Dynamflush
Legal Document

Privacy Policy

This Privacy Policy explains how Dynamflush collects, uses, stores, and protects personal information when you visit dynamflush.world or interact with our services.

Last updated:

1. Introduction

Dynamflush ("we," "us," or "our") operates the website dynamflush.world and provides educational resources and consulting guidance related to ergonomic home office setup. We are committed to protecting your privacy and handling your personal data in accordance with the General Data Protection Regulation (GDPR), the Australian Privacy Act 1988, and other applicable international privacy legislation.

By accessing or using our website, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please discontinue use of our website and services.

This policy applies to all personal data collected through our website, contact forms, email communications, educational programs, and any other channels through which you interact with Dynamflush.

2. Data Controller

The data controller responsible for your personal information is:

Dynamflush
236 Bourke St, Melbourne VIC 3000, Australia
Email: touch@dynamflush.world
Phone: +61 3 9660 4900

For any privacy-related inquiries, data subject requests, or concerns about how your information is handled, please contact us using the details above. We aim to respond to all privacy inquiries within 30 days.

3. Data We Collect

3.1 Information You Provide Directly

When you use our contact form or communicate with us via email or phone, we may collect the following personal data:

  • Full name
  • Email address
  • Phone number (if provided voluntarily)
  • Message content and any attachments you submit
  • Information about your workspace, room dimensions, and equipment (when shared for consulting purposes)
  • GDPR consent confirmation and timestamp

3.2 Information Collected Automatically

When you visit our website, certain technical data may be collected automatically through cookies and similar technologies, subject to your consent preferences:

  • IP address (anonymised where possible)
  • Browser type and version
  • Operating system
  • Referring URL and exit pages
  • Date and time of visit
  • Pages viewed and time spent on each page
  • Device type and screen resolution
  • Geographic location at country or city level (derived from IP address)

3.3 Information from Third Parties

We do not routinely purchase or obtain personal data from third-party data brokers. If you arrive at our website through an advertising campaign, we may receive aggregated, non-personally identifiable analytics data from the advertising platform regarding campaign performance.

Under the GDPR, we process personal data based on the following legal grounds:

  • Consent: When you submit our contact form, accept cookies, or subscribe to communications, you provide explicit consent for the specified processing activities. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
  • Contractual Necessity: Processing required to respond to your inquiries, deliver purchased educational programs, or fulfil consulting agreements.
  • Legitimate Interests: Website security, fraud prevention, service improvement, and aggregated analytics that do not override your fundamental rights and freedoms.
  • Legal Obligation: Compliance with applicable laws, regulations, court orders, or government requests.

5. Purposes of Data Usage

We use the personal data we collect for the following specific purposes:

  • Responding to your contact form submissions and email inquiries
  • Providing educational consulting and workspace guidance services
  • Processing and managing purchases of educational programs
  • Improving website functionality, content relevance, and user experience
  • Analysing aggregated traffic patterns to understand visitor behaviour
  • Delivering and measuring the effectiveness of advertising campaigns (with consent)
  • Maintaining website security and preventing unauthorised access
  • Complying with legal obligations and resolving disputes
  • Communicating important updates about our services or policy changes

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required by law.

  • Contact form submissions: Retained for 24 months from the date of submission, unless an ongoing consulting relationship extends this period.
  • Customer and purchase records: Retained for 7 years to comply with Australian tax and accounting requirements.
  • Cookie consent preferences: Stored locally on your device until you clear browser data or change preferences.
  • Analytics data: Aggregated and anonymised data may be retained indefinitely for statistical purposes.
  • Server logs: Retained for 90 days for security monitoring, then automatically deleted.

When personal data is no longer needed, we securely delete or anonymise it using industry-standard methods.

7. Data Sharing

We do not sell, rent, or trade your personal data to third parties. We may share data with the following categories of recipients under strict contractual obligations:

  • Service providers: Hosting providers, email delivery services, and analytics platforms that process data on our behalf under data processing agreements.
  • Payment processors: When you purchase educational programs, payment data is processed directly by the payment provider and is not stored on our servers.
  • Legal authorities: When required by law, regulation, legal process, or enforceable government request.
  • Professional advisors: Lawyers, accountants, or auditors bound by confidentiality obligations when necessary for our legitimate business interests.

All third-party processors are required to implement appropriate technical and organisational measures to protect your data and process it only according to our documented instructions.

8. International Transfers

Your data may be processed in Australia and, where applicable, in countries where our service providers operate. When personal data is transferred outside the European Economic Area (EEA), we ensure adequate protection through one or more of the following mechanisms:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Binding Corporate Rules where applicable
  • Your explicit consent for specific transfers

You may request a copy of the safeguards we use for international transfers by contacting us at the address provided in Section 2.

9. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our servers
  • Secure hosting infrastructure with regular security updates and patches
  • Access controls limiting personal data access to authorised personnel only
  • Regular review of data collection, storage, and processing practices
  • Employee training on data protection principles and confidentiality
  • Incident response procedures for detecting, reporting, and investigating suspected data breaches

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security but commit to notifying affected individuals and relevant supervisory authorities of any data breach within 72 hours where required by law.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete personal data.
  • Right to Erasure: Request deletion of your personal data where there is no compelling reason for continued processing.
  • Right to Restrict Processing: Request limitation of processing under certain circumstances.
  • Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
  • Right to Lodge a Complaint: File a complaint with your local data protection authority.

To exercise any of these rights, contact us at touch@dynamflush.world with sufficient information to verify your identity. We will respond within 30 days. Australian residents may also contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

11. Children's Privacy

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will take steps to delete such information promptly.

12. Policy Changes

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. The "Last updated" date at the top of this page indicates when the most recent revision was made. Material changes will be communicated through a prominent notice on our website. We encourage you to review this policy regularly.

13. Contact Information

For questions, concerns, or requests related to this Privacy Policy or our data handling practices, please contact:

Dynamflush — Privacy Team
236 Bourke St, Melbourne VIC 3000, Australia
Email: touch@dynamflush.world
Phone: +61 3 9660 4900

Related policies: Cookie Policy | Terms of Use | Refund Policy