Privacy Policy

1. Overview

Brisk Echo PTY LTD (ABN: 85 940 948 724) ("we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

This policy applies to all information collected through our website (brisk-echo.com), mobile applications, email communications, and any related services, sales, marketing, or events.

We comply with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) and the General Data Protection Regulation (GDPR) where applicable.

2. Information We Collect

2.1 Personal Information You Provide

We collect information you directly provide to us, including:

• Contact Information: Name, email address, phone number, mailing address
• Account Information: Username, password, profile information
• Payment Information: Credit card details, billing address (processed securely through third-party payment processors)
• Communication Data: Information from your communications with us, including emails, phone calls, and chat messages
• Training Information: Course preferences, skill assessments, progress tracking, feedback forms
• Professional Information: Job title, company, industry, professional goals
• Event Registration: Workshop attendance, dietary requirements, accessibility needs

2.2 Information Automatically Collected

When you use our website or services, we automatically collect:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent on site, click-through rates, search queries
• Location Data: General geographic location based on IP address
• Cookies and Tracking: Information collected through cookies and similar technologies

2.3 Information from Third Parties

We may receive information about you from:

• Social media platforms when you interact with our content
• Business partners and referral sources
• Public databases and directories
• Marketing and analytics service providers

3. How We Use Your Information

3.1 Primary Purposes

We use your personal information for the following purposes:

• Service Delivery: Providing coaching, training, and educational services
• Account Management: Creating and managing your account, processing payments
• Communication: Sending service-related notifications, responding to inquiries
• Customization: Personalizing your experience and tailoring our services
• Support: Providing customer service and technical support

3.2 Marketing and Analytics

With your consent, we may use your information for:

• Sending newsletters and promotional materials
• Conducting market research and surveys
• Analyzing usage patterns to improve our services
• Creating targeted advertising campaigns
• Measuring the effectiveness of our marketing efforts

3.3 Legal and Administrative Purposes

We may process your information to:

• Comply with legal obligations and regulatory requirements
• Prevent fraud and ensure security
• Enforce our terms of service and other agreements
• Protect our rights and the rights of others

4. Information Sharing and Disclosure

4.1 Service Providers

We may share your information with trusted third-party service providers who assist us in:

• Payment processing and billing
• Email and communication services
• Website hosting and cloud storage
• Analytics and performance monitoring
• Customer support and help desk services

These service providers are contractually bound to protect your information and use it only for specified purposes.

4.2 Business Partners

We may share limited information with business partners for:

• Joint training programs or workshops
• Referral programs and partnerships
• Industry research and benchmarking

4.3 Legal Requirements

We may disclose your information when required by law or to:

• Respond to legal process, court orders, or government requests
• Investigate potential violations of our terms of service
• Protect the safety and rights of our users and the public
• Prevent or investigate fraud or security incidents

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, subject to appropriate confidentiality agreements.

5. Data Security

5.1 Security Measures

We implement comprehensive security measures to protect your personal information:

• Encryption: Data is encrypted in transit using SSL/TLS protocols
• Access Controls: Strict access controls and authentication procedures
• Regular Audits: Security assessments and vulnerability testing
• Employee Training: Regular privacy and security training for all staff
• Incident Response: Established procedures for detecting and responding to security incidents

5.2 Data Storage

Your data is stored on secure servers in Australia and other jurisdictions with adequate privacy protections. We use reputable cloud service providers who maintain high security standards.

5.3 Limitations

While we strive to protect your personal information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but will notify you of any significant security breaches as required by law.

6. Cookies and Tracking Technologies

6.1 Types of Cookies

We use various types of cookies and similar technologies:

• Essential Cookies: Required for basic website functionality
• Performance Cookies: Help us analyze how visitors use our website
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements

6.2 Cookie Management

You can control cookies through:

• Our cookie consent banner and preferences center
• Your browser settings (though this may affect website functionality)
• Third-party opt-out tools for advertising cookies

6.3 Third-Party Tracking

We may use third-party analytics and advertising services that employ cookies and tracking technologies. These services have their own privacy policies and opt-out mechanisms.

7. Your Privacy Rights

7.1 Australian Privacy Rights

Under Australian privacy law, you have the right to:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate or incomplete information
• Complaint: Lodge a complaint about our handling of your personal information

7.2 Additional Rights (GDPR)

If you are located in the EU, you also have the right to:

• Portability: Receive your data in a portable format
• Erasure: Request deletion of your personal information
• Restriction: Limit how we process your information
• Objection: Object to certain types of processing
• Withdraw Consent: Withdraw consent for processing based on consent

7.3 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days and may require verification of your identity.

8. Data Retention

8.1 Retention Periods

We retain your personal information for as long as necessary to:

• Provide our services to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Support business operations and improvements

8.2 Specific Retention Periods

• Account Information: Until account deletion plus 7 years for financial records
• Training Records: 7 years after course completion
• Marketing Communications: Until unsubscribed plus 3 years
• Website Analytics: 26 months from collection

8.3 Secure Disposal

When information is no longer needed, we securely delete or anonymize it using industry-standard methods.

9. International Data Transfers

9.1 Cross-Border Transfers

We may transfer your personal information to countries outside Australia for processing and storage. When we do so, we ensure appropriate safeguards are in place.

9.2 Safeguards

We use various safeguards for international transfers:

• Standard contractual clauses approved by relevant authorities
• Adequacy decisions recognizing equivalent privacy protections
• Certification programs and codes of conduct
• Binding corporate rules for intra-group transfers

10. Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

Parents or guardians who believe we may have collected information from their child should contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will:

• Post the updated policy on our website
• Update the "Last updated" date at the top of this policy
• Send notification to your registered email address for significant changes
• Provide prominent notice on our website for 30 days

Your continued use of our services after any changes indicates your acceptance of the updated policy.

12. Contact Information

12.1 Privacy Officer

For privacy-related inquiries, concerns, or complaints, please contact our Privacy Officer:

12.2 Response Times

We aim to acknowledge privacy inquiries within 2 business days and provide substantive responses within 30 days. Complex matters may require additional time, and we will keep you informed of our progress.

12.3 External Complaints

If you are not satisfied with our response to your privacy complaint, you may lodge a complaint with:

• Australian Privacy Commissioner: oaic.gov.au
• EU Data Protection Authorities: For EU residents