VET Solutions logoVET Solutions
Home Services VET Solutions Cloud Contact Sign in Start Free Trial
Home Services VET Solutions Cloud Contact Sign in Start Free Trial
VET Solutions Cloud

Privacy Policy

How VET Solutions collects, holds, uses and discloses personal information through the VET Solutions Cloud website, application, support channels and related services.

Effective 06 July 2026  ·  Version 2026.07.01

On this page
1. Who We Are 2. Scope 3. Privacy Act and APPs 4. Information We Collect 5. How We Collect Information 6. Collection Notice 7. Customer-Controlled Information 8. Sensitive Information and Minors 9. Purposes for Use 10. AI Processing 11. Service Providers 12. Overseas Disclosure 13. Security 14. Direct Marketing 15. Cookies 16. Retention 17. Deletion and De-Identification 18. Access and Correction 19. Complaints 20. Data Breaches 21. Legal Requirements 22. Business Transfers 23. Changes to This Policy 24. Contact

1.Who We Are

This Privacy Policy explains how WILSON, AARON, trading as VET Solutions, collects, holds, uses and discloses personal information through the VET Solutions Cloud website, application, support channels and related services.

Legal nameWILSON, AARON
ABN14 429 909 591
Business addressPO Box 275, Salisbury QLD 4107
Privacy contactsupport@vetsolutions.com.au
Support contactsupport@vetsolutions.com.au

2.Scope

This policy applies to personal information handled by VET Solutions in connection with the platform. It applies to account owners, administrators, authorised users, prospective customers, support contacts, waitlist users and other individuals whose information is submitted to the platform.

Most customers are Australian registered training organisations or related businesses. Customers may upload documents or generate outputs that contain information about their staff, contractors, clients, students, learners or other individuals. Where a customer controls that content, the customer remains responsible for having authority to collect and submit it.

3.Privacy Act and Australian Privacy Principles

We aim to handle personal information consistently with the Privacy Act 1988 (Cth), the Australian Privacy Principles and the Notifiable Data Breaches scheme. We take this approach even if we are not legally required to comply with every obligation in every circumstance.

This policy is intended to address matters commonly required by APP 1 and APP 5, including the kinds of personal information collected, how it is collected, the purposes of collection, usual disclosures, overseas disclosure, access and correction, complaints and consequences if information is not provided.

4.Kinds of Personal Information We Collect

We may collect the following kinds of personal information:

  • Identity and contact details, including name, email address, phone number, job title, position and user profile information.
  • Organisation details, including RTO code, legal name, trading name, address, state, postcode, billing contact and authorised users.
  • Authentication and account details, including user ID, organisation role, login events, invitation status, password reset activity and session metadata.
  • Billing and subscription information, including plan, price, subscription status, Stripe customer and subscription identifiers, invoice and payment status, credit usage and billing portal activity.
  • Usage and audit information, including validation jobs, Forge runs, unit-library activity, exports, verification actions, admin actions, support diagnostics, feature usage, timestamps and system logs.
  • Customer content, including uploaded assessments, units of competency, project materials, validation files, generated documents, reports, reference-library material, prompts, instructions and outputs.
  • Support and communications information, including enquiries, support tickets, feedback, email correspondence and troubleshooting information.
  • Technical information, including IP address, browser, device, operating system, user agent, approximate location derived from technical data, request metadata, cookies or similar session technologies.

We do not intentionally require customers to submit health information, government identifiers, financial account numbers, learner USIs, detailed student records, child information or other sensitive information unless a particular customer chooses to include it in uploaded material.

5.How We Collect Personal Information

We collect personal information when:

  • a person signs up, logs in, accepts an invitation, updates a profile or manages an organisation account;
  • a customer enters organisation, billing or RTO information;
  • a user uploads, imports, generates, validates, exports or stores content;
  • a user contacts support, sends feedback, joins a waitlist or responds to communications;
  • the platform automatically records usage, audit, security, billing and diagnostic events;
  • a payment provider, authentication provider, cloud provider or other service provider returns information needed to operate the service;
  • publicly available or official sources, such as RTO registers, are used to verify eligibility or prefill organisation information.

Where practical, we collect personal information directly from the individual or customer organisation. Sometimes we receive information from an administrator, account owner, invited team member, service provider, official register or customer-uploaded document.

6.Collection Notice and Consequences of Not Providing Information

If required account, organisation, authentication or billing information is not provided, we may be unable to create an account, verify RTO eligibility, process a subscription, provide support, secure the platform or deliver requested features.

If customer content is not provided, AI-assisted validation, generation, parsing, export or reporting features may not work or may produce incomplete outputs. If optional profile, feedback or support information is not provided, we may still provide the service but support quality may be reduced.

7.Customer-Controlled Third-Party Information

Customers must ensure they have a lawful basis and any required authority, consent or notice before submitting personal information about staff, students, clients, contractors or other individuals to the platform.

Customers should minimise personal information in uploaded content. In particular, customers should remove or redact information that is not needed for the requested workflow, including student identifiers, health information, disciplinary information, financial details, government identifiers and information about minors.

If an individual asks us to access, correct or delete personal information contained in customer-controlled content, we may refer the request to the relevant customer organisation unless we are legally required to respond directly.

8.Sensitive Information, Students and Minors

The platform is not designed to require sensitive information. Customers must not upload sensitive information unless it is reasonably necessary for their lawful use of the service and they have obtained any required consent or authority.

Information about children, minors, school-age learners or vulnerable individuals should not be uploaded unless necessary and authorised. Customers remain responsible for complying with education, privacy, child-safety, records-management and training-sector obligations that apply to them.

9.Purposes for Using Personal Information

We use personal information to:

  • create, authenticate and manage user and organisation accounts;
  • verify RTO eligibility and maintain customer records;
  • provide validation, Forge, unit-library, project, export, PD Hub, billing, notification and support features;
  • process uploaded content and generate requested outputs;
  • operate AI-assisted workflows requested by users;
  • process subscriptions, invoices, renewals, plan changes, credit usage and payment status;
  • send transactional messages, service notices, security notices and support communications;
  • maintain security, prevent misuse, investigate incidents and preserve audit trails;
  • troubleshoot errors, monitor reliability and improve platform performance;
  • comply with legal obligations, respond to lawful requests and enforce our terms;
  • prepare de-identified or aggregated operational statistics.

We do not sell personal information. We do not use customer content for unrelated advertising.

10.AI Processing

Some platform features use AWS Bedrock and Anthropic models to parse, analyse, validate, classify, summarise or generate content. Customer uploads, prompts, instructions, metadata and generated outputs may be sent to these services when a user requests an AI-assisted feature.

Customer content submitted through AI-assisted features is processed to provide the requested feature, maintain the service, support security and improve reliability. VET Solutions does not use customer content to train public foundation models. Where Anthropic models are accessed through AWS Bedrock, customer inputs and outputs are not used by AWS or third-party model providers to train foundation models.

AI outputs may not be suitable or contextualised appropriately upon initial generation and require Customers to review, modify and/or approve content before operational use. Customers must review outputs before relying on them for training, assessment, compliance, audit, learner, employment or business decisions.

VET Solutions does not make final enrolment, assessment, competency, employment, audit, regulatory or learner support decisions about individuals. AI-assisted outputs are decision-support tools only, and Customers remain responsible for reviewing outputs and making final decisions.

11.Disclosure to Service Providers

We may disclose personal information to service providers that help us operate the platform, including:

  • cloud hosting, compute, storage, networking, logging and security providers;
  • database, authentication and session-management providers;
  • AI infrastructure and model providers used for requested features;
  • payment, subscription, invoicing and billing portal providers;
  • email and notification providers;
  • analytics, diagnostics, monitoring and error-reporting providers;
  • professional advisers, legal advisers, accountants, insurers and auditors;
  • support, development and operations contractors subject to confidentiality obligations.

Current platform architecture includes AWS, Supabase, Stripe and AWS SES. We may update our service providers from time to time where reasonably necessary to operate, secure, improve or support the platform. Where a material change affects how customer content or personal information is handled, we will provide notice through the platform, email or another reasonable channel.

12.Overseas Disclosure

Core production infrastructure is intended to use Australian AWS infrastructure where configured, including the Sydney region for relevant hosting and storage. However, some providers, support teams, cloud services, payment services, authentication services or AI subprocessors may access, store or process information outside Australia.

Where APP 8 applies, we will take reasonable steps to ensure overseas recipients handle personal information consistently with the Australian Privacy Principles unless an exception applies.

13.Security

We use technical and organisational controls intended to protect information from misuse, interference, loss, unauthorised access, modification and disclosure. These may include authentication, role-based access, encrypted transport, encrypted storage where appropriate, private infrastructure, logging, audit records, least-privilege operational access, backups and security monitoring.

No online service can be guaranteed to be completely secure. Customers are responsible for secure passwords, user access reviews, role assignment, device security, network security, and ensuring only authorised users access customer content.

14.Direct Marketing

We may send service updates, product information or business communications to customer contacts where permitted by law. Marketing emails will identify VET Solutions as the sender and include a clear unsubscribe option. We will action unsubscribe requests within 5 working days. Transactional, billing, security and service-critical messages may still be sent where necessary to provide the service.

15.Cookies and Similar Technologies

The platform may use cookies, local storage and similar technologies for authentication, session management, security, preferences, analytics and service operation. Blocking these technologies may affect the ability to use the platform.

16.Retention

We retain personal information while needed for the purposes described in this policy. Retention periods depend on the type of information and may be affected by account status, legal obligations, billing records, audit logs, security needs, backups, disputes and support history.

As a general position, customer content is retained while the account is active and for a reasonable period after closure unless deletion is requested or required. Billing, audit, security and legal records may be retained for longer where reasonably necessary.

17.Deletion and De-Identification

After account closure or upon valid request, we will delete or de-identify personal information where reasonably practicable, subject to legal obligations, backups, billing records, audit logs, security records, dispute records and legitimate operational requirements.

Backup deletion may occur on normal backup rotation rather than immediately. We may retain de-identified or aggregated information that no longer reasonably identifies an individual.

18.Access and Correction

Individuals may request access to, or correction of, personal information we hold about them by contacting support@vetsolutions.com.au. We may need to verify identity before responding.

We will respond within a reasonable time. We may refuse access or correction where permitted by law, including where a request relates to customer-controlled content, would affect another person's privacy, is frivolous or vexatious, creates security risk, or is otherwise legally restricted.

19.Complaints

Privacy complaints should be sent to support@vetsolutions.com.au. A complaint should include enough detail for us to understand and investigate the issue.

We will acknowledge and assess complaints within a reasonable time. We may request more information, consult the relevant customer organisation, take remedial action, or explain why no action is required. If a complaint cannot be resolved, an individual may contact the Office of the Australian Information Commissioner.

20.Data Breaches

If we suspect a data breach, we will assess the incident and take reasonable steps to contain, investigate and remediate it. If we determine that an eligible data breach has occurred, we will notify affected individuals and the Office of the Australian Information Commissioner where required by law.

Where an incident affects customer-controlled content, we may notify the customer organisation so it can meet its own legal and regulatory obligations.

21.Legal Requirements and Safety

We may use or disclose personal information where required or authorised by law, court order, regulator request, law enforcement request, professional advice, insurance process, dispute resolution, business transfer, security investigation or enforcement of our terms.

22.Business Transfers

If VET Solutions is involved in a restructure, sale, merger, acquisition, financing, asset transfer or similar transaction, personal information may be disclosed to advisers, prospective counterparties and successor entities, subject to confidentiality and applicable law.

23.Changes to This Policy

We may update this policy from time to time. Material changes will be notified through the platform, email or another reasonable channel before or when they take effect. The effective date and version identify the current policy.

24.Contact

Business addressPO Box 275, Salisbury QLD 4107
Privacy contactsupport@vetsolutions.com.au
Supportsupport@vetsolutions.com.au

See also our Terms of Service.

VET Solutions logoVET Solutions

Compliance expertise. Measurable results. Supporting RTOs across Australia.

Pages

HomeServicesVET Solutions CloudContact

Services

Internal AuditAssessment ValidationResource DevelopmentCompliance Advisory

Legal

Privacy PolicyTerms of ServiceSign in

Contact

enquiries@vetsolutions.com.auBased in AustraliaResponse within 2 business days
Copyright 2026 VET Solutions | ABN 14 429 909 591 | All Rights ReservedPrivacy  ·  Terms