Privacy Policy

Last updated: 13 June 2026

1. Who We Are (APP 1 — Open and Transparent Management)

Entity: Sparkfreshae.ddd
ABN/ACN: Available on request
Address: Unit 1C/14 Smith St, Mooloolaba QLD 4557, Australia
Privacy contact: cooperation@sparkfreshae.world
Phone: +61 450 646 929

We manage personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) in Schedule 1 of the Privacy Act. Where visitors are in the European Economic Area, we also respect applicable GDPR requirements. This policy is written in clear language to meet APP 1 transparency obligations.

Applicability: Under section 6C of the Privacy Act 1988, some small businesses with an annual turnover of $3 million or less are exempt from the APPs. Regardless of whether that exemption applies to us, we choose to handle personal information in line with the APPs and publish this policy as part of open and transparent management (APP 1).

Governing law: This policy is governed by the laws of the Commonwealth of Australia and the State of Queensland, where our business is located.

Related documents: About Us, Cookie Policy, AI & Automated Systems Disclosure, Terms of Use.

2. Scope — What Personal Information Means Here

"Personal information" means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not and whether recorded in a material form or not (section 6 of the Privacy Act 1988).

"Sensitive information" includes health information, racial or ethnic origin, political opinions, religious beliefs, biometric information used for identification, and other categories listed in section 6 of the Privacy Act. We do not actively seek sensitive information through this website. If you include health or other sensitive details in a contact message, we will only use that information to respond to your enquiry and will handle it in accordance with the APPs, including APP 3 (collection must be reasonably necessary).

We do not collect tax file numbers, Medicare numbers, or other government-related identifiers through this website. Please do not submit them (see APP 9 below).

3. Anonymity and Pseudonymity (APP 2)

Where lawful and practicable, you may interact with our website without identifying yourself — for example, by browsing guides without submitting the contact form. If you contact us, we generally need your name and email to reply. You may use a pseudonym in your message if you still provide a valid reply address, though this may limit how we assist you.

4. How We Collect Information (APPs 3, 4 and 5)

4.1 Information you give us directly (APP 3 — solicited)

• Contact form: name, email address, message content, and consent checkbox confirmation.
• Cookie settings: your preferences stored locally in your browser (see Cookie Policy).

4.2 Information collected automatically

• IP address (may be truncated or anonymised where analytics are enabled with consent).
• Browser type, device type, operating system, referring URL, pages viewed, and approximate session duration (analytics cookies only, with consent).

4.3 Unsolicited information (APP 4)

If we receive personal information we did not solicit and are not permitted to retain, we will delete it as soon as practicable unless we are required by law to keep it.

4.4 Notification at collection (APP 5)

When we collect personal information, we notify you through this policy and, where relevant, at the point of collection (e.g. contact form labels and consent text) of:

• our identity and contact details;
• why we collect the information and how we will use it;
• who we may disclose it to;
• whether disclosure overseas is likely;
• how to access and correct your information and how to complain;
• whether collection is required by law (it is not, for contact enquiries);
• consequences if you do not provide information (we may be unable to respond).

5. Why We Use and Disclose Information (APP 6)

We use personal information only for the primary purposes for which it was collected, or for related secondary purposes you would reasonably expect, including:

• responding to contact form enquiries;
• operating, securing, and improving the website;
• analytics and audience understanding (with cookie consent);
• complying with Australian law and responding to lawful requests;
• managing complaints and privacy requests.

We do not sell personal information. We may disclose information to:

• hosting and IT service providers under confidentiality obligations;
• analytics providers (only with consent);
• professional advisers where necessary;
• regulators or law enforcement when required by law.

6. Direct Marketing (APP 7) and the Spam Act 2003

We do not send commercial electronic messages (emails or SMS marketing) unless:

• you have given express consent under APP 7 and the Spam Act 2003 (Cth); or
• a permitted exception applies under Australian law.

Any marketing communication we send will clearly identify Sparkfreshae.ddd as the sender, include our contact details, and provide a functional unsubscribe facility. We honour unsubscribe requests within 5 working days, as required by the Spam Act 2003.

Marketing and analytics cookies are disabled unless you opt in via the cookie banner. Opting in to marketing cookies does not by itself constitute consent to receive email; separate consent would be obtained before any commercial email is sent.

If you believe you have received spam from us in breach of the Spam Act 2003, contact us or the Australian Communications and Media Authority (ACMA) at acma.gov.au.

7. Overseas Disclosure (APP 8)

Some service providers (hosting, analytics, email delivery, content delivery networks) may process personal information outside Australia, commonly in the United States, European Union, or Singapore, depending on the provider selected.

Before disclosing personal information overseas, we take reasonable steps under APP 8.1 to ensure the recipient does not breach the APPs in relation to that information, which may include:

• using providers that publish privacy commitments aligned with Australian standards;
• contractual clauses requiring confidentiality, security, and lawful processing;
• assessing the privacy laws of the destination country where relevant.

By using our website and consenting to applicable cookies, you acknowledge that overseas disclosure may occur for those services. If you do not consent to overseas processing, you may decline non-essential cookies and limit information you provide via the contact form.

We will not disclose personal information overseas unless permitted under APP 8, including where you have consented or we reasonably believe the recipient is subject to a law or binding scheme substantially similar to the APPs.

8. Government Identifiers (APP 9)

We do not adopt, use, or disclose government-related identifiers (such as Medicare numbers, tax file numbers, Centrelink reference numbers, or driver licence numbers) as our own identifier for you. Please do not send such identifiers via the contact form. Our handling of tax file numbers, if ever required in a separate offline context, would follow the Privacy (Tax File Number) Rule 2015 and APP 9.

9. Data Quality (APP 10)

We take reasonable steps to ensure personal information we collect, use, and disclose is accurate, up to date, complete, and relevant. Please notify us if your contact details change.

10. Data Security (APP 11)

We protect personal information from misuse, interference, loss, unauthorised access, modification, and disclosure through measures including:

• HTTPS encryption in transit;
• access controls and least-privilege staff access;
• secure deletion schedules;
• contractual safeguards with processors.

No online transmission is completely secure. Please use discretion in messages you send us.

11. Notifiable Data Breaches (Part IIIC, Privacy Act 1988)

We comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988. If we reasonably believe an eligible data breach has occurred — unauthorised access, disclosure, or loss of personal information likely to result in serious harm — we will:

• contain and assess the breach as quickly as practicable;
• notify affected individuals with recommended steps to reduce harm;
• notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable, and ordinarily within 30 days of becoming aware of the breach;
• keep an internal record of the breach and our response.

If you believe your personal information held by us has been compromised, contact us immediately at our privacy contact email above.

12. Access to Your Information (APP 12)

You may request access to personal information we hold about you by emailing cooperation@sparkfreshae.world. We will acknowledge your request promptly and provide access within 30 days, unless an exception under the Privacy Act 1988 applies (for example, where access would pose a serious threat to life, health, or safety, or access is frivolous or vexatious).

We may charge a reasonable fee for providing access if the request is not straightforward, in accordance with APP 12. We will explain any refusal and your complaint options.

13. Correction of Your Information (APP 13)

If you believe personal information we hold is inaccurate, out of date, incomplete, irrelevant, or misleading, you may request correction free of charge. We will respond within 30 days. If we refuse correction, we will provide written reasons and tell you how to complain. You may also request that we associate a statement of your requested correction with the information.

14. Retention and De-identification

• Contact form records: up to 24 months, then secure deletion unless law requires longer retention.
• Analytics data: up to 26 months, then anonymisation or deletion.
• Cookie consent records: 12 months in local browser storage.

When information is no longer needed for any permitted purpose, we take reasonable steps to destroy or de-identify it in accordance with APP 11.2. De-identified data used for statistics is not personal information under the Privacy Act 1988 if individuals are no longer reasonably identifiable.

15. Artificial Intelligence, Automated Processing & 2026 Transparency

We publish a standalone AI & Automated Systems Disclosure. In summary:

• Some website images and editorial content may be created or refined using AI tools, with human review.
• We do not provide AI chat consultations on this website.
• The bedtime calculator uses a fixed formula in your browser — not machine learning profiling.
• We do not use your contact form data to train public AI models without explicit consent.
• Where third-party tools process data automatically, this is described in our Cookie Policy.

If automated processing materially affects you in future (e.g. automated triage of enquiries), we will update this policy and the AI disclosure page before implementation.

16. GDPR Rights (EEA Visitors)

Where GDPR applies, you may have additional rights including erasure, restriction, portability, and objection. Contact us to exercise these rights. You may also lodge a complaint with your local EU supervisory authority.

17. Complaints and Dispute Resolution (APP 1)

If you believe we have interfered with your privacy or breached the APPs, please contact us first so we can try to resolve the matter:

1. Step 1 — Contact us: Email cooperation@sparkfreshae.world with details of your concern. We will acknowledge receipt within 7 days and aim to respond with an outcome within 30 days.
2. Step 2 — Internal review: If unresolved, request escalation to a senior contact at the same email address.
3. Step 3 — External complaint: If you remain dissatisfied, you may complain to the OAIC (see below). We will cooperate with any OAIC investigation.

Office of the Australian Information Commissioner (OAIC):

• Website: oaic.gov.au
• Online privacy complaint form: available via the OAIC website
• Phone: 1300 363 992 (Australia)
• Post: GPO Box 5218, Sydney NSW 2001, Australia

You may also seek remedies under Australian law, including court remedies available under the Privacy Act 1988 for serious invasions of privacy where applicable.

18. Children's Privacy

This website is not directed at children under 16. We do not knowingly collect their personal information. Contact us for prompt deletion if you believe a child has submitted data.

19. Changes to This Policy

We may update this policy to reflect legal, technical, or operational changes. The "Last updated" date will change accordingly. Significant changes may also be noted on the website homepage or cookie banner.

20. Relevant Australian Legislation

This policy is designed to align with, among others:

• Privacy Act 1988 (Cth) — including the Australian Privacy Principles and the Notifiable Data Breaches scheme (Part IIIC);
• Spam Act 2003 (Cth) — commercial electronic messages;
• Competition and Consumer Act 2010 (Cth), Schedule 2 — Australian Consumer Law (see our Terms of Use);
• Copyright Act 1968 (Cth) — intellectual property on this website;
• TGA advertising guidance — we do not advertise therapeutic goods or make treatment claims;
• OAIC guidance on privacy policies, cookies, and direct marketing.

21. Contact Us

Privacy enquiries: cooperation@sparkfreshae.world or Contact Form.