Heading

This is some text inside of a div block.

ApplyAZ Inc., together with its subsidiaries and affiliates (collectively "ApplyAZ," "we," "our," or "us"), is committed to protecting the accuracy, security, and confidentiality of the personal information we process. This Privacy Policy explains how we collect, use, disclose, store, and protect your Personal Information whenever you interact with us—whether through our websites, mobile applications, WhatsApp flows, webinars, email, phone, or in-person meetings.

1 | Consent

By providing Personal Information to ApplyAZ or our service providers, you consent to the collection, use, and disclosure of that information as described in this Policy and as otherwise permitted or required by law.

If you do not agree, please discontinue using our services and contact us to discuss your options.

You may withdraw or modify your consent at any time (subject to legal or contractual restrictions) by contacting our Privacy Officer (see "Contact Us").

2 | What Counts as "Personal Information"?

Category

Examples

Identity

Full name, date of birth, gender, nationality, passport details

Contact

Email, phone/WhatsApp, current and permanent addresses

Academic

Transcripts, certificates, test scores, CV, recommendations

3 | How We Collect Personal Information

Directly from you : Creating an account, completing eligibility quizzes, uploading documents, making payments, joining webinars, emailing or chatting with us.
Automatically : Cookies, pixels, server logs, and similar technologies when you use our website or app.
Third-Party Integrations : If you sign in with Google, Apple, Facebook, or LinkedIn; or connect your account to a cloud-drive (e.g., Google Drive) for document upload.

4 | Why We Process Your Personal Information

Purpose

Typical Legal Basis

Key Data Categories

Provide & manage services
(eligibility screening, application drafting, scholarship filing, visa coaching, ticket support)

Contract performance

Identity, Contact, Academic, Scholarship, Visa

Payment processing & fraud prevention

Contract, Legitimate interest, Legal obligation

Financial, Technical

AI-driven program matching & success prediction

Legitimate interest, Consent

Academic, Preference, Technical

Marketing
(newsletters, WhatsApp updates, webinars, surveys)

Consent

Contact, Marketing & Communications

Compliance with laws (AML/KYC, immigration, tax)

Legal obligation

Identity, Financial, Visa

Research & service improvement (analytics, A/B testing)

Legitimate interest

Technical, Usage, Preference

Business transactions (merger, acquisition, financing)

Legitimate interest, Contract

All categories as needed

* Depending on jurisdiction: “Contract” includes pre-contractual steps; “Legitimate interest” reflects our need to run and protect the business; “Consent” can be withdrawn at any time; “Legal obligation” covers statutory requirements.

5 | With Whom We Share Personal Information

We never sell Personal Information. We share it strictly as needed:

Italian public universities & scholarship bodies – to submit your applications.
Visa authorities & consulates – when you authorize us to assist in visa filing.
Service providers – cloud hosting (AWS EU, DigitalOcean AMS), CRM, e-signature, payment gateways (Stripe, Razorpay), identity-verification (Sumsub).
Partner counselors & recruiters – only when you expressly opt-in to work with them.
Professional advisors – lawyers, auditors, insurers under NDA.
Regulators – immigration, tax, or privacy authorities when legally required.
Business transferees – in a merger or acquisition, under confidentiality.

Whenever we transfer data outside your home jurisdiction (e.g., from India to Canada or the EU), we apply adequate safeguards such as Standard Contractual Clauses or adequacy decisions.

6 | Automated Decision-Making & AI

Our matching engine uses machine-learning models to recommend programs and forecast scholarship chances. No visa or admission decision is made solely by a machine; human experts always review. Where automated scoring materially affects you, you may request:

A plain-language explanation
Human review
The opportunity to contest or supplement the data

Contact our Privacy Officer to exercise these rights.

7 | Your Privacy Rights

Depending on where you live (e.g., EU / UK GDPR, Canada PIPEDA, India DPDP 2023, California CPRA), you may have the right to:

Access or receive a copy of your Personal Information
Correct inaccurate or incomplete data
Delete data no longer needed (subject to legal retention)
Restrict or object to certain processing
Port data to another controller
Withdraw consent at any time
Lodge a complaint with your supervisory authority

We respond to verified requests within 30 days (or the statutory period). No fee is charged unless the request is manifestly unfounded or excessive.

8 | Data Security

We employ physical, administrative, and technical safeguards:

ISO-27001–aligned policies
Encryption at rest (AES-256) and in transit (TLS 1.3)
Multi-factor authentication for staff and partner portals
Annual penetration testing and vendor assessments
Strict role-based access controls; logs retained 12 months

No internet transmission is 100 % secure, but we continuously update our defenses and incident-response plans.

9 | Retention

We keep Personal Information only as long as necessary for the purposes outlined or to satisfy legal obligations (e.g., immigration file retention, tax audits, anti-money-laundering rules). After that, we securely delete or anonymize it.

10 | Cookies & Similar Technologies

We use first-party and third-party cookies, pixels, and local storage to:

Keep you logged in
Remember language preferences
Analyze traffic (Google Analytics 4, Plausible)
Measure ad performance (Meta, Google Ads, TikTok)

You can manage cookies via our banner or browser settings. Our systems honor Global Privacy Control (GPC) signals where required.

11 | Email & Messaging

Marketing emails include an unsubscribe link. Transactional messages (e.g., document-upload reminders) are necessary for service delivery and cannot be opted out of without cancelling the service.

12 | Social Logins & Integrations

If you connect ApplyAZ with Google, Apple, Facebook, or LinkedIn, we will receive only the profile data you authorize. Disconnect at any time in your dashboard.

13 | Changes to This Policy

We may update this Policy to reflect changes in law or our practices. Material changes will be notified by email or in-app notice. Your continued use after the effective date constitutes acceptance.

14 | Contact Us

ApplyAZ Inc.

290 Adelaide St W,

Toronto, ON M5V 1P6, Canada

Email: info@applyaz.com