This document walks through how personal specifics are handled throughout your engagement with our budget adjustment resources. We've built our approach around a stewardship principle—your details exist to serve the relationship you've chosen to establish with us, not the other way around.
Rather than following the traditional privacy document structure, we're organizing this by the natural stages of how information moves through our system. From the moment details first reach us to their eventual removal, each phase reflects deliberate choices about necessity, access, and protection.
Initial Intake: When Details First Reach Us
Information doesn't just appear in our systems. It arrives through specific interactions you initiate. The nature of what we receive depends entirely on which type of engagement you pursue.
Inquiry Submissions
- Full name and preferred contact method
- Geographic location within Australia
- Brief description of financial situation
- Timeline expectations for budget review
Resource Downloads
- Email address for delivery
- First name for personalization
- Document access timestamp
- Which specific resource was obtained
Educational Enrollments
- Complete contact details
- Current financial education background
- Preferred learning format and pace
- Payment method specifics
Direct Consultations
- Comprehensive financial overview
- Income and expense patterns
- Existing debt and asset structure
- Short and long-term financial objectives
The intake happens when you actively provide information through forms, email correspondence, phone conversations, or during scheduled consultation sessions. We don't derive details from third-party databases or purchase contact lists. Every piece of information traces back to something you deliberately shared.
Website navigation patterns and technical interaction data follow different rules—those mechanisms are governed by our separate cookie framework document, which addresses tracking technologies, analytics scripts, and session management.
Information Journey Through Our Operations
Once details enter our system, they move through distinct operational phases. Each phase serves a different function, and the specifics held at each stage vary accordingly.
Reception & Initial Classification
When information first arrives—whether through a form submission or direct communication—it lands in an intake queue. Within 48 hours, our team reviews the context of your inquiry and assigns it to the appropriate response pathway. This might be our educational team, consultation scheduling, or resource delivery system. During this window, details are held in a temporary processing environment with restricted access.
Active Engagement Phase
If you're participating in an educational program or ongoing consultation, your details migrate to our active client database. Here, they're linked to your specific service history, communication records, and any materials we've prepared for your situation. Access expands slightly during this phase—in addition to your primary contact, relevant support staff can view necessary portions of your information to assist with scheduling, material delivery, or technical questions.
Reference & Follow-Up Period
After active services conclude, details transition into a reference state. We maintain this information to support any follow-up questions you might have, provide continuity if you return for additional services, and fulfill our operational record requirements. During this phase, access becomes more restrictive again—only senior staff can reach these records, and only when you initiate contact or for legitimate business review purposes.
Archival Transition
Information that hasn't been actively used for an extended period moves into archived status. This represents the final stage before eventual removal. Archived details are stored separately from active systems, with significantly limited access—typically only available to our operations director for compliance audits or in response to specific legal requirements. The archive state exists primarily to satisfy regulatory retention obligations rather than operational needs.
Secure Removal
When retention requirements expire and no active relationship remains, information undergoes permanent deletion. This isn't a simple file deletion—it's a multi-stage process that includes removing details from backup systems, purging associated metadata, and verifying complete removal from all storage locations. The entire removal sequence typically requires 60 days to fully complete across all systems and backup cycles.
Operational Purposes: Why Each Detail Matters
We don't maintain information just because we can. Every category serves specific functions that directly support the services you've requested or the relationship you've established.
Service Delivery Mechanics
When you enroll in an educational program about budget adjustment strategies, we need your contact details to send course materials, schedule live sessions, and provide access credentials to online resources. Your geographic location determines which Australian tax considerations we emphasize in examples. Your indicated experience level shapes which explanatory depth we use in materials. Without these specifics, we'd be delivering generic content that might miss your actual situation entirely.
Communication Continuity
Financial education often involves multiple touchpoints over extended periods. Maintaining a record of previous conversations prevents you from having to repeat your situation each time we interact. It allows us to reference earlier questions you've asked, track which resources we've already provided, and understand the progression of your financial literacy development. This continuity transforms what could be a series of disconnected transactions into a coherent learning relationship.
Operational Improvement
Aggregated patterns in the types of questions people ask, which resources generate the most follow-up inquiries, and where participants commonly struggle help us refine our educational materials and service approaches. This analysis happens at a macro level—we're looking at patterns across hundreds of interactions rather than scrutinizing individual cases. Individual identifiers are stripped before information enters this analytical process.
Regulatory Compliance
Australian financial services operate within a defined regulatory framework. While we're educators rather than licensed financial advisors, certain record-keeping requirements still apply—particularly around payment processing, tax documentation, and business operation records. Some information retention happens because regulatory bodies mandate it, not because we need it for day-to-day operations.
External Information Movement
Your details don't circulate freely. Information leaves our direct control only under specific, limited circumstances. Each category of external movement operates under different constraints and serves different functions.
Essential Service Providers
Running an educational platform requires certain technical infrastructure we don't operate ourselves. Our email delivery system, payment processor, and hosting infrastructure represent external services that necessarily access portions of your information to perform their functions. These relationships are governed by formal contracts that restrict how they can handle details, prohibit them from using information for their own purposes, and require them to maintain security standards equivalent to our own.
The payment processor receives transaction details and billing information but never sees your broader financial situation or educational progress. The email system accesses your contact details and message content but has no visibility into your enrollment status or consultation records. Each external service receives only the minimum information slice necessary for its specific technical function.
Legal Obligations
Certain situations create legal requirements to disclose information regardless of our preferences. Court orders, regulatory investigations, and statutory reporting requirements can compel information disclosure. When we receive such demands, we first verify their legitimacy and scope, then release only the specific details legally required. You'll be notified of such disclosures unless the legal order itself prohibits notification.
Business Structure Changes
Should falorentia undergo acquisition, merger, or substantial operational restructuring, client information would be considered a business asset subject to transfer. Any acquiring entity would inherit the obligations outlined in this document—they couldn't suddenly begin using your details in ways you hadn't previously agreed to. You'd receive advance notice of such transitions with an opportunity to request information deletion before the transfer occurs.
What We Never Do
We don't sell contact lists to marketing companies. We don't trade information for affiliate partnerships. We don't provide your details to other financial education providers, even if we think their services might interest you. We don't include your information in industry databases or research projects without explicit, separate permission. The default state is containment—information moves externally only when functionally necessary or legally mandated.
Protection Approach & Remaining Risk
Security represents a constant tension between accessibility and protection. Information needs to be available enough to serve its purposes while locked down enough to resist unauthorized access. Our approach layers multiple protective mechanisms rather than relying on any single safeguard.
Technical Safeguards
All information transmission between your device and our systems occurs through encrypted connections—this prevents interception during transit. Storage systems encrypt data at rest, meaning even if someone gained physical access to our servers, they'd encounter encrypted files rather than readable information. Access to systems requires multi-factor authentication, not just passwords. Regular security audits scan for vulnerabilities in our infrastructure.
Administrative Controls
Not everyone on our team can access all information. The person managing course enrollments doesn't need visibility into detailed consultation records. Support staff handling technical questions don't require access to financial specifics you've shared in consultations. We apply a principle of minimum necessary access—each role receives only the system permissions required for its function.
Physical Security
Our Lismore office where staff work with client information maintains controlled access, visitor logging, and secure storage for any physical documents. Office systems automatically lock when unattended. Documents containing personal specifics are shredded rather than simply discarded when no longer needed.
The Limits of Protection
No security framework eliminates risk entirely. Sophisticated attacks can potentially breach well-defended systems. Human error can occasionally expose information despite careful procedures. Third-party service providers we depend on face their own security challenges. We work continuously to minimize these risks, but complete elimination remains impossible. Should a security incident occur that affects your information, we'll notify you directly with details about what was potentially exposed and what steps you should consider in response.
Your Control Mechanisms
The specifics we hold about you ultimately remain yours. Several mechanisms exist for you to exercise control over how that information is handled, corrected, or removed.
Access & Review
You can request a complete copy of all information we maintain about you. Submit your request through email to info@falorentia.sbs or by calling our office. We'll verify your identity—typically by confirming details only you would know from previous interactions—then provide a comprehensive export within 14 days. This includes all records, correspondence history, and notes from consultations or support interactions.
Correction & Updates
If details we've recorded are inaccurate or have changed, you can request corrections at any time. Most updates you can make directly through your client portal if you have active access. For corrections requiring staff intervention—like updating records of past consultations or correcting enrollment information—contact us with the specific changes needed. We'll implement verified corrections within five business days.
Usage Restrictions
You can object to specific uses of your information even if those uses fall within this document's general framework. For instance, you might be comfortable with us maintaining your consultation records but prefer we not include your anonymized situation in our aggregated analysis for service improvement. We'll honor such restrictions when they don't fundamentally prevent us from providing services you've requested.
Complete Removal
You can request deletion of all information we hold about you. This triggers immediate removal from active systems, though complete purging from backup cycles takes approximately 60 days. Important caveat: certain details must be retained for regulatory compliance periods regardless of deletion requests—specifically payment records, tax documentation, and basic enrollment records. These items enter restricted archive status rather than full deletion, with access limited to compliance purposes only.
Data Portability
If you want to transfer your information to another service provider, we can provide your details in a structured, commonly used format. This allows you to take your educational history, consultation records, and accumulated materials to another platform if you choose. The export format uses standard file types that most systems can import directly.
Automated Processing Objection
We don't use automated systems to make significant decisions about your access to services or educational opportunities. If we were to implement such systems in the future, you'd have the right to request human review of any automated determinations that affect you.
Retention Duration Framework
Different categories of information follow different retention schedules based on their purpose, regulatory requirements, and operational necessity. The table below outlines standard retention periods, though specific circumstances might modify these timelines.
| Information Category | Retention Period | Retention Basis |
|---|---|---|
| Basic inquiry details (name, contact method) | 24 months from final interaction | Operational need for follow-up continuity |
| Educational enrollment records | 7 years from course completion | Australian business record requirements |
| Payment transaction details | 7 years from transaction date | Tax and financial audit requirements |
| Consultation session notes | 5 years from final session | Professional liability and continuity of care |
| Email correspondence | 3 years from final message | Service quality and dispute resolution |
| Resource download records | 18 months from download | Usage analysis and platform improvement |
| Marketing communication preferences | Until explicitly withdrawn | Ongoing consent management |
| Support ticket details | 2 years from resolution | Service pattern analysis and training |
You can request earlier deletion of any category where retention is based on operational need rather than legal requirement. Legally mandated retention periods cannot be shortened regardless of personal preference.
Legal Foundation & Geographic Scope
Our information handling practices operate within Australian privacy law, specifically under the Australian Privacy Principles established by the Privacy Act 1988. As an educational service provider operating primarily within New South Wales, we fall under both federal privacy requirements and state-level consumer protection frameworks.
Consent Basis
Most information intake occurs based on your explicit consent—you've chosen to submit an inquiry, enroll in a program, or request consultation services. This consent can be withdrawn, though withdrawal might affect our ability to continue providing certain services.
Contractual Necessity
When you enroll in educational programs or engage consultation services, an implicit contract forms. Handling information necessary to fulfill that contract—delivering materials, scheduling sessions, processing payments—operates under contractual necessity rather than requiring separate consent.
Legitimate Interest
Certain operational activities like analyzing service quality, preventing fraud, and maintaining security represent legitimate business interests. These activities proceed based on legitimate interest grounds, though your right to object remains if you believe the specific application is inappropriate.
Legal Obligation
Regulatory requirements around financial record retention, tax documentation, and statutory reporting create independent bases for information handling regardless of consent status. These obligations persist until the statutory retention period expires.
Cross-Border Considerations
Our operations remain entirely within Australia. Information storage, processing, and access all occur within Australian jurisdiction. We don't transfer details to overseas entities or utilize offshore processing services. If this changes in the future, we'd need to implement additional safeguards under Australian Privacy Principle 8 and notify you of the change before any international transfer occurs.
Regulatory Oversight
The Office of the Australian Information Commissioner provides oversight for privacy matters. If you believe we've mishandled your information or failed to honor your rights under privacy law, you can escalate concerns to the OAIC after first attempting resolution directly with us. Contact details for the OAIC are available at oaic.gov.au.
Children & Capacity Considerations
Our educational services target adults managing their own financial situations. We don't knowingly collect information from individuals under 18 years old without parental involvement. If we discover we've inadvertently obtained details from a minor without appropriate guardian consent, we'll delete that information immediately.
For individuals with guardians or power of attorney arrangements, the appointed representative can exercise all rights outlined in this document on behalf of the represented person. We'll require verification of the legal authority before providing access to information or implementing changes.
Framework Evolution
This document reflects our current practices as of January 2025. Privacy approaches evolve as services change, regulations develop, and new technologies emerge. Material changes to how we handle information will be communicated through multiple channels—email notification to active clients, prominent website notices, and updated effective dates on this document.
Minor clarifications or administrative updates might occur without individual notification, though the document version date always reflects the most recent revision. We recommend reviewing this framework periodically if you maintain an ongoing relationship with our services.
Previous versions of this document are archived and available upon request if you need to understand what policies were in effect during a specific historical period.
Direct Communication Channels
Questions about how your information is handled, requests to exercise your rights, or concerns about our practices can be directed through several channels. Choose whichever method works best for your situation.
Email Correspondence
Send detailed inquiries or formal requests to info@falorentia.sbs. We monitor this address during business hours and typically respond within 48 hours.
Phone Discussion
Call +61 470 265 944 during business hours (Monday–Friday, 9:00–17:00 AEST) to speak directly with our privacy officer about immediate concerns or complex situations.
Physical Mail
Written correspondence can be sent to: falorentia, SH 20 Lismore Square Corner Brewster & Uralba St, Lismore NSW 2480, Australia. Allow 7–10 days for processing of mailed requests.
For urgent privacy matters—particularly suspected security incidents or unauthorized access concerns—phone contact ensures the fastest response. Non-urgent inquiries work well through email where we can provide detailed written responses.