miraventora operates from Australia and provides departmental budgeting tools to organizations across the region. This policy applies when you visit our website, use our educational resources, or interact with our platform.

We comply with the Australian Privacy Principles under the Privacy Act 1988, which means we're held to strict standards about how we collect and use your information. This isn't optional for us—it's the law, and we're glad it is.

We collect different types of information depending on how you interact with us. Here's what that looks like in practice:

• Contact Information: When you reach out or sign up for our learning programs, we'll ask for basics like your name, email, phone number, and organization details. Pretty standard stuff.
• Professional Information: For educational programs, we might collect job titles, department roles, and areas of interest. This helps us tailor content to what you actually need.
• Technical Data: Our systems log IP addresses, browser types, device information, and how you navigate our site. This helps us fix bugs and improve performance.
• Usage Patterns: We track which resources you access, how long you spend on different sections, and what features you use most. This tells us what's working and what needs work.
• Communication Records: When you email us or chat with support, we keep those conversations. They help us provide better service and resolve issues faster.

Most of the time, you give us information directly. But there are a few other ways data comes our way:

• Direct Submissions: When you fill out forms, register for programs, or contact us through our website.
• Automated Collection: Through cookies and similar technologies that track your interaction with our site. You can control most of these through your browser settings.
• Third-Party Sources: Occasionally from professional networking platforms or educational institutions, but only when you've given them permission to share.
• Public Sources: Sometimes from publicly available business directories or professional profiles to verify organizational information.

Everything we collect serves a specific purpose. We're not hoarding data for the sake of it. Here's what we actually do with your information:

We won't use your information for purposes beyond what we've outlined here without getting your explicit consent first.

We're selective about who sees your data. Here's the complete list:

• Service Providers: Companies that help us run our platform—hosting services, email providers, analytics tools. They're contractually bound to protect your information and can't use it for their own purposes.
• Educational Partners: When you enroll in co-branded programs, we may share relevant details with partner institutions. You'll always know when this applies.
• Payment Processors: For paid programs, transaction details go to secure payment gateways. We never see or store your full payment information.
• Legal Authorities: If required by law, court order, or valid government request. We'll notify you when legally permitted to do so.
• Business Transfers: In the unlikely event of a merger or acquisition, your information would transfer to the new entity under the same privacy protections.

Our primary infrastructure is in Australia, but some of our service providers operate servers in other countries. When your information leaves Australia, we ensure it's protected through:

• Standard contractual clauses approved by Australian authorities
• Adequacy decisions recognizing equivalent privacy protections
• Additional security measures for transfers to countries without formal adequacy status
• Regular audits of international service providers' security practices

You can request specific details about where your information is stored and what protections apply. Just ask.

We don't keep data longer than necessary. Here's our general approach:

• Active Account Data: Maintained while you're using our services and for up to two years after your last activity.
• Communication Records: Kept for three years to help resolve any follow-up questions or issues.
• Financial Records: Retained for seven years to comply with Australian tax and accounting regulations.
• Technical Logs: Usually deleted after 12 months unless needed for security investigations.
• Marketing Consents: Maintained until you withdraw consent, then promptly removed from active systems.

After these periods, we either delete your information or anonymize it so it can't be linked back to you. Some aggregated, anonymized data might be kept indefinitely for statistical purposes, but it won't identify you personally.

We take security seriously because we know breaches aren't just statistics—they affect real people. Here's what we do to protect your information:

• Encryption: All data transmitted between your browser and our servers uses TLS encryption. Sensitive stored data is encrypted at rest.
• Access Controls: Only employees who need access to perform their jobs can view personal information. All access is logged and monitored.
• Regular Audits: We conduct quarterly security assessments and annual penetration testing by independent experts.
• Incident Response: We have documented procedures for detecting, responding to, and recovering from security incidents.
• Employee Training: Everyone on our team receives regular privacy and security training. It's not optional.
• Vendor Assessment: Third-party providers undergo security reviews before we share any data with them.

No system is completely bulletproof, but we're committed to staying ahead of threats and will notify you promptly if a breach affects your information.

Australian privacy law gives you specific rights over your personal information. Here's what you can do and how to exercise these rights:

• Access Your Information: Request a copy of the personal data we hold about you. We'll provide this within 30 days, usually free of charge.
• Correct Inaccuracies: Ask us to fix information that's wrong or incomplete. We'll update it promptly and notify anyone we've shared it with.
• Request Deletion: Ask us to erase your personal information when it's no longer needed or if you withdraw consent. Some legal obligations may prevent immediate deletion.
• Object to Processing: Tell us to stop using your information for specific purposes, particularly for marketing communications.
• Restrict Processing: Request that we limit how we use your data while you're disputing its accuracy or lawfulness.
• Data Portability: Get your information in a structured format that you can transfer to another service provider.
• Withdraw Consent: Change your mind about any consent you've previously given us. This won't affect processing that occurred before withdrawal.

You also have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you're not satisfied with how we've handled your information. We'd prefer to resolve issues directly, but you have that option.

Like most websites, we use cookies. Here's what they do and how you can control them:

• Essential Cookies: Required for basic site functionality like keeping you logged in. These can't be disabled without breaking the site.
• Performance Cookies: Help us understand how visitors use our site so we can improve it. These collect anonymous data about page views and navigation paths.
• Functionality Cookies: Remember your preferences like language settings or customization choices.
• Analytics Cookies: Used by third-party tools to track site performance and user behavior. We use this data to optimize content and features.

You can control cookies through your browser settings. Most browsers let you block or delete cookies, though this might affect site functionality. Our site has a cookie consent manager where you can adjust preferences for non-essential cookies.

Our services are designed for professional audiences and educational institutions. We don't knowingly collect information from individuals under 18 without parental or institutional consent.

If you're under 18 and want to access our educational resources, make sure you have permission from a parent, guardian, or authorized educational representative. If we discover we've collected information from a minor without proper consent, we'll delete it promptly.

We update this policy occasionally to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you by email or through a prominent notice on our website.

Minor updates might not trigger individual notifications, so check back periodically if you want to stay informed. The "Last Updated" date at the top tells you when the most recent changes were made.

Continued use of our services after changes take effect means you accept the updated policy. If you disagree with changes, you can close your account—we'll be sorry to see you go, but we respect your decision.

Our site occasionally links to external resources—industry publications, partner organizations, or educational tools. We're not responsible for the privacy practices of these third-party sites.

When you click through to another site, their privacy policy applies. We encourage you to review it before sharing any personal information. Just because we link to something doesn't mean we endorse their data practices.