Privacy and data handling

Calendone collects client-entered profile details, current visa information, target visa selections, preparation notes, consultation requests, and uploaded document metadata for preparation management.

Credential rules

The platform must not request, store, or proxy ImmiAccount usernames, ImmiAccount passwords, VEVO credentials, or any government account login details. Official links open externally for the client to use directly.

Storage model

Supabase Auth stores identity records, Supabase PostgreSQL stores structured profile and preparation data, and Supabase Storage stores client-uploaded documents. Row Level Security policies restrict clients to their own records and reserve operational views for admin users.

Data updates

Processing time, EOI, invitation, and occupation data should include source URLs and last checked dates. Unverified scraped data should not be shown without an admin review trail.