Gradply Privacy Policy

Last Updated: May 2026

Gradply ("we", "us", or "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Gradply mobile application, website, and digital reverse-marketplace services (collectively, the "Platform").

We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), as well as core global data protection frameworks regarding international students and experts.

1. Information We Collect

To provide a secure marketplace, we collect information across three primary user categories: Students, Main Experts, and Sub-Experts.

A. Personal Identification Data

  • Students: Name, email address, phone number, nationality, current location, target study destinations, and academic backgrounds.
  • Experts / Sub-Experts: Full name, corporate email address, business phone number, company registration details, physical office address, and professional credentials (e.g., MARA registration numbers or local educational licenses).

B. User Documents (The Document Vault)

  • The Platform permits users to upload academic transcripts, visa application drafts, identification papers, and language test scores.
  • All user document uploads are strictly managed through our system infrastructure and are subject to an operational maximum limit of 15 megabytes (15 MB) per file.

C. Technical and Usage Data

IP addresses, device identifiers, operating system types, browser types, interaction logs with our AI Advisor, and real-time online presence indicators (e.g., your system online/offline status dot).

2. How We Use Your Information

We process personal data strictly for operational, security, and matchmaking purposes:

  • Matchmaking & Handshakes: To allow Students to seamlessly distribute case profiles to verified Experts, and to allow Experts to send direct service pitches to Students.
  • AI Advisor Optimization: To process text queries through our automated AI Advisor engine. To protect our API infrastructure, AI usage is metered at a strict limit of 5 questions per 5 rolling hours per user account.
  • Internal Team Intercom Routing: To power the isolated real-time team chat interface for agencies. Internal messaging streams between Main Experts and Sub-Experts are strictly contained within their organizational channel and are never mixed with external marketplace metrics or exposed to student accounts.
  • Notifications: To deliver critical transactional alerts, in-app updates, and web push notifications (e.g., [Team Message] alerts). No automated emails are triggered for internal workplace intercom messages to keep user mailboxes clear.

3. How We Share Your Information

Gradply is a marketplace, meaning data sharing only occurs to facilitate your explicit user interactions:

  • Between Students and Experts: Student profile fields and vault documents are explicitly hidden until a student initiates an interaction or approves a direct marketplace connection with an Expert.
  • No Third-Party Selling: We do not sell, rent, trade, or monetize your personal information or uploaded documents to third-party marketing companies.
  • Legal Obligations: We may disclose your data if required by law, court order, or an official investigation by authorities such as the Australian Department of Home Affairs or law enforcement bodies.

4. Data Security and Horizontally Scalable Storage

Stateless Security Architecture: Our system backend is entirely stateless. Sessions are handled via secure cryptographically signed tokens (JWTs/Cookies). This prevents data from leaking in-process across backend nodes.

Secure Vault Storage: Documents uploaded to the Platform are hosted in secured object-storage environments. Hot query database pathways utilize high-performance indexing to protect data integrity and restrict unauthorized read access.

Data Retention: We retain your account data and documents for as long as your profile remains active. Users may request full account deletion or clear out their document vaults at any time via their dashboard settings.

5. Accessing and Correcting Your Data

Under the Australian Privacy Principles (APPs) and international data rules, you have the right to:

  • Request an electronic copy of all personal information we hold about you.
  • Request immediate corrections to inaccurate, out-of-date, or incomplete profile details.
  • Delete your entire account, which triggers a complete systemic scrub of your database rows across our storage clusters.

To exercise these rights, simply manage your profile natively inside your app dashboard or contact us through support.

6. Cookies and Real-Time Tracking

We utilize essential cookies and WebSocket connections to keep you securely logged into your dashboard, track active notification counters, and power the real-time green/grey active status indicators within the internal team office intercom.

7. International Data Transfers

As a global student application marketplace, your information may be processed or accessed by verified Experts operating outside of Australia. By using the platform and sharing your academic/visa preferences, you acknowledge and consent to the necessary cross-border data pathways required to match you with overseas educational institutions and international migration specialists.

8. Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time to reflect cloud infrastructure upgrades, feature releases, or statutory updates. When amendments occur, the "Last Updated" date at the top of this page will change, and prominent alerts will display on your expert/student dashboard.

Contact Our Privacy Officer: For data inquiries, complaints, or compliance questions, please email us directly:

support@gradply.com

Perth, Western Australia, Australia