Privacy Policy

Introduction and scope

This Privacy Policy applies to visitors of the website, people who submit forms, and anyone who emails us in connection with Liora products or services. It does not cover third-party websites that we may link to; those services have their own policies. If you do not agree with this Policy, please discontinue use of the Site except where limited processing is strictly necessary.

Who we are

The data controller responsible for personal data processed through this Site is Liora, operating from Australia. Full contact details appear in the sidebar and at the end of this Policy. When we say “we” or “us”, we mean Liora and authorised staff or processors acting on documented instructions.

Categories of personal data

Depending on how you interact with us, we may process identity and contact data (such as name and email address), the content of messages you send, technical data such as browser type and device category, approximate location derived from IP address when server logs are generated, and records of consent or marketing preferences where you opt in. We do not ask for sensitive categories of data on this Site; please do not send health records unless we explicitly request them through a secure channel.

Purposes and legal bases

We process personal data to respond to inquiries, operate the Site, improve security, comply with law, and—where you consent—to analytics or marketing tools described in our Cookie Policy. Under the GDPR, applicable bases include performance of a contract or pre-contract steps, legitimate interests that are not overridden by your rights, compliance with legal obligations, and consent where required.

Australian Privacy Act and APPs

Where the Privacy Act 1988 (Cth) applies, we handle personal information in line with the Australian Privacy Principles (APPs), including collecting only what is reasonably necessary by lawful and fair means, for purposes that are clear and related to our functions, keeping data accurate and secure, and allowing you to access and correct your information subject to exceptions in the Act. Serious data breaches may be notified under the Notifiable Data Breaches scheme where required. For more information, see the Office of the Australian Information Commissioner at oaic.gov.au.

Cookies and similar technologies

We use strictly necessary mechanisms to run the Site and optional cookies where you allow them. Categories, retention, and controls are described in the Cookie Policy. You can change preferences through the cookie banner or your browser settings.

Retention

We retain personal data only as long as needed for the purposes above. Inquiry records are typically kept for up to twenty-four months unless a longer period is required for disputes, accounting, or regulatory compliance. Security logs may be kept on a rolling basis. When data is no longer needed, we delete or anonymise it where feasible.

Sharing and processors

We may share data with hosting providers, email delivery services, and analytics or marketing vendors when you enable those categories. We require appropriate contractual terms and assess security practices. We do not sell personal data. If the business structure changes, successors may receive data subject to equivalent protections.

International transfers

If personal data is transferred outside Australia or the EEA, we implement safeguards such as standard contractual clauses or equivalent measures where required by law. You may request more information about transfers by contacting us.

Security

We apply reasonable technical and organisational measures, including HTTPS on the Site, access controls, and vendor review. No online system is perfectly secure; please protect your accounts and devices and report suspected misuse promptly.

Your rights

Depending on your location, you may have rights to access, rectify, erase, restrict processing, object to certain processing, and data portability. Australian individuals may also request correction and may complain to the Office of the Australian Information Commissioner. EEA residents may lodge complaints with a supervisory authority. If you are in Austria, you may contact the Austrian Data Protection Authority (Datenschutzbehörde) at dsb.gv.at. We respond within applicable timeframes and may need to verify your identity before fulfilling requests.

Children

The Site is not directed at children under sixteen. We do not knowingly collect personal data from children. If you believe we have received such data, contact us and we will delete it.

Automated decision-making

We do not use solely automated decision-making that produces legal or similarly significant effects based on your personal data in connection with this Site.

Changes to this Policy

We may update this Policy to reflect legal, technical, or business changes. The “Last updated” line shows the current version. Material changes may be highlighted on the Site where appropriate.

Contact

For privacy questions or requests: Liora, 318 High St, Preston VIC 3072, Australia. Email: ask@thimyxolghex.world.