Legal
Doc PRV-01 · Rev 2026-07-07
Privacy Policy
Last updated: 7 July 2026
This policy explains how ARSHIA Learning (“we”, “us”) handles personal information in Cohort, our learning management platform. We comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
Who we are
ARSHIA Learning provides Cohort as a subscription service to organisations (“customers”). When a customer uses Cohort to train its people, that customer is the controller of its employees’ data and we act as its processor. This policy covers both the personal information we hold as a business and the information we process on our customers’ behalf.
What we collect
- Account information — name, work email, username, and role, for people given a Cohort account by their organisation.
- Learning records — module assignments, progress, time spent, quiz attempts and completion dates.
- Prospect enquiries — the name, work email, company and message you submit if you book a demo.
- Technical data — IP address, browser type and session cookies needed to keep you signed in and to secure the service.
We do not sell personal information, and we do not use it for advertising.
Why we use it
- To provide the training platform: authenticate users, deliver modules, and record completion for your organisation’s compliance evidence.
- To respond to demo requests and support enquiries.
- To secure the service and diagnose faults.
Cookies
Cohort uses a single essential session cookie to keep you signed in. It is strictly necessary for the service to work and carries no advertising or cross-site tracking. We do not set third-party marketing cookies.
Where your data is held
Cohort runs on infrastructure provided by Railway (our hosting sub-processor). Data may be processed in the region where that infrastructure runs. Australian data residency can be arranged for customers who require it — contact us before you sign.
Retention
We keep account and learning records for as long as a customer’s subscription is active, plus a reasonable period afterwards so completion evidence remains available for audits. On written request at offboarding, we delete or return a customer’s data. Demo enquiries are kept only as long as needed to follow up.
Your rights
Under the APPs you can ask to access or correct the personal information we hold about you. If your account was created by your employer, we will usually direct such requests to them as the controller. Email hello@arshialearning.com.au and we will respond within a reasonable time.
Data breaches
We maintain safeguards appropriate to the data we hold. In the event of an eligible data breach, we will act in accordance with the Notifiable Data Breaches scheme and notify affected customers promptly.
Contact
Questions about this policy or your information: hello@arshialearning.com.au, ARSHIA Learning, Sydney, Australia. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (oaic.gov.au).