Privacy Policy

Privacy Policy – Australian Memoirs™

Privacy Policy – Australian Memoirs™

Last updated: 1 July 2025

This Privacy Policy explains how Australian Memoirs™, operated by New Quiet Empire Pty Ltd (ABN [Insert ABN]), collects, uses, discloses, and safeguards your personal information across our website, subscription dashboard, digital writing tools, AI writing assistants, and premium memoir writing services.

We are committed to protecting your privacy and complying with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and where applicable, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).

1. What Information We Collect
1.1 Information You Provide Directly

We collect personal information directly from you when you engage with our services, including:

  • Account Information: Name, email address, phone number, postal address
  • Profile Data: User preferences, subscription settings, communication preferences
  • Payment Information: Billing address, payment method details (processed securely by Stripe)
  • Content Data: Memoir stories, uploads, drafts, audio recordings, photographs, documents
  • Communication Records: Support emails, chat transcripts, feedback submissions
1.2 Information Collected Automatically

When you use our services, we automatically collect:

  • Technical Data: IP address, browser type and version, operating system, device identifiers
  • Usage Analytics: Pages visited, features used, time spent, click patterns, session recordings
  • Performance Data: App crashes, load times, error reports, diagnostic information
  • Location Data: General geographic location (city/region level) based on IP address
1.3 Cookies and Tracking Technologies

We use the following technologies to enhance your experience:

  • Essential Cookies: Required for core functionality (authentication, security)
  • Analytics Cookies: Google Analytics and similar tools to understand usage patterns
  • Preference Cookies: Remember your settings and customizations
  • Marketing Cookies: Track effectiveness of campaigns and personalize content

You can manage cookie preferences through your browser settings or our cookie preference center.

2. How We Collect Information

Information is collected through:

  • Direct Interactions: Account creation, form submissions, purchases, support requests
  • Automated Technologies: Cookies, web beacons, analytics tools, session recordings
  • AI Assistant Interactions: Voice recordings, text inputs, feature usage within the dashboard
  • Media Uploads: Photos, documents, audio files uploaded for memoir creation
  • Third-Party Sources: Social media login integrations (with your consent)
  • Service Providers: Data received from payment processors, analytics providers
3. Why We Collect Your Information
3.1 Primary Purposes

We collect and process personal data to:

  • Service Delivery: Provide memoir writing tools, AI assistance, and premium services
  • Account Management: Create and maintain user accounts, subscription management
  • Payment Processing: Handle billing, invoicing, and secure payment transactions
  • Customer Support: Respond to inquiries, troubleshoot issues, provide assistance
  • Content Enhancement: Improve AI writing suggestions and personalization features
3.2 Secondary Purposes
  • Marketing Communications: Send product updates, newsletters, promotional offers (with consent)
  • Service Improvement: Analyze usage patterns to enhance platform functionality
  • Security: Prevent fraud, protect against unauthorized access, ensure platform security
  • Legal Compliance: Meet regulatory obligations, resolve disputes, enforce terms
4. Lawful Basis for Processing
4.1 Under Australian Privacy Principles

We process your personal information based on:

  • Consent: Where you have provided explicit consent for specific uses
  • Contract Performance: To fulfill our service agreements and subscriptions
  • Legal Obligations: Tax recordkeeping, regulatory compliance, court orders
  • Legitimate Interests: Security, fraud prevention, service improvement (balanced against your privacy rights)
4.2 Under GDPR (for EU residents)
  • Explicit Consent: For marketing communications and optional features
  • Contractual Necessity: To provide requested services and process payments
  • Legitimate Interests: Security, analytics, service improvement (with impact assessments)
  • Legal Obligation: Compliance with EU regulations and data protection requirements
5. Data Sharing and Disclosure
5.1 Service Providers

We share personal information with trusted service providers who assist in delivering our services:

  • Payment Processing: Stripe (payment gateway and billing management)
  • Database Hosting: Supabase (secure cloud database services)
  • Cloud Storage: Amazon Web Services, Google Cloud Platform (data storage and backup)
  • Analytics: Google Analytics, Mixpanel (usage analysis and performance monitoring)
  • Email Services: Mailgun, SendGrid (transactional and marketing emails)
  • AI Services: OpenAI, Anthropic (AI writing assistance features)
  • Support Tools: Intercom, Zendesk (customer support platforms)
5.2 Business Partners
  • Editing Services: Verified professional editors and writing consultants (for premium services)
  • Printing Partners: Authorized printing facilities (for physical memoir production)
  • Integration Partners: Third-party tools connected to your account (with your consent)
5.3 Legal Requirements

We may disclose information when required by law:

  • Court orders, subpoenas, or regulatory investigations
  • Law enforcement requests (following proper legal procedures)
  • Protection of rights, property, or safety of users or the public
  • Business transfers (mergers, acquisitions, asset sales)

We do not sell, rent, or trade your personal data to third parties for commercial purposes.

6. Data Storage and Security
6.1 Storage Locations

We store your data on secure servers primarily located in:

  • Australia: Primary data centers for Australian users
  • United States: Cloud infrastructure providers (AWS, Google Cloud)
  • Europe: EU-specific data centers for European users
6.2 Security Measures

We implement industry-standard security controls:

  • Encryption: AES-256 encryption at rest, TLS 1.3 for data in transit
  • Access Controls: Multi-factor authentication, role-based permissions, regular access reviews
  • Network Security: Firewalls, intrusion detection, DDoS protection
  • Monitoring: 24/7 security monitoring, automated threat detection
  • Backup Systems: Regular encrypted backups with geographic redundancy
  • Staff Training: Regular security awareness training for all personnel
6.3 Data Breach Response

If a security breach occurs affecting your personal data:

  • Immediate Response: Within 72 hours of discovery, we assess the breach scope and impact
  • Regulatory Notification: Report to OAIC and relevant authorities as required by NDB scheme
  • User Notification: Inform affected users within reasonable timeframes via email or platform notifications
  • Remediation: Take immediate steps to secure systems and prevent further unauthorized access

Your Responsibility: Keep your login credentials secure and report suspicious account activity immediately.

7. Your Rights and Choices
7.1 Access and Control Rights

You have the right to:

  • Access: Request copies of personal data we hold about you
  • Correction: Update inaccurate or incomplete information
  • Deletion: Request removal of your personal data (subject to legal limitations)
  • Data Portability: Receive your data in a structured, machine-readable format
  • Restriction: Limit how we process your data in certain circumstances
  • Objection: Opt out of certain data processing activities
7.2 Marketing and Communication Preferences
  • Unsubscribe: Use unsubscribe links in emails or update preferences in your account
  • Notification Settings: Control which types of communications you receive
  • Consent Withdrawal: Revoke consent for marketing or optional features at any time
7.3 Exercise Your Rights

To exercise your privacy rights:

  • Email: privacy@australianmemoirs.com.au
  • Response Time: We will respond within 30 days (as required under APP)
  • Identity Verification: We may request proof of identity to protect your information
  • Appeals: If unsatisfied with our response, contact the Office of the Australian Information Commissioner (OAIC)

OAIC Contact: Phone: 1300 363 992 | Website: www.oaic.gov.au

8. Children’s Privacy

Our services are intended for users aged 18 and over. We do not knowingly collect personal information from children under 18. If we become aware of data collected from minors without proper parental consent, we will:

  • Delete such data immediately
  • Terminate any associated accounts
  • Implement additional safeguards to prevent future occurrences

Parents or guardians who believe we have collected information from a minor should contact us immediately.

9. AI Services and Content Confidentiality
9.1 Content Privacy
  • Confidentiality: All memoir content remains private and confidential to you
  • AI Processing: Content is processed by AI services solely to provide writing assistance
  • No Training Use: Your personal content is never used to train public AI models
  • Access Control: Only authorized personnel can access content for editing/publishing services you specifically request
9.2 AI Service Providers

We use the following AI providers with strict data protection agreements:

  • OpenAI: For writing assistance and content generation features
  • Anthropic: For advanced editing and story structure suggestions
  • Google AI: For speech-to-text transcription services
9.3 Content Retention
  • Active Accounts: Content retained for the duration of your subscription
  • Inactive Accounts: Content retained for 12 months after account deactivation
  • Deletion Requests: Content permanently deleted within 30 days of request
  • Backup Systems: Content removed from all backup systems within 90 days
10. International Data Transfers
10.1 Transfer Safeguards

When transferring data internationally, we ensure adequate protection through:

  • Adequacy Decisions: Transfers to countries with GDPR adequacy status
  • Standard Contractual Clauses (SCCs): EU-approved data transfer agreements
  • Binding Corporate Rules: Internal policies ensuring consistent data protection
  • Certification Schemes: SOC 2, ISO 27001 certifications from service providers
10.2 Specific Transfer Details
  • United States: Data transferred under SCCs with additional safeguards
  • United Kingdom: Post-Brexit adequacy decision and UK GDPR compliance
  • European Union: Direct transfers within EEA without additional safeguards required
11. Data Retention
11.1 Retention Periods

We retain personal information based on the following schedules:

  • Account Data: Duration of subscription plus 7 years (for legal compliance)
  • Payment Records: 7 years (Australian tax law requirements)
  • Marketing Data: Until consent is withdrawn or 3 years of inactivity
  • Support Communications: 3 years from last interaction
  • Analytics Data: Aggregated data retained indefinitely; personal identifiers removed after 26 months
  • Content and Memoirs: Until account deletion or specific deletion request
11.2 Deletion Procedures

When retention periods expire or deletion is requested:

  • Secure Deletion: Data permanently removed using DoD 5220.22-M standards
  • Backup Removal: Data removed from all backup systems within 90 days
  • Third-Party Notification: Service providers instructed to delete shared data
  • Legal Holds: Data preserved longer if subject to legal proceedings
12. Third-Party Links and Integrations
12.1 External Services

Our platform may include links to or integrations with:

  • Payment Gateway: Stripe payment processing (separate privacy policy applies)
  • Scheduling: Calendly appointment booking (separate privacy policy applies)
  • Forms: Google Forms for surveys and feedback (Google privacy policy applies)
  • Social Media: Facebook, LinkedIn, Instagram sharing features
  • Cloud Storage: Google Drive, Dropbox integrations (with your consent)
12.2 Third-Party Responsibility

These external services have their own privacy policies and data practices. We recommend reviewing their policies before using these integrations. We are not responsible for the privacy practices of third-party services.

13. California Consumer Privacy Act (CCPA)
13.1 Rights for California Residents

If you are a California resident, you have additional rights under CCPA:

  • Right to Know: Categories and specific pieces of personal information collected
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of the sale of personal information
  • Right to Non-Discrimination: Equal service regardless of privacy choices
13.2 CCPA Disclosures
  • Personal Information Categories: Contact details, payment information, usage data, content data
  • Sources: Direct from users, automatically collected, service providers
  • Business Purposes: Service provision, customer support, analytics, marketing
  • No Sale of Data: We do not sell personal information to third parties

Do Not Sell My Personal Information: [Link to opt-out form] or email privacy@australianmemoirs.com.au

14. Changes to This Policy
14.1 Policy Updates

We may update this Privacy Policy to reflect:

  • Changes in our services or business practices
  • New legal requirements or regulations
  • Enhanced security measures or privacy protections
  • User feedback and industry best practices
14.2 Notification Process

When we make material changes:

  • 30-Day Notice: Advance notification via email to registered users
  • Website Notice: Prominent notice on our website homepage
  • Dashboard Alert: In-app notification when you next log in
  • Version History: Previous versions available upon request

Continued use of our services after notification constitutes acceptance of the updated policy.

15. Contact Us
15.1 Privacy Inquiries

For questions about this Privacy Policy or to exercise your rights:

Email: privacy@australianmemoirs.com.au
General Contact: enquiries@australianmemoirs.com.au
Phone: Email for Support Number
Postal Address: PO Box 387, Morayfield, QLD 4506, Australia

15.2 Data Protection Officer

For GDPR-related inquiries: Email: dpo@australianmemoirs.com.au

15.3 Complaints

If you believe we have breached your privacy rights:

  1. Contact us first: privacy@australianmemoirs.com.au
  2. OAIC Complaint: www.oaic.gov.au or 1300 363 992
  3. EU Residents: Contact your local supervisory authority

Effective Date: This Privacy Policy is effective as of the “Last updated” date shown above.

By using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

Scroll to Top