privacy policy

Last Updated: 24 February 2025

1. DEFINITIONS AND INTERPRETATION

1.1 In this Privacy Policy, unless the context otherwise requires:

"Personal Information" means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.

"Sensitive Information" means:
(a) information or an opinion about an individual's:
    (i) racial or ethnic origin;
    (ii) religious beliefs or affiliations;
    (iii) philosophical beliefs;
    (iv) health, including mental health;
    (v) relationships and personal circumstances;
    (vi) professional or personal development goals;
    (vii) birth details including date, time, and location; or
(b) any other information that could be considered sensitive in nature.

"Service Providers" means third-party entities that process Personal Information on our behalf, including but not limited to:
(a) Stripe (payment processing);
(b) LUNA Astrology (astrological calculations);
(c) ConvertKit (email communications); and
(d) SavvyCal (appointment scheduling).

1.2 In this Privacy Policy:
(a) headings are for convenience only and do not affect interpretation;
(b) the singular includes the plural and vice versa;
(c) "including" and similar expressions are not words of limitation;
(d) a reference to "Section" is to a section of this Privacy Policy; and
(e) a reference to "we," "us," or "our" is to On Purpose Pty Ltd (ABN [insert]).

2. ABOUT THIS POLICY

2.1 Scope and Application

This Privacy Policy explains how we collect, use, disclose and protect your Personal Information. It applies to all Personal Information collected through:

(a) Our website at lidiaranieri.com ("Website");
(b) Our astrological services and reports;
(c) Our coaching services and programs;
(d) Our digital products and courses; and
(e) Any other interactions you may have with us.

2.2 Consent

By using our services or providing us with your Personal Information, you:

(a) agree to the terms and conditions of this Privacy Policy; and
(b) explicitly consent to our collection, use, and disclosure of your Personal Information in accordance with this Privacy Policy.

2.3 Updates to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified to you by:

(a) posting an updated version on our Website; and
(b) requiring renewed consent where legally necessary.

3. COLLECTION OF PERSONAL INFORMATION

3.1 Types of Information We Collect

We collect the following categories of Personal Information:

(a) Identity and Contact Information:
    • Full name
    • Email address
    • Telephone numbers
    • Physical address
    • Date, time, and place of birth (for astrological services)

(b) Technical Information:
    • IP addresses
    • Device information
    • Browser type and version
    • Operating system
    • Access times and duration
    • Pages viewed
    • Links clicked
    • Referring websites

(c) Sensitive Information:
    • Birth details for astrological calculations
    • Personal development goals and challenges
    • Information about life circumstances
    • Mental and emotional wellbeing information
    • Professional and personal circumstances
    • Relationship details

3.2 Methods of Collection

We collect Personal Information through the following methods:

(a) Direct Collection:
    When you voluntarily provide information by:
    • Creating an account
    • Booking services
    • Purchasing products
    • Completing forms
    • Participating in sessions
    • Subscribing to communications
    • Submitting feedback

(b) Automatic Collection:
    Through technology that collects:
    • Cookies
    • Web beacons
    • Server logs
    • Analytics data

(c) Third-Party Collection:
    Through our Service Providers who assist in:
    • Payment processing
    • Email management
    • Appointment scheduling
    • Analytics services

3.3 Collection Notices

When collecting Personal Information, we will:
(a) identify ourselves;
(b) inform you of the purposes of collection;
(c) provide our contact details;
(d) explain the consequences of not providing information; and
(e) explain how to access and correct your information.

4. USE AND DISCLOSURE OF PERSONAL INFORMATION

4.1 Primary Purposes

We use and disclose Personal Information for the following primary purposes:

(a) Service Delivery:
    • Generating astrological reports
    • Facilitating coaching sessions
    • Processing payments
    • Managing accounts
    • Providing customer support

(b) Communication:
    • Sending service confirmations
    • Providing session recordings
    • Delivering digital products
    • Responding to inquiries

(c) Service Improvement:
    • Analyzing usage patterns
    • Enhancing user experience
    • Developing new features
    • Maintaining service quality

4.2 Marketing Communications

Where you have provided consent, we may use your Personal Information for:

(a) Direct marketing communications;
(b) Newsletters and updates;
(c) Service announcements;
(d) Event invitations; and
(e) Educational content.

You may opt out of marketing communications at any time by:
(a) Using the unsubscribe function in our emails;
(b) Contacting our Privacy Officer; or
(c) Updating your preferences in your account settings.

4.3 Disclosure to Service Providers

4.3.1 We disclose Personal Information to Service Providers who:
(a) are bound by contractual obligations to protect Personal Information;
(b) only use Personal Information for specified purposes;
(c) maintain adequate security measures; and
(d) comply with relevant privacy laws.

4.3.2 Our Service Providers process information as follows:

(a) Stripe:
    • Processes payment information
    • Maintains PCI DSS Level 1 certification
    • Stores data primarily in the US

(b) LUNA Astrology:
    • Processes birth data for calculations
    • Generates astrological reports
    • US-based operations


(c) ConvertKit:
    • Manages email communications
    • Processes subscriber data
    • US-based operations

(d) SavvyCal:
    • Manages appointment scheduling
    • Processes calendar data
    • US-based operations


5. DATA SECURITY AND RETENTION

5.1 Security Measures

5.1.1 We implement and maintain reasonable security measures, including:

(a) Organizational Security:
    • Staff training on privacy practices
    • Access controls based on need-to-know
    • Regular security assessments
    • Incident response procedures

(b) Technical Security:
    Through our Service Providers:
    • Encryption of data in transit
    • Secure data storage
    • Regular security updates
    • Access logging and monitoring

5.1.2 Data Breach Response

In the event of a data breach, we will:

(a) Investigate the incident promptly;
(b) Take reasonable steps to contain the breach;
(c) Assess likely harm to affected individuals;
(d) Notify affected individuals where required;
(e) Report to relevant authorities if necessary; and
(f) Review and update security measures.

5.2 Data Retention

5.2.1 We retain Personal Information for:

(a) Service Data:
    • Session recordings: 10 days
    • Coaching notes: 12 months
    • Account information: Duration of active account plus 24 months
    • Payment records: As required by law

(b) Marketing Data:
    • Subscription data: Until unsubscribe
    • Campaign data: 24 months
    • Analytics: 36 months (anonymised)

6. INTERNATIONAL DATA TRANSFERS

6.1 Cross-Border Data Flows

6.1.1 Due to the global nature of our operations and Service Providers, your Personal Information may be transferred to, stored in, and processed in jurisdictions other than Australia.

6.1.2 Such transfers occur when:
(a) Our Service Providers process data internationally;
(b) You access our services from outside Australia;
(c) We provide services to international clients; or
(d) Our cloud-based systems store data internationally.

6.2 Transfer Safeguards

6.2.1 For international transfers, we ensure:

(a) Recipient countries have adequate privacy protection as determined by:
    • Australian Privacy Principles
    • GDPR requirements (where applicable)
    • Other relevant privacy regulations

(b) Contractual safeguards are in place through:
    • Standard contractual clauses
    • Data processing agreements
    • Privacy shield certifications
    • Binding corporate rules

6.2.2 Specific Service Provider Locations:

(a) Stripe: 
    • Primary processing: United States
    • Global data centers with appropriate safeguards

(b) ConvertKit:
    • Primary processing: United States
    • Data centers: US-based

(c) LUNA Astrology:
    • Primary processing: [insert location]
    • Data storage: US-based

(d) SavvyCal:
    • Primary processing: [insert location]
    • Data centers: US-based

7. YOUR RIGHTS AND CHOICES

7.1 Access and Control Rights

7.1.1 You have the right to:

(a) Access your Personal Information:
    • Request copies of your data
    • Know how we use your information
    • Understand who has access to your data
    • Learn about retention periods

(b) Correct your Personal Information:
    • Update inaccurate information
    • Complete incomplete information
    • Provide additional context where necessary

(c) Delete your Personal Information:
    • Request erasure of your data
    • Withdraw previous consent
    • Object to further processing

(d) Restrict Processing:
    • Limit how we use your data
    • Temporarily suspend processing
    • Maintain but not use information

7.2 Exercise of Rights

7.2.1 To exercise these rights:

(a) Contact Methods:
    • Email: help@lidiaranieri.com
    • Online form: [insert link]

(b) Response Timeline:
    • Initial response: Within 30 days
    • Complex requests: Up to 60 days
    • Extension notification: If required

(c) Verification Requirements:
    • Proof of identity may be required
    • Additional documentation as necessary
    • Reasonable verification steps

7.3 Limitations and Exceptions

7.3.1 Your rights may be limited where:

(a) Legal obligations prevent compliance;
(b) Other individuals' rights would be affected;
(c) The request is manifestly unfounded or excessive; or
(d) Legal claims need to be established, exercised, or defended.

8. ENFORCEMENT AND COMPLAINTS

8.1 Internal Complaint Resolution

8.1.1 If you have concerns about your privacy:

(a) Initial Contact:
    • Contact our Privacy Officer
    • Provide detailed information
    • Allow 30 days for initial response

(b) Investigation Process:
    • Review of complaint
    • Collection of relevant information
    • Assessment of privacy impact
    • Determination of appropriate action

8.2 External Resolution

8.2.1 If you are not satisfied with our response:

(a) You may contact:
    • Office of the Australian Information Commissioner
    • NSW Privacy Commissioner
    • Other relevant privacy regulators

(b) For EU residents:
    • Your local Data Protection Authority
    • European Data Protection Board

8.3 Regulatory Compliance

8.3.1 We operate under and comply with:

(a) Australian Law:
    • Privacy Act 1988 (Cth)
    • Australian Privacy Principles
    • NSW Privacy Laws

(b) International Law (where applicable):
    • GDPR
    • Other relevant privacy regulations

9. CONTACT INFORMATION

9.1 Privacy Officer

For privacy-related inquiries:

(a) Email: help@lidiaranieri.com
(c) Address: PO Box 7811 Bondi Beach, NSW, 2026, Australia
(d) Hours: Mon-Thurs 9:00am - 5:00pm

9.2 Response Commitment

9.2.1 We will:
(a) Acknowledge receipt within 2 business days;
(b) Provide initial response within 30 days;
(c) Keep you informed of progress; and
(d) Document all communications.

Last Updated: 24 February 2025