Privacy policy
Vivawipeia respects privacy. This policy meets expectations under the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and provides additional notes for visitors from regions with comparable laws (such as the EU General Data Protection Regulation).
APP 1—Open and transparent: We publish this policy, our Cookies Policy, Disclaimer, and Consumer rights summary.
Entity and contact: Vivawipeia, Shop AG12/148 Bunda Street, Canberra ACT 2601, Australia. Email clients@vivawipeia.world. Phone +61 2 6257 5315.
Effective date: 12 May 2026.
What personal information we collect (APP 3)
Website technical data: Our hosting environment may log IP addresses, user agents, timestamps, and URLs requested for security and reliability.
Enquiries: If you email us or use the contact form, we collect your name, email address, message content, and related metadata needed to reply.
Consent records: Cookie preferences stored locally in your browser are described in the Cookies Policy. We do not receive those values remotely unless you separately tell us in writing.
We collect information only by lawful and fair means and, where reasonable, directly from you.
Why we collect and use it (APP 3, APP 6)
We use personal information to operate the website, respond to enquiries, maintain security, comply with law, improve our services, and—only if you opt in—analytics or marketing measurement. Where required, we rely on consent; otherwise we rely on the primary purpose of collection or related secondary purposes that you would reasonably expect.
Disclosure (APP 6, APP 8)
We may disclose information to hosting, email, professional advisers, or analytics providers who handle data under written arrangements that require confidentiality and appropriate security. We do not sell personal information.
If we disclose personal information to overseas recipients, we take steps that are reasonable in the circumstances to ensure overseas recipients comply with the APPs, except where APP 8.2 applies.
Security and breach notification (APP 11)
We use access controls, transport encryption where available, and staff awareness training. If an eligible data breach occurs under the Notifiable Data Breaches scheme, we will assess and, if required, notify the Office of the Australian Information Commissioner (OAIC) and affected individuals.
Retention (APP 11)
Server logs are retained for up to ninety days unless a longer period is needed to investigate misuse. Contact records are retained for up to twenty-four months after the last substantive reply unless law or legitimate claims require a longer period, in which case we minimise what we keep.
Access and correction (APP 12, APP 13)
You may request access to, or correction of, the personal information we hold about you by emailing the address above. We will respond within thirty days unless the APPs allow a longer period. We may verify identity before releasing information.
Complaints (APP 1)
If you believe we have mishandled personal information, contact us first. You may also complain to the OAIC (oaic.gov.au). Nothing in this policy limits your rights under the Privacy Act.
Overseas visitors (GDPR-style summary)
If EU or UK law applies to our processing, you may have rights to access, rectify, erase, restrict, object, port data, or withdraw consent. You may lodge a complaint with your local supervisory authority. Our lawful bases may include contract, legitimate interests, legal obligation, and consent.
Children
This site is not directed to children under fifteen years in Australia, and we do not knowingly collect their personal information.
Changes
We will update this policy when practices change and revise the effective date. Material changes may require fresh consent where the law says so.