Privacy Policy

Effective: May 30, 2026 · ShortCourses.com is operated by ShortCourses.com

1. Who We Are

ShortCourses.com is a course discovery and lead generation platform. We connect students with course providers. We are committed to protecting your personal information and complying with the Australian Privacy Act 1988 (APPs), the GDPR for EU/UK users, and applicable privacy laws worldwide.

This policy covers all information collected through shortcourses.com, our provider portal, and our APIs.

2. Information We Collect

From Students:

  • Name and email address (when submitting an enquiry form)
  • Phone number (if provided voluntarily)
  • Course interest and start timeline
  • Message content you write in the enquiry form
  • Country (detected from your connection, not stored as PII)
  • Pages visited and search queries (via Google Analytics — anonymised)

From Providers:

  • Company name, website, contact name and email
  • Billing information (processed by Stripe — we do not store card numbers)
  • Course listings and descriptions you submit
  • Login activity and dashboard usage

Automatically:

  • IP address (used for fraud detection and anonymised analytics)
  • Browser type and device
  • Referral source (which website sent you here)
  • Pages viewed and time spent

3. How We Use Your Information

For Students:

  • To pass your enquiry to the course provider you selected
  • To send confirmation of your enquiry (if you opt in)
  • To improve course recommendations using aggregated, anonymised data

For Providers:

  • To operate your dashboard and deliver leads
  • To process billing and manage your subscription
  • To send transactional emails (lead notifications, billing receipts)
  • To communicate platform updates

For Everyone:

  • To maintain platform security and prevent fraud
  • To comply with legal obligations
  • To improve platform performance through analytics

4. Data Sharing

We share your data only as follows:

  • Course providers: When you submit an enquiry, we share your name, email, phone, and course interest with the specific provider you contacted. Only that provider. Not others.
  • Stripe: Payment processing for provider subscriptions and course purchases. Stripe is PCI-DSS compliant. We do not store your card details.
  • Google Analytics: Anonymised usage data. No personally identifiable information is shared.
  • Resend: Our email provider for transactional emails (lead notifications, billing).
  • We do not sell, rent, or trade your personal data. Ever.

5. Data Retention

  • Student enquiries: Retained for 3 years, then deleted
  • Provider accounts: Retained while account is active + 2 years
  • Analytics data: 14 months (Google Analytics default)
  • Billing records: 7 years (Australian tax law requirement)

6. Your Rights

Under Australian Privacy Law and GDPR (for EU/UK users), you have the right to:

  • Access — request a copy of the data we hold about you
  • Correction — ask us to correct inaccurate data
  • Deletion — request deletion of your personal data (subject to legal retention requirements)
  • Portability — receive your data in a machine-readable format
  • Objection — object to processing for marketing purposes
  • Withdrawal of consent — withdraw consent at any time where processing is based on consent

To exercise these rights, email: privacy@shortcourses.com

We will respond within 30 days. EU users may also lodge a complaint with their local supervisory authority.

7. Security

We protect your data using:

  • HTTPS encryption on all pages
  • Encrypted database connections
  • Password hashing (bcrypt)
  • HttpOnly, Secure session cookies
  • Regular security monitoring

No internet transmission is 100% secure. If we become aware of a breach affecting your data, we will notify you within 72 hours as required by Australian law.

8. Cookies

We use essential cookies (login sessions), analytics cookies (Google Analytics), and payment cookies (Stripe). See our Cookie Policy for full details.

9. International Transfers

ShortCourses.com serves users worldwide. Your data may be processed in Australia, the United States (Google, Stripe, OpenAI), and the EU. We ensure adequate protections are in place for all international transfers, including standard contractual clauses where required by GDPR.

10. Children

ShortCourses.com is not directed at children under 16. We do not knowingly collect data from children. If you believe a child has submitted information, contact us immediately.

11. Changes to This Policy

We will notify registered users of material changes by email. The "Effective" date at the top shows when this policy was last updated.

12. Contact

Privacy Officer: privacy@shortcourses.com

ShortCourses.com

For complaints: you may also contact the Office of the Australian Information Commissioner (OAIC).

Terms of ServiceCookie PolicyProvider Terms