Privacy Policy

Last updated: 29 May 2026

This Privacy Policy explains how Gracefulzykne (ABN available on request) collects, uses, stores and discloses personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. Who we are

Entity: Gracefulzykne
Address: 4-12 St Edmonds Rd, Prahran VIC 3181, Australia
Email: message@gracefulzykne.world
Phone: 1800 808 500
Privacy contact: Same details above — mark your message "Privacy".

2. Information we collect

• Contact details: name, email, phone when you enquire or book.
• Booking information: walk dates, group size, accessibility needs.
• Communications: messages sent via our contact form or email.
• Technical data: IP address, browser type, device data, pages viewed.
• Cookie data: preferences stored in your browser — see Cookies Policy.
• Payment records: transaction references where applicable (we do not store full card numbers on this website).

3. Why we collect information

• To respond to enquiries and manage walk bookings.
• To send service-related updates about walks you have booked.
• To improve our website and customer experience (with consent where required).
• To comply with legal obligations, including tax and consumer laws.
• For direct marketing only where permitted — see section 6.

4. How we collect information

Directly from you via forms, email, phone, in person at walks, and automatically through cookies and server logs when you use our website.

5. Disclosure to third parties

We may share information with:

• IT and hosting providers located in Australia or overseas.
• Payment processors for completed transactions.
• Professional advisers (lawyers, accountants) when required.
• Regulators or law enforcement if legally required.

We take reasonable steps so overseas recipients handle information in line with APP 8 requirements.

6. Direct marketing & Spam Act 2003

We will not send commercial electronic messages without consent or an existing business relationship as defined under the Spam Act 2003 (Cth). Every marketing email includes an unsubscribe facility. You may opt out at any time by emailing us.

7. Storage and security

We store data on secure servers with access limited to authorised staff. We use HTTPS, access controls and staff training. No system is completely secure—please avoid sending unnecessary sensitive information.

8. Retention

• Enquiries: up to 24 months after last contact.
• Booking and payment records: up to 7 years for tax and dispute purposes.
• Server logs: up to 90 days unless needed for security investigations.
• Marketing consent records: until withdrawn plus 12 months.

9. Notifiable Data Breaches

If a data breach is likely to cause serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme.

10. Your rights

Under the Privacy Act you may request access to or correction of your personal information. You may also complain to us or to the OAIC:

Office of the Australian Information Commissioner — oaic.gov.au · 1300 363 992

11. Children

Our website is not directed at children under 15. Walks for minors require parent or guardian supervision arranged offline.

12. Changes

We may update this policy. The latest version will always be on this page with a revised date.

Contact us for privacy enquiries or access requests.