EthosGov

Policies

Policies

View our governance and legal policies in one place.

Privacy Policy - EthosGov

PLACEHOLDER: This is a drafting placeholder, not a finalised Privacy Policy. Requires privacy counsel review aligned to the Privacy Act 1988 (Cth), the Australian Privacy Principles, and state education privacy provisions (including South Australian DfE privacy requirements) before publication.

Last updated: 18 April 2026

This Privacy Policy explains how EthosGov (operated by Atlas Platforms, Delaware C-Corp) collects, uses, discloses and protects personal information. It applies to www.ethosgov.io, app.ethosgov.io, and related services.

1. What We Collect

Account information. Name, work email, role, organisation, state, phone (if provided), and credentials.

Organisation information. School name, Department affiliation, configuration data, compliance obligations relevant to your jurisdiction.

Customer Data. The records, documents, risk assessments, incident logs, Council packs, meeting minutes and related artefacts you create, upload, or generate in the Service.

Usage information. Log data, IP addresses, browser type, device information, pages visited, features used. Collected via standard web analytics.

Cookies. See Cookie Policy.

2. How We Use It

  • To provide, configure and support the Service.
  • To communicate with you about your account, updates, and support matters.
  • To improve the Service, with usage data typically aggregated or de-identified.
  • To meet legal and contractual obligations, including security incident handling.
  • With explicit consent, to send product announcements or research invitations.

We do not sell personal information. We do not share Customer Data with third parties for marketing purposes.

3. Student and Educational Data

Where the Service is used by schools, Departments or related educational organisations, Customer Data may include information about students, staff, parents, and community members. We treat all such data as a data processor on behalf of your organisation and in accordance with:

  • The Privacy Act 1988 (Cth) and Australian Privacy Principles.
  • State-specific education privacy legislation (e.g., SA DfE Information Sharing Guidelines, VIC Department of Education and Training privacy provisions, NSW Privacy and Personal Information Protection Act 1998).
  • Any Data Processing Agreement or similar executed with your organisation.

4. Disclosure and Third Parties

We disclose information only:

  • To sub-processors supporting the Service (hosting, email, analytics). Current sub-processor list available on request.
  • When required by law, court order, or regulatory authority.
  • In connection with a corporate transaction, subject to the same protections.
  • With your explicit consent.

5. Data Storage and International Transfers

Customer Data is hosted on Australian infrastructure by default. Where processing by a sub-processor outside Australia is necessary, we take reasonable steps to ensure equivalent protections in accordance with the Australian Privacy Principles.

6. Security

We maintain administrative, technical and physical safeguards aligned to ISO 27001 principles. See our ISMS Policy. No system is fully secure; we will notify affected organisations and individuals of eligible data breaches in accordance with the Notifiable Data Breaches scheme.

7. Retention

Account and usage information is retained for the duration of your account plus a commercially reasonable period. Customer Data is retained in accordance with your organisation's contract; on termination, we return or delete it per that contract.

8. Your Rights

You may:

  • Access personal information we hold about you.
  • Correct inaccurate personal information.
  • Request deletion of personal information, subject to legal retention requirements.
  • Object to or restrict certain processing.
  • Complain to the Office of the Australian Information Commissioner (OAIC) if you believe we have mishandled your personal information.

Requests: privacy@ethosgov.io

9. Children

The Service is a platform used by school organisations. It is not directed at individuals under 18 for the purpose of creating personal accounts. Customer Data about students is handled on behalf of the school or organisation as a data processor.

10. Changes to This Policy

Material changes will be communicated via email or in-app notice.

11. Contact

Privacy Officer: privacy@ethosgov.io

Related policies: Terms of Service | Cookie Policy | Code of Conduct | ISMS Policy

Board-ready in 30 days

EthosGov supports everyone who plays a role in school governance:

What you can expect

Governance Clarity

Boards get consistent, ready-to-present insights.

Assurance Confidence

No blind spots, everything tracked under ownership.

Compliance Control

State-aligned obligations managed and visible.

Risk Transparency

ISO-aligned risk management with accountability.

Book a Governance Review