Privacy Policy

Effective Date: January 01, 2026 | ABN: 57 637 465 626 | Website: yesieducation.com

TABLE OF CONTENTS

Introduction & Scope
Information We Collect
How We Use Your Information
Legal Basis for Processing
Data Sharing & Disclosure
Subscriptions & Payment Data
Third-Party Services & SDKs
Cookies & Tracking Technologies
Data Retention
Data Security
International Data Transfers
Children’s Privacy
Your Rights & Choices
Australian Privacy Act Compliance
GDPR – EU/EEA/UK Users
CCPA/CPRA – California Users
Changes to This Policy
Contact Us

1. Introduction & Scope

YESI PTY LTD (ABN 57 637 465 626), trading as YESI Education (“we”, “us”, “our”, or “the Company”), is a global online education business headquartered in Sydney, New South Wales, Australia. We operate the website yesieducation.com and publish a portfolio of more than 100 educational products — including mobile applications, online courses, ebooks, audiobooks, newsletters, podcasts, and other learning resources — reaching more than 1 million students across 200+ countries.

This Privacy Policy describes how YESI Education collects, uses, stores, discloses, and protects your personal information when you:

Download, install, or use any mobile application published by YESI Education on the Apple App Store (including all current and future apps);
Access or use our website, online courses, or any other digital product or service offered by YESI Education;
Subscribe to our newsletters, podcasts, or communications; or
Contact us for support or other purposes.

Note on App Coverage: This policy is a unified privacy policy that applies to all mobile applications published by YESI Education on the Apple App Store, both current and future. Individual apps may collect additional data types specific to their functionality; where this is the case, supplemental in-app disclosures will be provided.

By using any of our products or services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with any part of this policy, please do not use our products or services.

This Privacy Policy has been prepared to comply with applicable privacy laws, including: the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs); the EU General Data Protection Regulation (GDPR) and UK GDPR (for users in the EU, EEA, and United Kingdom); and the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) (for California residents). It also addresses requirements under Apple App Store Review Guidelines, including Guideline 3.1.2(c) relating to auto-renewable subscriptions.

2. Information We Collect

We collect personal information in various ways depending on how you interact with our products and services. The categories of information we may collect are described below.

2.1 Information You Provide Directly

Account Information: When you create an account, we collect your name, email address, and any password you create (stored in encrypted form). You may optionally provide a profile picture or other profile details.
Communications: If you contact our support team or submit feedback, we collect the content of your messages, your email address, and any other information you choose to include.
Survey & Research Responses: If you participate in surveys, research studies, or contests, we collect the information you provide in connection with those activities.

2.2 Information Collected Automatically

Usage & Analytics Data: We collect information about how you interact with our apps and services, including features used, content accessed, lessons completed, time spent in the app, and in-app actions taken.
Device Information: We collect information about the device you use to access our services, including device model, operating system version, unique device identifiers (such as IDFA/IDFV on iOS), app version, and crash/diagnostic data.
Log Data: Our servers automatically record information when you use our services, including your IP address, access times, pages visited, and referring URLs.
App Performance & Diagnostics: We collect crash reports and performance data to diagnose and fix issues with our apps.

2.3 Information from Third Parties

Apple Sign-In / Third-Party Authentication: If you sign in using Apple ID or another third-party authentication service, we receive the limited profile information permitted by that service (typically a name and email address).
Analytics Providers: We may receive aggregated or anonymised analytics data from third-party analytics providers to help us understand how users interact with our services.

2.4 Payment & Subscription Information

We do not directly collect, process, or store credit card numbers, debit card numbers, bank account details, or any other payment card information. All payments and subscription management for our mobile applications are processed exclusively by Apple Inc. through the Apple In-App Purchase system. Apple’s privacy policy governs the collection and use of payment information. Please refer to Apple’s Privacy Policy for details.

We may receive limited non-financial transaction data from Apple, such as confirmation that a subscription is active, a subscription’s expiry date, and the subscription tier purchased — solely for the purpose of delivering the correct service entitlements to you.

Category	Examples	Source
Account identifiers	Name, email address	Provided by you
Usage & analytics	Features used, content viewed, session duration	Automatically collected
Device & technical data	Device model, OS version, IP address, device ID	Automatically collected
Diagnostics	Crash reports, performance logs	Automatically collected
Subscription status	Active/inactive status, tier, expiry date	Apple (via receipt validation)
Communications	Support emails, feedback submissions	Provided by you

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Providing & Improving Our Services

Create and manage your account and deliver our educational products and services.
Validate subscription entitlements and unlock premium content.
Personalise your learning experience and content recommendations.
Monitor, diagnose, and fix technical issues, bugs, and crashes.
Develop new features, products, and educational content.
Conduct analytics to understand how users engage with our apps and services.

3.2 Communications

Send transactional and service-related communications (e.g., account confirmations, subscription receipts, important product updates).
Respond to your support requests, questions, and feedback.
Send educational newsletters, product updates, and promotional communications where you have opted in or where permitted by applicable law.

3.3 Safety, Security & Legal Compliance

Detect, prevent, and investigate fraudulent or abusive activity.
Protect the security and integrity of our systems and services.
Comply with applicable legal and regulatory obligations.
Enforce our Terms of Service and other agreements.
Respond to lawful requests from government authorities.

3.4 Aggregated & Anonymised Data

We may use your information to create aggregated, anonymised, or de-identified data sets that do not identify you personally. We may use and share such aggregated data for any purpose, including research, business analysis, and marketing.

4. Legal Basis for Processing

Where we process your personal data under the GDPR or UK GDPR, we rely on one or more of the following legal bases:

Processing Activity	Legal Basis
Account creation and service delivery	Performance of a contract (Article 6(1)(b) GDPR)
Subscription management and entitlement validation	Performance of a contract (Article 6(1)(b) GDPR)
Customer support and responding to queries	Performance of a contract; Legitimate interests
Service improvement, analytics, and diagnostics	Legitimate interests (Article 6(1)(f) GDPR)
Security and fraud prevention	Legitimate interests (Article 6(1)(f) GDPR)
Marketing and promotional communications (opt-in)	Consent (Article 6(1)(a) GDPR)
Compliance with legal obligations	Legal obligation (Article 6(1)(c) GDPR)

Under the Australian Privacy Act 1988 (Cth), we collect and use personal information only where it is reasonably necessary for one or more of our functions or activities, or where otherwise permitted by law.

5. Data Sharing & Disclosure

We do not sell your personal information to third parties. We may share your information in the following limited circumstances:

5.1 Service Providers

We engage trusted third-party service providers to assist us in operating our business and delivering our services. These providers may access your personal information only to perform specific tasks on our behalf and are contractually obligated not to disclose or use it for any other purpose. Categories of service providers include:

Cloud hosting and infrastructure providers
Analytics and app performance monitoring providers
Email delivery and customer communications platforms
Customer support platforms
Marketing and advertising platforms (subject to your preferences)

5.2 Apple Inc.

Our mobile applications are distributed through the Apple App Store. Apple processes subscription payments and in-app purchases via the Apple In-App Purchase system. By downloading our apps or making purchases, you are also subject to Apple’s Privacy Policy and Apple’s Terms & Conditions.

5.3 Legal Requirements & Safety

We may disclose your personal information if we believe in good faith that disclosure is necessary to:

Comply with applicable law, regulation, or a valid legal process (such as a court order or subpoena);
Protect the rights, property, or safety of YESI Education, our users, or the public;
Detect, prevent, or address fraud, security, or technical issues; or
Enforce our Terms of Service.

5.4 Business Transfers

In the event of a merger, acquisition, restructuring, sale of assets, or bankruptcy, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website before your personal information is transferred and becomes subject to a different privacy policy.

5.5 With Your Consent

We may share your information for other purposes with your explicit consent at the time of collection.

6. Subscriptions & Payment Data

YESI Education offers auto-renewable subscription plans through the Apple In-App Purchase (IAP) system, including weekly, monthly, and annual plans. Some plans include a free trial period. The following applies to all subscription transactions conducted through our mobile applications:

6.1 Apple Handles All Payments

All subscription payments and in-app purchases are processed and managed entirely by Apple Inc. through the Apple In-App Purchase system.
YESI Education does not collect, receive, or store your credit card number, debit card number, bank account information, or any other payment card data.
Apple charges your Apple ID payment method according to your selected subscription plan and any applicable free trial period.
For information about how Apple handles your payment data, please refer to Apple’s Privacy Policy.

6.2 Subscription Confirmation Data

Following a transaction, Apple provides us with a subscription receipt that includes non-financial transaction metadata. This data enables us to verify whether your subscription is active and to deliver the correct content entitlements within the app. This data does not include your payment card details and is used solely for service delivery purposes.

6.3 Free Trials

Where a free trial is offered, it commences when you initiate the subscription through the App Store. Subscriptions automatically convert to a paid plan at the end of the free trial unless cancelled beforehand through your Apple ID settings. Cancellation of a free trial does not result in a charge.

6.4 Managing & Cancelling Subscriptions

You can manage, pause, or cancel your subscription at any time through your Apple ID account settings (Settings > [Your Name] > Subscriptions on iOS). YESI Education does not control the timing of subscription renewals or cancellations — these are managed by Apple.

Apple App Store Policy: YESI Education’s subscriptions comply with Apple App Store Review Guideline 3.1.2(c). Subscription terms, pricing, trial duration, and cancellation instructions are disclosed within the app prior to purchase.

7. Third-Party Services & SDKs

Our apps and services may integrate third-party software development kits (SDKs), APIs, and services. These third parties may independently collect information about you subject to their own privacy policies. Common categories of third-party integrations we may use include:

Category	Purpose	Data Typically Shared
Analytics (e.g., Firebase, Mixpanel)	App performance and usage analytics	Device ID, usage events, session data
Crash Reporting (e.g., Crashlytics)	Diagnosing app crashes	Device info, crash logs, app state
Email Marketing (e.g., Mailchimp, Klaviyo)	Sending educational newsletters	Name, email address
Customer Support (e.g., Zendesk, Intercom)	Handling support requests	Name, email, support conversations
Advertising (if applicable)	Serving and measuring ads	Device ID, interests (subject to ATT consent)

We are not responsible for the privacy practices of third-party services. We encourage you to review the privacy policies of any third-party services you use in connection with our products.

7.1 App Tracking Transparency (iOS)

In accordance with Apple’s App Tracking Transparency (ATT) framework, if our apps track your data across other apps or websites for advertising purposes, we will request your explicit permission before doing so. You can change your tracking preferences at any time in your device’s Settings > Privacy & Security > Tracking.

7.2 Links to External Websites

Our services may contain links to external websites and resources operated by third parties. This Privacy Policy does not apply to those external sites. We encourage you to review the privacy policies of any external sites you visit.

8. Cookies & Tracking Technologies

8.1 Website Cookies

Our website (yesieducation.com) uses cookies and similar tracking technologies. Cookies are small text files stored on your browser or device. We use:

Strictly Necessary Cookies: Required for the website to function. These cannot be disabled.
Analytics Cookies: Help us understand how visitors use our website (e.g., pages visited, time spent). We use services such as Google Analytics for this purpose.
Functional Cookies: Remember your preferences and settings to improve your experience.
Marketing Cookies: Used to deliver relevant advertisements and track the effectiveness of campaigns, subject to your consent where required.

8.2 Managing Cookies

Most web browsers allow you to control cookies through browser settings. You may also opt out of certain analytics tracking by visiting Google Analytics Opt-out. Note that disabling certain cookies may affect the functionality of our website. For users in the EU/EEA/UK, we present a cookie consent banner on your first visit.

8.3 Mobile App Identifiers

Our mobile apps may use device identifiers such as the Identifier for Advertisers (IDFA) or Identifier for Vendors (IDFV) on iOS for analytics and attribution. As noted above, use of IDFA for cross-app tracking is subject to your consent under Apple’s ATT framework.

9. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general retention approach is as follows:

Data Category	Retention Period
Account information (name, email)	Duration of account + 3 years after account deletion, or as required by law
Usage and analytics data	Up to 2 years from collection, then aggregated or deleted
Subscription transaction records	7 years (Australian tax and financial record requirements)
Customer support communications	3 years from the date of resolution
Log and diagnostic data	Up to 12 months
Marketing communications preferences	Until you withdraw consent or unsubscribe

When your personal information is no longer required, we will securely delete or anonymise it. If deletion is not immediately possible (for example, because data is stored in backup archives), we will securely isolate your information from further processing until deletion is possible.

10. Data Security

We take the security of your personal information seriously and implement a range of technical and organisational safeguards designed to protect your information against unauthorised access, disclosure, alteration, and destruction. Our security measures include:

Encryption in Transit: All data transmitted between your device and our servers is encrypted using industry-standard TLS (Transport Layer Security) protocols.
Encryption at Rest: Sensitive data stored on our systems is encrypted at rest using industry-standard encryption.
Access Controls: Access to personal information is restricted on a need-to-know basis. Employees and contractors with access to personal data are bound by confidentiality obligations.
Secure Infrastructure: We use reputable cloud infrastructure providers with established security certifications (such as ISO 27001 or SOC 2).
Security Testing: We conduct periodic security reviews and testing of our systems.
Incident Response: We maintain an incident response plan to detect, contain, and respond to data breaches in accordance with applicable law.

Despite these measures, no method of data transmission or storage is 100% secure. We cannot guarantee the absolute security of your personal information. You are responsible for maintaining the confidentiality of your account credentials. If you suspect any unauthorised access to your account, please contact us immediately at support@yesieducation.com.

10.1 Data Breach Notification

In the event of a data breach that is likely to result in serious harm, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required under the Notifiable Data Breaches (NDB) scheme under the Australian Privacy Act 1988. For EU/EEA users, we will notify the relevant supervisory authority within 72 hours of becoming aware of a breach, and notify affected individuals without undue delay where required under the GDPR.

11. International Data Transfers

YESI Education operates globally, and your personal information may be transferred to, stored, and processed in countries other than your country of residence. This may include countries outside of Australia, the European Economic Area (EEA), or the United Kingdom that may not provide the same level of data protection as your home country.

When we transfer personal information internationally, we ensure that appropriate safeguards are in place to protect your information, including:

Transferring data to countries that have been recognised as providing an adequate level of data protection;
Using Standard Contractual Clauses (SCCs) approved by the European Commission for transfers from the EEA;
Using the UK International Data Transfer Agreement (IDTA) for transfers from the United Kingdom;
Relying on other valid transfer mechanisms under applicable law.

Under Australian Privacy Principle 8 (APP 8), where we disclose your personal information to overseas recipients, we take reasonable steps to ensure the overseas recipient does not breach the Australian Privacy Principles in relation to that information, or we otherwise comply with our obligations under APP 8.

12. Children’s Privacy

Important: Our services are intended for users aged 13 and older (or the relevant age of digital consent in your jurisdiction). We do not knowingly collect personal information from children under the age of 13.

If you are under 13 years of age, you must not create an account or use our services without verifiable parental or guardian consent. If we become aware that we have inadvertently collected personal information from a child under 13 without appropriate consent, we will take steps to delete that information promptly.

12.1 Age of Digital Consent by Region

The minimum age for providing consent to data processing varies by jurisdiction. In the EU/EEA, the age of digital consent is generally 16 years (although member states may set it as low as 13). In the UK, it is 13. In Australia, there is no specific statutory age, but we apply a general minimum of 13. We rely on parents and guardians to supervise minors’ use of our services.

12.2 Parental Consent

If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us at support@yesieducation.com and we will take appropriate action, including deletion of any such data.

12.3 Educational Apps for Younger Audiences

Some of our apps may be designed for educational use by students under 18 under parental or institutional supervision. Where such apps are specifically directed at younger users, supplemental age-appropriate privacy disclosures will be provided within those apps, and enhanced protections will apply.

13. Your Rights & Choices

Depending on your location, you may have the following rights in relation to your personal information. We will respond to all verified requests within the timeframes required by applicable law.

Right	Description
Access	Request a copy of the personal information we hold about you.
Correction / Rectification	Request correction of inaccurate or incomplete personal information.
Deletion / Erasure	Request deletion of your personal information, subject to legal retention obligations.
Restriction of Processing	Request that we restrict the processing of your personal information in certain circumstances.
Data Portability	Request your data in a structured, machine-readable format (where technically feasible).
Objection	Object to processing based on legitimate interests or for direct marketing purposes.
Withdraw Consent	Withdraw consent at any time where processing is based on consent, without affecting prior lawful processing.
Account Deletion	Delete your account at any time through the app settings or by contacting us.

13.1 How to Exercise Your Rights

To exercise any of these rights, please contact us at support@yesieducation.com with the subject line “Privacy Request”. We may need to verify your identity before processing your request. We will respond to all requests within 30 days (or such other period required by applicable law).

13.2 Marketing Opt-Out

You can opt out of receiving marketing emails from us at any time by clicking the “unsubscribe” link in any marketing email, or by contacting us at support@yesieducation.com. Please note that you will continue to receive transactional and service-related communications even after opting out of marketing communications.

13.3 Push Notifications

If our apps send push notifications, you can enable or disable these at any time through your device’s notification settings.

14. Australian Privacy Act Compliance

YESI PTY LTD is an Australian entity and is bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This section summarises our compliance with key APPs.

APP 1 (Open and transparent management): This Privacy Policy is publicly available on our website and within our apps. We are transparent about our information handling practices.
APP 2 (Anonymity and pseudonymity): Where practicable and lawful, we offer users the option to interact with us anonymously. However, creating an account requires identity information for service delivery.
APP 3 (Collection of solicited personal information): We collect personal information that is reasonably necessary for our functions and activities, as described in Section 2.
APP 4 (Unsolicited personal information): If we receive unsolicited personal information we did not request and do not need, we will destroy or de-identify it as soon as practicable.
APP 5 (Notification of collection): We notify users of the collection of personal information through this Privacy Policy and, where relevant, at the point of collection.
APP 6 (Use or disclosure for primary purpose): We use and disclose personal information only for the primary purpose for which it was collected, or for secondary purposes permitted by the APPs.
APP 7 (Direct marketing): We only use personal information for direct marketing where permitted by law. You may opt out of direct marketing at any time (see Section 13.2).
APP 8 (Cross-border disclosure): We take reasonable steps to ensure overseas recipients handle personal information consistently with the APPs (see Section 11).
APP 9 (Adoption of government identifiers): We do not adopt government-related identifiers as our own identifiers.
APP 10 (Quality of personal information): We take reasonable steps to ensure personal information we collect, use, or disclose is accurate, up-to-date, and complete.
APP 11 (Security of personal information): We protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure (see Section 10).
APP 12 (Access to personal information): You have the right to access personal information we hold about you (see Section 13).
APP 13 (Correction of personal information): You have the right to request correction of inaccurate personal information (see Section 13).

14.1 Privacy Complaints (Australia)

If you believe we have handled your personal information in a way that does not comply with the Privacy Act or the APPs, please contact us first at support@yesieducation.com. We will investigate your complaint and respond within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

15. GDPR – EU/EEA/UK Users

This section applies if you are located in the European Union, European Economic Area, or United Kingdom. We process personal data of EU/EEA/UK individuals in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and, for UK users, the UK GDPR as incorporated into UK domestic law by the Data Protection Act 2018.

15.1 Data Controller

YESI PTY LTD acts as the data controller for personal data collected from EU/EEA/UK users, unless otherwise stated.

15.2 Your GDPR Rights

In addition to the rights described in Section 13, EU/EEA/UK users have the right to:

Lodge a complaint with a supervisory authority. EU users may contact their national data protection authority. UK users may contact the Information Commissioner’s Office (ICO) at ico.org.uk.
Not be subject to automated decision-making, including profiling, which produces legal or similarly significant effects, without appropriate safeguards.

15.3 Data Protection Officer

We do not currently have a formal Data Protection Officer (DPO). For all data protection queries from EU/EEA/UK users, please contact us at support@yesieducation.com.

15.4 EU Representative

As a non-EU entity that offers services to EU/EEA individuals, we are reviewing our obligations under Article 27 GDPR regarding the appointment of an EU representative. If required, we will appoint a representative and update this policy accordingly.

16. CCPA/CPRA – California Users

This section applies if you are a resident of the State of California, USA, and supplements the rest of this Privacy Policy. It is provided pursuant to the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA).

16.1 Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information from California consumers (as defined by the CCPA):

Identifiers: Name, email address, IP address, device identifiers.
Internet / Network Activity: Browsing and app usage data, interactions with our services.
Geolocation Data: General location based on IP address.
Inference Data: Inferences drawn from the above to create a user profile for service personalisation.

16.2 Purposes for Collection

We collect the categories of information listed above for the business purposes described in Section 3 of this Privacy Policy.

16.3 Sale or Sharing of Personal Information

YESI Education does not sell your personal information to third parties for monetary consideration. We may share certain limited categories of information (such as device identifiers) with advertising and analytics partners, which may constitute “sharing” under the CPRA. You have the right to opt out of such sharing.

16.4 Your California Privacy Rights

Right to Know: Request disclosure of the categories and specific pieces of personal information collected about you, the sources of collection, the business purposes, and the categories of third parties with whom we share it.
Right to Delete: Request deletion of your personal information, subject to certain exceptions.
Right to Correct: Request correction of inaccurate personal information we maintain about you.
Right to Opt-Out: Opt out of the sale or sharing of your personal information.
Right to Limit Use of Sensitive Personal Information: Limit our use of sensitive personal information to the extent permitted by law.
Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.

16.5 Submitting a California Privacy Request

To submit a verifiable consumer request, contact us at support@yesieducation.com with the subject line “California Privacy Request”. We will acknowledge receipt within 10 business days and respond substantively within 45 calendar days, extendable by a further 45 days with notice.

17. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or for other operational, legal, or regulatory reasons. When we make material changes, we will:

Update the “Effective Date” at the top of this policy;
Post the revised policy on our website at yesieducation.com;
Where required by law, notify you by email or via an in-app notification before the change takes effect.

Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the updated policy. If you do not agree to the revised policy, you should stop using our services and may request deletion of your account.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

18. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our privacy practices, or if you wish to exercise any of your privacy rights, please contact us:

YESI PTY LTD (trading as YESI Education)

ABN: 57 637 465 626

Sydney, New South Wales, Australia

Email: support@yesieducation.com

Website: yesieducation.com

We aim to respond to all privacy inquiries within 30 days. Where a longer response time is required due to the complexity of the request, we will notify you within 30 days and provide an estimated resolution date.

For complaints that we are unable to resolve to your satisfaction, you may escalate to the relevant authority:

Australia: Office of the Australian Information Commissioner (OAIC) — www.oaic.gov.au
EU/EEA: Your national data protection authority (list available at edpb.europa.eu)
United Kingdom: Information Commissioner’s Office (ICO) — ico.org.uk
California: California Privacy Protection Agency — cppa.ca.gov

yesieducation.com | support@yesieducation.com

This Privacy Policy was last updated on January 01, 2026.