Privacy Policy

Last updated:

This Privacy Policy describes how Tendonsbone ("we", "us", or "our") collects, uses, stores, and protects your personal information when you visit our website at tendonsbone.world (the "Website"). We are committed to managing personal information openly and transparently in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where applicable, we also comply with the General Data Protection Regulation (GDPR) for visitors located in the European Economic Area.

1. Who We Are

The organisation responsible for your personal information is:

• Tendonsbone
• 8 George St, Port Denison WA 6525, Australia
• Email: ask@tendonsbone.world
• Phone: +61 8 9927 1210

2. Personal Information We Collect

We may collect the following kinds of personal information:

• Identity information: your name
• Contact information: your email address
• Communication information: messages you send through our contact form
• Technical information: IP address, browser type, device information, and pages visited
• Cookie and usage information: preferences stored via cookies and localStorage, as described in our Cookie Policy

We collect personal information directly from you when you submit our contact form, when you communicate with us by email or phone, and automatically when you browse the Website (for example, through server logs and cookies where applicable).

3. Why We Collect Personal Information

We collect, hold, use, and disclose personal information only where reasonably necessary for our functions and activities, including to:

• respond to your enquiries and communicate with you about your request
• operate, maintain, secure, and improve the Website
• comply with legal and regulatory obligations
• conduct analytics and measure advertising effectiveness, where you have provided consent
• manage complaints, privacy requests, and records relating to this Privacy Policy

If you do not provide information we reasonably request, we may be unable to respond to your enquiry or provide certain Website features.

4. Collection Notice

When you use our contact form, we will ask for your name, email address, message, and confirmation that you agree to this Privacy Policy. By submitting the form, you consent to us collecting and using that information to respond to your enquiry. You may contact us using the details in Section 1 if you have questions before submitting personal information.

5. How We Use and Disclose Personal Information

We do not sell your personal information. We may disclose personal information to:

• service providers who assist us in hosting, operating, or analysing the Website, subject to appropriate contractual safeguards
• professional advisers where reasonably required (for example, legal or accounting advice)
• regulators, courts, or law enforcement where required or authorised by Australian law

Some service providers may be located outside Australia. Where personal information is disclosed overseas, we take reasonable steps to ensure recipients handle it in a manner consistent with the APPs, unless an exception under the Privacy Act applies.

6. Direct Marketing

We do not send direct marketing communications unless you have consented or we are otherwise permitted to do so under the Privacy Act. You may opt out of marketing communications at any time by contacting us using the details in Section 1. A request to opt out of marketing does not affect our ability to send service-related messages about your enquiry.

7. Data Retention

We retain personal information only for as long as reasonably necessary to fulfil the purposes for which it was collected:

• Contact form submissions: up to 24 months from the date of receipt
• Technical and analytics data: up to 12 months
• Cookie consent records: up to 12 months
• Data required for legal compliance: as long as required by applicable law

8. Your Rights Under Australian Law

Under the Privacy Act and APPs, you may:

• request access to the personal information we hold about you (APP 12)
• request correction of personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading (APP 13)
• withdraw consent for optional uses such as analytics or marketing, where consent is the basis for collection
• make a complaint about our handling of your personal information

To exercise these rights, contact us using the details in Section 1. We will respond within a reasonable period, and generally within 30 days. We may need to verify your identity before providing access or making corrections. We will not charge a fee for making a request unless permitted by law; if a charge applies, we will explain it before proceeding.

If you are located in the European Economic Area, you may also have additional rights under the GDPR, including erasure, restriction of processing, data portability, and objection to processing.

9. Anonymity and Pseudonymity

Where lawful and practicable, you may interact with us anonymously or using a pseudonym. Because we need contact details to respond to enquiries submitted through our contact form, anonymous use of that form is not practicable.

10. Data Security and Notifiable Data Breaches

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. These steps include HTTPS encryption, access controls, and periodic review of our information-handling practices.

If a data breach is likely to result in serious harm to affected individuals, we will assess the breach and, where required, notify eligible individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme under the Privacy Act.

11. Complaints

If you believe we have breached the APPs or mishandled your personal information, please contact us first using the details in Section 1. We will acknowledge your complaint and investigate it promptly.

If you are not satisfied with our response, you may lodge a complaint with the OAIC:

• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Post: GPO Box 5218, Sydney NSW 2001, Australia

12. Children's Privacy

Our Website is intended for a general audience and is not directed at children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately so we can take appropriate steps to delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated version will be posted on this page with a revised "Last updated" date. Material changes will be brought to your attention where required by law.

14. Contact Us

For any questions about this Privacy Policy, access or correction requests, or privacy complaints, please contact us at:

• Email: ask@tendonsbone.world
• Address: 8 George St, Port Denison WA 6525, Australia
• Phone: +61 8 9927 1210