Guidance only — not migration advice.
anzscofinder
LEGAL

Privacy Policy

Last updated: 15 May 2026

About this policy

This policy explains how we collect, use, and protect personal information when you use anzscofinder.com (the "service"). We handle your information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

What we collect

  • Account info: name, email, phone (optional), company (optional), role indication, country focus, and any notes you choose to provide — collected via the form at /register-interest.
  • CV content: when you upload a CV, the file is stored privately on your account, and the extracted text is processed to identify occupation codes.
  • Usage info: server logs (IP address, user-agent, timestamps), session cookies for login state.
  • Feedback: ratings and comments you provide on match results.
  • Communication: any emails you send us.

How we use it

  • To run the ANZSCO matching service for you
  • To send transactional emails (account confirmation, invite links, match notifications)
  • To improve the tool (aggregated, de-identified analysis only — never your personal data)
  • For security, abuse prevention, and audit
  • To respond to support and partnership enquiries

AI processing of your CV

Your CV is processed by our matching engine, which sends extracted CV text (not necessarily the original file) to AI providers in the United States (currently Anthropic and OpenAI) for occupation extraction and semantic matching. These providers act as data processors under their data-processing terms and do not train their models on your data. The processed result (top matches plus your feedback) is stored on our infrastructure in Sydney, Australia.

Sharing with third parties

We use the following processors:

  • Amazon Web Services (AWS) — file storage (S3, Sydney region) and transactional email (SES). Region: ap-southeast-2.
  • Anthropic — CV-to-code semantic matching. Region: United States.
  • OpenAI — embeddings for occupation-code retrieval. Region: United States.
  • Stripe — payment processing, if and when paid plans launch. Regions: United States and Australia.

We do not sell, rent, or trade your personal information.

Cross-border data transfers

Some processors are located outside Australia (primarily the United States). By using the service you consent to the transfer of your CV content and account information to those processors for the limited purpose of operating the service. We take reasonable steps to ensure these processors handle your information consistently with the APPs.

How long we keep it

  • Account info: retained while your account is open; deleted within 60 days of you closing your account
  • CV files: retained until you delete them or close your account
  • Match results: retained while your account is open; you can delete individual results from your dashboard
  • Server logs: rotated within 90 days
  • Email records: retained for 12 months for audit purposes

Security

Data is encrypted in transit (HTTPS) and at rest (AWS SSE-AES-256). Production systems are isolated from staging and development. Access is limited to authorised team members. No system is impenetrable, but we take reasonable steps to protect your information.

Cookies

We use first-party session cookies to keep you logged in and to remember your selections. We do not currently use third-party analytics, advertising networks, or marketing trackers. If we add analytics later we will update this page and notify you by email.

Your rights — access, correction, complaints

Under Australian Privacy Principles 12 and 13, you can:

  • Ask us what personal information we hold about you
  • Ask us to correct it if it's wrong
  • Ask us to delete your account and associated data

Email [email protected] with your request. We will respond within 30 days.

If you're not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Children

The service is not directed at children under 18. We do not knowingly collect personal information from anyone under 18.

Changes

The current version of this policy is always at /privacy. Significant changes will be communicated by email at least 14 days before they take effect.

Contact

Privacy questions or requests: [email protected].