Privacy Policy

1. Data Controller Information

The data controller responsible for your personal information is:

Hipsfaunarinsing
428 George St, Sydney NSW 2000, Australia
Email: touch@hipsfaunarinsing.world
Phone: +61 2 9224 4666

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us using the details above.

2. Scope of This Policy

This Privacy Policy applies to all personal data collected through the website hipsfaunarinsing.world, including when you browse our pages, submit contact forms, purchase educational products, enrol in programs, or interact with our consulting services. It also covers data collected through email correspondence and telephone communications initiated via our published contact details.

This policy is designed to comply with the General Data Protection Regulation (GDPR) for visitors from the European Economic Area, the UK GDPR for visitors from the United Kingdom, and the Privacy Act 1988 (Cth) together with the Australian Privacy Principles (APPs) for visitors from Australia.

3. Personal Data We Collect

3.1 Information You Provide Directly

When you interact with our website or services, you may voluntarily provide the following categories of personal data:

• Identity information: full name, title
• Contact information: email address, telephone number, postal address
• Communication content: messages submitted through our contact form, email correspondence, and consultation notes
• Transaction information: billing address, payment confirmation details (payment card data is processed by third-party payment providers and is not stored on our servers)
• Consent records: your agreement to data processing, cookie preferences, and marketing communications

3.2 Information Collected Automatically

When you visit our website, certain technical data may be collected automatically through cookies and similar technologies, subject to your consent preferences:

• Device information: browser type, operating system, device model
• Usage data: pages visited, time spent on pages, referral source, click patterns
• Network information: IP address (which may be anonymised), approximate geographic location derived from IP
• Cookie identifiers and preference settings

3.3 Information From Third Parties

We may receive limited personal data from third-party service providers, such as payment processors confirming transaction status, analytics platforms providing aggregated usage reports, and advertising platforms reporting campaign performance metrics. Such data is processed only in accordance with this policy and applicable data processing agreements.

4. Purposes of Data Processing

We process your personal data for the following specific purposes:

• To respond to your inquiries submitted through our contact form, email, or telephone
• To provide educational products, consulting guidance, and program enrolment services you have requested
• To process payments and manage billing for purchased products and services
• To send transactional communications, such as order confirmations, appointment reminders, and policy updates
• To improve our website functionality, content relevance, and user experience through analytics
• To deliver marketing communications about our services, where you have provided explicit consent
• To comply with legal obligations, including tax reporting, record-keeping, and responding to lawful requests from authorities
• To protect our legitimate interests, including fraud prevention, security monitoring, and defence of legal claims

5. Legal Bases for Processing (GDPR)

For visitors subject to the GDPR, we rely on the following legal bases for processing personal data:

• Consent: For analytics cookies, marketing cookies, and marketing email communications. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
• Contract performance: For processing necessary to deliver products, services, or consulting guidance you have purchased or requested.
• Legitimate interests: For website security, fraud prevention, internal analytics using anonymised data, and improving our educational content. We balance these interests against your rights and freedoms.
• Legal obligation: For compliance with applicable laws, regulations, and court orders.

6. Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share personal data with the following categories of recipients, solely for the purposes described in this policy:

• Hosting and infrastructure providers who maintain our website and data storage systems
• Payment processors who handle secure transaction processing
• Email service providers who deliver transactional and marketing communications
• Analytics providers who help us understand website usage patterns (only with your consent for non-essential analytics)
• Professional advisers, including legal and accounting professionals, bound by confidentiality obligations
• Law enforcement or regulatory authorities when required by applicable law

All third-party processors are bound by data processing agreements that require them to protect your personal data and process it only according to our instructions.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside your country of residence, including countries that may not provide the same level of data protection as your jurisdiction. Where we transfer personal data from the EEA or UK to countries without an adequacy decision, we implement appropriate safeguards, including Standard Contractual Clauses approved by the European Commission, to ensure your data receives adequate protection.

8. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required by law:

• Contact form submissions: retained for 24 months from the date of last correspondence, then securely deleted
• Customer and transaction records: retained for 7 years from the date of the last transaction, in accordance with Australian tax and commercial record-keeping requirements
• Marketing consent records: retained for the duration of the marketing relationship plus 3 years after withdrawal of consent
• Cookie consent preferences: retained for 12 months, after which we will request renewed consent
• Server log files and security records: retained for 90 days, then anonymised or deleted
• Consulting session notes: retained for 3 years from the date of the last session, unless you request earlier deletion

9. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• HTTPS encryption for all data transmitted between your browser and our website
• Access controls limiting personal data access to authorised personnel on a need-to-know basis
• Regular security assessments of our website infrastructure and third-party providers
• Secure storage of physical and digital records containing personal data
• Staff training on data protection principles and incident response procedures
• Incident response procedures for detecting, reporting, and investigating data breaches

While we take reasonable steps to protect your data, no method of transmission over the internet or electronic storage is completely secure. We encourage you to use strong passwords and protect your own devices when accessing our services.

10. Your Data Protection Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right of access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete personal data
• Right to erasure: Request deletion of your personal data where there is no compelling reason for continued processing
• Right to restrict processing: Request limitation of processing in certain circumstances
• Right to data portability: Receive your personal data in a structured, commonly used, machine-readable format
• Right to object: Object to processing based on legitimate interests or for direct marketing purposes
• Right to withdraw consent: Withdraw consent at any time where processing is based on consent
• Right to lodge a complaint: File a complaint with a supervisory authority in your jurisdiction

To exercise any of these rights, please contact us at touch@hipsfaunarinsing.world. We will respond to your request within 30 days. We may need to verify your identity before processing your request.

Australian residents may also contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au. EEA residents may contact their local data protection authority.

11. Children's Privacy

Our website and services are intended for adults aged 18 and over. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that we have collected personal data from a minor without appropriate parental consent, we will take steps to delete that information promptly.

12. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. Any personalisation of content on our website is limited to displaying resources relevant to your expressed interests and does not involve automated decisions about your access to services.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the date at the top of this page and, where appropriate, notify you by email or through a prominent notice on our website. We encourage you to review this policy periodically.

14. Contact Us

For any questions, concerns, or requests related to this Privacy Policy or our data processing practices, please contact:

Hipsfaunarinsing
428 George St, Sydney NSW 2000, Australia
Email: touch@hipsfaunarinsing.world
Phone: +61 2 9224 4666