Privacy policy

Privacy Policy

Last Updated: July 1, 2025

Introduction

Your privacy is important to us. This Privacy Policy explains how Go-Liberty Pty Ltd (“Go-Liberty”, “we”, “us”, or “our”) collects, uses, shares, and protects your personal information when you use our platform, including our website, mobile applications, and services we offer to schools, students, and families.

By using our services, you agree to the practices described in this Privacy Policy. If you do not agree with any part of it, please do not use our services.

This Policy applies to:

• Visitors to our website
• Students and parents using our platform
• Schools and school administrators using our services,
• Any other users or partners engaging with Go-Liberty.

We comply with applicable data protection and privacy laws, including the Australian Privacy Act, the General Data Protection Regulation (GDPR), and other relevant international standards.

If you have questions or requests regarding this Privacy Policy, please contact us at:
General enquiries: policy@go-liberty.com
Data Protection Officer (DPO): dpo@go-liberty.com

1. Definitions

For the purposes of this Privacy Policy, the following terms have the meanings set out below:

• “Go-Liberty”, “we”, “us”, “our” refers to Go-Liberty Pty Ltd, the provider of the Go-Liberty platform and related services.
• “Platform” means the Go-Liberty websites, mobile applications, web applications, and all associated tools, systems, or services offered by Go-Liberty.
• “You”, “User”, or “Client” refers to the individual or institution using the platform, including schools, boarding institutions, staff members, parents, or students, as applicable.
• “Institution” means any school, boarding facility, organisation, club, or camp that contracts with Go-Liberty to use the platform for managing individuals or student data.
• “Personal Data” or “Personal Information” means any information relating to an identified or identifiable individual, including but not limited to names, contact details, student records, and digital identifiers.
• “Processing” means any operation or set of operations performed on personal data, whether by automated means or not, such as collection, storage, use, disclosure, or deletion.
• “Data Controller” means the natural or legal person who determines the purposes and means of processing personal data. In most cases, this is Go-Liberty Pty Ltd.
• “Data Processor” means a natural or legal person who processes personal data on behalf of the controller. This may include cloud service providers or technical support partners.
• “Data Subject” means the individual whose personal data is being processed. This could be a student, parent, staff member, or other individual whose information is managed through the platform.
• “Service Providers” means third-party companies or individuals engaged by Go-Liberty to facilitate the platform, provide services, or assist in analysing and improving its use.
• “Applicable Laws” means all privacy and data protection laws and regulations that apply to the processing of personal data under this Privacy Policy, including but not limited to the Australian Privacy Act 1988, the General Data Protection Regulation (GDPR), and other relevant global laws.

2. Information We Collect & Obligations

Go-Liberty collects and processes personal information to operate the platform, provide services to users, and fulfill our legal and contractual obligations. This section outlines the categories of information we collect and our obligations in handling such information responsibly.

2.1 Categories of Personal Data We Collect

Depending on your role (e.g., student, parent, school staff) and how you interact with our platform, we may collect the following categories of information:

1. a) Personal Identifiers

• Full name
• Email address
• Phone number
• Date of birth
• Student ID or school-assigned identifiers

1. b) School-Related Information

• School name and location
• Enrollment status and academic details
• Attendance and performance information (if shared by the school)
• Parent or guardian contact details

1. c) Account and Login Information

• Username and password (securely encrypted and stored)
• User role and access level

1. d) Communication Data

• Information you provide in correspondence with us, including support requests and feedback
• Responses to surveys or forms completed on the platform

1. e) Usage Data and Device Information

• IP address and approximate location
• Device type, browser type, and operating system
• Language preferences and time zone
• Platform usage activity, such as login timestamps and interaction with features

For more information on how we handle technical usage data and analytics, see Section 9 (Standard Analytics Information).

2.2 Our Obligations in Handling Personal Data

We are committed to processing your personal data lawfully, fairly, and transparently. Our core obligations include:

• Collecting only the data necessary to provide our services and ensure the security and effectiveness of the platform.
• Using personal data only for specified, legitimate purposes as described in this Privacy Policy.
• Protecting data through appropriate technical and organizational measures, as further detailed in Section 4 (Security & Indemnity).
• Ensuring transparency around data collection, sharing, and retention.
• Respecting your rights as a data subject under applicable privacy laws (see Section 10: Data Subject Rights).
• Not selling or commercializing personal data under any circumstances.

In certain cases, we may be required by law or regulatory obligation to collect or retain specific types of data. Where legally required, we will seek your explicit consent before processing any sensitive or special category data.

3. Three Parties in This Arrangement

To ensure transparency and compliance with applicable data protection laws, it is important to understand the three key parties involved in the use and management of personal data within the Go-Liberty platform:

3.1 Go-Liberty (Data Controller)

Go-Liberty Pty Ltd acts as the Data Controller for the personal information it collects and determines how and why such data is processed. In this role, we are responsible for:

• Defining the purposes and means of processing personal data.
• Ensuring that data is collected and processed lawfully, fairly, and transparently.
• Implementing appropriate technical and organizational safeguards.
• Notifying relevant supervisory authorities and affected individuals in the event of a data breach.

We have appointed a Data Protection Officer (DPO) to oversee our privacy and data protection practices. You may contact the DPO at dpo@go-liberty.com

3.2 Our Service Providers (Data Processors)

To operate our platform, we engage trusted third-party providers who support functions such as hosting, infrastructure, communications, and customer support. These entities act as Data Processors, meaning they process personal data on our behalf and only according to our instructions.

We require all Data Processors to:

• Sign data processing agreements with us.
• Use personal data only for the agreed-upon purposes.
• Implement robust security measures; and
• Not share or use the data for their own benefits.

A list of key subprocessors can be made available upon request.

3.3 Our Clients (Schools, Institutions, and Their Representatives)

Our clients—such as schools, boarding institutions, clubs, or camps—often act as Joint Controllers or Independent Controllers of the data they upload, depending on the context. These institutions are responsible for:

• Ensuring that the data they submit (e.g., student records, parent contacts) is accurate and lawfully collected.
• Managing their own users and staff access to the platform.
• Obtaining all necessary consents and authorizations, particularly for data relating to children.
• Informing parents and guardians about the platform and its privacy practices, where appropriate.

We do not directly communicate with students or parents unless explicitly authorized or instructed by the institution. Where required, we assist our clients in fulfilling their own obligations under applicable privacy laws.

4. Security & Indemnity

At Go-Liberty, the security and confidentiality of your personal information is a top priority. We implement appropriate technical and organisational measures to protect data against accidental or unlawful access, use, loss, alteration, or disclosure.

4.1 Our Security Measures

We maintain a multi-layered security framework that includes, but is not limited to:

• Encryption of data in transit and at rest
• Role-based access controls and authentication procedures
• Firewalls, intrusion detection, and threat monitoring tools
• Regular security testing, vulnerability assessments, and system updates
• Secure development and deployment practices
• Data backups and disaster recovery planning

While we take reasonable steps to protect personal information, no method of transmission over the internet or method of electronic storage is 100% secure. Accordingly, we cannot guarantee the absolute security of your data.

If we become aware of a data breach that is likely to result in a risk to your rights or freedoms, we will notify the relevant supervisory authority and affected individuals as required by law and in accordance with our data breach response protocol.

4.2 User Responsibilities

You are responsible for:

• Keeping your account credentials confidential.
• Ensuring that any devices used to access our services are secure and protected against unauthorised access; and
• Promptly notifying us of any suspected or actual unauthorised use of your account or data.

We encourage users to take appropriate security precautions, including the use of strong passwords and keeping software up to date.

4.3 Indemnity

To the extent permitted by law, you agree to indemnify and hold harmless Go-Liberty, its directors, employees, and service providers from and against any loss, liability, damages, or costs (including reasonable legal fees) arising out of or related to:

• Your breach of this Privacy Policy or our Terms of Service.
• Your misuse of the platform or services; or
• Your failure to comply with applicable privacy or data protection laws, particularly in your capacity as a school, organisation, or administrator managing third-party data.

This section does not limit any statutory rights you may have under applicable consumer protection or privacy laws.

5. School Service Provider

Go-Liberty’s core service is a digital platform designed for use by schools, boarding institutions, sports clubs, and other educational or care-based organisations (collectively referred to as “institutions”). These institutions use our platform to manage students or group members, including storing, updating, and reviewing personal data related to those individuals.

5.1 Data Uploaded by Institutions

Institutions may upload or authorise the upload of personal information to our platform. This may include data about:

• Students (e.g., name, age, contact details, attendance, wellbeing records)
• Parents or guardians (e.g., name, relationship to student, emergency contacts)
• Staff (e.g., assigned duties, internal notes, contact details)

This data is stored on Go-Liberty’s secure cloud-based infrastructure, which is maintained in compliance with applicable data protection and data localisation laws (see Section 18).

The institution remains responsible for:

• Ensuring the accuracy and lawfulness of the data it provides.
• Managing who within their organisation has access to which data; and
• Informing individuals (e.g., students, parents, staff) of how their data will be used.

5.2 Use of Data by Go-Liberty

Go-Liberty does not use, access, or disclose any data provided by institutions except:

• As necessary to provide and maintain the services.
• As instructed or authorised by the institution.
• As required by law or regulatory authorities, or
• As otherwise agreed in our terms and service agreements.

We do not repurpose, sell, or share school-provided personal data for unrelated business activities or advertising purposes.

5.3 Responsibility for Local Compliance

Institutions are responsible for ensuring that their use of our platform complies with applicable laws, including obligations to obtain appropriate consents for data related to minors or sensitive categories of information. We strongly encourage institutions to consult their internal policies and legal counsel to ensure their compliance obligations are met.

Go-Liberty may assist institutions, upon request, by providing documentation or guidance related to privacy and data protection measures implemented on the platform.

6. Usage Data

In addition to the personal data actively provided by users or institutions, Go-Liberty automatically collects certain information related to how the platform and services are accessed and used. This is commonly referred to as Usage Data and helps us improve service quality, ensure security, and better understand user interaction with our platform.

6.1 Types of Usage Data We Collect

We may collect the following types of usage and technical information:

• Browser type and version
• Device type and operating system
• Internet Protocol (IP) address
• Date and time of access
• Referring and exit pages
• Time spent on pages or in the application
• Actions taken while using the platform (e.g., clicks, form submissions)
• Error logs and crash reports
• Language and region settings
• App version and updates installed

Where location features are enabled, and where the user has granted permission, we may also collect approximate or precise location information, particularly for mobile app users. This can usually be controlled in your device settings.

6.2 How We Use Usage Data

We use Usage Data to:

• Monitor and improve the performance, stability, and security of our systems
• Diagnose issues and identify bugs
• Understand how users interact with the platform to improve user experience
• Ensure compatibility with various devices and browsers
• Generate aggregated, anonymised insights that help guide development

Usage Data is typically non-personal and aggregated. However, in some cases, it may be combined with other data to identify individuals. In those cases, we treat the combined information as personal data and apply the same protections.

6.3 Optional Tracking & Analytics

We may use analytics tools, including third-party services, to collect and analyse Usage Data. You can manage some tracking preferences, such as whether to share usage statistics or allow location tracking, through your device or browser settings.

We do not use Usage Data to serve targeted advertising or marketing communications.

7. How We Use Information We Collect & When We May Share Such Information

Go-Liberty collects personal data to provide and maintain our services, meet our contractual and legal obligations, and ensure a safe and functional user experience. We do not sell or rent personal information to third parties.

7.1 How We Use Personal Information

We use the information we collect for the following purposes:

• Service delivery: To provide access to our platform and tools, manage user accounts, support institutional workflows, and deliver requested services.
• User support: To respond to enquiries, troubleshoot issues, and provide technical or administrative support.
• Security and integrity: To detect, investigate, and prevent fraud, abuse, or security incidents.
• Platform improvement: To evaluate usage patterns, understand user needs, and improve features, content, and overall user experience.
• Communication: To notify users of system updates, service changes, or new features. We do not send unsolicited marketing communications.
• Legal compliance: To comply with applicable laws and regulations, including responding to lawful requests from authorities.

Where consent is required (for example, to collect certain types of data or enable specific features), we will seek your consent explicitly and allow you to withdraw it at any time.

7.2 When We May Share Personal Information

We may share personal data with third parties only in the following limited circumstances:

• With service providers: We engage trusted vendors to help us operate and support the platform (e.g., hosting, security, analytics). These vendors are contractually bound to protect personal data and may only use it as instructed by Go-Liberty.
• With institutions: Where data was submitted or collected in the context of a school or organisation’s use of the platform, that institution has access to the relevant user data and is responsible for managing it.
• With your consent: We may share data with others if you provide clear and informed consent to do so.
• For legal reasons: We may disclose personal data if required to do so by law or in response to a lawful request from public authorities (see Section 15).
• Business transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the acquiring entity, subject to applicable data protection laws (see Section 13).

Unless otherwise stated in this Privacy Policy, personal data will only be shared in accordance with our obligations as a data controller or processor and in line with relevant privacy laws.

8. Support Services

To provide a reliable, secure, and responsive service, Go-Liberty may engage with external partners who deliver technical and operational support on our behalf. These third parties are referred to as Support Service Providers.

8.1 Purpose of Support Services

These providers may assist us with:

• Hosting infrastructure and database management
• System monitoring and error resolution
• User support and help desk operations
• Software development and feature updates
• Secure delivery of communications, such as system alerts or push notifications
• Data backup and recovery processes

We only engage with providers that demonstrate strong data protection and security practices and are contractually bound to act in accordance with our instructions and applicable privacy laws.

8.2 Access to Personal Information

Support Service Providers may require access to limited personal data in order to perform their roles. This access is restricted to the minimum necessary and is controlled through contractual agreements, confidentiality obligations, and role-based access controls.

Each provider is required to:

• Use personal data only for the purpose of delivering their assigned services
• Protect data using appropriate technical and organisational safeguards
• Refrain from using the data for any independent purposes, including marketing or profiling
• Notify us immediately in the event of any suspected data breach or security incident

We monitor and review all third-party providers regularly to ensure ongoing compliance and security.

9. Data Retention Period

Go-Liberty retains personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, regulatory, contractual, and operational obligations.

9.1 Retention Principles

We apply the following principles when determining retention periods:

• Contractual necessity: Data is retained for the duration of the institution’s or user’s relationship with Go-Liberty and any subsequent period required for administrative or legal follow-up.
• Legal compliance: Some records must be kept for specified periods under applicable law (e.g., audit or child protection requirements).
• Operational needs: We may retain limited usage data for service integrity, system performance tracking, and diagnostics.
• User rights: Where users or institutions request deletion of data, we assess the request in accordance with applicable laws and our data retention policies.

9.2 Specific Retention Practices

• User accounts: Data linked to inactive or closed accounts may be retained for a defined period (e.g., up to 12 months) to allow reactivation or dispute resolution, unless earlier deletion is requested.
• Student and staff records: These are retained in accordance with the terms agreed upon with the institution using the platform.
• Support interactions and logs: Retained for up to 24 months for quality assurance, audit, and fraud prevention purposes.
• Backups: System backups may contain residual data and are retained securely for limited periods consistent with our disaster recovery policy.

9.3 Data Deletion

Once the retention period has expired or the data is no longer needed, we will securely delete or anonymise the information. Institutions or users may request data deletion at any time (see Section 10: Data Subject Rights).

10. Data Subject Rights

Depending on your location and the applicable data protection laws, you may have certain rights regarding your personal data. At Go-Liberty, we are committed to respecting and enabling these rights.

If you are located in the European Union, United Kingdom, or another jurisdiction with similar legal frameworks, your rights may include the following:

10.1 Right of Access

You have the right to request confirmation of whether we process your personal data and, where we do, to request a copy of that data along with information about how we use it.

10.2 Right to Rectification

If any of the personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or update it.

10.3 Right to Erasure (“Right to be Forgotten”)

You may request the deletion of your personal data in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw your consent and no other legal basis exists.

10.4 Right to Restriction of Processing

You can ask us to temporarily restrict the processing of your personal data while we review a correction request or in other specific situations allowed by law.

10.5 Right to Data Portability

Where processing is based on consent or contract and carried out by automated means, you may request a copy of your data in a structured, commonly used, and machine-readable format, and request that it be transferred to another provider.

10.6 Right to Object

In certain cases, such as where we process your data on the basis of legitimate interests, you have the right to object to that processing. We will then cease processing unless we can demonstrate compelling legitimate grounds or the processing is necessary for legal claims.

10.7 Right to Withdraw Consent

Where our processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing prior to the withdrawal.

10.8 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe your data has been handled unlawfully or in violation of your rights.

10.9 How to Exercise Your Rights

To make a request regarding any of your data rights, please contact our Data Protection Officer at dpo@go-liberty.com. We aim to respond to all legitimate requests within 30 days and may ask for verification of your identity to ensure the security of your data.

If your request relates to data managed by your school or institution, we may refer your enquiry to them directly, or assist them in responding to your request as appropriate.

11. Cookies & Tracking Technologies

Cookies and similar technologies help us improve the quality of our services and enhance the user experience. While we do not use cookies for advertising purposes, we do use them to enable key functionality and collect analytics data.

11.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website or use an app. They help websites remember information about your visit, such as your preferred language or login status.

We may also use similar technologies such as local storage, pixels, or software development kits (SDKs) in our mobile applications.

11.2 How We Use Cookies

We use cookies and tracking technologies to:

• Keep you signed in across sessions
• Save your preferences and settings
• Enable certain features and platform functionality
• Monitor platform performance and identify bugs
• Collect anonymous usage analytics

We do not use cookies to serve targeted advertising or track users across unrelated websites.

11.3 Your Choices

You can manage cookie preferences through your browser or device settings. Most browsers allow you to refuse or delete cookies, although doing so may affect the functionality of the platform.

For detailed information about the types of cookies we use, please refer to our Cookie Policy.

12. Service Providers

Go-Liberty uses third-party service providers to support the delivery of our platform and ensure system reliability, data security, and user support.

These service providers may include companies that offer:

• Cloud hosting and infrastructure
• Database management
• Technical support and software development
• Email and notification delivery systems
• Security monitoring and analytics

Each provider is contractually required to process data only in accordance with our instructions and applicable data protection laws. We perform due diligence to ensure that these providers have appropriate security and privacy measures in place. They are not permitted to use the data for their own purposes.

A list of key service providers can be made available upon written request to policy@go-liberty.com

13. Business Transfers

In the event of a business transaction such as a merger, acquisition, reorganisation, or sale of assets, your personal data may be transferred as part of that transaction. Such transfers will be subject to confidentiality arrangements and, where required, you will be notified in advance of any material changes to how your data is managed.

Following any such transaction, the acquiring organisation will assume the rights and obligations described in this Privacy Policy.

14. International Transfers of Personal Data

Go-Liberty aims to store and process personal data within the same geographic region where it is collected. However, in some cases, data may be transferred to and processed in other jurisdictions.

When personal data is transferred internationally, we ensure that:

• The recipient country is deemed to have adequate data protection laws (e.g., as determined by the European Commission); or
• We enter into legally binding contracts with recipients based on standard contractual clauses or other approved mechanisms to ensure your rights are protected.

If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction with data transfer restrictions, and would like more information on safeguards applied, you may contact dpo@go-liberty.com.

15. Compliance with Laws and Law Enforcement

We may disclose personal information where required to do so by law or in response to valid legal requests from public authorities, including to:

• Comply with legal obligations
• Enforce our Terms of Service or other contractual agreements
• Detect, prevent, or address fraud, security risks, or technical issues
• Protect the rights, property, or safety of Go-Liberty, its users, or the public

Where feasible and not prohibited by law, we will notify affected users before disclosing data in response to a legal request.

16. Third-Party Links & Disclaimers

Our platform may contain links to external websites, services, or resources that are not operated or controlled by Go-Liberty. We are not responsible for the privacy practices or content of those third-party sites.

This Privacy Policy applies solely to information collected through Go-Liberty’s platform and services. We encourage you to review the privacy policies of any external sites you visit.

To the extent permitted by law, Go-Liberty disclaims liability for any damages or losses arising from your use of linked third-party websites.

17. Children’s Privacy

Go-Liberty is designed to support institutions that work with children and young people. We do not provide services directly to children under the age of 16. All access to student data is managed by the institution, which remains responsible for ensuring that appropriate parental or guardian consents are obtained before collecting or submitting student information to our platform.

We do not knowingly collect personal data from children without the involvement of an authorised institution. If we become aware that personal data has been collected inappropriately, we will take steps to delete it promptly.

If you believe that a child’s personal data has been provided to us in error, please contact us at dpo@go-liberty.com.

18. Data Localization

We aim to process and store data within the country or region in which it was collected, unless otherwise required by law or necessary for service delivery. For example, data collected in Australia is generally stored within Australia, and data collected in the European Union is stored within the EU or in countries offering adequate levels of data protection.

Where cross-border transfers are necessary, we apply appropriate safeguards as described in Section 14 (International Transfers of Personal Data).

19. Miscellaneous

This Privacy Policy is written in English, which shall prevail over any translated versions. Any disputes arising from the interpretation or application of this Policy shall be resolved under the laws applicable to the terms of service or contractual agreements in place between Go-Liberty and the relevant party.

We reserve the right to update this Privacy Policy from time to time. Material changes will be communicated via email or platform notifications where appropriate. The “Last Updated” at the top of this page reflects the date on which the current version was published.

A printed version of this Privacy Policy shall be admissible in judicial or administrative proceedings to the same extent as other business records maintained in printed form.

20. Contact Information

If you have any questions about this Privacy Policy, our data handling practices, or wish to exercise your data protection rights, please contact us using the details below:

Go-Liberty Pty Ltd
10a Cavendish Street, Pimlico 4814
Queensland, Australia
P.O. Box 477, Aitkenvale BC 4814
Queensland, Australia

Email (Privacy & Policy Matters): policy@go-liberty.com
Email (Data Protection Officer): dpo@go-liberty.com