Privacy Policy - Remote Reviewer

Last updated: 4 March 2026

Remote Reviewer is the data controller for personal data processed through this website and platform, except where we process data strictly on instructions from our customers as a processor. Contact: info@remotereviewer.com.au.

Scope

This policy explains what personal data we collect, why we process it, who we share it with, and the rights available to you under applicable privacy law including GDPR and UK GDPR.

Legal Basis for Processing (GDPR Article 6)

1. Contract: to provide account access, task workflows, reports, and support.
2. Legitimate interests: service security, diagnostics, abuse prevention, and product improvement.
3. Consent: non-essential cookies/analytics and optional communications, where required.
4. Legal obligation: records required for tax, accounting, and compliance.

Personal Data We Process

1. Account data: name, email, company, phone, role and profile data.
2. Assessment data: task metadata, comments, scores, uploaded files, review outcomes and related xAPI statements.
3. Technical data: IP address, browser/device details, session and security logs.
4. Billing data: subscription details and billing contact information.

How We Use Personal Data

1. Provide and secure the platform.
2. Operate assessments, reviews, exports, and customer-requested integrations.
3. Respond to support requests and service communications.
4. Measure and improve platform reliability and performance.

Cookies and Tracking

We use essential cookies required for login/session security and optional analytics cookies. Optional analytics cookies are only enabled after consent where required. You can choose essential-only cookies from the cookie banner and adjust preferences by clearing browser storage and re-selecting your preference.

Who We Share Personal Data With

We share data with authorized staff and trusted subprocessors only as needed to provide the service. Current subprocessors are listed at /subprocessors. We do not sell personal information.

International Data Transfers

Where data is processed outside your jurisdiction, we apply appropriate safeguards, including contractual protections and technical controls, as required by applicable law.

Data Retention

We retain personal data for as long as needed to provide the service and meet legal obligations. Retention periods vary by data type. Operational logs and backups are retained for limited periods; account and assessment data are retained according to customer lifecycle and contractual requirements unless earlier deletion is requested and permitted.

Your Rights

Depending on jurisdiction, you may have rights to access, correct, erase, restrict, object, and port your personal data, and to withdraw consent where processing is consent-based.

To exercise rights, contact info@remotereviewer.com.au. We may need to verify your identity before completing a request.

Security

We apply technical and organizational controls designed to protect personal data, including access controls, encrypted transport (HTTPS), and restricted operational access.

Children

Our services are not directed to children under 16 without appropriate authorization. If you believe a child has provided personal data without authorization, contact us so we can investigate and act.

Changes to This Policy

We may update this policy from time to time. Material updates will be reflected by changing the "Last updated" date and, where appropriate, additional notice.

Contact and Complaints

If you have concerns about privacy handling, contact us at info@remotereviewer.com.au. If unresolved, you may lodge a complaint with your local supervisory authority.