Welcome to Consultease (“we,” “our,” or “us”). We are committed to protecting the privacy of our users, including education consultancies, agency administrators, counselors, students, and website visitors.

This Privacy Policy explains how we collect, process, store, and share personal information when you use our platform, website (consultease.tech), self-service student portals, and CRM services (collectively, the “Service”).

By accessing or using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with any terms of this policy, please do not access or use the Service.

We collect information that identifies, relates to, describes, or could reasonably be associated with a specific individual or business entity (“personal information”). We collect this information through three main channels:

A. Information Provided by Agencies

When a consultancy registers an account, we collect corporate and administrator details:

• Company Information: Legal name of the consultancy, business registration details, physical address, and official phone numbers.
• Administrator Accounts: Names, professional email addresses, password hashes, job titles, and roles of staff users.
• Billing Details: Payment details, tax identification numbers, and transaction history. (Credit card processing is handled securely by our payment gateway providers, and we do not store full card details on our servers).

B. Student and Case Data Uploaded by Agencies

Consultease is a B2B SaaS platform used by consultancies to process student files. Agencies upload personal information about students to manage their study abroad applications. This data includes:

• Identity & Contact Info: Full name, date of birth, gender, nationality, passport number, national identity numbers, home address, email, and phone number.
• Academic Records: Transcripts, mark sheets, character certificates, diplomas, graduation details, institution names, GPA, and test scores (IELTS, PTE, TOEFL, SAT, GRE, GMAT).
• Application Supporting Documents: Letters of recommendation, statement of purpose (SOP) drafts, CVs, bank balance certificates, and visa interview files.
• Financial Records: Tuition fee payment receipts, bank logs, scholarship certificates, and service fee tracking.

C. Technical and Usage Data

We automatically collect technical data from your browser or device:

• Log Files: IP address, browser type, operating system, referring URL, pages viewed, time spent, and dates of access.
• Activity Logs: Actions taken within the platform (e.g., student document uploads, counselor reviews, status changes, settings updates) to maintain a secure audit trail.
• Cookies: Essential session cookies to keep you authenticated, and functional cookies to remember your workspace preferences.

Consultease provides advanced artificial intelligence (AI) features to streamline document entry, including automated OCR (Optical Character Recognition) and data parsing:

• Automatic Metadata Extraction: When you upload document scans (such as passports, citizenship cards, and academic transcripts), our AI models automatically scan and extract key text metadata (e.g., passport numbers, birth dates, applicant names, board name, GPA, passing year).
• Data Processing Boundaries: File uploads processed by our AI services are analyzed strictly in real-time. We do not use your students' confidential transcripts, passports, or personal information to train public AI models. All data extraction occurs within secure, sandboxed sub-processors under strict data protection agreements.
• Human Review: AI-extracted data is always presented to the agency counselor or administrator for validation and manual confirmation before being finalized into the student's record.

We process the personal information we collect for the following legitimate business purposes:

• Provision of Services: To create and manage user accounts, authenticate logins, operate the consultancy dashboard, and host the self-service student portals.
• Case Management: To organize, track, and submit academic files, program selections, and application stages on behalf of the agency.
• Notifications: To send critical transactional messages, such as reminders for document submission requests, payment confirmations, password resets, and changes to application status.
• Billing & Account Management: To process monthly/annual subscription fees, issue invoices, and manage payment disputes.
• Customer Support: To resolve technical glitches, answer platform questions, and investigate bug reports.
• Security and Auditing: To monitor for fraudulent login attempts, prevent abuse of our API resources, maintain audit trails, and secure the overall infrastructure.
• Improvement of the Service: To run aggregated, anonymized analytical studies on feature usage so we can refine our UI/UX layouts and optimize server response speeds.

We do not sell, rent, or trade personal data or student records to any third-party marketing companies. We disclose personal information only in the following specific circumstances:

A. With Authorized Service Providers (Subprocessors)

We work with trusted third-party providers who perform infrastructure and technical services for us under strict contract terms:

• Cloud Infrastructure: Firebase and Google Cloud Platform (GCP) for data storage, server hosting, and security.
• Payment Processing: Secure gateways (such as Stripe) to process billing agreements.
• Communication Providers: Services that handle transactional email delivery (like SendGrid or Resend) and SMS notifications.
• AI Partners: Enterprise AI interfaces that facilitate secure OCR and transcript extraction.

B. Destination Universities and Visa Agencies

At the direct instruction of the consultancy or student (via the submission features on the platform), we transmit application packages to universities, educational consortia, and visa filing entities. We are not responsible for the privacy policies or data protection standards of these final destination institutions.

C. Legal Compliance

We may disclose information if required to do so by applicable law, regulation, subpoena, or valid government request, or when we believe in good faith that disclosure is necessary to protect the safety of our users, prevent financial fraud, or defend our legal rights.

We implement enterprise-grade security protocols to prevent unauthorized access, alteration, disclosure, or destruction of your personal data:

• Encryption in Transit: All communications between your browser/application and our servers are encrypted using Transport Layer Security (TLS) and SSL protocols.
• Encryption at Rest: Core databases, user archives, and document attachments are protected using Advanced Encryption Standard (AES-256).
• Role-Based Access Control (RBAC): The platform enforces strict access levels. Counselors can only view students assigned to them, students can only view their own cases, and administrators control permission policies.
• Regular Backups: Automated daily backups are maintained in secure, isolated storage regions to ensure high availability and disaster recovery.

While we take maximum precautions, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, tax, or regulatory obligations:

• Agency Workspace Data: All student profiles, applications, and documents remain accessible in your account for the duration of your active subscription.
• Subscription Cancellation: If an agency terminates its subscription, all workspace data is kept in a deactivated state for a period of 60 days (the “export window”) allowing the agency to retrieve its records. After 60 days, the workspace data is permanently deleted from our active production databases.
• Deletion Requests: Students who access the self-service portal can request account deletion. Upon receiving a valid deletion request, we notify the sponsoring agency to authorize the removal, following which the student's personal records are purged or anonymized, subject to regulatory retention laws.

Depending on your jurisdiction, you and your students may hold specific data rights under data protection laws (such as GDPR, CCPA, and regional guidelines):

• Right to Access: You can download or request a copy of all personal information we store about you or your consultancy.
• Right to Rectification: You can correct incomplete or inaccurate data fields directly through the account profile settings.
• Right to Erasure: You can request that we permanently delete your personal information, subject to overriding legal or contractual requirements.
• Right to Portability: You can export student records and case histories in standard CSV or PDF formats at any time.

To exercise any of these rights, please contact your account administrator or email us at info@consultease.tech.

We may update this Privacy Policy from time to time to reflect modifications in our software features, changes in cloud infrastructure, or compliance with new legal statutes.

If we make material changes, we will notify registered agency administrators via email or post a prominent banner inside the platform dashboard at least 15 days before the changes take effect.

For questions, concerns, or requests regarding this Privacy Policy, please contact our Data Protection Officer: