Last updated: May 11, 2022

Privacy policy.

Rhys Dyson (“Rhys”, “I”, “me”) values and respects the privacy of the people he deals with, and is committed to protecting your privacy and complying with the Privacy Act 1988 (Cth) (Privacy Act) and other applicable privacy laws and regulations.


This Privacy Policy (Policy) describes how I collect, hold, use, and disclose your personal and business information, and how I maintain the quality and security of that information.


1. What is Personal Information?


“Personal information” means any information or opinion, whether true or not, and whether recorded in a material form or not, about an identified individual or an individual who is reasonably identifiable. This includes information or an opinion that personally identifies you either directly (e.g., your name) or indirectly (e.g., your business or website).


2. What Personal and Business Information Do I Collect?


The information I collect about you depends on the nature of your dealings with my services or what you choose to share with me. The information I may collect includes:


  • First and/or last name
  • Email address
  • Phone number
  • Mailing, street, and/or billing address
  • Business/organisation name
  • ABN or ACN
  • Domain name
  • Account usernames
  • Account passwords
  • Credit/debit card numbers
  • Bank account number and BSB
  • Images, logos, and other website and graphic design assets


For the sake of services offered, I do not require the collection of sensitive information about you, but may store such information if it is publicly shared content on your website as part of your website content documents. This might include information or opinions about your racial or ethnic origin, political opinions, political association, religious or philosophical beliefs, membership of a trade union or other professional body, sexual preferences, criminal record, or health information.


3. How Do I Collect Your Personal and Business Information?


I collect information directly from you when you:

  • Interact with me online
  • Interact with me over the phone
  • Interact with me in person
  • Fill out a website enquiry form


4. Collecting Personal Information from Third Parties


I may also collect your personal information from third parties or through publicly available sources, for example, from your social media, Google Business Profile, or business.gov.au. I collect your personal information from these third parties to verify the accuracy of your business details on your website.


5. How Do I Use Your Personal and Business Information?


I use personal and business information for many purposes in connection with my functions and activities, including the following:


  • To keep in contact with you directly
  • To provide you with information or services that you request from me
  • To register third-party accounts and services on your behalf (e.g., CMS, website builders)
  • To contact third-party support services on your behalf (e.g., previous hosting providers)
  • To set up billing for third-party accounts and services on your behalf
  • For internal administrative purposes (e.g., project management, billing)


6. Access to Client Website Data


As part of my freelance services, I may have access to all data on your website, including but not limited to sales data, pricing information, and customer details, especially if your website is built on an ecommerce platform.


6.1 Why I Access Your Website Data


I access this data to provide services such as website maintenance, updates, troubleshooting, and any other requested tasks that require full access to your website’s backend.


6.2 How I Handle Your Website Data


I treat all website data, including sensitive information like sales figures and customer details, with strict confidentiality. I will:


  • Only access data necessary to perform the agreed-upon services.
  • Not share or disclose any information to third parties unless required to perform my services or comply with legal obligations.
  • Take reasonable steps to secure the data, including using secure login credentials, enabling two-factor authentication where applicable, and storing data in secure environments.


6.3 Client Responsibilities


You are responsible for ensuring that you have the necessary permissions to grant me access to this data and that sharing such data complies with any relevant privacy laws or regulations.


7. Disclosure of Personal Information to Third Parties


may disclose your personal information to third parties in accordance with this Policy in circumstances where you would reasonably expect me to disclose your information. For example, I may disclose your personal information to:


  • Third-party service providers (e.g., domain name registrars, hosting providers, website builder platforms, CMS providers, project management and billing tools and services).
  • Partners who assist in delivering services, such as content writers, photographers, or graphic designers, who may need access to specific information to fulfill their roles.


In each case, I will only share the minimum necessary information required for them to perform their function or provide the requested services.


8. Transfer of Personal Information Overseas


Although I primarily aim to support Australian-based companies and services, some of the third-party service providers I disclose personal information to may be based in or have servers located outside of Australia, including America and India.


I will only disclose to overseas third parties if:


  • You have requested a service, resulting in your contact information being stored in a third-party CRM software based outside of Australia.
  • You have agreed to register to use a platform or service that is based outside of Australia (e.g., Webflow).
  • You have directly requested me to transfer your data to a third-party provider.


9. How Do I Protect Your Personal Information?


I will take reasonable steps to ensure that the personal information I hold about you is kept confidential and secure, including by:


  • Only storing data that is necessary to continue providing services you have requested.
  • Storing data in as few places as possible, with limited copies.
  • Destroying physical data that is no longer required to be stored.
  • Having technological measures in place (e.g., anti-virus software, firewalls, keeping software up to date, regularly changing, and using strong passwords).
  • Restricting access to only personnel who require that information to effectively provide services to you.
  • Only sharing data with personnel you have provided permission to share data with (e.g., other employees, family members, account keepers).


10. Online Activity – Cookies


rhysdyson.au uses cookies. A cookie is a small file of letters and numbers the website puts on your device if you allow it. These cookies recognise when your device has visited my website(s) before, so I can distinguish you from other users of the website. This helps me make informed improvements to my website to enhance your experience.


I do not use cookies to identify you, just to improve your experience on my website(s). If you do not wish to use the cookies, you can amend the settings on your internet browser so it will not automatically download cookies. However, if you remove or block cookies on your computer, please be aware that your browsing experience and my website’s functionality may be affected.


11. Website Analytics


My website uses Google Analytics, Google Tag Manager, and Microsoft Clarity to help me better understand visitor traffic and user behaviour so I can improve my services. Although this data is mostly anonymous, it is possible that under certain circumstances, it may be possible for me to connect it back to you.


12. Retention of Personal Information


I will not keep your personal information for longer than I need to. In most cases, this means that I will only retain your personal information for the duration of your relationship with me unless I am required to retain your personal information to comply with applicable laws, for example, record-keeping obligations.


13. How to Access and Correct Your Personal Information


I will endeavour to keep your personal information accurate, complete, and up to date.

If you wish to make a request to access and/or correct the personal information I hold about you, you should make a request by contacting me directly. With such requests, I will respond within 30 days, following the below process:


  • Within 30 days of the first request, I will respond by supplying a list of all stored information.
  • Within an additional 30 days from the date of receiving amendments, I will update all information that I have stored, or destroy requested data, as long as that data is not required for providing ongoing services.


Note that I may require proof of your identity and full details of your request before I can process your request.


In cases of extensive time spent collating and updating data (e.g., there is a lot of data, or it requires further sorting and organising), and/or a third-party service is required to transfer the data, an admin or reimbursement fee may be required.


14. Links to Third-Party Sites


My website(s) may contain links to websites operated by third parties. If you access a third-party website through my website(s), personal information may be collected by that third-party website. I make no representations or warranties in relation to the privacy practices of any third-party provider or website and am not responsible for the privacy policies or the content of any third-party provider or website. Third-party providers/websites are responsible for informing you about their own privacy practices, and I encourage you to read their privacy policies.


15. Enquiries and Complaints


For complaints about how I handle, process, or manage your personal information, please contact me directly. Note that I may require proof of your identity and full details of your request before I can process your complaint.


Please allow up to 30 days for me to respond to your complaint. It will not always be possible to resolve a complaint to everyone’s satisfaction. If you are not satisfied with my response to a complaint, you have the right to contact the Office of the Australian Information Commissioner (at www.oaic.gov.au) to lodge a complaint.


16. How to Contact Me


If you have a question or concern in relation to my handling of your personal information or this Policy, or would like to lodge a complaint or request to access and correct your data, please use the contact page on this website.