General information only — not medical, therapeutic, or diagnostic advice. Bloomfreshelimin publishes educational morning exercise content for adults in Australia. Consult a qualified health professional before starting any new physical activity.

Privacy Policy

This document explains how Bloomfreshelimin collects, uses, stores, and protects personal information when you visit our website or interact with our services related to online morning exercise sessions.

Effective date:

1. Data Controller Information

The data controller responsible for your personal information is Bloomfreshelimin, located at 211 La Trobe St, Melbourne VIC 3000, Australia. For privacy-related enquiries, contact us at touch@bloomfreshelimin.world or by telephone at +61 3 9927 9000. We process personal data in accordance with the General Data Protection Regulation (GDPR) where applicable, the Australian Privacy Act 1988, and the Australian Privacy Principles (APPs).

2. Scope of This Policy

This Privacy Policy applies to all personal data collected through the website bloomfreshelimin.world, including data submitted via contact forms, cookie-related identifiers, correspondence by email or telephone, and any data collected during the provision of educational programs, program guidance, or custom session schedules. It does not apply to third-party websites linked from our pages, which maintain their own privacy practices.

3. Categories of Personal Data We Collect

We may collect the following categories of personal data depending on how you interact with our website and services:

  • Identity and contact data: Name, email address, telephone number, and postal address when you submit an enquiry or purchase a service.
  • Communication data: Content of messages, enquiry details, and records of correspondence with our team.
  • Technical data: IP address, browser type and version, operating system, device identifiers, referral URLs, and pages visited.
  • Usage data: Information about how you navigate and interact with our website, including session duration and click patterns, collected where analytics cookies are enabled with your consent.
  • Preference data: Cookie consent selections, communication preferences, and stated interests in specific program types.
  • Transaction data: Purchase history, payment confirmation references, and refund request details for paid educational products or guidance packages.

4. Purposes of Data Processing

We process personal data for the following specific purposes, each supported by an appropriate legal basis under GDPR and aligned with APP requirements:

  1. Responding to enquiries: To read, assess, and reply to messages submitted through our contact form or received by email. Legal basis: legitimate interest in communicating with prospective and existing users, or consent where explicitly provided.
  2. Delivering services: To provide access to educational programs, session guides, program guidance, and custom session schedules you have requested or purchased. Legal basis: performance of a contract or steps prior to entering a contract.
  3. Website operation: To maintain core functionality, including cookie consent storage, security monitoring, and error logging. Legal basis: legitimate interest in operating a secure and functional website.
  4. Analytics and improvement: To understand aggregate usage patterns and improve content structure, where analytics cookies are accepted. Legal basis: consent.
  5. Marketing communications: To send promotional information about new programs or content, only where you have opted in. Legal basis: consent, which may be withdrawn at any time.
  6. Legal compliance: To comply with applicable laws, respond to lawful requests from authorities, and enforce our Terms of Use. Legal basis: legal obligation and legitimate interest.

5. Legal Bases for Processing (GDPR)

Where the GDPR applies to your data, we rely on one or more of the following legal bases: consent (Articles 6(1)(a) and 7), contract performance (Article 6(1)(b)), legal obligation (Article 6(1)(c)), and legitimate interests (Article 6(1)(f)). When relying on legitimate interests, we balance our interests against your rights and implement safeguards to minimise impact on your privacy.

6. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes described in this policy:

  • Contact form submissions: Retained for up to twenty-four months from the date of last correspondence, unless deletion is requested earlier.
  • Customer and transaction records: Retained for seven years from the date of the last transaction to meet Australian tax and accounting requirements.
  • Cookie consent records: Retained for twelve months from the date consent was given or updated.
  • Analytics data: Aggregated and anonymised where possible; raw data retained for up to fourteen months when analytics cookies are enabled.
  • Marketing preferences: Retained until you withdraw consent or unsubscribe, after which suppression records are kept to honour your preference.

When retention periods expire, data is securely deleted or anonymised so it can no longer be associated with an identifiable individual.

7. Data Sharing and Recipients

We do not sell personal data. We may share data with the following categories of recipients where necessary:

  • Service providers: Hosting providers, email delivery services, payment processors, and analytics platforms that process data on our behalf under written data processing agreements.
  • Professional advisers: Legal, accounting, or compliance consultants bound by confidentiality obligations.
  • Regulatory authorities: Where required by applicable law or valid legal process.

Some service providers may be located outside Australia or the European Economic Area. Where international transfers occur, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or equivalent mechanisms recognised under applicable law.

8. Security Measures

We implement technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using TLS/HTTPS protocols across all website pages.
  • Access controls limiting personal data access to authorised personnel with a legitimate business need.
  • Regular review of security practices and infrastructure configurations.
  • Staff training on data handling procedures and privacy obligations.
  • Incident response procedures to detect, report, and address data breaches in accordance with applicable notification requirements.

While we take reasonable steps to protect your data, no method of electronic transmission or storage is completely secure. We encourage you to use strong passwords for any accounts associated with our services and to contact us promptly if you suspect unauthorised access.

9. Your Rights Under GDPR

If you are located in the European Economic Area, United Kingdom, or another jurisdiction where the GDPR applies, you have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data where there is no compelling reason for continued processing.
  • Right to restrict processing: Request limitation of processing in certain circumstances.
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format where processing is based on consent or contract.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Withdraw consent at any time where processing is consent-based, without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: File a complaint with your local data protection supervisory authority.

To exercise any of these rights, contact us using the details in Section 1. We will respond within one month, extendable by two further months where requests are complex.

10. Your Rights Under Australian Privacy Law

Under the Australian Privacy Act 1988, you may request access to and correction of personal information we hold about you. You may also complain to the Office of the Australian Information Commissioner (OAIC) if you believe we have handled your information in a way that breaches the APPs. We will acknowledge complaints within seven days and aim to resolve them within thirty days.

11. Cookies and Similar Technologies

Our website uses cookies and similar tracking technologies as described in our Cookie Policy. Non-essential cookies are placed only with your consent, managed through the cookie banner displayed on each page. You may update your preferences at any time by clearing browser cookies and revisiting the site, or by contacting us directly.

12. Children's Privacy

Our website and services are directed at adults aged eighteen and over. We do not knowingly collect personal data from individuals under eighteen. If we become aware that data has been collected from a minor without appropriate parental consent, we will take steps to delete that information promptly.

13. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals. Custom session schedule suggestions involve human review of questionnaire responses and are not generated solely by automated systems.

14. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. Material changes will be indicated by updating the effective date at the top of this page. We encourage you to review this policy periodically. Continued use of the website after changes constitutes acknowledgment of the updated policy, subject to applicable consent requirements for new processing activities.

15. Contact Information

For questions, requests, or complaints regarding this Privacy Policy or our data handling practices, contact:

Bloomfreshelimin
211 La Trobe St, Melbourne VIC 3000, Australia
Email: touch@bloomfreshelimin.world
Phone: +61 3 9927 9000