Last updated:

Privacy Policy

This Privacy Policy describes how Wristwipeau collects, uses, stores, and protects personal information when you visit our website or use our educational services.

1. Data Controller Information

The data controller responsible for your personal information is Wristwipeau, located at 265 King Street, Newtown NSW 2042, Australia. You may contact us regarding privacy matters by email at assist@wristwipeau.world or by telephone at +61 2 9557 8700 during business hours (Monday through Friday, 9:00 AM to 5:00 PM Australian Eastern Standard Time).

As the data controller, we determine the purposes and means of processing personal data collected through this website and in connection with our educational programs, consulting services, and related activities.

2. Scope of This Policy

This Privacy Policy applies to all personal data collected through the website wristwipeau.world, including data submitted via contact forms, cookie technologies, program enrolment processes, consulting session bookings, and any other interaction where personal information is voluntarily provided.

This policy is designed to comply with the General Data Protection Regulation (GDPR) applicable to visitors from the European Economic Area, the United Kingdom, and Switzerland, as well as the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs). Where local laws provide additional protections, we apply the higher standard of protection.

3. Categories of Personal Data We Collect

3.1 Information You Provide Directly

When you interact with our website or services, you may provide the following categories of personal data:

  • Identity information: full name, title, and username if applicable
  • Contact information: email address, telephone number, postal address
  • Communication content: messages submitted through contact forms, email correspondence, and consulting session notes
  • Enrolment information: program preferences, learning goals, payment details processed through secure third-party payment providers
  • Consent records: documentation of your agreement to data processing, marketing communications, and cookie preferences

3.2 Information Collected Automatically

When you visit our website, certain technical data may be collected automatically through cookies and similar technologies, subject to your consent preferences:

  • Device information: browser type and version, operating system, device type
  • Usage data: pages visited, time spent on pages, navigation paths, referral sources
  • Network information: IP address (which may be anonymised), approximate geographic location derived from IP address
  • Interaction data: clicks, scroll behaviour, and form interaction patterns when analytics cookies are enabled

4. Purposes of Data Processing

We process your personal data for the following specific purposes, each supported by an appropriate legal basis under GDPR and Australian privacy law:

  • Responding to enquiries: To process and respond to messages submitted through our contact form or sent via email. Legal basis: legitimate interest in communicating with prospective and current program participants, and consent where applicable.
  • Program delivery: To administer enrolment, provide access to educational materials, schedule consulting sessions, and communicate program-related updates. Legal basis: performance of a contract or pre-contractual steps at your request.
  • Website functionality: To ensure the website operates correctly, maintain security, and remember your cookie preferences. Legal basis: legitimate interest and, for strictly necessary cookies, performance of a contract.
  • Analytics and improvement: To understand how visitors use our website and improve content, navigation, and user experience. Legal basis: consent, obtained through our cookie consent mechanism.
  • Marketing communications: To send information about programs and educational content you have expressed interest in. Legal basis: consent, which you may withdraw at any time.
  • Legal compliance: To comply with applicable laws, respond to lawful requests from authorities, and protect our legal rights. Legal basis: legal obligation and legitimate interest.

5. Legal Bases for Processing Under GDPR

For visitors subject to GDPR, we rely on the following legal bases as defined in Article 6:

  1. Consent (Article 6(1)(a)): For analytics cookies, marketing cookies, and optional marketing communications
  2. Contract performance (Article 6(1)(b)): For processing necessary to deliver enrolled programs and consulting services
  3. Legitimate interests (Article 6(1)(f)): For website security, fraud prevention, responding to general enquiries, and improving our educational offerings, balanced against your rights and freedoms
  4. Legal obligation (Article 6(1)(c)): For tax record-keeping, responding to court orders, and regulatory compliance

6. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required by law:

  • Contact form submissions: twelve (12) months from the date of submission, unless an ongoing business relationship develops
  • Program enrolment records: seven (7) years from the date of last interaction, in accordance with Australian business record-keeping requirements
  • Payment transaction records: seven (7) years, as required by Australian taxation law
  • Cookie consent preferences: twelve (12) months, after which consent will be re-requested
  • Analytics data: twenty-six (26) months from collection, aligned with standard analytics platform retention settings
  • Marketing consent records: until consent is withdrawn, plus three (3) years for audit purposes

When retention periods expire, personal data is securely deleted or anonymised so that it can no longer be associated with an identifiable individual.

7. Data Sharing and Third-Party Processors

We do not sell your personal data to third parties. We may share data with the following categories of recipients under strict data processing agreements:

  • Website hosting providers: for secure storage and delivery of website content
  • Email service providers: for sending transactional and informational emails
  • Payment processors: for handling program fees through PCI-DSS compliant systems (we do not store full credit card numbers)
  • Analytics providers: only when you have consented to analytics cookies
  • Professional advisers: lawyers, accountants, or auditors when necessary for legal or business purposes

All third-party processors are required to implement appropriate technical and organisational measures to protect your data and process it only according to our documented instructions.

8. International Data Transfers

Some of our service providers may be located outside Australia or the European Economic Area. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, adequacy decisions, or binding corporate rules. You may request details of the specific safeguards applied to your data by contacting us at the address above.

9. Security Measures

We implement appropriate technical and organisational security measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our servers
  • Access controls limiting personal data access to authorised personnel on a need-to-know basis
  • Regular security assessments of our website and data storage systems
  • Secure password policies and multi-factor authentication for administrative access
  • Employee training on data protection principles and incident response procedures
  • Encrypted backups stored in geographically separate locations

While we take reasonable precautions, no method of transmission over the internet or electronic storage is completely secure. We encourage you to use strong passwords and protect your account credentials if program access credentials are provided.

10. Your Rights Under GDPR and Australian Privacy Law

Depending on your location, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete personal data
  • Right to erasure: Request deletion of your personal data where there is no compelling reason for continued processing
  • Right to restrict processing: Request limitation of processing in certain circumstances
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing
  • Right to lodge a complaint: File a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or your local data protection authority in the EEA

To exercise any of these rights, contact us at assist@wristwipeau.world. We will respond within thirty (30) days for GDPR requests and within a reasonable timeframe under Australian law. We may need to verify your identity before processing your request.

11. Children's Privacy

Our website and educational programs are intended for adults aged eighteen (18) and over. We do not knowingly collect personal data from individuals under eighteen. If we become aware that we have collected data from a minor, we will take steps to delete that information promptly. Parents or guardians who believe their child has provided personal data to us should contact us immediately.

12. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects individuals. Any program recommendations provided during consulting sessions involve human review and are presented as educational suggestions rather than automated determinations.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. Material changes will be communicated by updating the date at the top of this page and, where appropriate, by email notification to registered program participants. We encourage you to review this policy regularly.

14. Contact Information

For privacy-related questions, requests to exercise your rights, or concerns about our data handling practices, please contact:

Wristwipeau
265 King Street, Newtown NSW 2042, Australia
Email: assist@wristwipeau.world
Phone: +61 2 9557 8700