Privacy Policy
Last updated: 11 June 2026 · Effective: 11 June 2026
Summary: FairLanding is committed to protecting your privacy under the Australian Privacy Act 1988. This policy explains what data we collect, how we use it, who we share it with, and your rights as an individual.
1. Who we are
FairLanding (fairlanding.com.au) is an Australian digital platform operated by Elvyn Mudaliar (ABN 34 583 311 963), trading as FairLanding, providing factual compliance and settlement information to international students and skilled migrants. Our contact email is hello@fairlanding.com.au. We are bound by the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
2. What data we collect
We collect: (a) Account data — email address and hashed password when you create an account; (b) Usage data — pages visited, tools used, audit inputs, and results you save; (c) Payment data — processed entirely by Stripe (PCI-DSS Level 1 compliant); we never see, store, or have access to your full card details; (d) Voluntary data — information you enter into our tools such as employment details, hourly rates, and points information. We do not collect: immigration file numbers, passport details, Tax File Numbers, bank account numbers, or sensitive health information.
3. How we use your data
We use your data solely to: provide the services you request; save your audit results and settings to your account; send service-related notifications and alerts you have opted into (such as SkillSelect round notifications or award rate update alerts); respond to support and billing enquiries; improve platform functionality using aggregated, anonymised analytics. We do not sell, rent, or share your personal data with any third party for marketing purposes. We do not share your data with employers, government agencies, advertisers, or data brokers.
4. Data storage and security
Your data is stored in Supabase (PostgreSQL database hosted on AWS ap-south-1, Mumbai). All connections are encrypted via TLS 1.2 or higher. Passwords are hashed using bcrypt with a minimum of 10 rounds. Row-level security (RLS) is enforced on all database tables, ensuring users can only access their own data. Payment processing is handled by Stripe, which maintains PCI-DSS Level 1 compliance. We conduct periodic security reviews and apply software patches within 48 hours of critical vulnerability disclosures.
5. Cookies and tracking
We use essential cookies only: session authentication (Supabase JWT) and language preference. We do not use advertising cookies, tracking pixels, Google Analytics, Facebook Pixel, or any third-party behavioural tracking. You may disable cookies in your browser settings, though this will prevent you from staying logged in.
6. Your rights under the Australian Privacy Act 1988
Under the Australian Privacy Principles, you have the right to: access the personal information we hold about you (APP 12); request correction of inaccurate or incomplete information (APP 13); request deletion of your account and associated personal data; opt out of direct marketing communications at any time; complain about a breach of the APPs. To exercise any of these rights, email hello@fairlanding.com.au with the subject line ‘Privacy Request’. We will respond within 30 days.
7. Data retention
We retain your personal data for as long as your account remains active or as required to provide our services. If you request account deletion, your personal data is permanently deleted within 30 days. Payment records are retained for 7 years as required by Australian tax law (s262A ITAA 1936). Anonymised, aggregated usage statistics that cannot be linked to any individual may be retained indefinitely for platform improvement purposes.
8. Disclosure to third parties
We use the following third-party service providers who may process your data on our behalf: Supabase Inc. (database and authentication, USA); Stripe Inc. (payment processing, USA); Resend Inc. (transactional email, USA); Vercel Inc. (hosting and deployment, USA). Each provider is bound by their own privacy policy and applicable data protection law. We do not use any other third-party services that process personal data. All overseas disclosures are made in accordance with APP 8.
9. Children’s privacy
FairLanding is not directed at persons under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has created an account, contact us immediately at hello@fairlanding.com.au and we will delete the account and associated data within 5 business days.
10. Notifiable data breaches
We comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988. In the event of an eligible data breach that is likely to result in serious harm to affected individuals, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable.
11. Changes to this policy
We will notify registered users by email at least 14 days before any material changes to this policy take effect. The updated policy will be published at fairlanding.com.au/privacy. Continued use of FairLanding after the effective date constitutes acceptance of the updated policy.
12. Contact and complaints
For privacy enquiries or to exercise your rights: hello@fairlanding.com.au. If you believe we have breached the Australian Privacy Principles and are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or by calling 1300 363 992 (free call).
Privacy questions? Email hello@fairlanding.com.au