Privacy Policy

Last updated: 16/11/2025
Business Name: Curious Enterprises
Website: https://curiousenterprises.com.au/

Curious Enterprises (“we”, “us”, “our”) is committed to safeguarding personal information in accordance with:

  • Australia: The Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

  • European Union (EU)/EEA: The General Data Protection Regulation (GDPR – Regulation (EU) 2016/679).

This policy explains how we collect, use, disclose, and protect your personal information.

1. What Personal Information We Collect

We only collect personal information necessary for our business activities as allowed under:

  • APP 3 – Collection of solicited personal information (Privacy Act 1988)

  • GDPR Article 5(1)(c) – Data minimisation

We may collect the following:

Information you provide

  • Name

  • Email address

  • Phone number

  • Business details

  • Project information or service enquiries

  • Billing information for invoicing

Information collected automatically

(in line with GDPR Recital 30 regarding online identifiers)

  • IP address

  • Browser/device information

  • Website usage analytics and cookies (see Section 10)

2. How We Collect Personal Information

We collect information through:

  • Website contact forms

  • Email or direct communication

  • Social media interactions

  • Analytics tools (e.g., website traffic statistics)

All collection follows:

  • APP 5 – Notification of collection

  • GDPR Articles 13–14 – Information to be provided to data subjects

3. Legal Basis for Processing (GDPR)

Under GDPR, our legal bases for processing include:

  • Consent – GDPR Article 6(1)(a)

  • Contract – Article 6(1)(b)

  • Legal obligation – Article 6(1)(c)

  • Legitimate interests – Article 6(1)(f), such as improving services or website security

4. How We Use Personal Information

We use personal information to:

  • Respond to enquiries

  • Provide services or quotes

  • Manage client accounts and billing

  • Improve our website and services

  • Send updates or marketing (only with consent per GDPR Article 7)

5. Disclosure of Personal Information

We may disclose information to:

  • Service providers (e.g., email hosts, website analytics tools)

  • Accountants or legal advisors

  • Cloud-storage or hosting providers

Any disclosure follows:

  • APP 6 – Use and disclosure of personal information

  • GDPR Chapter V – International data transfers (if applicable)

We do not sell or trade your personal data.

6. International Transfers

If we transfer European users’ data outside the EU/EEA, we rely on:

  • GDPR Article 46 – Appropriate safeguards, such as Standard Contractual Clauses (SCCs)

7. Data Retention

We retain personal information only as long as necessary for business or legal purposes, in accordance with:

  • APP 11.2 – Data destruction when no longer needed

  • GDPR Article 5(1)(e) – Storage limitation

8. Your Rights (EU / EEA Users)

Under GDPR, you have the right to:

  • Access – Article 15

  • Rectification – Article 16

  • Erasure (“Right to be forgotten”) – Article 17

  • Restriction of processing – Article 18

  • Data portability – Article 20

  • Object to processing – Article 21

  • Withdraw consent – Article 7(3)

To exercise these rights, contact us using the details in Section 13.

9. Your Rights (Australia)

Under the Australian Privacy Act, you may:

  • Request access to your personal information (APP 12)

  • Request correction of your information (APP 13)

10. Cookies and Tracking Technologies

Cookies and analytics may be used to improve website functionality.
Use of cookies follows:

  • GDPR Recital 30 & ePrivacy Directive (Cookie consent rules)

  • APP 5 – Notification of collection

Where required, we obtain consent before storing cookies.

11. Data Security

We implement reasonable security measures consistent with:

  • APP 11 – Security of personal information

  • GDPR Article 32 – Security of processing

Measures may include encryption, access controls, and secure storage.

12. Third-Party Services

Third-party providers may process personal information only as required to perform services for us and must comply with:

  • APP 8 – Cross-border disclosure of personal information

  • GDPR Articles 28–29 – Processor obligations

13. How to Contact Us

For privacy enquiries, access requests, or GDPR rights requests:

Curious Enterprises
Email: [email protected]
Website: https://curiousenterprises.com.au/

14. Complaints

Australia:

You may complain to the Office of the Australian Information Commissioner (OAIC) under the Privacy Act 1988:
https://www.oaic.gov.au/

EU/EEA:

EU users may lodge a complaint with their local Data Protection Authority (DPA) as permitted under GDPR Article 77.

15. Changes to This Policy

We may update this policy to remain compliant with:

  • Amendments to the Privacy Act 1988

  • Updates to the GDPR

Any changes will be posted on our website.

Verified by MonsterInsights