Privacy Policy

1. Data Controller Information

The data controller responsible for your personal information is:

Strainingactive
309 Lygon St, Carlton VIC 3053, Australia
Phone: +61 3 9347 6633
Email: touch@strainingactive.world
Website: strainingactive.world

Strainingactive operates as a budget meal planning consultation service providing general educational content and guidance sessions. We are committed to handling personal data transparently and in accordance with the General Data Protection Regulation (GDPR) where applicable, the Australian Privacy Act 1988 (Cth), and the Australian Privacy Principles (APPs).

2. Scope and Applicability

This Privacy Policy applies to all personal data collected through our website at strainingactive.world, during consultation sessions (in-person and online), via email correspondence, telephone communication, and through any contact forms or enquiry channels we operate.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please refrain from using our website or submitting personal information to us.

This policy does not apply to third-party websites linked from our pages. We encourage you to review the privacy policies of any external sites you visit.

3. Personal Data We Collect

3.1 Information You Provide Directly

When you contact us or book a consultation, we may collect the following categories of personal data:

• Full name and preferred name
• Email address and telephone number
• Postal address (if provided for correspondence or invoicing)
• Messages and enquiry content submitted through our contact form
• Household size, dietary preferences, and budget information shared during consultations
• Payment and billing information processed through our secure payment provider
• Session notes and planning documents created during consultations

3.2 Information Collected Automatically

When you visit our website, we may automatically collect certain technical data, including:

• IP address (anonymised where possible for analytics)
• Browser type, version, and operating system
• Device type and screen resolution
• Pages visited, time spent on pages, and navigation paths
• Referring website or search engine
• Date and time of access

This data is collected through cookies and similar technologies as described in our Cookie Policy. Non-essential cookies are only activated with your consent.

4. Purposes of Processing

We process your personal data for the following specific purposes:

1. Service delivery: To respond to enquiries, schedule and conduct consultation sessions, and provide educational materials related to budget meal planning guidance.
2. Communication: To send session confirmations, follow-up summaries, administrative notices, and responses to your questions.
3. Payment processing: To invoice for consultation services and process payments through our designated payment provider.
4. Website improvement: To analyse website usage patterns and improve content, navigation, and user experience when you have consented to analytics cookies.
5. Legal compliance: To comply with applicable laws, regulations, court orders, and lawful requests from authorities.
6. Record keeping: To maintain business records required for accounting, tax, and regulatory purposes under Australian law.
7. Consent management: To record and honour your cookie and marketing preferences.

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

5. Legal Basis for Processing

Under the GDPR, we rely on the following legal bases for processing personal data:

• Consent (Article 6(1)(a)): When you submit our contact form, agree to our Privacy Policy, or accept non-essential cookies, you provide explicit consent for the associated processing activities.
• Contract performance (Article 6(1)(b)): Processing necessary to deliver consultation services you have requested and to manage the contractual relationship between you and Strainingactive.
• Legitimate interests (Article 6(1)(f)): Processing necessary for our legitimate business interests, such as improving our services, preventing fraud, and ensuring website security, provided these interests are not overridden by your rights.
• Legal obligation (Article 6(1)(c)): Processing required to comply with Australian tax, accounting, and regulatory obligations.

Under the Australian Privacy Act, we collect personal information that is reasonably necessary for our functions and activities as a consultation service provider.

6. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required by law.

• Contact form enquiries: Retained for 24 months from the date of submission, then securely deleted unless a consultation relationship is established.
• Consultation records and session notes: Retained for 7 years from the date of the last session to comply with Australian business record-keeping requirements.
• Payment and invoicing records: Retained for 7 years as required by the Australian Taxation Office.
• Cookie consent records: Retained for 12 months from the date consent was given or updated.
• Analytics data: Aggregated and anonymised data may be retained indefinitely. Identifiable analytics data is retained for a maximum of 26 months.
• Marketing communications data: Retained until you withdraw consent or unsubscribe, plus 30 days for processing the withdrawal.

When retention periods expire, personal data is securely deleted or anonymised so that it can no longer be associated with you.

7. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to third parties for their marketing purposes. We may share your information with the following categories of recipients when necessary:

• Payment processors: To securely process consultation fees. These providers are contractually bound to protect your data.
• Video conferencing platforms: When you choose online consultations, session data is processed through our selected secure platform.
• Email service providers: To deliver correspondence related to your enquiries and sessions.
• Website hosting providers: To store and serve our website content securely.
• Analytics providers: Only when you have consented to analytics cookies, and only in anonymised or pseudonymised form where possible.
• Professional advisers: Accountants, legal advisers, or auditors who are bound by confidentiality obligations.
• Law enforcement: When required by valid legal process or to protect the rights, property, or safety of Strainingactive, our clients, or the public.

All third-party processors are required to implement appropriate technical and organisational measures to protect personal data and process it only according to our instructions.

8. International Data Transfers

Strainingactive is based in Australia. If you access our website from the European Economic Area (EEA), United Kingdom, or other jurisdictions with data transfer restrictions, please note that your data may be transferred to and processed in Australia.

Australia is recognised by the European Commission as providing an adequate level of data protection for GDPR purposes. Where we use service providers located in countries without an adequacy decision, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.

You may request a copy of the safeguards we have implemented by contacting us using the details in Section 14.

9. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• HTTPS encryption for all data transmitted through our website
• Secure storage of consultation records with access limited to authorised personnel
• Regular review and updating of security practices
• Password-protected systems and multi-factor authentication for administrative access
• Staff training on data protection and confidentiality obligations
• Incident response procedures for suspected data breaches

While we take reasonable steps to protect your information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but will notify affected individuals and relevant authorities of any data breach as required by applicable law.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right of access: Request a copy of the personal data we hold about you.
• Right to rectification: Request correction of inaccurate or incomplete personal data.
• Right to erasure: Request deletion of your personal data where there is no compelling reason for continued processing.
• Right to restrict processing: Request that we limit how we use your data in certain circumstances.
• Right to data portability: Receive your data in a structured, commonly used, machine-readable format.
• Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing.
• Right to lodge a complaint: File a complaint with a supervisory authority. In Australia, you may contact the Office of the Australian Information Commissioner (OAIC). In the EU, you may contact your local data protection authority.

To exercise any of these rights, contact us at touch@strainingactive.world or +61 3 9347 6633. We will respond within 30 days of receiving a verifiable request. We may need to verify your identity before processing your request.

11. Cookies and Tracking

Our website uses cookies and similar technologies to enhance functionality and, with your consent, to analyse usage patterns. For detailed information about the cookies we use, their purposes, and how to manage your preferences, please refer to our Cookie Policy.

12. Children's Privacy

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us immediately and we will take steps to delete such information promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The updated version will be posted on this page with a revised date shown in the header. We encourage you to review this policy periodically. Material changes will be communicated through a notice on our website or by email where appropriate.

14. Contact and Complaints

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact:

Privacy Contact — Strainingactive
309 Lygon St, Carlton VIC 3053, Australia
Email: touch@strainingactive.world
Phone: +61 3 9347 6633

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner at www.oaic.gov.au. EU residents may also contact their local supervisory authority.