Privacy Policy

Your privacy matters to us. This policy explains what personal information By Rose collects, how it is used, and how it is protected. By using this website or purchasing from us, you agree to the practices described here.

This policy is maintained in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the Privacy and Other Legislation Amendment Act 2024.

1. Information We Collect

We collect personal information that you provide directly to us, including:

  • Your name and email address (via enquiry forms, mailing list sign-ups, or account creation)

  • Your delivery address (for physical product orders)

  • Payment information (processed securely by Squarespace Payments, we do not store card details)

  • Any information you choose to share during a project, mentoring session, or general correspondence

  • Technical information such as IP address and browser type, collected automatically when you visit our website

We collect only the information necessary to provide our services and operate our business. We do not collect sensitive information (such as health or financial information beyond what is required for payment processing) unless you voluntarily provide it.

2. How We Use Your Information

We use your information to:

  • Process and fulfil orders (digital and physical)

  • Communicate with you about your enquiry, project, or purchase

  • Send occasional studio updates or offers if you have opted in (you can unsubscribe at any time)

  • Improve our website and services

  • Meet our legal and regulatory obligations

We do not sell, rent, or trade your personal information to third parties.

3. Third-Party Services

We use the following trusted third-party platforms to operate our business. Each has their own privacy policy and data handling practices:

  • Squarespace - website hosting and payment processing

  • Google - email communications via Gmail

These platforms may collect and process data in accordance with their own privacy policies. We encourage you to review their policies directly. We take reasonable steps to ensure any third-party services we use meet appropriate privacy standards.

4. Cookies

This website uses cookies to help it function properly and to understand how visitors use the site. Cookies are small data files stored on your device. We use them for:

  • Essential website functionality

  • Analytics to understand how visitors interact with our site

You can disable cookies through your browser settings, though some features of the website may not work as intended. By continuing to use this website, you consent to our use of cookies as described.

5. Data Security

We take reasonable technical and organisational steps to protect your personal information from misuse, loss, and unauthorised access. These measures include:

  • Secure, encrypted connections (HTTPS) across our website

  • Payment information handled entirely by our third-party payment processors and not stored on our systems

  • Limiting access to personal information to those who need it to carry out our services

While we take these precautions, no data transmission over the internet is completely secure. We cannot guarantee the absolute security of information transmitted to or from our website.

6. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law (including taxation and business record-keeping obligations). Once information is no longer required, we will take reasonable steps to destroy or de-identify it.

You may request deletion of your personal data at any time by contacting us, subject to any legal obligations we have to retain certain records.

7. Your Rights (Australian Privacy Act 1988)

Under Australian law, you have the right to:

  • Access the personal information we hold about you

  • Request corrections if your information is inaccurate, incomplete, or out of date

  • Request that we delete your information, subject to our legal obligations

  • Complain to the Office of the Australian Information Commissioner (OAIC) if you believe we have mishandled your personal information

To make a request or raise a concern, please contact us at byrosemills@gmail.com. We will respond within a reasonable timeframe.

8. Serious Invasions of Privacy

By Rose is committed to handling your personal information lawfully and ethically. Under the Privacy and Other Legislation Amendment Act 2024, individuals now have a statutory right to take legal action for serious invasions of privacy. We take this seriously and conduct our business accordingly.

9. Children's Privacy

Our website and services are intended for adults aged 18 and over. We do not knowingly collect personal information from individuals under the age of 18. If you believe we have inadvertently collected information from a minor, please contact us immediately and we will take steps to delete it.

10. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal obligations. Any changes will be published on this page with an updated date. We encourage you to review this policy periodically.

11. Contact

If you have any questions about how we handle your information, please get in touch at byrosemills@gmail.com.

Last updated: 01/05/2026