Privacy Policy
Effective Date: 18 November 2025
Entity: OzAvenue Consulting Services Pty Ltd
Website: www.masterlife.coach
Introduction
The website www.masterlife.coach (hereinafter “Website”) is owned and operated by OzAvenue Consulting Services Pty Ltd, an Australian private company (hereinafter “we”, “us”, or "our"). Your access to and use of the Website constitutes your acknowledgment and acceptance of this Privacy Policy. This Privacy Policy governs your use of the Website, as well as any information you voluntarily contribute or provide to us, and any information collected from you through automated technologies.
This Privacy Policy applies to all personal information we collect in our capacity as a health and wellness coaching business, including information collected during online programs, one-to-one coaching, and corporate wellness services.
This Privacy Policy outlines the manner in which we collect, process, store, disclose, and protect your personal information, including information you voluntarily provide by requesting or “opting in” to receive a free resource, subscribing to our mailing list or newsletter, participating in community groups, submitting a contact or application form, purchasing a product or service, or otherwise contacting us via the Website or associated platforms. It also describes, at a high level, the rights that may be available to you under applicable privacy and data protection laws, including the Australian Privacy Act 1988 (as amended), the General Data Protection Regulation (EU) 2016/679 (GDPR), the UK GDPR, and, where applicable, the Singapore Personal Data Protection Act (PDPA).
We may amend this Privacy Policy from time to time. Where changes are material, we will provide notice by email to the extent reasonably practicable and/or by posting a prominent notice or updated version on the Website. Minor updates may be made without specific notice. Your continued access to or use of the Website after any amendments have been made constitutes your agreement to be bound by the most recent version of this Privacy Policy.
Australia is currently implementing reforms to the Privacy Act 1988, including expanded definitions of personal information, increased individual rights, and strengthened privacy obligations. We will update this Privacy Policy as these reforms come into effect and will comply with the revised requirements once they become law.
Details about how long we retain personal information are set out in the “Data Retention” section below.
This Website is intended for individuals aged 18 and over. We do not knowingly collect personal information from anyone under 18 years of age.
Collection of Personal Information
The Website provides several opportunities for you to voluntarily provide personal information to us, including when you request or “opt-in” to receive a free resource, subscribe to our email list or newsletter, join a community group, register for an event, complete a contact form, or otherwise communicate with us through the Website or associated platforms. The personal information you may voluntarily provide includes, without limitation, your name, email address, phone number, country of residence, and the content of any message you submit. Your decision to provide such information is entirely voluntary and constitutes your express consent for us to collect, process, and retain such information for the purposes described in this Privacy Policy.
We use FG Funnels as our primary platform for website hosting, funnels, CRM, and email marketing. FG Funnels processes personal information on our behalf and may store data on servers located outside Australia. FG Funnels may only process personal information according to our instructions and its own privacy and security standards. Your personal information may be transferred to, and stored on, servers located in the United States or other jurisdictions. Where required by applicable laws (including GDPR/UK GDPR), such transfers are made subject to Standard Contractual Clauses or equivalent safeguards to protect your rights.
If you complete the “Contact Us” form or submit any similar communication, including but not limited to email correspondence, social media messages, direct messages, or comments, we may collect information such as your name, email address, phone number, country, social media profile information (as authorized by the platform), and the content of any communication submitted. Such data is processed based on your consent (where required under GDPR/UK GDPR), or our legitimate interest in responding to inquiries, maintaining business records, and providing customer service. Where required under GDPR/UK GDPR, the lawful basis for processing includes your consent, our legitimate interest in operating and improving our business, and performance of a contract where services are purchased.
If you purchase a product or service, we will collect such information as is reasonably necessary to process the transaction, including your name, email address, billing address, shipping address (where applicable), order details, and partial payment information. All payments are processed through PCI-DSS compliant third-party processors. We do not store or have access to your full credit card or payment information.
If you purchase any physical product (including, without limitation, nutritional snack boxes or consumable goods), we may collect additional personal information such as your postal address, delivery preferences, and order-related information in order to fulfil your purchase.
If you participate in a community group (including, but not limited to, WhatsApp groups created and operated by us), we may collect your name, phone number, and any information you voluntarily submit within the group. These groups are used solely for announcements, updates, and general communication. We do not request, collect, or process sensitive health information via WhatsApp or similar platforms. Any information shared voluntarily within such groups is at your discretion, and we encourage you not to disclose private health details in group settings. WhatsApp is a third-party platform and may collect additional information in accordance with its own privacy policy. We do not control or manage WhatsApp’s data handling practices and encourage you to review their terms.
If you are on our email list due to your consent to be added, or our legitimate interest in engaging in direct marketing, we may also use your data to send you targeted social media advertisements or upload your information into our social media account to create look-a-like audiences. To ensure compliance with the Spam Act 2003 (Cth), all emails from us will clearly state the sender of the email, as well as provide instructions on how to unsubscribe from our list or contact us with any questions or concerns. We do not upload any sensitive health information to advertising platforms and do not use such information to create custom or look-alike audiences.
We may also receive personal information from third-party service providers, including but not limited to advertising platforms, analytics providers, payment processors, email marketing systems, and technical service providers, to the extent reasonably necessary to support Website functionality, marketing activities, and business operations.
We may also collect information through Automatic Data Collection Technology. We may use or send standard “cookies” to identify your browser from time to time. We do not intentionally include personally identifiable information in cookies. Some analytics tools may use unique identifiers, but these do not directly identify you unless combined with other data. We may use both session cookies (which expire once you close your browser) and persistent cookies (which stay on your computer until you delete them). You can accept or decline cookies using your web browser settings. If you choose to disable cookies, some areas of the Website may not work properly or at all. The Website does not respond to Do Not Track signals sent by your browser.
We may also collect data about how you use the Website, your browsing actions or patterns, computer equipment, IP address, internet connection, and other similar choices you make, including via Google Analytics and Meta Pixel (formerly Facebook Pixel), to obtain statistical data, improve our website and offerings, and ensure you receive information relevant to you. If we utilise these tools, we will use them in compliance with all policies of these third-party companies. We may receive personal data from third parties including Google, social media platforms, search engines, PayPal, Stripe, and other third-party payment processing companies. Where technically available, IP anonymisation features are enabled for Google Analytics 4 (“GA4”). Use of Meta Pixel is limited to general behavioural data and is not combined with any sensitive health information. Meta Pixel tracking is disabled on any page where health assessment forms, coaching applications, or other sensitive disclosures are submitted.
While some browsers offer a “Do Not Track” (DNT) feature, there is no widely accepted industry standard for responding to such signals. Accordingly, we do not respond to DNT signals at this time.
If you provide personal information to us while contacting us for business enquiries, corporate wellness collaborations, or speaker engagements, we will use such information solely for assessing and responding to your enquiry. Business contact information is not used for marketing unless you provide explicit consent.
Sensitive Health Information
In the course of providing our services, including but not limited to wellness programs, assessments, education-based offerings, and related communications, you may voluntarily disclose certain health-related or sensitive personal information to us. This may include, without limitation, information relating to your physical or mental health, lifestyle habits, stress levels, sleep patterns, dietary practices, perimenopause symptoms, medical history, use of supplements or medications, or any other wellness-related information you choose to provide.
For individuals located in the EU or UK, any health information you provide is classified as “special category data.” We process such information only with your explicit consent, or where necessary for the provision of wellness-related services you request.
We collect and process such sensitive information only where voluntarily supplied by you and only for purposes directly connected to delivering services you have requested, developing program materials, or providing personalised administrative support. We do not request, require, or encourage disclosure of sensitive health information through public, group-based, or community communication platforms, including but not limited to WhatsApp groups, social media forums, or any publicly accessible channels.
Sensitive health information is processed under heightened confidentiality standards and is retained only for as long as is necessary for legitimate business purposes, compliance with legal obligations, or record-keeping requirements. We do not use sensitive health information for advertising, profiling, automated decision-making, remarketing, or the creation of custom or look-alike audiences. Sensitive health information is deleted or anonymised when no longer required for the purpose for which it was collected, unless retention is required by law.
We will not disclose your sensitive health information to any third party except (i) with your explicit written consent, (ii) where disclosure is required by law, or (iii) where such disclosure is necessary to protect your rights, our rights, or the rights and safety of others.
If, in the future, we provide corporate wellness services, individual health information shared by employees will remain strictly confidential and will not be disclosed to the employer. Only aggregated, anonymised, or non-identifiable participation data may be shared where required for reporting purposes.
We do not use sensitive health information for profiling, automated decision-making, or any automated processes that may have a legal or significant impact on you.
Automatic Data Collection Technology
We may collect certain information automatically when you visit or use the Website. This information may include, without limitation, your IP address, browser type, device identifiers, operating system, referring URLs, pages viewed, access times, click patterns, browsing actions, email engagement behaviour, and other technical information arising from your interactions with the Website.
We may use standard “cookies” and similar technologies, including session cookies (which expire when you close your browser) and persistent cookies (which remain until deleted), to recognise your browser, improve Website functionality, assist with authentication, enhance user experience, and analyse usage patterns. Cookies do not typically contain personally identifiable information, and we do not use cookies to identify you individually. You may accept or decline cookies through your browser settings; however, disabling cookies may impact the functionality or availability of certain portions of the Website. The Website does not respond to “Do Not Track” signals sent by your browser.
We may also use tracking technologies such as Meta Pixel (formerly Facebook Pixel), Google Analytics (including Google Analytics 4), FG Funnels analytics tools, and other third-party technologies to collect statistical, marketing, and behavioural information. These technologies help us measure Website performance, understand user behaviour, tailor Website content, improve user experience, and provide advertisements or information that may be of interest to you. Such technologies may capture data relating to your browsing behaviour, interactions with Website content, conversion events, email engagement, and similar metrics.
Where required under applicable law, we will request your consent before storing or accessing cookies or employing tracking technologies on your device. You may withdraw such consent at any time through your browser settings or applicable consent management tools.
We may receive certain personal information from third-party sources, including but not limited to Google, Meta, social media platforms, FG Funnels, search engines, payment processors such as Stripe and PayPal, advertising networks, and other technical or analytics providers, where such information is necessary to support Website functionality, marketing activities, analytics, or transactional operations.
We use all such technologies in a manner consistent with applicable laws and the terms and policies of the respective third-party providers.
Lawful grounds for processing
In compliance with the Australian Privacy Act 1988 (including applicable amendments), the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK GDPR, and, where relevant, the Singapore Personal Data Protection Act (“PDPA”), we confirm that all personal information collected and processed by us is handled pursuant to one or more lawful bases as required under applicable law.
We may process your personal information where you have voluntarily provided such information and have given your express consent for us to collect, use, store, or otherwise process such information for the purposes described in this Privacy Policy. Consent must be freely given, specific, informed, and unambiguous. You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal.
We may also process your personal information where such processing is necessary for the performance of a contract or to take steps at your request prior to entering into a contract, including fulfilling your purchase of a product or service, administering your enrolment in a program, or communicating with you regarding services you have requested.
We may process your personal information where such processing is based on our legitimate interests, including but not limited to: operating and maintaining the Website; responding to inquiries; maintaining business records; conducting internal analytics; improving our offerings; sending permitted marketing communications; and protecting the security, integrity, and lawful operation of our business.
Sensitive health information is processed only where you voluntarily provide such information and where you have given explicit consent for its use for program administration, service delivery, wellness assessments, or related operational purposes. Sensitive health information is not used for advertising, profiling, automated decision-making, or creation of custom or look-alike audiences under any circumstances.
We may process personal information where necessary to comply with our legal obligations, including obligations relating to record-keeping, taxation, reporting requirements, responding to lawful requests from regulatory or enforcement authorities, and compliance with applicable privacy, health, or consumer protection laws.
We may process personal information for the purposes of establishing, exercising, or defending legal claims, preventing fraud, protecting our rights or the rights of others, or ensuring the safety and integrity of our services.
We may receive personal information from third-party service providers, including but not limited to technical providers, analytics platforms, advertising platforms, and payment processors. Such information is processed in accordance with this Privacy Policy and under the lawful bases described herein.
Cross-border transfers of personal information, where applicable, are conducted pursuant to legally recognised safeguards, including Standard Contractual Clauses, provider-specific data protection frameworks, or other mechanisms permitted under applicable law.
Use of Personal Information
We use the personal information you voluntarily provide to us to deliver the products, services, resources, and communications you have requested, including free guides, program materials, newsletters, email communications, event information, and administrative updates. We may also use your information to respond to inquiries, maintain customer records, provide customer support, and communicate important changes to our policies, terms, or services.
If you purchase a product or service from us, we will use your personal information to process your order, deliver the purchased goods or services, provide program-related communications, send updates or materials necessary for your participation, and address any customer service issues associated with such purchase.
With your consent or where permitted by law, we may use your personal information to send marketing communications, including newsletters, promotions, and information regarding programs, services, or offerings that may be of interest to you. You may withdraw your consent or opt out of marketing communications at any time. Withdrawing your consent does not affect the lawfulness of processing carried out before the withdrawal.
We may use non-sensitive personal information (such as email address, Website behaviour, or interaction history) to create custom or look-alike advertising audiences or to deliver targeted advertisements, provided such activities are conducted in compliance with applicable laws and platform requirements. We do not use sensitive health information for advertising, remarketing, segmentation, profiling, or any related marketing purposes.
We may use information collected through cookies, pixels, analytics tools, and similar technologies to analyse Website performance, measure engagement, understand user behaviour, enhance functionality, and improve our services and user experience.
If you participate in a program, coaching service, or educational offering, we may use personal information you provide—excluding sensitive health information for marketing purposes—to administer the program, communicate with you, track your progress, and provide administrative or technical support related to your participation.
We may also use your personal information for internal business purposes, including record-keeping, data analysis, research, program development, quality assurance, fraud prevention, system maintenance, and ensuring the lawful and secure operation of our business.
We may use personal information as necessary to comply with legal obligations, including record-keeping requirements, consumer protection laws, tax or accounting obligations, or responding to lawful requests from regulatory or enforcement authorities.
We will not use your personal information for automated decision-making that produces legal or similarly significant effects, nor will we sell your personal information to third parties. We do not engage in profiling that has legal or substantial effects on you.
Non-Personally Identifiable Information
We may collect and process information that does not personally identify you (“Non-Personally Identifiable Information” or “Non-PII”) to understand how users access and interact with the Website. Such information may include, without limitation, aggregated statistical data, device information, browser type, browsing actions, Website usage patterns, click behaviour, referring URLs, and general demographic or technical information that cannot reasonably be used to identify an individual.
Non-PII is used to analyse Website performance, improve user experience, identify trends, administer the Website, and develop or refine our services. This information may also be used to assist in diagnosing technical issues with servers, hosting providers, or Website functionality.
We may use your IP address to diagnose technical problems, manage the Website, analyse traffic patterns, and understand which areas of the Website are being accessed most frequently. An IP address is treated as personal information under certain privacy laws. We use IP addresses only for technical, security, diagnostic, and lawful operational purposes, and do not attempt to identify individuals except where required for fraud prevention, security, or legal compliance.
Where Non-PII is combined with personal information in a manner that renders it capable of identifying an individual, such combined information will be treated as personal information and processed pursuant to the terms of this Privacy Policy.
We do not use Non-PII to make automated decisions about you, nor do we use such data to create profiles that produce legal or significant effects.
We may use anonymised or aggregated information for internal research, program development, business analytics, statistical reporting, or lawful commercial purposes. Such information does not identify any individual and is not subject to the same restrictions as personal information. Where we aggregate or anonymise data, we do so using methods designed to prevent re-identification.
Storing and sharing of Personal Information
We store personal information using reputable third-party service providers, data management systems, hosting platforms, and software tools that support the lawful operation of our business. We take reasonable steps to ensure that all personal information collected by us is stored securely and protected against loss, misuse, interference, unauthorised access, modification, or disclosure.
Personal information may be accessed by members of our internal team and by external service providers where such access is reasonably necessary for technical support, administrative functions, customer service, program delivery, payment processing, or other operational purposes. All third-party providers engaged by us are required to maintain the confidentiality of any personal information to which they have access and are permitted to process such information only for specific, authorised purposes.
We will not share, sell, distribute, or disclose your personal information to any unrelated third party without your consent, except as required to complete a purchase or request you have submitted, or where such disclosure is required by law or regulatory obligation.
We may share personal information with third-party vendors and service providers, including but not limited to website hosting providers, email marketing platforms, CRM systems, analytics providers, payment processors, technical support providers, advertising platforms, and content delivery networks, where necessary to support Website functionality, deliver our services, or perform essential business operations.
Where personal information is transferred outside Australia—including to the United States, Singapore, or the European Union—we rely on legally recognised safeguards such as Standard Contractual Clauses (SCCs), approved international data transfer mechanisms, or other protections required by applicable law.
We may disclose personal information where we are required to do so by law, regulation, subpoena, court order, governmental request, or where we have a good-faith belief that such disclosure is necessary to protect our rights, enforce our policies, prevent fraud, maintain security, or protect the safety of users or others.
If, in the future, we offer corporate wellness services, any personal information collected from employees will remain confidential and will not be shared with the employer except in aggregated, anonymised, or non-identifiable form, unless required by law or with the individual’s explicit consent.
We require all third-party service providers to implement appropriate security safeguards and to process personal information only in accordance with our instructions and for authorised purposes.
Disclosure of personal information
We may disclose personal information where we are required to do so under applicable law, regulation, court order, subpoena, governmental request, or other legally enforceable directive. Such disclosure may occur without notice to you where we are legally prohibited from providing such notice or where doing so would compromise the purpose of the disclosure.
We may also disclose personal information where we have a good-faith belief that such disclosure is reasonably necessary to protect or enforce our legal rights, investigate potential violations of our policies, address suspected fraud or unlawful activity, prevent or mitigate harm, or protect the rights, property, or safety of our business, our users, or others.
In the event of a merger, acquisition, sale of assets, restructuring, dissolution, or other corporate transaction involving OzAvenue Consulting Services Pty Ltd, personal information may be transferred to a successor or acquiring entity, subject to that entity continuing to process such information in accordance with this Privacy Policy or providing equivalent or superior protections.
We may disclose personal information to third-party service providers who assist us in operating the Website, delivering services, processing payments, providing technical support, or performing other business-related activities, provided such third parties are bound by confidentiality obligations and permitted to use such information only for authorised purposes.
We do not disclose sensitive health information to any third party except where: (i) required by law; (ii) permitted or mandated by applicable regulations; (iii) necessary to protect your vital interests or the safety of others; or (iv) disclosed with your explicit written consent. Sensitive health information is never disclosed for marketing, advertising, profiling, or commercial purposes. We do not share sensitive health information with advertising platforms, and we do not use such data for remarketing, look-alike audiences, segmentation, or targeted advertising.
If we offer corporate wellness services in the future, any personal information provided by employees will remain confidential and will not be disclosed to the employer except in aggregated, anonymised, or non-identifiable form, unless required by law or expressly authorised by the individual.
Except as expressly described in this Privacy Policy, we do not share, sell, lease, or disclose your personal information to third parties for their independent use.
Data protection
We manage personal information in accordance with the Privacy Act 1988 (Cth), including the 2024 amendments relating to consent, transparency, and data breach obligations, as well as the Australian Privacy Principles (APPs). Where relevant, we also comply with the General Data Protection Regulation (EU) 2016/679 (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and, where applicable, the Singapore Personal Data Protection Act (PDPA). We take reasonable steps to ensure that personal information is collected, used, stored, and disclosed lawfully and transparently in accordance with applicable privacy and data protection requirements.
Personal information may be stored and processed in Australia or in other jurisdictions where our third-party service providers are located, including but not limited to the United States, Singapore, the European Union, or any other country in which such service providers maintain facilities. Where personal information is transferred outside Australia, we implement safeguards such as the latest EU and UK Standard Contractual Clauses, the Data Privacy Framework (DPF) where applicable, approved data transfer mechanisms, or other legally recognised protections required under applicable law.
We have implemented commercially reasonable physical, administrative, and technical safeguards designed to protect personal information from loss, misuse, interference, unauthorised access, modification, or disclosure. These safeguards include secure server hosting, encryption technologies, password protection, access controls, the use of reputable service providers that adhere to industry-standard security practices, intrusion-detection measures, and periodic security audits.
We maintain internal policies and procedures designed to ensure that personal information is handled by authorised personnel only and on a need-to-know basis. All employees, contractors, and service providers with access to personal information are required to maintain the confidentiality of such information. We use certain AI-supported tools for administrative, communication, or organisational tasks. These tools do not make automated decisions that produce legal or significant effects for individuals, and personal information processed through such tools is handled only in accordance with this Privacy Policy and applicable privacy laws.
Sensitive health information is subject to heightened protection measures and is processed only for authorised purposes as described in this Privacy Policy. Sensitive health information is collected only with explicit consent and is never used for advertising, behavioural profiling, remarketing, automated decision-making, or any purpose unrelated to the services you request. We collect only the minimum amount of sensitive information necessary to deliver our services and do not use it for any secondary or incompatible purposes.
We retain personal information only for as long as necessary to fulfil the purposes described in this Privacy Policy, comply with legal requirements, resolve disputes, or maintain accurate financial and service records. Where data is no longer required, we take reasonable steps to delete, de-identify, or securely archive it.
In the event that we become aware of a data breach involving personal information that is likely to result in serious harm, we will comply with our obligations under the Notifiable Data Breaches Scheme (Australia), GDPR breach notification requirements, or any other applicable regulatory requirements. This may include notifying affected individuals and relevant authorities as required by law. Where legally required, we notify affected individuals as soon as practicable and report eligible data breaches to the Office of the Australian Information Commissioner (OAIC).
While we take reasonable steps to safeguard personal information, no method of electronic transmission, storage, or processing is completely secure. To the extent permitted by law, we are not responsible for unauthorised access to personal information that occurs as a result of events outside our reasonable control, despite the safeguards we have in place.
We have assessed that we are not required to appoint a Data Protection Officer under current privacy regulations because we do not conduct large-scale processing of sensitive information, nor do we perform systematic monitoring of individuals.
Information Protection & Security
We use commercially reasonable physical, administrative, and technical safeguards to protect the personal information you provide to us and the information we collect automatically. These measures are designed to protect against loss, misuse, interference, unauthorised access, alteration, or disclosure of personal information. Such measures may include secure server hosting, password protection, multi-factor authentication, encryption technologies, firewalls, access controls, and the use of reputable third-party providers that maintain industry-standard security practices.
While we take reasonable steps to safeguard your personal information, no method of electronic transmission, storage, or processing can be guaranteed to be completely secure. You acknowledge that we cannot guarantee absolute security of your information and that you provide such information at your own risk.
Should we become aware of a data breach involving personal information that is likely to result in serious harm to individuals, we will take reasonable steps to investigate the breach, mitigate potential harm, and comply with any notification obligations under the Australian Notifiable Data Breaches Scheme, the GDPR, the UK GDPR, or any other applicable regulatory requirements. This may include notifying affected individuals and relevant supervisory authorities where required by law.
You understand and agree that we are not responsible for any personal information accessed by an unauthorised third party as a result of circumstances beyond our reasonable control, including but not limited to hacking, malware, security breaches of third-party service providers, or interception of transmissions over the Internet. To the maximum extent permitted by law, you agree to hold us harmless for any such unauthorised access.
While we require third-party service providers that process personal information on our behalf to adopt appropriate security measures, we cannot control or be responsible for the security practices of external platforms or tools. Your use of third-party platforms (such as WhatsApp, social media channels, or external payment systems) is subject to the privacy and security policies of those providers. Where third-party providers engage their own sub-processors, those sub-processors are required to apply equivalent security measures.
Third party links – not included under this policy
The Website may contain links to third-party websites, platforms, applications, tools, or resources (“Third-Party Sites”) that are not owned, operated, or controlled by us. These Third-Party Sites may have their own terms, privacy policies, or data-handling practices, which may differ from those described in this Privacy Policy.
You understand and agree that this Privacy Policy applies only to personal information collected by us directly or through systems under our control. It does not apply to your interactions with any Third-Party Sites, nor to any data collected, stored, or processed by such third parties.
We do not endorse, monitor, or have any responsibility for the content, activities, policies, accuracy, security practices, or data-handling procedures of any Third-Party Sites. We make no representations or warranties regarding the privacy or security practices of any third party, and you access such sites entirely at your own risk.
We are not responsible for any personal information you choose to provide to Third-Party Sites, including but not limited to social media platforms, payment gateways, webinar platforms, external ordering systems, or any other service not under our ownership or control. Your interactions with such sites are governed solely by their respective terms and privacy policies.
We strongly encourage you to review the privacy policies and terms of use of any Third-Party Sites before providing any personal information or engaging with such platforms.
Some Third-Party Sites may use cookies, pixels, tracking technologies, or analytics tools that operate independently of us. We do not control these technologies and are not responsible for how third parties use them.
Data Retention
We retain personal information only for as long as is reasonably necessary to fulfil the purposes for which it was collected, including providing services, completing transactions, maintaining business records, complying with legal obligations, resolving disputes, and enforcing our agreements. Retention periods may vary depending on the type of information, regulatory obligations, tax requirements, and the nature of the services provided.
Personal information associated with your participation in programs, workshops, newsletters, community groups, or other services may be retained for administrative, operational, and legal purposes for as long as reasonably required, unless a longer retention period is required or permitted by law.
Sensitive health information is retained only for as long as necessary to provide the services you have requested, to maintain accurate business and coaching records, or to comply with legal, regulatory, or professional record-keeping requirements. Sensitive health information is deleted or anonymised when it is no longer required for these purposes unless we are legally obligated to retain it for a longer period.
If you request removal from our mailing list or otherwise withdraw your consent to receive communications, we will promptly remove you from marketing databases. Certain personal information may still be retained where required for legal compliance, fraud prevention, or documentation of consent withdrawal.
If you request deletion of your personal information, we will take reasonable steps to delete or de-identify such information unless we are required to retain it under applicable laws, contractual obligations, tax requirements, or for the establishment, exercise, or defence of legal claims.
Non-Personally Identifiable Information and anonymised or aggregated data may be retained indefinitely, as such information does not identify any individual and is used for statistical, research, reporting, or program development purposes. Where de-identification is used, we take reasonable steps to minimise the risk of re-identification.
If we offer corporate wellness services in the future, individual employee personal information will be retained only for the duration necessary to deliver the services, after which it will be securely deleted or anonymised, unless retention is required by law or the employee provides explicit authorisation for longer retention.
We periodically review the personal information we hold and take reasonable steps to delete or de-identify information that is no longer required for lawful business purposes.
Age of Consent and Protection of Children's Information
Our Website, programs, products, and services are intended for individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from individuals under the age of 18 without appropriate parental or guardian consent.
By using our Website or providing personal information to us, you represent that you are at least 18 years old and have the legal capacity to enter into binding agreements, including consenting to this Privacy Policy.
If we become aware that we have inadvertently collected personal information from an individual under the age of 18 without proper consent, we will take reasonable steps to delete or de-identify that information as soon as reasonably practicable, unless we are required by law to retain it.
If you believe that a minor under the age of 18 has provided personal information to us without proper consent, please contact us at [email protected], and we will address the matter promptly in accordance with applicable privacy laws.
We take special care to ensure that any features accessible to the general public—including free guides, newsletters, events, and online communities—are designed for adults only. We may implement age-verification steps, disclaimers, or access restrictions where reasonably necessary to prevent minors from accessing age-inappropriate content or engaging with adult-oriented health information.
We do not knowingly permit minors to join private communities, messaging groups, WhatsApp groups, or corporate wellness programs. Participation in any of these spaces requires confirmation of being at least 18 years of age.
We adhere to applicable privacy requirements, including the Australian Privacy Principles, the GDPR’s special protections for children’s data, and evolving international standards for minors’ privacy, particularly in connection with the collection, storage, or accidental receipt of minors’ personal information.
Where U.S. users access our Website or services, we comply with applicable child-privacy requirements under the Children’s Online Privacy Protection Act (COPPA), including restrictions on collecting personal information from children under 13.
Your rights
Under applicable privacy laws—including the Australian Privacy Act 1988 (and associated amendments), the GDPR, the UK GDPR, and, where relevant, the Singapore PDPA—you have certain rights relating to the personal information we hold about you. These rights may vary depending on your location and the legal obligations applicable to our processing of your data.
You have the right to request access to the personal information we hold about you, to update or correct inaccurate or incomplete information, and to request deletion or de-identification of your personal information in certain circumstances, subject to legal or regulatory exceptions.
You may unsubscribe from marketing communications at any time by clicking the “unsubscribe” link in any email we send or by contacting us at [email protected]. Upon unsubscribing, we will remove you from marketing databases; however, we may retain certain information as required for legal, administrative, fraud-prevention, or record-keeping purposes.
You have the right to restrict or object to the processing of your personal information in certain circumstances, including processing based on legitimate interests or direct marketing. Where applicable, you may also request that we cease certain uses of your information unless we can demonstrate compelling legitimate grounds for the processing.
Where technically feasible and required by law, you may have the right to request a copy of your personal information in a structured, commonly used, and machine-readable format, and to request that such information be transferred to another controller (“data portability”).
If our processing of your personal information is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.
If you believe that your privacy rights have been violated or that we have not handled your personal information in accordance with this Privacy Policy, you may contact us at [email protected]. You may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC), the Information Commissioner’s Office (UK), or your relevant supervisory authority, depending on your location.
We may request reasonable verification of your identity before responding to a rights request to prevent unauthorised access, disclosure, alteration, or deletion of personal information.
We will respond to all rights requests within the timeframes required under applicable law, which may vary depending on the nature of your request and your jurisdiction.
Privacy Principles Compliance
We handle personal information in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988, the General Data Protection Regulation (GDPR), the UK GDPR, and other applicable privacy regulations, including the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), where relevant. We are committed to the open and transparent management of personal information and to ensuring that our privacy practices meet the standards required under relevant laws.
You may interact with us anonymously or under a pseudonym where lawful and practicable; however, certain services, programs, or transactions may require the collection of identifiable information to be completed.
We collect solicited personal information only where reasonably necessary for our business activities or functions, and we take particular care when handling any sensitive information you choose to provide. Unsolicited personal information is handled in accordance with applicable privacy requirements and may be deleted or de-identified if it is not reasonably necessary for our functions.
We notify individuals about the collection of personal information as required under the APPs, the GDPR, and the UK GDPR, including the purposes for collection, how the information will be used, and the circumstances in which it may be disclosed. Where required, we obtain consent before collecting personal information, and we provide clear options to withdraw consent at any time.
We use or disclose personal information only for the purposes for which it was collected, or for related purposes that you would reasonably expect, unless you provide consent for other uses or disclosure is required or permitted by law.
Where personal information is transferred outside Australia or processed by overseas service providers, we take reasonable steps to ensure that the recipient protects the information in accordance with standards comparable to those required under the APPs, the GDPR, the CCPA/CPRA, and other applicable international privacy regulations.
We take reasonable steps to ensure the personal information we collect is accurate, up to date, complete, and relevant to the purposes for which it is used. You may request that we correct any personal information that is inaccurate or incomplete.
We implement reasonable safeguards to protect personal information from misuse, interference, unauthorised access, modification, or disclosure, consistent with our obligations under the APPs, the GDPR, and the UK GDPR.
You have the right to access your personal information, request corrections, and exercise other rights under applicable privacy laws as described in the section titled “Your Rights.”
We take reasonable steps to destroy or de-identify personal information once it is no longer required for the purposes for which it was collected or retained, unless retention is required by law or reasonably necessary for our legitimate business purposes.
GDPR Specifics
Where the GDPR or UK GDPR applies to our processing of personal information, we comply with the principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, confidentiality, and accountability.
We obtain consent for the processing of personal information where required under the GDPR. Consent is voluntary, informed, specific, and unambiguous. Individuals may withdraw their consent at any time without affecting the lawfulness of prior processing.
We apply heightened protections for sensitive personal information (“special category data”) and process such data only where you voluntarily provide it and where explicit consent has been obtained, or another lawful basis under Article 9 of the GDPR applies. Sensitive health information is used solely for the purposes described in this Privacy Policy and is never used for marketing, profiling, advertising, or automated decision-making. We do not use automated decision-making or AI-driven profiling that produces legal or significant effects without human review.
We comply with GDPR and UK GDPR requirements regarding children’s data, including restrictions on processing the personal information of individuals under the age of 16, where those laws apply. We do not knowingly collect or process children’s data without appropriate parental or guardian consent.
We provide transparent information about the purposes and lawful bases for processing personal information, including legitimate interests, contractual necessity, legal obligations, and consent-based processing, as described in the section titled “Lawful Grounds for Processing.”
We honour individuals’ GDPR rights, including the right of access, rectification, erasure (“right to be forgotten”), restriction of processing, objection to processing, data portability, and the right not to be subject to certain automated decision-making.
We notify supervisory authorities and affected individuals of personal data breaches when required under Articles 33 and 34 of the GDPR, including where a breach is likely to result in a high risk to individuals’ rights and freedoms.
We implement appropriate technical and organisational measures designed to protect personal information, including secure data storage, access controls, encryption technologies, and the selection of reputable third-party processors that provide GDPR-compliant safeguards.
Where personal information is transferred outside the European Economic Area (EEA) or the UK, we rely on appropriate transfer mechanisms, including Standard Contractual Clauses, adequacy decisions, or other lawful safeguards.
We maintain records of data processing activities where required and take reasonable steps to ensure compliance with GDPR accountability requirements.
Changes to this Privacy Policy
We may update or modify this Privacy Policy from time to time to reflect changes in our business practices, legal or regulatory requirements, or operational needs. Any updated version will be posted on our Website with the “Last Updated” date revised accordingly.
Where changes are material—such as modifications to how we collect, use, or disclose personal information, or changes affecting your rights—we will take reasonable steps to notify you, which may include sending an email notice, providing an in-website notification, or communicating through other appropriate channels.
Non-material updates, improvements in clarity, or organisational changes to this Privacy Policy may be made without prior notice.
Your continued use of our Website, programs, products, or services following the posting of any changes constitutes your acknowledgement of the updated Privacy Policy and your agreement to be bound by its terms.
We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, store, and protect your personal information.
Contact Us
If you have questions about this Privacy Policy, our data-handling practices, or your personal information, you may contact us by email at [email protected].
We may request additional information from you, where reasonably necessary, to verify your identity or to understand the nature of your request before responding. This requirement helps protect the security of your personal information and prevents unauthorised access or fraudulent inquiries.
While we endeavour to respond to all legitimate inquiries within a reasonable timeframe, response times may vary depending on the nature of your request, our legal obligations, and your jurisdiction.
Communications sent to us via email, web forms, or other channels may be retained for record-keeping, compliance, and quality-assurance purposes, in accordance with this Privacy Policy and applicable law.
If you wish to lodge a formal privacy complaint, you may contact us first at the above email address. If you are not satisfied with our response, you may escalate your complaint to the relevant supervisory authority in your jurisdiction, such as the Office of the Australian Information Commissioner (OAIC) or another applicable data protection authority.