Purgegreenrinse operates from 131 York Street, Sydney NSW 2000, Australia. Contact: assist@purgegreenrinse.world · +61 2 9264 3111. This policy applies to visitors in Australia and internationally.
1. Data Controller Information
The data controller responsible for your personal information is Purgegreenrinse, located at 131 York Street, Sydney NSW 2000, Australia. You may contact our privacy team via email at assist@purgegreenrinse.world or by telephone at +61 2 9264 3111 for any questions regarding this Privacy Policy or your data rights.
Purgegreenrinse operates the website purgegreenrinse.world and organizes group cycling programs, educational challenges, and community events across the Sydney metropolitan area. We are committed to handling personal data transparently and in accordance with the General Data Protection Regulation (GDPR), the Australian Privacy Act 1988, and applicable state-level privacy legislation in New South Wales.
2. Scope of This Policy
This Privacy Policy applies to all personal data collected through our website, contact forms, program registration processes, in-person events, email communications, and telephone inquiries. It covers data collected from website visitors, program participants, community members, volunteers, and individuals who subscribe to our informational communications.
This policy does not apply to third-party websites linked from our platform. We encourage you to review the privacy policies of any external sites you visit through links on our website.
3. Categories of Personal Data We Collect
3.1 Information You Provide Directly
When you contact us through our website form, register for a cycling program, or communicate with us by email or telephone, we may collect the following personal data:
- Full name and preferred name
- Email address and telephone number
- Postal address or suburb of residence
- Message content and inquiry details submitted through contact forms
- Cycling experience level and program preferences
- Emergency contact name and telephone number (for program participants only)
- GDPR consent records and communication preferences
3.2 Information Collected Automatically
When you visit our website, certain technical data may be collected automatically through cookies and similar technologies, subject to your consent preferences:
- IP address and approximate geographic location
- Browser type, version, and operating system
- Device type and screen resolution
- Pages visited, time spent on pages, and navigation paths
- Referring website or search engine
- Date and time of each visit
3.3 Information from Program Participation
If you register for and participate in our group cycling programs, we may additionally collect:
- Attendance records and ride participation history
- Pace group assignments and program progression data
- Feedback provided during post-ride discussions or surveys
- Volunteer role assignments for ride leaders and assistants
4. Legal Basis for Processing
Under the GDPR, we process your personal data based on the following legal grounds:
- Consent: When you submit our contact form, accept cookies, or opt in to communications, you provide explicit consent for the specified processing activities.
- Contractual necessity: Processing required to register you for programs, manage your participation, and fulfill our obligations under program agreements.
- Legitimate interests: Processing necessary for website security, fraud prevention, service improvement, and community safety during group rides, provided these interests do not override your fundamental rights.
- Legal obligation: Processing required to comply with applicable laws, regulations, court orders, or government requests.
5. Purposes of Data Usage
We use your personal data exclusively for the following purposes:
- Responding to your inquiries and providing information about our group cycling programs
- Processing program registrations and managing your participation in rides and challenges
- Sending program schedules, route updates, and weather-related notifications
- Generating quarterly progress summaries and milestone badge records for registered members
- Improving our website functionality, content relevance, and user experience through aggregated analytics
- Ensuring the safety and organization of group rides, including emergency contact procedures
- Complying with legal obligations and responding to lawful requests from authorities
- Processing refund requests in accordance with our Refund Policy
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.
6. Data Sharing and Third Parties
We do not sell, rent, or trade your personal data to third parties. We may share your information with the following categories of recipients only when necessary:
- Service providers: Hosting providers, email delivery services, and analytics platforms that process data on our behalf under strict data processing agreements.
- Ride leaders and volunteers: Limited participant information (name and emergency contact) shared with designated ride leaders for safety purposes during group sessions.
- Legal authorities: When required by law, regulation, legal process, or enforceable government request.
All third-party processors are contractually obligated to protect your data, process it only for specified purposes, and comply with applicable data protection laws.
7. International Data Transfers
Your personal data is primarily stored and processed within Australia. If any data is transferred to countries outside the European Economic Area (EEA) or Australia, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or equivalent mechanisms recognized under applicable law.
8. Data Retention Period
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:
- Contact form submissions: Retained for 24 months from the date of submission, then securely deleted.
- Program registration records: Retained for the duration of your participation plus 36 months after your last active session.
- Progress and attendance data: Retained for 36 months after program completion, then anonymized for statistical purposes.
- Cookie and analytics data: Retained according to the periods specified in our Cookie Policy, typically 12 to 26 months.
- Financial and refund records: Retained for 7 years as required by Australian tax and accounting regulations.
- Consent records: Retained for 5 years after consent withdrawal to demonstrate compliance.
When retention periods expire, data is securely deleted or irreversibly anonymized.
9. Security Measures
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- HTTPS encryption for all data transmitted between your browser and our website
- Access controls limiting personal data access to authorized personnel only
- Regular security assessments of our hosting infrastructure and applications
- Secure storage of physical records at our York Street location with restricted access
- Staff training on data protection principles and incident response procedures
- Encrypted backups stored in geographically separate locations within Australia
While we strive to protect your personal data, no method of electronic transmission or storage is completely secure. We encourage you to use strong passwords and protect your own devices when accessing our services.
10. Your Rights Under GDPR and Australian Law
Depending on your location and applicable law, you may exercise the following rights regarding your personal data:
- Right of access: Request a copy of the personal data we hold about you.
- Right to rectification: Request correction of inaccurate or incomplete personal data.
- Right to erasure: Request deletion of your personal data where no compelling reason exists for continued processing.
- Right to restrict processing: Request limitation of processing in certain circumstances.
- Right to data portability: Receive your personal data in a structured, commonly used, machine-readable format.
- Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
- Right to withdraw consent: Withdraw consent at any time without affecting the lawfulness of prior processing.
- Right to lodge a complaint: File a complaint with the Office of the Australian Information Commissioner (OAIC) or your local supervisory authority.
To exercise any of these rights, contact us at assist@purgegreenrinse.world or +61 2 9264 3111. We will respond within 30 days of receiving a verified request.
11. Children's Privacy
Our website and programs are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will take steps to delete such information promptly.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. The updated date at the top of this page indicates when the most recent revision took effect. We encourage you to review this page regularly. Material changes will be communicated through a notice on our website.
13. Contact Information
For privacy-related inquiries, data subject requests, or concerns about our data handling practices, please contact:
Purgegreenrinse
131 York Street, Sydney NSW 2000, Australia
Email: assist@purgegreenrinse.world
Phone: +61 2 9264 3111