Vivoeupurge
Legal Documentation

Privacy Policy

Effective date:

1. Introduction

Vivoeupurge ("we," "us," or "our") is committed to protecting the privacy and personal data of individuals who visit our website at vivoeupurge.world, use our services, or otherwise interact with our organisation. This Privacy Policy explains how we collect, use, store, share, and protect your personal information in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Australian Privacy Act 1988 (Cth), and the Australian Privacy Principles (APPs).

By accessing our website or submitting personal information through our contact forms, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please refrain from using our website or providing your personal data.

This policy applies exclusively to data processed by Vivoeupurge in connection with our workplace culture consulting and educational services. It does not cover third-party websites that may be linked from our pages.

2. Data Controller Information

The data controller responsible for your personal information is:

Vivoeupurge
236 Bourke St, Melbourne VIC 3000, Australia
Phone: +61 3 9650 3011
Email: hello@vivoeupurge.world

For all privacy-related enquiries, data subject requests, or concerns regarding the processing of your personal data, please contact us using the details above. We will respond to all legitimate requests within the timeframes required by applicable law, typically within 30 days for GDPR requests and within a reasonable period under the Australian Privacy Act.

3. Personal Data We Collect

We collect personal data through various channels depending on how you interact with our organisation. The categories of data we may collect include:

3.1 Information You Provide Directly

  • Full name and job title when submitting our contact form or engaging in correspondence
  • Email address and telephone number for communication purposes
  • Organisation name, industry sector, and team size when discussing consulting services
  • Message content and enquiry details submitted through our website contact form
  • Consent records indicating your agreement to data processing terms
  • Billing and invoicing information when entering into a consulting engagement

3.2 Information Collected Automatically

  • IP address, browser type, operating system, and device identifiers
  • Pages visited, time spent on pages, referral URLs, and navigation patterns
  • Cookie identifiers and similar tracking technologies (subject to your consent preferences)
  • Geographic location data derived from IP address (country and city level only)

3.3 Information From Program Participation

  • Attendance records for workshops and educational sessions
  • Anonymised survey responses regarding program satisfaction and content clarity
  • Resource portal usage statistics (login timestamps, materials accessed)

We do not collect sensitive personal data such as health records, medical diagnoses, biometric data, or information revealing racial or ethnic origin, political opinions, religious beliefs, or trade union membership. Our workplace education programs are non-clinical in nature and do not require or solicit such information.

Under the GDPR, we process personal data only when we have a valid legal basis. The bases applicable to our processing activities include:

  • Consent (Article 6(1)(a)): When you submit our contact form, accept cookies, or voluntarily provide information for marketing communications, we process your data based on your explicit consent. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
  • Contractual Necessity (Article 6(1)(b)): Processing required to perform a consulting contract, deliver educational programs, manage billing, or respond to pre-contractual enquiries you initiate.
  • Legitimate Interests (Article 6(1)(f)): Processing necessary for our legitimate business interests, such as improving website functionality, analysing aggregated usage patterns, preventing fraud, and maintaining network security — provided these interests are not overridden by your fundamental rights.
  • Legal Obligation (Article 6(1)(c)): Processing required to comply with applicable laws, regulations, tax requirements, or lawful requests from public authorities.

5. Purpose of Data Usage

We use collected personal data exclusively for the following purposes:

  • Responding to enquiries submitted through our website contact form or email
  • Scheduling and conducting discovery conversations about our consulting services
  • Preparing proposals, program outlines, and engagement documentation
  • Delivering educational workshops, resource materials, and program facilitation
  • Managing client relationships, contracts, invoicing, and payment processing
  • Generating anonymised engagement reports for client organisations
  • Improving website content, user experience, and service offerings through aggregated analytics
  • Complying with legal, regulatory, and contractual obligations
  • Protecting the security and integrity of our website and information systems
  • Communicating service updates, policy changes, or relevant educational content (with consent)

We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects on individuals.

6. Data Retention Period

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Our retention periods are as follows:

  • Contact form submissions: Retained for 24 months from the date of submission, unless an active consulting relationship is established
  • Client contract and billing records: Retained for 7 years from the end of the financial year in which the transaction occurred, in accordance with Australian tax law requirements
  • Program participation records: Retained for the duration of the engagement plus 12 months, after which identifiable data is anonymised or securely deleted
  • Cookie consent preferences: Stored locally on your device until you clear browser data or change your preferences
  • Website analytics data: Aggregated and anonymised data retained for up to 26 months
  • Marketing communication records: Retained until you withdraw consent or request deletion

Upon expiry of the applicable retention period, personal data is securely deleted, anonymised beyond re-identification, or archived in accordance with our data disposal procedures.

7. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to third parties for their marketing purposes. We may share personal data with the following categories of recipients under strict contractual safeguards:

  • Service providers: Hosting providers, email delivery services, payment processors, and analytics platforms that assist in operating our website and delivering services. These providers process data only on our instructions and are bound by data processing agreements.
  • Professional advisors: Legal counsel, accountants, and auditors who require access to certain data in the course of providing professional services to our organisation.
  • Regulatory authorities: Government bodies, courts, or law enforcement agencies when required by applicable law or valid legal process.
  • Client organisations: Anonymised and aggregated program engagement data may be shared with the client organisation that commissioned the workplace education program. Individual participant identities are never disclosed without explicit consent.

All third-party processors are required to implement appropriate technical and organisational security measures and to process personal data only for specified purposes.

8. International Data Transfers

Vivoeupurge is based in Australia. If you access our website from the European Economic Area (EEA), United Kingdom, or other jurisdictions with data transfer restrictions, your personal data may be transferred to and processed in Australia.

Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, adequacy decisions where applicable, or other lawful transfer mechanisms under GDPR Article 46.

Some of our service providers may process data in the United States or other countries. In such cases, we verify that adequate protection measures exist, including participation in recognised certification frameworks or execution of binding data processing agreements.

9. Security Measures

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, destruction, and accidental loss. Our security practices include:

  • HTTPS encryption for all data transmitted between your browser and our website
  • Secure hosting infrastructure with regular security patching and vulnerability assessments
  • Access controls limiting personal data access to authorised personnel on a need-to-know basis
  • Encrypted storage for sensitive data at rest where technically feasible
  • Regular backup procedures with encrypted backup storage
  • Employee training on data protection principles and secure handling practices
  • Incident response procedures for detecting, reporting, and mitigating data breaches
  • Periodic review and updating of security policies and technical controls

While we take reasonable steps to protect your personal data, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but commit to notifying affected individuals and relevant supervisory authorities of any data breach within 72 hours where required by GDPR Article 33.

10. Your Rights Under GDPR

If you are located in the European Economic Area or United Kingdom, you have the following rights regarding your personal data:

  • Right of Access (Article 15): Request confirmation of whether we process your personal data and obtain a copy of that data.
  • Right to Rectification (Article 16): Request correction of inaccurate or incomplete personal data.
  • Right to Erasure (Article 17): Request deletion of your personal data where there is no compelling reason for continued processing.
  • Right to Restriction (Article 18): Request limitation of processing under certain circumstances.
  • Right to Data Portability (Article 20): Receive your personal data in a structured, commonly used, machine-readable format.
  • Right to Object (Article 21): Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Withdraw previously given consent at any time, without affecting prior lawful processing.
  • Right to Lodge a Complaint: File a complaint with your local data protection supervisory authority if you believe your rights have been violated.

To exercise any of these rights, please contact us at hello@vivoeupurge.world with sufficient detail to identify your request. We may need to verify your identity before processing certain requests. We will respond within 30 days, with the possibility of a two-month extension for complex requests as permitted under GDPR Article 12.

11. Australian Privacy Act Compliance

As an organisation operating in Australia, we comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. Under the APPs, you have the right to:

  • Access personal information we hold about you
  • Request correction of inaccurate, out-of-date, incomplete, or misleading information
  • Make a complaint about a suspected interference with your privacy
  • Seek recourse through the Office of the Australian Information Commissioner (OAIC) if unsatisfied with our response

We collect personal information only where it is reasonably necessary for our business functions and activities. We take reasonable steps to ensure personal information is accurate, up-to-date, and complete. We do not adopt government-related identifiers as our own identifiers.

12. Children's Privacy

Our website and services are directed at business professionals and organisational decision-makers. We do not knowingly collect personal data from individuals under the age of 16. If we become aware that we have inadvertently collected data from a minor, we will take prompt steps to delete that information from our systems.

13. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. When material changes are made, we will update the effective date at the top of this page and, where appropriate, notify you via email or a prominent notice on our website.

We encourage you to review this policy regularly. Continued use of our website after changes are posted constitutes acceptance of the updated policy, except where your explicit consent is required by law.

14. Contact Information

For privacy-related questions, data subject access requests, or complaints, please contact:

Privacy Officer — Vivoeupurge
236 Bourke St, Melbourne VIC 3000, Australia
Phone: +61 3 9650 3011
Email: hello@vivoeupurge.world

We are committed to resolving privacy concerns promptly and transparently. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au or your local EU data protection authority.