Privacy Policy

This Privacy Policy explains how Rubric Assessor (we, us, our) handles personal information.

We manage personal information in line with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), where applicable.

This policy is designed to be easy to understand and to describe what we collect, why we collect it, and what choices you have.

Depending on how you use our service, we may collect contact details (such as name and email), account information, billing information, support communications, class list data you upload, and usage analytics.

If you share student or school information through the product, that information may include personal information.

We do not intentionally collect sensitive information unless it is required to provide the service and you choose to provide it.

We collect information directly from you when you create an account, use the product, contact support, or make a payment.

We also collect technical and usage information through cookies and similar technologies.

We hold personal information in secure cloud systems and with trusted service providers that help us operate the product.

We use personal information to provide and support the service, process payments, secure accounts, communicate with you, and comply with legal obligations.

We also use personal information and de-identified or aggregated data to improve product performance, reliability, features, and user experience.

Where reasonable and lawful, we may disclose personal information to service providers (for example hosting, analytics, payments, support, and security vendors) so they can help us run the service.

We may send product updates, service messages, and occasional marketing communications.

You can opt out of marketing emails at any time using the unsubscribe link or by contacting us.

We will still send important operational messages, such as security, billing, and account notices.

Some of our service providers may store or process personal information outside Australia.

Where this occurs, likely locations include Australia, the United States, and other countries where our infrastructure or subprocessors operate.

We take reasonable steps to ensure overseas recipients handle personal information in a way that is consistent with Australian privacy law.

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure.

We retain personal information only for as long as needed for business, legal, and compliance purposes, then securely delete or de-identify it.

No internet transmission or storage system is 100% secure, but we maintain appropriate technical and organisational safeguards.

You can request access to personal information we hold about you and ask us to correct information that is inaccurate, out of date, incomplete, irrelevant, or misleading.

To make a request, contact us using the details in section 11.

We respond within a reasonable period and generally aim to respond within 30 days.

If you believe we have breached the Privacy Act or the APPs, please contact us so we can investigate and respond.

We aim to acknowledge and resolve privacy complaints as quickly as possible.

If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

If a data breach is likely to result in serious harm, we will comply with the Notifiable Data Breaches scheme under the Privacy Act.

This includes notifying affected individuals and the OAIC when required by law.

Privacy Officer

Email: privacy@rubricassessor.com

For verification and security reasons, we may request enough information to confirm your identity before actioning requests.

We may update this Privacy Policy from time to time.

When we make material changes, we will publish the updated version on this page and update the effective date below.

Effective date: 27 February 2026