Privacy policy

Effective date: 2025
Last updated: 2025

1. Introduction

Awesome Black Studio (“we”, “us”, “our”) is committed to protecting the privacy of individuals who interact with our website and services. This Privacy Policy explains how we collect, use, disclose and otherwise handle personal information in accordance with the Commonwealth Privacy Act 1988 (Cth) (“Privacy Act”) and the Australian Privacy Principles (“APPs”), as amended by the Privacy and Other Legislation Amendment Act 2024 (Cth), and applicable New South Wales (NSW) laws.

By using our website and services, you agree to the terms of this policy.

2. Scope

This policy applies to all personal information we collect through our website, otherwise in connection with our services, including from visitors located in NSW and Australia. It applies regardless of the device or platform used.

3. What is personal information?

“Personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not, and whether recorded in a material form or not. Under recent reforms, this may also include metadata, behavioural or indirect identifiers.

4. What kinds of personal information we collect

4.1 Information you provide us

- Name, email address, contact phone number
- Business name, company/trading name, job title
- Payment information (if applicable)
- Any other personal information you choose to submit (for example via contact form, newsletter sign-up, feedback)

4.2 Information we collect automatically

- IP address, device and browser information
- Browsing behaviour on our site (pages visited, time spent)
- Cookies and similar tracking technologies (see our Cookie Policy)

4.3 Sensitive information

 We do not ordinarily collect sensitive information (for example health data, biometric data) unless you explicitly provide it and consent is given.

4.4 Third-party / external sources

We may receive personal information about you from third-party service providers, analytics platforms or publicly available sources (e.g., for marketing).

5. How and why we collect personal information

5.1 Purposes

We collect personal information for purposes including:

- To provide our services and fulfil our contract with you
- To communicate with you (e.g., respond to enquiries, send newsletters, support)
- To process payments, invoices, or contracts
- To administer and maintain our website (including analytics, security, improvements)
- To comply with legal obligations (e.g., tax, records)
- To protect our rights, property, or legal interests
- For marketing and promotional purposes (where we have your consent)

5.2 Lawful basis / APP 3 requirement

Under the APPs, we will only collect personal information by lawful and fair means and where reasonably necessary for our functions or activities.

We endeavour to collect only the minimum amount of personal information necessary (“data minimisation”).

5.3 Consent

Where required, we will obtain your consent for the collection, use or disclosure of your personal information. Under the recent reforms, consent must be informed, freely given, current, specific and unambiguous.

6. Disclosure of personal information

6.1 Within our organisation

Your personal information may be accessed by authorised staff who need it to perform their role.

6.2 Third-party service providers

We may disclose your personal information to external service providers (e.g., cloud hosting, payment processors, analytics, marketing, IT support). We require these providers to handle your data in accordance with our privacy standards.

6.3 Overseas disclosures

If we transfer your personal information to recipients overseas, we will take reasonable steps to ensure they have privacy protections comparable to those in Australia. We will also provide you with the countries or regions to which the data is transferred.

6.4 Legal or regulatory requirements
We may disclose personal information if required by law, to regulatory bodies (including the Office of the Australian Information Commissioner “OAIC”), or to protect the rights, property or safety of us, you or others.

6.5 Sale or restructure

If we merge with another entity, or sell our business/assets, personal information may be transferred as part of that transaction, subject to confidentiality and similar privacy obligations.

7. Data security and retention

7.1 Security measures

We take reasonable technical and organisational steps to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure. Under the updated law, “reasonable steps” now includes documented policies, governance, encryption, multifactor authentication and access controls.

7.2 Retention period

We will retain your personal information for as long as is necessary for the purposes for which it was collected or as required by law. Where personal information is no longer needed, we will de-identify or securely destroy it.

7.3 Notifiable Data Breaches (NDB)

If we become aware of a data breach that is likely to result in serious harm to affected individuals, we will promptly notify the OAIC and affected individuals in accordance with our obligations under the NDB scheme.

8. Your rights

8.1 Access and correction

You have the right to request access to the personal information we hold about you and to request correction of any inaccurate or incomplete information, subject to permitted exceptions under the Privacy Act.

8.2 Deletion / “right to erasure”

Under the recent reforms, you may request deletion of your personal information when it is no longer necessary, you have withdrawn consent, or it has been unlawfully collected.

8.3 Opt-out / marketing communications

If you receive marketing communications from us, you can opt-out at any time via the link in the message or by contacting us.

8.4 Complaint / dispute resolution

You may complain to us if you believe we have mishandled your personal information. We will investigate and respond. If you remain dissatisfied, you have the right to lodge a complaint with the OAIC.

8.5 Automated decision-making

If we use automated decision-making (including profiling) that has a significant effect on you, we will inform you and explain the logic, significance and consequences of the processing. (Note: some transparency obligations are phased in by 10 December 2026).

9. Cookies and tracking technologies

Our website uses cookies and tracking technologies to enhance your experience, analyse usage patterns, and for marketing. You can choose to disable cookies via your browser settings, although this may limit functionality. Please see our separate Cookie Policy for further details.

10. Children’s privacy

We do not knowingly collect personal information from children under [minimum age e.g., 16] without parent or guardian consent. For services directed at children, we will implement age-appropriate measures. A specific Children’s Online Privacy Code is expected under upcoming reforms by December 2026.

11. Changes to this Privacy Policy

We may update this policy from time to time. The “Last updated” date at the top will indicate when changes were made. We encourage you to review this policy periodically. Your continued use of our website after any change constitutes your consent to the modified policy.

12. Contact us

If you have any questions or complaints about our privacy practices, or wish to exercise your rights, please contact Awesome Black Studio and the Awesome Black Foundation: hello@awesomeblack.studio

Navigation

About usStudioFoundationStaunchContact

Follow

Legal

Privacy Policy
Awesome Black Studio acknowledges the Traditional Owners & Custodians of lands throughout Australia. We pay our respects to Elders past and present, and the continuation of cultural, spiritual and educational practices of Aboriginal and Torres Strait Islander peoples.