Privacy Policy
Last updated: 31 May 2026
Version: 3.0
1. Who we are (APP 1 — open and transparent management)
This Privacy Policy applies to the website washingpurifyher.world and related micro-workout education services operated from Australia.
Organisation / APP entity: Washingpurifyher.world
ACN: 002 506 461
Postal address: 320 Montague Rd, West End QLD 4101, Australia
Email: community@washingpurifyher.world
Phone: +61 7 3844 8441
Business hours: Monday–Friday, 9:00 am–5:00 pm AEST (by appointment)
We handle personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles (APPs) in Schedule 1 of the Privacy Act, and the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act. Where the EU General Data Protection Regulation (GDPR) applies to you, we also describe additional rights in Section 16.
Related documents: Cookie Policy · Terms of Use · About Us · Contact.
2. How we comply with the Australian Privacy Principles (APPs)
The table below summarises how we meet the 13 APPs under the Privacy Act. This is a plain-language guide; the Privacy Act prevails if anything is unclear.
| APP | Our practice |
|---|---|
| APP 1 | This policy is free, clear, and up to date; contact details in Section 1. |
| APP 2 | Pseudonym or anonymous enquiry where practical; identity needed to register for events or reply to detailed requests. |
| APP 3 | Collection is lawful, fair, and with notice (forms, cookies, this policy). |
| APP 4 | Unsolicited information is handled under APP 4; you may request deletion. |
| APP 5 | Notice at collection: purpose, disclosure, overseas recipients, access and complaints. |
| APP 6 | Use and disclosure only for primary purpose or with consent / permitted secondary use. |
| APP 7 | Direct marketing only with consent or lawful exception; easy opt-out. |
| APP 8 | Overseas disclosure only with reasonable steps or your informed consent. |
| APP 9 | Government related identifiers used only as required by law. |
| APP 10 | We take reasonable steps to keep information accurate and complete. |
| APP 11 | Security safeguards and destruction when no longer needed. |
| APP 12 | Access requests within a reasonable time (usually 30 days). |
| APP 13 | Correction of inaccurate, out-of-date, or misleading information. |
We also follow the Notifiable Data Breaches scheme and OAIC guidance on privacy and emerging technologies — including artificial intelligence and automated processing — published for Australian organisations in 2025–2026.
3. Whose information this policy covers
This policy covers visitors to our website, people who contact us via forms or email, event and challenge registrants, and anyone who provides personal information through phone, email, or in person at our West End location.
4. What personal information we collect (APP 3 & APP 5)
“Personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not and whether recorded in a material form or not (Privacy Act s 6).
4.1 Information you give us
- Contact form: name, email address, message content, and your consent checkbox record.
- Event registration: name, email, attendance preferences, and accessibility requirements if you choose to provide them.
- Enquiries: information you include in emails or phone calls (e.g. preferred session times, interest in specific workout plans).
4.2 Information collected automatically
- Technical data: IP address, browser type, device type, operating system, referring URL, pages viewed, and approximate date/time of access.
- Cookies and similar technologies: as described in our Cookie Policy, including cookie consent preferences stored in your browser (local storage key:
tdde_cookie_consent).
4.3 Sensitive information (APP 3.3 & APP 3.4)
We do not ask you to submit sensitive information (such as detailed medical records, pathology results, or government identifiers) through the website. Our services are general lifestyle and movement education only. If you voluntarily include health-related details in a message, we will treat that information as sensitive where required and only use it for the purpose of responding to you, unless you give separate express consent for another use.
Please do not use the contact form for medical emergencies. In an emergency call 000 (Australia).
5. How we collect information
We collect personal information:
- directly from you when you submit forms, register for events, or communicate with us;
- automatically when you use our website (server logs, cookies where permitted);
- from third parties only where you have consented or we are authorised by law.
Where reasonable, you may interact with us using a pseudonym or anonymously (APP 2). However, we may need your contact details to reply to enquiries or confirm event registration.
6. Why we collect, use, and disclose information (APP 6)
We collect personal information that is reasonably necessary for, or directly related to, our functions and activities. Primary purposes include:
- responding to enquiries and contact form submissions;
- providing micro-workout plans, checklists, challenge information, and event administration;
- operating, securing, and improving our website;
- analytics and marketing cookies only where you opt in via our cookie banner;
- complying with Australian law (record-keeping, dispute resolution);
- managing complaints and enforcing our Terms of Use.
We will not use your personal information for a secondary purpose unrelated to the primary purpose unless you consent, you would reasonably expect the use, or an exception under the Privacy Act applies.
6.1 Disclosure to others
We may disclose personal information to:
- Service providers (processors) such as website hosting, email delivery, and analytics (if consented)—only to perform services for us and subject to confidentiality and security obligations;
- Professional advisers (lawyers, accountants) where necessary;
- Regulators or courts when required or authorised by law.
We do not sell personal information.
7. Artificial intelligence (AI) — transparency & your data (2026)
Australian regulators and OAIC-oriented guidance expect clear disclosure when organisations use automated and AI-based systems that may affect how content is created or how we interact with you. This section explains our current and possible future uses so you can make informed choices under APP 1 (transparency) and APP 5 (notice at collection).
7.1 AI-generated or AI-edited website images
Some photos on this website (for example, movement scenes, desk-break settings, or community workshop visuals) may be:
- professional or stock photography, or
- created or edited using generative AI tools for illustration only.
AI-assisted or stock images are not photographs of specific clients and do not show promised fitness or health outcomes. They illustrate general movement concepts only. If you need to know whether a particular image is AI-generated, contact us and we will answer within a reasonable time.
7.2 AI-assisted written content
Articles, workout plan descriptions, checklists, or FAQs may be drafted with AI writing tools and then reviewed by a human before publication. AI drafts are checked for plain language, accuracy, and compliance with our editorial standards (see About Us). AI does not replace qualified clinical or exercise professional judgement.
7.3 Chat, bots, or automated replies
At the time of this policy (May 2026):
- the contact form is handled by humans (email/workflow), not an automated medical or fitness chatbot;
- if we later add live chat or an AI assistant, we will update this policy and display a clear on-screen notice before you use it, including what data is collected and whether AI is involved.
Any future AI chat tool will:
- state that it provides general education only, not medical or personalised training advice;
- not make decisions with legal or similarly significant effects about you without human review where required;
- allow you to request human follow-up via contact or phone;
- log interactions only as needed for quality and privacy compliance, with retention limits in Section 11.
7.4 Personal information and AI processing
If we use third-party AI services (for example, cloud models for summarising enquiries or drafting internal notes), we:
- disclose only the minimum personal information necessary;
- use providers under contracts requiring confidentiality, security, and permitted use limits;
- apply APP 8 steps before overseas AI processing where applicable;
- do not sell your personal information for third-party AI model training unless we obtain separate, explicit consent.
You may ask whether automated or AI-assisted processing was used in a reply to you and request human review of decisions that significantly affect you, where applicable under Australian law and our processes.
7.5 Automated decision-making
We do not use fully automated decisions (without meaningful human involvement) that have a significant effect on your rights — for example, automated approval or denial of event registration based solely on AI scoring. If this changes, we will inform you in advance and describe how to request review.
7.6 Analytics, cookies, and AI
Optional analytics or marketing tools enabled only with your cookie consent may use automated or machine-learning methods to produce aggregated statistics. See our Cookie Policy. We do not use cookie data to train public AI models.
8. Direct marketing (APP 7 & Spam Act 2003)
We may send you information about micro-workout plans, events, or challenges by email or SMS only where:
- you have consented, or
- we rely on an exception under the Spam Act 2003 (Cth) and APP 7 (e.g. conspicuous publication with contact details relevant to our services, and we include required sender identification and an unsubscribe facility).
Every marketing message will include a clear way to opt out (unsubscribe link or reply “STOP” for SMS). We will honour opt-out requests promptly and at no cost.
9. Cross-border disclosure (APP 8)
Some service providers may store or process data outside Australia (for example, in the United States, European Union, or Singapore). Before disclosing personal information overseas, we take reasonable steps to ensure the overseas recipient complies with the APPs, or we ensure you have consented to the disclosure after we inform you that APP 8.1 may not apply and you may not be able to seek redress overseas.
Embedded content (such as Google Maps on our contact page) may cause your browser to send data to providers located overseas. See our Cookie Policy for details.
10. Data quality and security (APP 10 & APP 11)
We take reasonable steps to ensure personal information is accurate, up to date, and complete. Please notify us if your details change.
Security measures include HTTPS encryption, access controls, strong passwords for administrative accounts, and contractual security requirements for processors. No online transmission is completely secure; you provide information at your own risk to the extent permitted by law.
11. Retention and destruction
We keep personal information only as long as needed for the purposes above, unless a longer period is required by law:
- Contact enquiries: up to 24 months, then deleted or de-identified unless a dispute or legal hold applies;
- Event records: up to 36 months for operational and legal purposes;
- Server logs: up to 12 months;
- Cookie consent records: up to 24 months;
- Marketing consents and unsubscribe records: for the period required to prove compliance with the Spam Act;
- AI chat or automated interaction logs (if introduced): up to 12 months unless a longer period is needed for disputes or quality review, then deleted or de-identified.
When information is no longer needed, we take reasonable steps to destroy or de-identify it (APP 11.2).
12. Notifiable Data Breaches (NDB scheme)
If we experience a data breach involving personal information that is likely to result in serious harm, we will assess the incident, notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable in line with the NDB scheme, and take steps to contain and remediate the breach.
13. Access and correction (APP 12 & APP 13)
You may request access to the personal information we hold about you, or request correction if it is inaccurate, out of date, incomplete, irrelevant, or misleading. We will respond within a reasonable period (generally within 30 days) and may ask you to verify your identity.
We may refuse access or correction where permitted by the Privacy Act (e.g. frivolous requests, legal privilege, threat to life or health). If we refuse, we will give written reasons and information about complaint options.
To make a request, contact us using the details in Section 1.
14. Complaints (Australia)
If you have a privacy complaint, contact us first. We will acknowledge your complaint and aim to resolve it within 30 days.
If you are not satisfied, you may lodge a complaint with the OAIC:
- Website: www.oaic.gov.au
- Phone: 1300 363 992
- Post: GPO Box 5218, Sydney NSW 2001
15. European Economic Area and UK (GDPR)
If GDPR applies, you may have rights to access, rectification, erasure, restriction, portability, objection, and withdrawal of consent. Contact us at community@washingpurifyher.world. Our lawful bases include consent, contract, legitimate interests (website operation and security), and legal obligation. International transfers use appropriate safeguards where required. You may lodge a complaint with your local supervisory authority.
16. Children
Our website and services are directed primarily at adults. We do not knowingly collect personal information from children under 16 without parental or guardian consent. Contact us if you believe we have collected a child’s information in error.
17. Changes to this policy
We may update this policy to reflect legal or operational changes. The “Last updated” date will change. Material changes will be published on this page. Continued use of the website after notice may constitute acceptance of the updated policy where permitted by law.