Privacy Policy
Last updated: 1 June 2026
This Privacy Policy explains how Vitstrength.world (“we”, “us”, “our”) collects, holds, uses, and discloses personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). It also meets our 2026 transparency obligations regarding artificial intelligence (AI), automated tools, and data handling. Rights for visitors in the EEA/UK under the GDPR are in Section 13.
1. Who we are (APP 1 — open and transparent management)
Entity responsible for personal information: Vitstrength.world
Postal address: 4/5 Byres St, Newstead QLD 4006, Australia
Email: business@vitstrength.world
Telephone: +61 7 2112 1378
For privacy enquiries, complaints, or requests to access or correct your information, contact us using the details above. We will respond within a reasonable period, and in any event within 30 days for Australian access requests unless an extension is permitted under the Privacy Act.
2. Scope and Australian law
This Policy applies to personal information collected through:
- this website (vitstrength.world);
- our contact form and email correspondence;
- cookie and similar technologies (see our Cookie Policy);
- event registrations or enquiries you send to us.
We are committed to handling personal information in line with the Privacy Act, the APPs, and OAIC guidance (including materials on privacy and emerging technologies). We follow an APP-by-APP approach summarised in Section 14. Where GDPR applies to you, we comply with Section 13.
We do not intentionally collect sensitive information (as defined in the Privacy Act, e.g. health records or biometric data) through this Site. Please do not include sensitive information in contact messages unless it is necessary; if you do, you consent to our handling of that information for the purpose of responding to you.
3. What we collect (APP 3 — collection of solicited personal information)
| Category | Examples | How collected |
|---|---|---|
| Identity & contact | Name, email address | Contact form, email you send us |
| Communications | Message content, enquiry subject | Contact form, email, phone |
| Technical | IP address, browser type, device type, referring URL, pages viewed, date/time of visit | Server logs; analytics tools only if you consent to analytics cookies |
| Preferences | Cookie consent choices (necessary / analytics / marketing) | Cookie banner; stored in your browser (localStorage) |
| AI-assisted support (if used) | Content of your message when we use authorised tools to help draft a human-reviewed reply | Only when you contact us; not used to train public models (see Section 4) |
We collect personal information that is reasonably necessary for our functions and activities (APP 3). We do not collect personal information by unlawful or unfair means. Where practicable, you may interact with us without identifying yourself (APP 2); however, we cannot respond to a contact form submission without your email address.
We provide this notice before or at the time of collection (APP 5) through this Policy, our cookie banner, and form labels.
4. Artificial intelligence, algorithms, and transparency (2026)
We believe visitors should know when technology—not only humans—helps create what they see or read. This section fulfils our transparency duties under APP 1 and aligns with Australian expectations for responsible use of AI and personal data in 2026.
4.1 Website content (text and layout)
Some articles, headings, or layout suggestions on this Site may be drafted or edited with the assistance of generative AI tools, then reviewed and adjusted by a person before publication. AI assists with clarity and structure; it does not provide medical or personalised advice. Factual claims are checked against reputable public sources where possible. If you spot an error, contact us and we will correct it (APP 13).
4.2 Images and visual content
Photographs and graphics on this Site are used for general lifestyle illustration of digital wellbeing themes (e.g. reading, walking, quiet time). They may include:
- licensed or original photographs from our image library; and/or
- AI-generated or AI-edited images created for decorative context (not for sale as physical goods on this Site).
AI-generated visuals are not presented as photographs of real customers, clinical settings, or specific products you can purchase here. They must not be relied on for medical, safety, or commercial decisions. If a specific image is synthetic, it remains illustrative only.
4.3 Live chat and automated consultations
We do not currently operate a live AI chatbot on vitstrength.ddd. General enquiries are answered by a human via email or phone during business hours. If we introduce automated chat or AI-generated replies in future, we will:
- display a clear notice before you interact (e.g. “You are communicating with an automated assistant”);
- explain what personal information the tool processes and link to this Policy;
- offer a human contact option where reasonably practicable; and
- update this Policy and our About — AI disclosure page.
4.4 Automated decision-making
We do not use solely automated decision-making that produces legal effects or similarly significant effects about individuals (such as automated eligibility scoring). Cookie-based analytics, if you consent, produce aggregated statistics only.
4.5 Personal information and AI service providers
We do not sell or license your contact form data for AI model training. If we use third-party AI tools to help staff draft email responses, we:
- limit input to what is necessary to answer your enquiry;
- use providers and settings that minimise retention where available;
- require confidentiality under our contracts (APP 11); and
- disclose overseas processing under APP 8 where applicable (see Section 7).
You may ask whether AI was used in connection with your enquiry by contacting us (Section 11).
4.6 Quality and complaints about AI content
AI-assisted text or images may occasionally be inaccurate or outdated. Do not rely on Site content as a substitute for professional advice. To raise a privacy concern about our use of AI or data, follow Section 11.
5. Why we collect and use information (APP 6)
We use personal information for the following primary purposes:
- responding to your questions and contact form submissions;
- providing information about digital detox programs and events listed on the Site;
- operating, securing, and improving the Site;
- complying with legal obligations and resolving disputes;
- managing cookie preferences and records of consent.
Secondary purposes (only where permitted by law and, where required, with your consent):
- aggregated analytics to understand how visitors use the Site (analytics cookies — opt-in);
- measuring marketing effectiveness (marketing cookies — opt-in);
- sending follow-up emails about your enquiry or event registration (not bulk promotional email unless you separately opt in).
We will not use your personal information for a purpose other than the purpose for which it was collected unless you would reasonably expect the new use, you consent, or another exception under the Privacy Act applies.
6. Direct marketing (APP 7)
We do not sell your personal information. We may send you communications related to your enquiry or services you requested. If we ever send electronic marketing to individuals in Australia, we will comply with the Spam Act 2003 (Cth): identify the sender, include our contact details, and provide a functional unsubscribe facility. You may opt out of marketing at any time by using the unsubscribe link or contacting us.
7. Disclosure to third parties (APP 6 & APP 8)
We may disclose personal information to:
- Service providers (processors) who assist us with hosting, email delivery, analytics, or IT support, only for the purposes we specify and subject to confidentiality and security obligations;
- Professional advisers (lawyers, accountants) where required;
- Government agencies if required or authorised by Australian law;
- Embedded services — for example, Google Maps on our contact page may receive technical data when you load the map (see Google’s privacy policy).
We do not routinely disclose personal information to overseas recipients. If we do (for example, because a hosting or email provider stores data outside Australia), we will take reasonable steps to ensure the overseas recipient complies with the APPs or we will otherwise comply with APP 8 (cross-border disclosure), including by obtaining your consent where required.
8. Retention and destruction (APP 11)
- Contact form and email records: up to 24 months after the last correspondence, unless longer retention is required for legal claims or Australian law.
- Server and security logs: up to 90 days, unless needed for incident investigation.
- Cookie consent records: stored in your browser until you clear site data; we do not retain a separate server copy unless analytics tools create one after you consent.
When personal information is no longer needed, we take reasonable steps to destroy or de-identify it securely.
9. Security (APP 11)
We implement reasonable technical and organisational safeguards, including HTTPS encryption, access controls, and contractual requirements on service providers. No online system is completely secure. You should protect your own devices and email accounts. If you believe your interaction with us is no longer secure, contact us immediately.
10. Notifiable data breaches (Australia)
Under the Privacy Act, we must assess suspected eligible data breaches and, where required, notify affected individuals and the OAIC. An eligible data breach occurs when there is unauthorised access to, or disclosure of, personal information that is likely to result in serious harm, and remedial action has not prevented that likelihood. We maintain internal procedures to detect, contain, and respond to incidents.
11. Access, correction, and complaints (APP 12 & APP 13)
Access: You may request access to personal information we hold about you. We will provide access unless an exception applies (e.g. legal privilege, threat to life or safety, frivolous or vexatious request). We may charge a reasonable administrative fee where permitted by law.
Correction: If you believe information we hold is inaccurate, out of date, incomplete, irrelevant, or misleading, ask us to correct it. If we disagree, we will explain our reasons and note your request on file where appropriate.
Complaints:
- Contact us first at the details in Section 1. We will acknowledge your complaint and aim to resolve it within 30 days (including complaints about AI transparency or data used with automated tools).
- If you are not satisfied, you may complain to the Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au · phone 1300 363 992 · GPO Box 5218, Sydney NSW 2001.
12. Children
The Site is intended for a general audience. We do not knowingly collect personal information from children under 15 without parental or guardian consent. If you believe we have collected a child’s information, contact us and we will take reasonable steps to delete it.
13. Rights for EEA/UK visitors (GDPR)
Where GDPR applies, our legal bases include: consent (analytics/marketing cookies, optional communications); contract or pre-contractual steps (responding to your request); legitimate interests (site security, fraud prevention, improving content) balanced against your rights. Where we use AI tools processing personal data, we rely on the same bases and provide transparency per Articles 13–14. You may have rights to access, rectification, erasure, restriction, portability, objection, human review of certain automated decisions, and withdrawal of consent. Lodge a complaint with your local supervisory authority. For GDPR requests, contact us at the email above; we respond within one month unless extension is permitted.
14. How we meet the Australian Privacy Principles (APPs)
| APP | Our approach |
|---|---|
| APP 1 — Open and transparent | This Policy, Cookie Policy, Terms, and AI disclosures explain our practices in plain language. |
| APP 2 — Anonymity and pseudonymity | You may browse without an account; pseudonyms are accepted in enquiries where practical. |
| APP 3 — Collection of solicited information | We collect only what is reasonably necessary (see Section 3). |
| APP 4 — Unsolicited information | We delete or de-identify unsolicited personal information we no longer need. |
| APP 5 — Collection notice | Notices via this Policy, forms, and cookie banner. |
| APP 6 — Use and disclosure | Primary and secondary purposes listed in Section 5; disclosures in Section 7. |
| APP 7 — Direct marketing | Opt-out and Spam Act compliance (Section 6). |
| APP 8 — Cross-border disclosure | Reasonable steps or consent before overseas disclosure (Section 7). |
| APP 9 — Government identifiers | We do not adopt government related identifiers as our own reference numbers. |
| APP 10 — Quality of information | We take reasonable steps to keep information accurate and up to date on request. |
| APP 11 — Security | Safeguards in Section 9; destruction in Section 8. |
| APP 12 — Access | Access requests welcomed (Section 11). |
| APP 13 — Correction | Correction requests welcomed (Section 11). |
15. Changes to this Policy
We may update this Policy from time to time. The “Last updated” date will change. Material changes will be posted on this page. We encourage you to review this Policy periodically.