Who We Are

Welcome to the Privacy Policy of Sunrise Digital Media. We are a full-service digital agency in Australia that helps businesses grow through SEO, social media marketing, website design, advertising, content creation, graphic design, video editing, and campaign management. In everything we do, protecting your privacy and handling personal information responsibly is a priority.

Our registered office is located at:

1 Oakley St, Beaumaris VIC 3193, Australia

You can reach us directly at:

Phone: +61 430 154 106

Email: contact@sunrisedigitalmedia.com.au

This Privacy Policy explains how Sunrise Digital Media collects, uses, discloses, and secures personal information in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth). These laws are designed to safeguard personal data, ensure transparency, and give individuals meaningful control over how their information is used.

By visiting our website or engaging our services, you agree to the practices outlined in this policy. This includes your use of our website tracking tools such as Google Analytics 4 (GA4), Google Ads tags, and Meta Pixel, as well as third-party services we use to deliver our work, such as Mailchimp for email campaigns, Stripe for payment processing, Xero for invoicing and accounting, and our CRM system for client relationship management.

This document covers the following key points:

• what information we collect and why,
• how cookies, analytics, and pixels operate on our website,
• when and why data is shared with third-party providers,
• how long we keep information and how we secure it,
• your rights under Australian law,
• what to do if you wish to correct or delete information, and
• how we respond to Notifiable Data Breaches (NDB).

Our goal is simple: to give you clarity, build trust, and ensure you feel safe when working with Sunrise Digital Media.

What This Privacy Policy Covers

This Privacy Policy explains how Sunrise Digital Media (“we”, “our”, “us”) collects, uses, discloses, and protects personal information in connection with our business activities. It applies to anyone who interacts with us, whether as a website visitor, prospective client, current client, contractor, or simply someone browsing our content online.

Specifically, this policy covers:

• Website visitors: information gathered through our website (including cookies, analytics, and pixels).

• Clients and enquiries: information you provide when you request a proposal, contact us about our services, or sign an agreement.

• Subscribers: details provided when you sign up for newsletters or campaigns managed through Mailchimp.

• Payment and accounting: information processed through Stripe for payments and Xero for invoicing and bookkeeping.

• Marketing and advertising data: insights captured via Google Analytics 4 (GA4), Google Ads tags, and the Meta Pixel.

• CRM records: information we log in our client relationship management system to help manage projects, communications, and ongoing service delivery.

This policy does not apply to third-party websites that we may link to from our own site, such as partner websites, social platforms, or external resources. Those sites operate under their own privacy policies and practices. We recommend reviewing their privacy statements directly before engaging with them.

Our privacy commitments are guided by the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). We also recognise that some of our tools and providers (e.g., Google, Meta, Stripe, Mailchimp) are based overseas. For that reason, this policy also explains how we approach cross-border data transfers, vendor compliance, and the steps we take to protect your information when it leaves Australia.

Bottom line: if you interact with Sunrise Digital Media — whether online, by phone, or through our services — this Privacy Policy explains how your personal information is managed.

The Information We Collect

As a digital agency operating in Australia, Sunrise Digital Media collects personal information that helps us deliver our services, improve performance, and comply with legal obligations. The information we collect falls into several categories:

1. Identity and Contact Information

• Full name, company name, job title, email address, phone number.
• Business details such as ABN (if provided), postal address, or billing address.

2. Communications

• Enquiries submitted through our website forms.
• Emails, phone calls, and messages exchanged with our team.
• Feedback, testimonials, or approval you provide for case studies or campaigns.

3. Marketing and Analytics Data

• Website usage information, such as IP address, browser type, operating system, device type, referral source, and session activity.
• Behavioural and campaign data collected through Google Analytics 4 (GA4), Google Ads tags, and the Meta Pixel. This helps us measure ad performance, track conversions, and improve targeting.

4. Payment and Accounting

• When you purchase our services, payments are securely processed via Stripe. We do not store your full credit card details — Stripe manages this data on its secure servers.
• Invoicing and financial records are managed through Xero to meet accounting and compliance obligations.

5. Subscriptions and CRM Records

• If you subscribe to our updates via Mailchimp, we collect your email address and communication preferences.
• Client interactions and service history may be logged in our CRM system for project management and relationship tracking.

6. Automatically Collected Data

• Cookies and tracking technologies capture browsing patterns, which help us provide a better user experience.
• Location-related information (such as approximate city or region) may be inferred from your IP address.

We only collect information necessary to provide our services, operate our business effectively, and comply with the Australian Privacy Principles (APPs). Where possible, you may choose to remain anonymous or use a pseudonym when interacting with us — though in some cases, this may limit our ability to provide services.

Why We Use Your Information

At Sunrise Digital Media, we only collect personal information for purposes that are directly related to running our business as a digital agency in Australia. These purposes align with the Australian Privacy Principles (APPs) and ensure that your data is used in fair and transparent ways.

Service Delivery

• To respond to enquiries and provide accurate proposals or quotes.
• To deliver our services, including SEO, digital marketing, social media management, paid advertising campaigns, and content development.
• To provide customer support, manage client projects, and maintain professional communication.

Marketing and Analytics

• To analyse website traffic and improve user experience using Google Analytics 4 (GA4).
• To measure advertising performance through Google Ads tags and the Meta Pixel, ensuring campaigns reach the right audiences.
• To send newsletters, service updates, and educational content via Mailchimp, you have opted in.
• To personalise communications and make our marketing more relevant.

Payments and Administration

• To process payments securely through Stripe.
• To generate invoices, maintain financial records, and comply with tax obligations via Xero.
• To log service records and communication history in our CRM system for better project management.

Legal and Security

• To comply with applicable Australian laws, regulations, and industry codes.
• To investigate fraud, prevent misuse, or respond to lawful requests from regulators or law enforcement.
• To protect the integrity of our systems and data.

We will not use your information for unrelated purposes without your consent, unless required or authorised by law. Where direct marketing is concerned, you always have the option to unsubscribe or opt out, in line with APP 7.

Bottom line: your data is used to provide better services, improve our website and campaigns, process transactions, and meet our legal obligations.

Cookies, Analytics, and Pixels

Like most professional websites, Sunrise Digital Media uses cookies and tracking technologies to deliver essential functionality, improve performance, and measure the effectiveness of our digital marketing campaigns. This section explains what cookies are, how we use them, and how you can manage your preferences.

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences, keep you logged in, and provide insights into how visitors interact with content.

How We Use Cookies and Tracking Tools

We use cookies and related technologies for the following purposes:

1. Essential website functions

• To keep the website running smoothly, remember session settings and enable basic navigation.

2. Analytics and performance

• We use Google Analytics 4 (GA4) to understand visitor behaviour, track traffic sources, and measure engagement. GA4 helps us identify which pages are most useful and how users interact with our content.

3. Advertising and remarketing

• Google Ads tags and the Meta Pixel allow us to measure ad conversions, build remarketing audiences, and improve campaign targeting. These tools help ensure that our advertising is relevant and cost-effective.

4. Email and engagement tracking

• When you open an email from us (via Mailchimp), tracking pixels may record whether you engaged with the content. This data helps us refine communication and send more relevant updates.

Third-Party Cookies

Some cookies are set by trusted third parties. For example, Google, Meta, and Mailchimp may place cookies in your browser when you interact with our site or campaigns. These providers have their own privacy policies that explain how they handle data.

Managing Your Cookie Preferences

You can control or disable cookies via your browser settings. Blocking some cookies may affect site functionality. If you prefer not to be tracked by Google Analytics, you can install the GA opt-out browser add-on. For Meta or Google Ads, you can manage ad preferences directly in your account settings.

We are committed to transparency and ensure that all cookie and tracking practices comply with the Australian Privacy Principles (APPs).

Legal Basis Under Australian Law

Sunrise Digital Media handles personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). These principles form the foundation of privacy protection in Australia and apply to businesses like ours that handle client, subscriber, and website visitor information.

The APPs require us to:

1. Be transparent (APP 1)

• Maintain a clear and up-to-date privacy policy that explains how we collect, use, and disclose information.

2. Collect information fairly (APP 3 & 5)

• Only collect data that is reasonably necessary for our services, and inform you at or before the time of collection.

3. Use and disclose responsibly (APP 6)

• Limit use and disclosure of personal information to the purposes described in this policy or where you would reasonably expect it.

4. Direct marketing (APP 7)

• Provide a clear option to opt out of marketing communications and honour those requests promptly.

5. Keep information secure (APP 11)

• Take reasonable steps to protect personal data from misuse, interference, loss, unauthorised access, or disclosure.

6. Provide access and correction rights (APPs 12 & 13)

• Allow individuals to request access to the personal information we hold and correct it if inaccurate, out of date, or incomplete.

7. Cross-border disclosures (APP 8)

• Take reasonable steps to ensure that overseas recipients, such as Google, Meta, Stripe, Mailchimp, and Xero, handle information in a way that is consistent with the APPs.

In short, our legal basis for handling data rests on the necessity for service delivery, compliance with legal obligations, and consent (where required, e.g., for direct marketing).

By engaging Sunrise Digital, you can be confident that your information is managed under the framework of Australian privacy law, with an emphasis on fairness, accountability, and transparency.

Sharing Your Information

Sunrise Digital Media respects your privacy and does not sell, rent, or trade your personal information. However, in order to operate effectively as a digital agency in Australia, we sometimes need to share information with trusted third parties. We only disclose personal data where it is necessary, reasonable, and consistent with this Privacy Policy.

Service Providers

We work with external providers that support our operations. These include:

• Google (GA4, Google Ads) – analytics, advertising, and performance tracking.
• Meta (Meta Pixel) – audience insights, ad measurement, and remarketing.
• Mailchimp – sending newsletters and email campaigns.
• Stripe – secure payment processing.
• Xero – invoicing, accounting, and financial recordkeeping.
• CRM platforms – storing client records, communications, and project data.

These providers may process data on servers located outside Australia. We take reasonable steps under APP 8 to ensure that they meet comparable data protection standards.

Professional Advisers

We may disclose information to accountants, auditors, insurers, and lawyers as part of business administration, compliance, and risk management.

Legal and Regulatory Authorities

We may disclose personal information if required to do so by law, regulation, subpoena, or government request. This may include disclosures to the Office of the Australian Information Commissioner (OAIC) or other authorities where appropriate.

Business Transfers

If Sunrise Digital Media undergoes a merger, acquisition, sale, or restructuring, personal information may be transferred to the new entity as part of the transaction. We will ensure that your data continues to be handled in line with this Privacy Policy.

Other Situations

In exceptional cases, we may disclose information to prevent fraud, protect life or safety, or defend our legal rights.

We will never disclose more information than necessary, and all disclosures are carried out with a focus on security, transparency, and compliance.

Retention of Information 

Sunrise Digital Media retains personal information only for as long as it is needed for business, legal, or compliance purposes. We follow a “data minimisation” principle, which means we do not keep personal information longer than necessary.

Typical retention periods:

• Enquiries and leads: kept up to 24 months from the date of last contact. This allows us to follow up with potential clients in a timely and relevant way.

• Client records and contracts: retained for 7 years in line with Australian tax and corporate recordkeeping laws.

• Invoices and financial data: kept for 7 years as required for accounting and audit purposes.

• Analytics data (Google Analytics 4): configured to retain event-level data for no more than 14 months unless required for legitimate reporting.

• Mailchimp subscriber data: stored until you unsubscribe or request deletion. Once unsubscribed, we maintain minimal records to ensure no further emails are sent.

• CRM records: retained while the client relationship is active and for a reasonable period afterward for reference and compliance.

Once information is no longer required, we take reasonable steps to securely delete or de-identify it, consistent with the Australian Privacy Principles (APP 11). For example, files may be securely erased, documents shredded, or digital records anonymised.

We balance business needs with your privacy rights. If you request deletion of your data before the end of our retention period, we will review the request and, where legally permissible, delete or de-identify your information.

Security

Protecting your information is central to our business operations. Sunrise Digital Media takes reasonable steps to prevent misuse, interference, loss, and unauthorised access, modification, or disclosure of personal data, as required by APP 11.

Our security measures include:

• Restricted access: personal data is only available to authorised staff who need it for their role.
• Encryption: we use encryption in transit for emails and online transactions.
• Secure storage: files are stored in cloud systems that use industry-standard security controls.
• Vendor vetting: third-party providers (Stripe, Xero, Mailchimp, Google, Meta) are reviewed for their security and compliance practices.
• Authentication: strong passwords, two-factor authentication, and access logs help protect systems.
• Staff training: employees and contractors receive guidance on privacy and data protection practices.

While no system is 100% secure, we work actively to reduce risks and respond to potential threats.

Data Breach Response

If a breach occurs that is likely to cause serious harm, we will assess the incident and, where required, notify:

1. The affected individuals, and

2. The Office of the Australian Information Commissioner (OAIC)

This is part of our obligations under the Notifiable Data Breaches (NDB) scheme. We will also provide recommendations for steps individuals should take to protect themselves.

Your Rights

Under the Australian Privacy Principles (APPs 12 and 13), you have rights to access and correct the personal information we hold about you.

Access:

• You may request a copy of your personal information at any time.
• We will respond within a reasonable timeframe, typically within 30 days.
• Access may be refused in limited cases, such as where disclosure would impact another person’s privacy, reveal commercially sensitive information, or conflict with the law.

Correction:

• If you believe the information we hold is inaccurate, out-of-date, incomplete, irrelevant, or misleading, you may request correction.
• We will take reasonable steps to update our records promptly.

Deletion:

• In some cases, you may request that we delete your personal information. We will review such requests and act where legally permissible, considering our obligations under recordkeeping laws.

How to Make a Request:

• Email us at contact@sunrisedigitalmedia.com.au with details of your request.
• We may need to verify your identity before processing it.

If we refuse access or correction, we will provide a written explanation, including the reasons and options for further complaint.

These rights give you meaningful control over your data, and we are committed to upholding them in a transparent and respectful way.

Communication Preferences

At Sunrise Digital Media, we want you to stay in control of how we communicate with you. While we may occasionally send updates about our services, industry news, or marketing campaigns, you always have the right to manage or withdraw your preferences.

Email Marketing

We use Mailchimp to send newsletters and marketing communications. Every email we send includes an unsubscribe link at the bottom. If you no longer wish to receive updates, you can click this link, and you will be automatically removed from our mailing list.

Direct Communications

From time to time, we may also contact you by phone or email about a project you are working on with us, or to follow up on a service enquiry. These communications are considered necessary for service delivery and are not classified as marketing.

Opting Out

If you prefer not to receive marketing at all, you can:

• Use the unsubscribe link in our emails.
• Email us at contact@sunrisedigitalmedia.com.au with your request.
• Adjust your preferences by contacting our support team.

Once we receive your request, we will update our records promptly and ensure that no further marketing communications are sent to you. Please note that we may still send service-related messages, such as invoices or important project updates.

This approach complies with APP 7 (direct marketing) under the Privacy Act 1988 (Cth), ensuring you have the freedom to decide how and when we contact you.

Children’s Privacy

Sunrise Digital Media’s services are designed for businesses, organisations, and adults seeking digital marketing and agency support. We do not knowingly collect personal information from children under the age of 16.

If you are under 16, please do not submit any personal information to us through our website, forms, or services. Parents or guardians should supervise young people when they use the internet to ensure their privacy is protected.

In the unlikely event that we become aware that a child has provided personal data without parental consent, we will take immediate steps to:

• Delete the information from our records, and

• Where appropriate, notify the parent or guardian.

We take this responsibility seriously because protecting children online is a key part of maintaining trust and compliance.

If you are a parent or guardian and believe your child may have provided information to Sunrise Digital Media, please contact us immediately at contact@sunrisedigitalmedia.com.au so we can resolve the issue.

Complaints

We are committed to handling personal information responsibly and transparently. If you have concerns about how Sunrise Digital Media has collected, used, or disclosed your personal information, you have the right to make a complaint.

Step 1: Contact Us Directly

Please email your complaint to contact@sunrisedigitalmedia.com.au. Provide as much detail as possible, including:

• The nature of the complaint.
• The information or activity you are concerned about.
• The outcome you would like to see.

We will acknowledge your complaint promptly and aim to respond within 30 days.

Step 2: Internal Review

If necessary, we will conduct an internal review of our processes and records. You will be kept informed throughout and provided with a written response explaining the outcome of our review.

Step 3: Escalation to OAIC

If you are not satisfied with our response, you can escalate the complaint to the Office of the Australian Information Commissioner (OAIC). The OAIC recommends that you first allow the business an opportunity to resolve the matter. You can contact the OAIC at:

• Website: www.oaic.gov.au 
• Phone: 1300 363 992

This complaints process ensures your concerns are taken seriously and handled in line with the Australian Privacy Principles.

Changes to This Privacy Policy

Privacy practices and legal requirements evolve over time. Sunrise Digital Media reserves the right to update or amend this Privacy Policy when necessary to reflect:

• changes in our services or operations,
• new technologies or analytics tools,
• updates to Australian privacy law (including amendments to the Privacy Act 1988 (Cth)),
• guidance from the Office of the Australian Information Commissioner (OAIC), and
• industry best practices for digital agencies.

When we make changes, the updated version of this Privacy Policy will be published on our website with a revised “Last updated” date at the top of the page. Significant updates may also be communicated directly by email if we hold your contact details and the changes affect you.

We encourage all visitors, clients, and subscribers to review this Privacy Policy periodically to stay informed about how we protect and manage personal information.

By continuing to use our services or interact with our website after changes have been posted, you agree to the updated policy. If you do not agree with any amendments, you should stop using our services and contact us to manage or delete your personal information where legally permissible.