Home

Privacy Policy

Last updated November 29, 2025

Who we are and scope

This Privacy Policy explains how we collect, use, store and share information about you when you use the Zorentia student platform, tools and related websites (the "Service").

"We", "us" and "our" means Zorentia Product Studio Pty Ltd (ABN 86 688 343 482), based in New South Wales, Australia.

We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

What we collect

We collect different kinds of information depending on how you interact with the Service.

a) Student signup and verification

  • Student email address (when you enter it in the form).
  • A one-time verification code we generate and send to that email.
  • A hashed version of your email address, stored so we can: (a) track whether a free credit has already been claimed for that student; (b) validate a recent verification.
  • Cloudflare Turnstile verification token and the technical information Turnstile uses (such as IP address, browser and device information) to distinguish humans from bots.

b) Anonymous account and access key

  • A randomly generated user ID (UUID).
  • A randomly generated access key, stored in hashed form in our database and as a secure cookie ("zk_access_key") in your browser.
  • Basic account metadata, such as: credits balance, account creation time, timestamp of last access key use.

We do not ask for your name, postal address or phone number to use the Service.

c) Tool usage and credit history

When you run a tool, we record:

  • your user ID,
  • the tool name,
  • credits deducted,
  • resulting balance,
  • timestamps.

Depending on the tool, we may also log your inputs and the outputs generated so we can: (a) provide you with history in the UI, (b) debug issues, (c) improve our prompts and tools.

d) Payments via Square

We use Square to process payments for credit purchases. When you pay, Square collects your payment card details and related security information directly.

We receive payment metadata, such as:

  • amount and currency,
  • which credit package you selected,
  • timestamps,
  • Square order/payment IDs,
  • status (pending, completed).

We do not see or store your full card number or CVV.

e) Logs, cookies and analytics

When you use the Service, our servers automatically log:

  • IP address,
  • browser and device information,
  • pages visited and actions taken,
  • timestamps.

We use:

  • a cookie to remember your access key and keep you logged in ("zk_access_key");
  • cookies or similar technologies for essential security and payment flows (for example, Turnstile and Square);
  • basic analytics tools to understand usage (for example, which tools are popular).

How we use the information

We use information we collect for the following purposes:

Provide the Service:

  • create and manage your anonymous account and credits;
  • process credit purchases and apply completed payments;
  • run tools and generate outputs based on your inputs.

Student eligibility:

  • verify student status and enforce the "one free credit per student" rule using hashed emails.

Security and abuse prevention:

  • protect forms and login endpoints from bots and abuse using Cloudflare Turnstile;
  • detect suspicious activity and protect our platform and other users.

Improvement and analytics:

  • understand how students use the tools;
  • debug errors and improve performance;
  • refine prompts, flows and features.

Legal and compliance:

  • meet our accounting, tax and record-keeping obligations;
  • respond to lawful requests from regulators or law enforcement, if required.

Legal grounds for handling your information

For users in Australia and similar jurisdictions, we handle personal information on the basis that it is:

  • necessary to provide you with the Service and to perform our agreement with you (for example, managing credits and purchases);
  • necessary for our legitimate interests, such as security, fraud prevention and improving the Service, in a way that is balanced against your privacy; and
  • required to meet our legal obligations (for example, record-keeping).

Children and young people

The Service is designed for adults, specifically tertiary students who are at least 18 years old.

We do not knowingly allow people under 18 to create accounts. If we learn that someone under 18 is using the Service, we may close the account and delete or de-identify related data, subject to legal retention needs.

How we store and protect information

We use reputable cloud infrastructure and databases with access controls.

We encrypt data in transit (for example, HTTPS) and restrict access to production systems to a small number of authorised people.

Access keys and certain identifiers are stored as hashed values so the original values are not stored in plain text.

Even with these measures, no system is 100% secure. We cannot guarantee absolute security, but we take reasonable steps to protect your information.

Data retention

We keep information only for as long as we reasonably need it for the purposes set out in this Policy, including to meet our legal obligations.

  • Student email hashes and verification records: retained to enforce the "one free credit per student" rule and to detect abuse, for a period we consider reasonably necessary for those purposes.
  • Account and credit data: kept while your account is active and for a period afterwards where we have a legitimate reason (for example, record-keeping, dispute resolution).
  • Payment records: kept for at least the minimum period required by tax and accounting laws.
  • Logs and analytics: kept for shorter periods, unless needed longer for security, investigations or legal reasons.

When we no longer need personal information, we will take reasonable steps to delete it or de-identify it.

Sharing your information

We share information with:

  • Service providers that help us run Zorentia, such as: hosting, database and infrastructure providers; payment processor Square; security services like Cloudflare Turnstile; logging and analytics tools.
  • Professional advisers, such as lawyers and accountants, where reasonably necessary.
  • Authorities, where required by law or where we reasonably believe it is necessary to protect our rights, safety or the rights and safety of others.

We do not sell your personal information to advertisers.

Because our providers may be located outside Australia, your information may be stored or processed overseas. We take reasonable steps to ensure that overseas recipients protect personal information in a way that is consistent with the Australian Privacy Principles.

Your choices and rights

Depending on where you live, you may have rights to:

  • request access to the personal information we hold about you;
  • ask us to correct inaccurate information;
  • request deletion of your account and associated data (subject to legal retention obligations);
  • object to or restrict certain types of processing.

You can usually exercise these rights by:

  • using the account features in the Service (for example, delete account), or
  • emailing us at privacy@zorentia.com.

For Australian users, if you are not satisfied with how we handle your request or complaint, you can contact the Office of the Australian Information Commissioner (OAIC) for further assistance.

Cookies and similar technologies

Essential cookies: used for things like keeping you logged in and securing forms and payments (for example, the access key cookie, Turnstile and Square-related cookies).

Analytics: we may use simple analytics tools that rely on cookies or similar technology to understand usage and improve the Service.

Your browser may allow you to block or delete cookies. If you do, some features of the Service may not work properly.

Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we'll update the "last updated" date and, where reasonable, notify you via the Service.

If you continue using the Service after changes take effect, we'll treat that as acceptance of the updated Policy.

Contact us

If you have questions or concerns about this Privacy Policy or how we handle personal information, you can contact us at:

Zorentia Product Studio Pty Ltd
ABN 86 688 343 482
Email: privacy@zorentia.com