Legal

Privacy Policy

Effective: June 11, 2026 · Last updated: June 11, 2026

INGEN LABS PTY LTD · Australian registered company · ABN 63 688 809 145

Verify our registration on the Australian Business Register: click here.

This policy explains what personal information iNGen handles, why, who we share it with, and the choices you have. We've aimed for plain language; specifics are in the sections below.

1. Who we are

iNGen (“iNGen”, “we”, “us”) is operated by INGEN LABS PTY LTD, an Australian registered company with ABN 63 688 809 145. We're the controller of personal information described in this policy. Verify our registration on the Australian Business Register: click here.

2. Scope

This policy covers personal information we handle through our website, the iNGen recruiter platform (Aristotle, Sherlock), and the FORGE student platform (Aristotle, Columbus). It applies to candidates, students, recruiters, customers, and visitors.

3. What we collect

Depending on how you use iNGen, we may collect:

  • Account data — name, email, role, organisation, password hashes.
  • Profile signal — GitHub, LinkedIn, project descriptions, certifications, hackathon entries, testimonials, education, and other proof you connect.
  • Recruiter inputs — job briefs, candidate notes, shortlists, interview packs, and ATS data you import.
  • Usage data — pages viewed, features used, interaction timings, device and browser metadata, IP address.
  • Communications — messages you send us, support tickets, and survey responses.
  • Cookies & similar tech — see our Cookie Policy.

4. How we use it

We use personal information to:

  • Run the Service — generate roadmaps, score skills, scout jobs, verify proof, build candidate dossiers, and stage interview prep.
  • Personalise outputs to your role, goal, and weekly time budget.
  • Authenticate accounts and prevent abuse, fraud, and security incidents.
  • Improve the Service, including model evaluation and quality assurance.
  • Send transactional emails (account, billing, security) and product updates you've opted into.
  • Meet legal, tax, and regulatory obligations under Australian and other applicable law.

5. Model training

We do not train foundation models on your private content (your roadmaps, profile data, candidate information, or job briefs) without explicit opt-in. Aggregate, de-identified usage analytics may be used to improve product quality.

6. Legal bases (where relevant)

Where the GDPR or UK GDPR applies, we rely on: (a) performance of a contract to provide the Service; (b) legitimate interests in operating, securing, and improving the Service; (c) consent for marketing and optional features; and (d) compliance with legal obligations.

7. Sharing

We share personal information only with:

  • Service providers — cloud hosting, email delivery, analytics, error reporting, payment processing. Listed in our Trust Center.
  • Your organisation — if you use iNGen through an employer or campus account, your usage and outputs may be visible to that organisation.
  • Legal & safety — when required by law, court order, or to protect rights, property, or safety.
  • Corporate events — as part of a merger, acquisition, or sale, subject to confidentiality.

We don't sell personal information.

8. International transfers

We're based in Australia and primarily process data in Australia and the United States. Where we transfer personal data across borders, we use appropriate safeguards (such as Standard Contractual Clauses) and only work with providers that meet our security standards.

9. Retention

We keep personal information for as long as your account is active and for a reasonable period afterwards to meet legal, tax, and operational needs. You can request deletion at any time (see Section 11). Aggregate, de-identified data may be retained indefinitely.

10. Security

We use encryption in transit and at rest, role-based access control, audit logging, and continuous monitoring. No system is perfectly secure — if you believe your account has been compromised, contact contact@ingenworkspace.com immediately.

11. Your rights

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to our processing of your personal information, and to withdraw consent.

To exercise these rights, email contact@ingenworkspace.com. We may need to verify your identity. If you're in Australia and aren't satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC).

12. Children

iNGen is not directed to children under 16. We don't knowingly collect personal information from anyone under 16. If you believe a child has provided us personal information, contact us and we'll delete it.

13. Candidate data (recruiter customers)

When recruiters import or paste candidate information into iNGen, the recruiter is the controller of that data. We process it as a processor on their behalf in line with our terms. Candidates may contact the recruiter directly to exercise their rights, or email us and we'll route the request.

14. Changes to this policy

We may update this policy from time to time. For material changes, we'll notify you by email or in-product. The “Last updated” date at the top of this page always reflects the current version.