RKA Tech Solutions — Legal
Version 1.0 · Effective 21 May 2026 · Last updated 21 May 2026
Privacy Policy
RKA Tech Solutions — Music Editing Platform
1. Who We Are
This Privacy Policy applies to RKA Tech Solutions ("we", "us", "our"), ABN 60 623 495 116, operating from New South Wales, Australia. We provide music editing services to dance studios and performance instructors through our online platform.
We are committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the Privacy and Other Legislation Amendment Act 2024.
Contact:
- Email: info@rkatechsolutions.com.au
- Privacy Officer: Seth, RKA Tech Solutions
2. What This Policy Covers
This Policy explains:
- What personal information we collect
- How we collect it and why
- How we use and disclose it
- How we store and protect it
- Your rights to access, correct, and complain
- What we do if there's a data breach
- How we handle cross-border data transfers
- How we use automated decision-making (if at all)
- How to contact us with questions or concerns
This Policy applies to all users of our platform, including studio owners, authorised signatories, and any individual whose personal information is collected through our services.
3. What Information We Collect
We only collect personal information that is reasonably necessary to provide our services. We do not collect sensitive information (as defined in the Privacy Act) unless required by law and with your consent.
3.1 Information you provide directly
When you create an account, we collect:
- Identity information: studio legal name, trading name, ABN, physical address
- Contact information: authorised signatory name, position, email, mobile number
- Licensing information: OneMusic customer reference, licence expiry date, packages held, number of enrolled students
- Consent information: timestamps, IP address, user agent, and the specific declarations you agreed to (this is required for legal compliance under the Australian Consumer Law and our Terms of Service)
- Job information: details of music editing jobs you request, including source audio files and delivery instructions
3.2 Information we collect automatically
When you use the platform, we automatically collect:
- Technical information: IP address, browser type and version, operating system, device type, screen resolution
- Usage information: pages visited, features used, time spent, click paths, error logs
- Cookies and similar technologies: see Section 11 below
3.3 Information from third parties
In limited circumstances, we may collect information from:
- The Australian Business Register: to validate ABNs you provide
- Payment processors: confirmation that payment has been received (we do not store full payment card details — these are handled by our payment processor)
- Email delivery services: bounce, open, and delivery confirmation for transactional emails
4. Why We Collect It and How We Use It
We collect and use personal information only for the purposes set out in this Policy. These purposes are:
Service delivery:
- To create and maintain your account
- To accept and fulfil music editing jobs
- To communicate with you about your jobs and account
- To send transactional emails (confirmation, delivery notifications, receipts)
Legal compliance:
- To record consent to our Terms of Service (required for legal enforceability)
- To maintain the licensing audit trail required by the Copyright Act 1968 (Cth)
- To respond to lawful requests from regulators (APRA AMCOS, PPCA, OAIC, courts)
Business operation:
- To process payments
- To prevent fraud and abuse
- To enforce our Terms of Service
- To improve our services (using aggregated, de-identified data where possible)
Direct marketing (only with your consent):
- To send occasional newsletters about new features or services
- You can opt out at any time using the unsubscribe link in any marketing email
We do not use your personal information for any other purpose without your consent, unless we are required or authorised by law.
5. Who We Share Your Information With
We share personal information only as described below. We do not sell your personal information to anyone, ever.
5.1 Service providers
We share information with trusted third parties who help us operate the platform. Each provider is bound by confidentiality obligations and is only permitted to use your information for the purpose we engage them for. These include hosting and infrastructure providers, database providers, email delivery services, payment processors, customer support tools, and privacy-respecting analytics. A current list of subprocessors is available on request.
5.2 Legal disclosures
We may disclose personal information without your consent where:
- Required by Australian law, court order, or regulatory direction
- Necessary to enforce our Terms of Service or recover unpaid amounts
- Necessary to investigate fraud, breaches of our policies, or unlawful activity
- Necessary to protect the rights, safety, or property of RKA Tech Solutions, our users, or others
- A copyright rights holder (APRA AMCOS, PPCA, ARIA, or others) makes a lawful demand for information relating to a specific allegation of infringement
5.3 Business transfers
If we sell or transfer our business, your information may be transferred to the new owner as part of that transaction. We will notify you before this happens and you will have an opportunity to object or withdraw consent where applicable.
6. Cross-Border Disclosure (APP 8)
Some of our service providers may store or process data outside Australia. Where this happens, we take reasonable steps to ensure those providers handle your information consistently with the Australian Privacy Principles. Likely overseas locations include the United States and the European Union (hosting, email delivery, payment processing).
Before sending your information overseas, we ensure the recipient is bound either by a law substantially similar to the Privacy Act, or a contractual obligation to handle your data in accordance with the APPs. If we cannot ensure either, we will seek your explicit consent before transfer.
7. How We Store and Protect Your Information
7.1 Storage location
Your personal information is stored on secure cloud servers, primarily located in Australia where commercially feasible. Some data may be stored or replicated overseas (see Section 6).
7.2 Security measures
We implement reasonable technical and organisational security measures, including encryption in transit (TLS) and at rest, access controls and role-based permissions, multi-factor authentication for administrative access, regular security reviews and updates, limited access on a need-to-know basis, and audit logs of access to personal information.
7.3 Retention
We retain personal information only for as long as necessary for the purposes set out in this Policy, plus any period required by law.
| Data type | Retention period |
|---|---|
| Consent records (legal compliance) | 7 years from last engagement (NSW limitation period plus buffer) |
| Job records | 7 years from completion (tax and copyright audit) |
| Account information (active accounts) | For the life of the account, plus 12 months after closure |
| Marketing preferences | Until you opt out, then deleted within 30 days |
| Technical logs | 90 days, then aggregated or deleted |
| Payment records | 7 years (Australian tax law requirement) |
After the retention period, information is securely deleted or de-identified.
8. Data Breach Response (Notifiable Data Breaches Scheme)
We comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act.
If we suffer a data breach that is likely to result in serious harm to affected individuals, we will:
- Take reasonable steps to contain the breach and mitigate harm
- Assess the breach within 30 days
- Notify affected individuals as soon as practicable
- Notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable
Our breach notification will include a description of the breach, the type of information involved, recommendations on steps you should take, and our contact details for further information. We maintain an internal Data Breach Response Plan and conduct periodic reviews.
9. Your Rights
You have the following rights regarding your personal information:
9.1 Right to access (APP 12)
You may request a copy of the personal information we hold about you. We will respond within 30 days. There is no fee for reasonable requests.
9.2 Right to correction (APP 13)
If your information is inaccurate, incomplete, or out of date, you may ask us to correct it. We will do so promptly, free of charge.
9.3 Right to download your consent history
You can view and download your full consent history at any time from your account settings.
9.4 Right to opt out of marketing
You can opt out of marketing communications at any time using the unsubscribe link in any marketing email, or by contacting us directly. Opting out does not affect transactional or service-related communications.
9.5 Right to deletion (limited)
You may request that we delete your personal information. We will comply, except where we are required by law to retain the information (e.g. consent records, tax records), the information is necessary to perform contractual obligations we owe to you, or retention is necessary to defend against legal claims. Where deletion is not possible, we will de-identify the information where practicable.
9.6 Right to complain
If you believe we have mishandled your personal information, you can:
- Contact us first at info@rkatechsolutions.com.au. We will respond within 30 days and work to resolve your concern.
- Escalate to the OAIC: if you're not satisfied with our response, you can complain to the Office of the Australian Information Commissioner at oaic.gov.au or 1300 363 992.
- Statutory tort: for serious invasions of privacy, you may have a right to sue directly under the statutory tort provisions of the Privacy Act.
10. Automated Decision-Making
As at the effective date of this Policy, we do not use automated decision-making systems to make significant decisions about you. All material decisions about your account (acceptance, suspension, dispute resolution) are made by a human. If this changes, we will update this Policy and notify you, and we will comply with the automated decision-making transparency requirements introduced by the Privacy and Other Legislation Amendment Act 2024.
11. Cookies and Similar Technologies
Our platform uses cookies and similar technologies to keep you signed in (essential — cannot be disabled), remember your preferences, and understand how the platform is used (aggregated analytics only). We do not use third-party advertising cookies and we do not use tracking pixels for retargeting.
12. Children's Privacy
Our services are intended for adult dance studio owners and authorised representatives. We do not knowingly collect personal information from individuals under 18.
If a student of a dance studio is under 18 and their personal information is incidentally provided to us through a job (e.g. a student name embedded in a track title), we treat that information with extra care: it is not used for any purpose beyond fulfilling the specific job, it is retained only as long as necessary, and it is never used for marketing or analytics. From 10 December 2026, we will comply with the Children's Online Privacy Code when it is registered.
13. Changes to This Policy
We may update this Policy from time to time. The "Last updated" date at the top tells you when it was last changed.
For material changes (changes that affect your rights or how we use your information), we will notify you by email at least 30 days before the change takes effect, require you to acknowledge the updated Policy at next login, and keep prior versions available on request.
For minor changes (typo fixes, contact updates), we will simply update the document.
14. How to Contact Us
For privacy-related questions, requests, or complaints, contact our Privacy Officer, Seth, at info@rkatechsolutions.com.au. We aim to respond to all privacy enquiries within 30 days.