Privacy Policy

1. About this Privacy Policy

BrainStack Corporation Pty Ltd, ABN 81 637 943 698, trading as BrainStack | Web Design & Digital Marketing (BrainStack, we, us or our), respects your privacy and is committed to handling personal information responsibly.

This Privacy Policy explains how we collect, hold, use, disclose and protect personal information when you:

  • Visit sobinsebastian.com or another website operated by us
  • Submit an enquiry or request a quotation
  • Book a consultation or strategy call
  • Purchase or use our services
  • Communicate with us by telephone, email, social media or another channel
  • Apply for a role or contractor opportunity
  • Interact with an advertising or marketing campaign managed by us

We handle personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles and other applicable Australian privacy laws, to the extent that those laws apply to us.

2. What is personal information?

Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable.

The types of personal information we may collect include:

  • Your name, business name, position and industry
  • Your email address, telephone number and business address
  • Information submitted through our contact forms, enquiry forms or booking systems
  • Project requirements, objectives, budgets and preferred timeframes
  • Communications, meeting notes and customer support records
  • Account, invoicing and transaction information
  • Marketing preferences and subscription status
  • Website usage information, such as your IP address, browser, device, referring website and pages visited
  • Information needed to access or manage a client’s website, social media account, advertising account or other digital platform
  • Content, photographs, videos, logos and other materials supplied for a project
  • Information provided when applying for employment or contractor work

We generally do not require sensitive information. Please avoid sending health information, identity documents, financial account credentials or other sensitive information unless we have requested it and explained why it is required.

Where sensitive information is reasonably necessary, we will obtain consent or otherwise collect and handle it as permitted by law.

3. How we collect personal information

We may collect personal information:

  • Directly from you
  • Through our website forms
  • Through Microsoft Forms, Microsoft Bookings or another booking platform
  • During meetings, telephone calls and email conversations
  • Through social media and advertising platforms
  • Through analytics, cookies and similar technologies
  • From a person or organisation that refers you to us
  • From publicly available sources, including business directories, professional profiles and company websites
  • From a client when we provide services on their behalf

Where practical, we will collect personal information directly from the individual concerned.

4. Why we collect and use personal information

We may collect, hold and use personal information to:

  • Respond to enquiries
  • Prepare quotations, proposals and recommendations
  • Deliver website design, development, branding, SEO, advertising, content and marketing services
  • Manage projects and communicate with clients
  • Arrange consultations and meetings
  • Set up, manage and report on websites and marketing campaigns
  • Process invoices and maintain business records
  • Provide website hosting, maintenance and technical support
  • Improve our website, services and customer experience
  • Measure website and campaign performance
  • Send service updates or marketing communications where permitted
  • Protect our systems and prevent fraud, misuse or security incidents
  • Comply with legal, taxation, accounting and regulatory obligations
  • Resolve complaints and disputes
  • Recruit employees or contractors

If you do not provide information reasonably requested by us, we may be unable to respond to your enquiry or provide the requested services.

5. Information handled on behalf of clients

As a digital marketing service provider, we may process personal information on behalf of our clients. This can include enquiries, advertising leads, website submissions, mailing lists and customer information.

When we handle information on behalf of a client:

  • The client remains responsible for providing appropriate privacy notices and obtaining any required consent
  • We use the information only to provide the agreed services or follow lawful instructions
  • We take reasonable steps to protect the information
  • We do not sell the information
  • We may return, delete or de-identify the information when our services end, subject to legal and operational retention requirements

If you submitted your information through one of our clients’ websites or advertising campaigns, you should also review that client’s privacy policy. Privacy requests relating to that information may need to be directed to the relevant client.

6. Cookies and website analytics

Our website may use cookies and similar technologies to:

  • Keep the website functioning correctly
  • Understand how visitors use the website
  • Measure traffic and website performance
  • Remember user preferences
  • Improve content and user experience
  • Measure the effectiveness of advertising campaigns
  • Support remarketing and audience measurement

The services used may include Webflow, Google Analytics, Google Ads, Microsoft services, Meta technologies and other website or advertising providers.

These services may collect technical information such as:

  • IP address
  • Device and browser type
  • Approximate location
  • Pages viewed
  • Time spent on the website
  • Referring website
  • Advertising interactions
  • General website activity

You can restrict or delete cookies through your browser settings. Disabling cookies may affect certain website functions.

Where required, we will provide additional cookie choices or seek consent before activating non-essential tracking technologies.

7. Artificial intelligence tools

We may use artificial intelligence assisted tools to support content creation, research, design, data analysis, automation and service delivery.

Where we use these tools, we aim to:

  • Apply appropriate human review
  • Avoid entering sensitive information into publicly accessible AI systems
  • Avoid using confidential client information without appropriate authority
  • Limit the information provided to what is reasonably necessary
  • Review the privacy and security arrangements of relevant providers
  • Use AI-generated material as an assistance tool rather than a substitute for professional judgement

We do not use solely automated decision-making to make decisions that have legal or similarly significant effects on individuals.

8. When we disclose personal information

We may disclose personal information to:

  • Employees, contractors and authorised service providers
  • Website developers, designers, content writers and marketing specialists involved in a client project
  • Website hosting, cloud storage and email providers
  • Microsoft, Google, Meta, Webflow and other technology providers
  • Analytics, advertising, CRM, invoicing and project management providers
  • Accountants, lawyers, insurers and professional advisers
  • Government agencies, courts, regulators or law enforcement bodies where required or authorised by law
  • A purchaser or successor if our business or part of our business is sold or restructured

We do not sell personal information or customer databases.

Contractors and service providers are only given the information reasonably required to perform their functions. We take reasonable steps to require appropriate confidentiality, privacy and security arrangements.

9. Overseas disclosure and storage

Some of our technology providers, cloud services and contractors may store or process information outside Australia.

These locations are likely to include the United States and other countries in which our service providers, cloud infrastructure or authorised contractors operate.

Where personal information is disclosed overseas, we take reasonable steps appropriate to the circumstances to ensure it is handled securely and consistently with applicable Australian privacy requirements.

Because cloud infrastructure and provider locations may change, you may contact us for more information about the likely countries associated with a particular service.

10. Direct marketing

With your consent, or where otherwise permitted by law, we may send information about our services, offers and business updates.

Marketing messages will identify the sender and provide a way to unsubscribe. You can opt out at any time by:

  • Using the unsubscribe option in the message
  • Replying with an unsubscribe request
  • Contacting us at info@brainstack.au

We will process unsubscribe requests within the timeframe required by applicable law. You may still receive necessary administrative messages relating to an active project, transaction or account.

11. Security

We take reasonable technical and organisational steps to protect personal information against:

  • Misuse
  • Interference
  • Loss
  • Unauthorised access
  • Unauthorised modification
  • Unauthorised disclosure

These steps may include access controls, secure cloud platforms, multi-factor authentication, software updates, staff or contractor confidentiality obligations and data backup procedures.

No online system is completely secure. While we take reasonable precautions, we cannot guarantee that information transmitted over the internet will always remain secure.

If a data breach occurs, we will assess and respond to it in accordance with applicable law. Where the Notifiable Data Breaches scheme applies, we will notify affected individuals and the Office of the Australian Information Commissioner when required.

12. Retention of personal information

We retain personal information only for as long as it is reasonably required for:

  • The purpose for which it was collected
  • Providing services and support
  • Maintaining project and business records
  • Taxation, accounting and insurance requirements
  • Resolving disputes or enforcing agreements
  • Meeting legal and regulatory obligations

When personal information is no longer reasonably required, we take reasonable steps to delete, destroy or de-identify it, unless continued retention is required by law.

13. Access and correction

You may request access to the personal information we hold about you. You may also ask us to correct information that is inaccurate, incomplete, out of date, irrelevant or misleading.

To make a request, contact info@brainstack.au.

We may need to verify your identity before processing the request. In some circumstances, access may be limited or refused where permitted by law. If this occurs, we will generally explain the reason.

14. Privacy complaints

If you believe we have mishandled your personal information, please contact us and provide:

  • Your name and contact details
  • A description of the concern
  • Relevant dates and communications
  • The outcome you are seeking

We will acknowledge the complaint and aim to provide a response within 30 days.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.

15. Third-party websites

Our website may contain links to websites, social media platforms or services operated by other organisations. We are not responsible for the privacy practices of those organisations.

You should review the relevant third party’s privacy policy before providing personal information.

16. Children’s privacy

Our services are intended primarily for businesses and adults. We do not knowingly collect personal information from children under 18 without the consent of a parent, guardian or another lawful basis.

If you believe a child has provided personal information to us, please contact us.

17. Changes to this Privacy Policy

We may update this Privacy Policy when our services, technology or legal obligations change.

The current version will be published on our website with its effective date. Significant changes may also be communicated through our website or directly to affected individuals where appropriate.

18. Contact us

BrainStack Corporation Pty Ltd
Trading as BrainStack | Web Design & Digital Marketing
ABN 81 637 943 698
Tasmania 7015, Australia

Email: info@brainstack.au
Telephone: 0421 862 263
Website: https://www.sobinsebastian.com/