Privacy Policy.

Effective Date: 7 April 2026
Last Updated: 7 April 2026

Ponder (“we”, “our”, “us”) is committed to protecting your privacy. We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our application and website.

1. Information We Collect

We may collect the following types of personal information:

  • Account details: name, email address, and password.

  • CPD content: learning plans, CPD activity records, reflective notes, attachments, and other information you enter into the app.

  • Support information: details you provide when contacting us for help (e.g., emails, chat messages).

  • Technical and usage data: device type, operating system, crash logs, and app usage patterns.

  • Payment details: if you purchase a subscription, payments are processed securely by our third-party providers (e.g. Stripe, Apple App Store, or Google Play). We do not store your full credit card details on our servers.

  • Marketing and analytics data: if you use our website, we may collect information through cookies or similar technologies (e.g. Google Analytics, email open tracking) to understand usage and improve our services. You can disable cookies in your browser, but some features may not function as intended.

Client data:
Ponder is designed for professional development logging, not for recording client case notes or identifiable client information. Users must not enter client names, dates of birth, contact details, or any other information that could identify a client. If required for reflection, users should use pseudonyms, initials, or non-identifiable summaries.

2. How we collect information

We collect personal information in the following ways:

  • Directly from you when you register, log CPD activities, make payments, or contact support.

  • Automatically through your use of the app and website (technical and analytics data).

3. How we use your information

We use your information to:

  • Provide and improve app features (CPD logging, audit report generation).

  • Help you manage CPD requirements and reminders.

  • Process payments and manage subscriptions.

  • Communicate with you about updates, support, and security.

  • Analyse app and website usage to improve performance.

  • Comply with our legal obligations.

We will not use your personal information for other purposes without your consent, unless required by law.

4. How We Store and Protect Your Information

  • Data is stored securely on Microsoft Azure servers located in Australia.

  • Data is encrypted in transit (HTTPS/TLS) and at rest (AES-256 encryption).

  • Payment details are handled by Stripe and are not stored by us.

  • Access to data is restricted to authorised staff under confidentiality agreements.

  • All staff accounts with access to critical data use multi-factor authentication (MFA) and follow Microsoft’s maximum security recommendations.

  • We regularly review and update our security measures.

Hosting Jurisdiction:
All data is hosted in Australia. We do not transfer your personal information overseas unless required for essential service provision, and in such cases, we take reasonable steps to ensure compliance with the APPs.

5. Sharing Your Information

We do not sell your personal information.

We may share limited information with:

  • Service providers who help us operate the app (e.g. hosting, analytics, payment processing).

  • Regulators, if required by law.

Where service providers are located overseas, we take reasonable steps to ensure they comply with the Australian Privacy Principles..

6. Access and Correction

You may request access to the personal information we hold about you, or request corrections if any information is inaccurate. Please contact us at contact@pondercpd.com for assistance.

7. Retention and Deletion

We keep your personal information for as long as you maintain an active account.

If you delete your account or choose not to renew your subscription:

  1. We will generate and email you an export of your CPD records.

  2. Thirty (30) days after sending the export, your account and all personal data will be permanently deleted from our systems, except where retention is required by law.

8. Data Breaches

We comply with the Notifiable Data Breaches (NDB) scheme.
If your personal information is involved in a serious breach likely to cause harm, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required by law.

9. Complaints

If you believe we have breached your privacy, please contact us at contact@pondercpd.com. We will respond within a reasonable time.
If you are not satisfied with our response, you may contact the OAIC at www.oaic.gov.au.

10. Changes to This Policy

We may update this Privacy Policy from time to time.
The latest version will always be available in the Ponder website.
Any changes will take effect from the date they are published.

11. Contact Details

If you have questions about this Privacy Policy, please contact us: contact@pondercpd.com

We’ll respond as soon as possible — typically within two business days.

© 2026 PONDERCPD PTY LTD. All rights reserved.