Consumer Data Policy

Australian Visa Connect Pty Ltd
Effective: 26 August 2025
At Australian Visa Connect (“the Company,” “we,” “us,” or “our”), a migration agent based in Queensland, Australia, we are committed to protecting the privacy and confidentiality of the personal information of our clients. This Privacy Policy outlines how we collect, use, disclose, and protect personal data in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
By engaging with our services, you consent to the practices described in this policy.

1. Collection of Personal Data
We collect personal information for the purposes of providing migration advice, visa consultation, and assistance services. The types of personal data we collect may include (but are not limited to):
● Name, address, contact details, nationality, passport information, and visa details

● Employment, education, health, and character information (such as police checks and medical records)

● Financial information necessary for billing purposes (processed through Stripe and Xero; we do not store card details ourselves)

● Consultation recordings (via Otter)

● Any additional information voluntarily provided during the engagement process

2. Use of Personal Data
We use personal data for the following purposes:
● Providing migration advice and representation

● Preparing and lodging visa applications, skills assessments, and Expressions of Interest (EOIs)

● Communicating with clients, including responding to enquiries, providing updates, and delivering important service-related information

● Facilitating payment and billing processes

● Complying with legal obligations, including those related to immigration and visa processing

● Improving our services, enhancing the client experience, and developing new offerings

We do not use personal information for unrelated marketing purposes without your consent.

3. Disclosure of Personal Data
We may disclose personal information to third parties in the following circumstances:
● To authorised service providers who assist us in delivering our services, such as IT service providers, payment processors, and communication platforms (e.g. Google Drive, Zoho, Otter, Gmail, WhatsApp, Xero)

● To the Department of Home Affairs (DoHA), skills assessment authorities, or other entities as required by law or necessary for visa applications and immigration processes

● To our professional advisors, such as lawyers or accountants, for legal or compliance purposes

● With your consent, or as otherwise permitted or required by law

We do not sell or trade personal information and we do not disclose it overseas unless explicitly required by your case and authorised by you in writing.

4. Protection of Personal Data
We implement reasonable security measures to protect personal information from unauthorised access, use, or disclosure. These measures include:
● Cloud storage with Google Drive and two-factor authentication

● Secure platforms for payments (Stripe and Xero)

● Restricted access to client files by authorised personnel only

● Regular reviews of our data security practices

Hard copy documents are returned to clients once digitised. Access to all systems is password-protected and limited to authorised staff.

5. Retention of Personal Data
We retain personal information for seven (7) years after the closure of a client’s file to fulfil legal and professional record-keeping requirements.
When information is no longer required, we securely delete or de-identify it in accordance with applicable laws.

6. Consumer Rights and Choices
You have the right to:
● Request access to the personal information we hold about you

● Request corrections or updates to that information

● Manage communication preferences, including opting out of non-essential communications

We will respond to such requests in accordance with the Privacy Act 1988 (Cth).

7. Third-Party Websites and Services
Our services may involve links to third-party websites or the use of third-party platforms. This Privacy Policy does not extend to those third parties, and we are not responsible for their privacy practices. We encourage clients to review the privacy policies of those third parties before providing any personal information.

8. Data Breach Response Plan
We are committed to responding quickly and effectively in the event of a data breach.
1. Identify and Contain – We will immediately investigate and contain any suspected or actual breach to prevent further unauthorised access.

2. Assess and Notify – We will assess the nature and severity of the breach. If it is likely to cause serious harm, we will notify the Office of the Australian Information Commissioner (OAIC) and any affected individuals under the Notifiable Data Breaches (NDB) Scheme.

3. Remedy and Review – We will take steps to address the breach, provide support to affected clients, and review our security practices.

We also engage a third-party IT provider (Just Web Opps) to assist with cyber security and breach management.

9. Updates to this Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The most current version will always be available on our website.

10. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Australian Visa Connect Pty Ltd
Email: info@australianvisaconnect.me