Last updated: 2 June 2026
This Privacy Policy explains how Stunningihip.world (“we”, “us”, “our”) handles personal information as defined in the Privacy Act 1988 (Cth) (“Privacy Act”). We manage personal information in line with the Australian Privacy Principles (APPs) in Schedule 1 of the Privacy Act.
Visitors from the European Economic Area (EEA), United Kingdom, or other regions with additional privacy laws may have extra rights described in section 17 below.
Entity responsible for your personal information:
Stunningihip.world
4 Fleet St & 22 Oxford St
New Lambton NSW 2305
Australia
Privacy contact:
Email: question@stunningihip.world
Phone: +61 400 790 479
We will respond to privacy requests and complaints within a reasonable period, and in any event within 30 days where practicable under APP 1.4(d).
Related documents: About Us · Cookie Policy · Terms of Use · Advertising Disclosure · AI & Data Transparency
This policy applies to personal information we collect when you:
It does not cover third-party websites linked from the Site (except where we embed services such as maps). Those providers have their own privacy policies.
We only collect personal information that is reasonably necessary for our functions or activities.
We do not ask you to provide sensitive information (for example health information) through the Site. If you include health-related details in a free-text message, we will only use that information for the purpose of replying to you, unless you give separate consent or another exception under the Privacy Act applies.
When we collect personal information directly from you, we aim to tell you at or before collection (through this Policy, the contact form, or the cookie banner):
If you do not provide required contact details, we may be unable to respond to your enquiry.
| Purpose | Typical information | Legal basis (Australia) |
|---|---|---|
| Reply to enquiries and provide information you request | Name, email, message | Primary purpose of collection; your consent where indicated on the form |
| Run, secure, and maintain the Site | Logs, IP address, security events | Our legitimate business functions; reasonably necessary for activity |
| Remember cookie preferences | Consent record in local storage | Your consent; necessary to honour your choices |
| Analytics (optional) | Usage statistics, device data | Your consent via cookie banner (APP 6.1) |
| Marketing measurement (optional) | Campaign interaction data | Your consent via cookie banner |
| Comply with law, respond to regulators or courts | As required | Legal obligation or authorised by law |
We will not use your personal information for a secondary purpose unrelated to the primary purpose unless you consent, you would reasonably expect the use, or an exception under the Privacy Act applies.
We do not send commercial electronic messages (email or SMS marketing) unless:
and every message includes a clear sender identity and a functional unsubscribe facility, as required by the Spam Act and industry standards.
If we ever send newsletters or promotional emails, you may opt out at any time using the unsubscribe link or by emailing our privacy contact. We will honour opt-out requests promptly.
Marketing cookies (which may support ad measurement such as Google Ads) are only activated with your consent via our cookie banner. See the Cookie Policy and Advertising Disclosure.
We do not sell your personal information. We may disclose personal information to:
We require contracted processors to handle personal information in accordance with the Privacy Act and only for the agreed purpose.
Some service providers (for example hosting, email, or analytics platforms) may store or process data outside Australia, including in the United States, European Union, or other countries.
Before disclosing personal information overseas, we take reasonable steps under APP 8.1 to ensure the recipient complies with the APPs or is bound by a substantially similar privacy regime, unless an exception applies (for example your informed consent after we explain that overseas recipients may not be subject to the Privacy Act).
You may contact us for more information about likely overseas locations relevant to your interaction with the Site.
We take reasonable steps to ensure personal information we collect, use, and disclose is accurate, up to date, and complete. Please tell us if your details change.
When information is no longer needed, we take reasonable steps to destroy or de-identify it under APP 11.2.
We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure, including:
No online transmission is completely secure. You should protect your email account and device when communicating with us.
If we experience a data breach that is likely to result in serious harm to individuals whose personal information is involved, we will comply with the Notifiable Data Breaches (NDB) scheme. This includes assessing the incident, notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable, and taking steps to contain and remediate the breach.
If you believe your interaction with us has been affected by a security incident, contact us immediately using the details in section 1.
You may request access to the personal information we hold about you, and request correction if it is inaccurate, out of date, incomplete, irrelevant, or misleading.
How to request: email question@stunningihip.world with “Privacy access request” or “Privacy correction request” in the subject line. We may ask for reasonable identity verification.
We will respond within a reasonable period (generally within 30 days). We may refuse access in limited circumstances permitted by the Privacy Act (for example where access would unreasonably impact another person’s privacy). If we refuse, we will explain our reasons and how you may complain.
We do not charge a fee for reasonable access requests. We may charge a reasonable administrative cost if a request is manifestly unfounded or excessive.
If you have a concern about how we handle your personal information:
We cooperate with the OAIC in resolving complaints.
Where lawful and practicable, you may interact with us without identifying yourself (for example browsing public pages). If you use the contact form or request a reply, we need sufficient information to respond and cannot deal with your enquiry anonymously.
We handle personal information in accordance with all 13 APPs. This table is a summary; if there is any conflict, the Privacy Act and OAIC guidance prevail.
| APP | Principle (short) | Our approach |
|---|---|---|
| APP 1 | Open and transparent management | This Policy, Cookie Policy, AI transparency notice, and contact details. |
| APP 2 | Anonymity and pseudonymity | Anonymous browsing where practicable; identification needed to reply to messages. |
| APP 3 | Collection of solicited information | We collect only what is reasonably necessary for stated purposes. |
| APP 4 | Unsolicited information | We destroy or de-identify unsolicited data where lawful and reasonable. |
| APP 5 | Notification of collection | Collection notices in this Policy, forms, and cookie banner. |
| APP 6 | Use and disclosure | Primary-purpose use; limited disclosure to service providers and law. |
| APP 7 | Direct marketing | Consent and unsubscribe for commercial electronic messages (Spam Act 2003). |
| APP 8 | Cross-border disclosure | Reasonable steps before overseas hosting or analytics providers. |
| APP 9 | Adoption, use, disclosure of government identifiers | We do not adopt government related identifiers as our own identifier. |
| APP 10 | Quality of personal information | Reasonable steps to keep data accurate and up to date. |
| APP 11 | Security | HTTPS, access controls, and provider contracts (section 9). |
| APP 12 | Access | Access requests within ~30 days where practicable. |
| APP 13 | Correction | Correction requests welcomed; same contact as access. |
We support clear disclosure when technology affects what you see or read. Full details are on our AI & Data Transparency page. Summary as at the last updated date:
Photographs displayed on the Site are not created using generative AI for this project. They are image files published from our image directory. If we later use AI-generated or AI-edited visuals, we will label them and update this Policy and the transparency page before or when they are published.
The plate builder uses pre-programmed rules in the visitor’s browser. It is not an AI chatbot, does not use generative models, and does not send your food choices to an external AI service. Feedback is general education only, not automated professional advice.
We do not provide medical, dietetic, or real-time AI chat consultations on the Site. The contact form is for general questions about workshops and site content. Enquiries are intended to be handled by a person. If we deploy AI-assisted drafting or chat in future, we will:
We do not sell personal information to AI model trainers. If we ever use a third-party AI service that processes personal information you provide (for example text you type into a future chat tool), that processing will be covered by an updated collection notice, contractual safeguards where appropriate, and APP 8 steps for overseas disclosure if applicable.
Plate suggestions do not produce legal or similarly significant effects. They are optional ideas only. You should not rely on them for medical or dietary treatment decisions.
We apply the following practices to personal information and related data on the Site:
If you are in the EEA or UK, you may have additional rights including data portability, restriction of processing, objection, and withdrawal of consent. Our lawful bases under GDPR may include consent, contract, and legitimate interests as described above.
You may contact us to exercise these rights. You also have the right to complain to your local supervisory authority. Where we transfer data internationally, we rely on appropriate safeguards where required.
The Site is intended for a general audience. We do not knowingly collect personal information from children under 15 without parental or guardian consent. If you believe we have collected a child’s information, contact us and we will delete it where required.
We may update this Privacy Policy from time to time. The “Last updated” date at the top will change. Material changes will be posted on this page. Continued use of the Site after changes constitutes notice of the updated policy where permitted by law.