through:
- Directly from you when you create accounts, complete forms, or contact us.
- Through our SAAS platforms when you or your learners or candidates complete assessments.
- Via email during sales and support interactions.
We do not collect personal information from social media or third-party marketing lists.
How We Hold and Protect Personal Information
All personal data is stored on secure Australian cloud infrastructure (AWS Sydney, Google Cloud Sydney).
- Encryption: All data is encrypted in transit and at rest using industry-standard encryption.
- Access controls: Access is restricted to authorised TLRG staff and contractors who need it to provide services.
- Backups: Data is backed up securely in line with provider standards.
Detailed technical information is available in the Cyber Security section of our Help Documentation.
Sales-related personal information provided via emails is securely stored within Shopify and the HelpScout email support platform.
Purposes for Collection and Use of Personal Information
We collect, hold, and use personal information strictly for:
- Account management, customer support, and service delivery.
- Compliance with applicable laws.
- De-identified internal analytics to enhance our services and products.
Sub-processors
We engage a small number of specialist cloud providers (listed below) to help us collect, move and store learner data generated by our quizzes and other products.
Each provider is vetted for security, privacy and compliance, and is bound by a written data-processing agreement. If we add or replace a sub-processor we will update this list at least 30 days before the change takes effect.
Current sub-processors
| Sub-processor (organisation) | Contact info (privacy / DPO) | Data types & purpose | Lawful basis* | Primary processing locations** |
|---|---|---|---|---|
| Amazon Web Services, Inc. (AWS) | Privacy Notice: https://aws.amazon.com/privacy Email (EU DPO): aws-EU-privacy@amazon.com (Amazon Web Services, Inc.) | • Learner identifiers (name, email, internal IDs) • Quiz & assessment responses • Progress / completion data Purpose: Managed database hosting (MongoDB Atlas) and secure storage/back-up | Performance of a contract (Art 6 (1)(b) GDPR) Legitimate interests – secure delivery of our services (Art 6 (1)(f)) | Australia (Sydney) region by default; replicas/backup may be stored in the United States or other AWS regions for resilience (Amazon Web Services, Inc.) |
| Google Cloud Platform (Google LLC) | Privacy Centre: https://cloud.google.com/security/privacy Data Protection Team request form: https://support.google.com/a/contact/googlecloud_dpr (Google Support, Google Cloud) | • Learner identifiers (name, email, internal IDs) • Quiz & assessment responses • Platform telemetry & logs Purpose: Kubernetes orchestration, application hosting & monitoring | Performance of a contract (Art 6 (1)(b) GDPR) Legitimate interests – reliable platform operation (Art 6 (1)(f)) | Australia (Sydney) region by default; Google’s global infrastructure may process encrypted data in the United States or EU for redundancy and support (Google Cloud) |
|
Shopify Inc. |
Privacy Policy: https://www.shopify.com/legal/privacy |
• Customer contact details (name, email, phone, address) |
Performance of a contract (Art 6 (1)(b)) |
Data processed primarily in Canada, with infrastructure in US/EU |
|
PayPal (PayPal Holdings, Inc.) |
Privacy Policy: https://www.paypal.com/au/webapps/mpp/ua/privacy-full |
• Customer payment details (name, email, card/payment identifiers) |
Performance of a contract (Art 6 (1)(b)) |
Data processed globally across PayPal’s secure infrastructure (US/EU/Asia-Pacific) |
Data Retention and Deletion
Customer and learner/candiate data will be retained for up to 60 days after service termination. After that period, it will be permanently deleted, with limited residual traces in secure backups. You may also request deletion or correction of data during an active subscription, and we will action this unless restricted by law or security considerations.
Disclosure of Personal Information
TLRG will not sell or transfer your personal information to third parties. Disclosure to third parties occurs solely:
- When legally required by appropriate authorities.
Overseas Disclosure
TLRG does not transfer or store personal information outside Australia. All sub-processors we engage are contracted to use Australian data centres only.
Complaints Handling Process
If you wish to make a complaint regarding your privacy, you can contact our Privacy Officer:
- Email: privacy@tlrg.com.au
Our Client Relations Manager currently acts as our Privacy Officer and will:
- Acknowledge your complaint within two (2) business days.
- Investigate and respond substantively within ten (10) business days. Should the complaint require additional investigation time, we will clearly communicate this and provide regular updates.
Updating or Correcting Personal Information
Upon request, we will allow you to update or correct personal information previously submitted. You may also request to have your personal information deleted. We will endeavour to comply with your request promptly, subject to legal and practical limitations related to backups and data retention policies.
Policy Updates
TLRG reserves the right to update this Privacy Policy as necessary.
- If we make a material change (e.g. how we handle or disclose data), we will provide at least 14 days’ prior notice via email and/or in-product notice.
- Non-material updates (clarifications, formatting changes) will be published on our website with an updated 'Last updated' date.
Opt-Out of Communications
Personally identifiable information on individual users will not be sold or otherwise transferred to unaffiliated third parties without the approval of the user at the time of collection. At such points of collection, the user will have the opportunity to indicate whether he or she would like to "opt out" of receiving promotional and/or marketing information about other products, services and offerings and/or any third parties.
If you wish to opt out of receiving promotional or marketing communications:
- Email: support@tlrg.com.au
- Call: 1300 221 729
Complaints and Contact
If you have concerns about privacy, contact our Privacy Officer:
- Email: privacy@tlrg.com.au
- Phone: 1300 221 729
This Privacy Policy is effective from the date of publication and supersedes all prior versions.
