Astra Digital Solutions (ABN 30 456 318 638) (“we”, “us”, “our”, “ADS”) is an Australian digital marketing agency headquartered in Sydney, New South Wales. We are committed to protecting your personal information and handling it responsibly, transparently, and in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose, store, and safeguard your personal information when you visit our website (astrads.com.au), submit enquiries, or engage us for services. By using our website or services, you consent to the practices described in this policy.

We may collect the following types of personal information:

From website visitors:

• Name and contact details (email address, phone number)
• Business name and website URL (if provided)
• Messages and enquiries submitted through our contact or quote forms
• IP address, browser type, operating system, and device information
• Browsing behaviour on our website (pages visited, time on site, referral source)
• Cookie identifiers and similar tracking data

From service clients:

• Business and billing information (including ABN where required)
• Ad account access credentials and campaign data (provided by the client)
• Performance data from digital marketing campaigns
• Communications, instructions, and feedback throughout the engagement

We collect only the personal information that is reasonably necessary for our business functions and services. We do not collect sensitive information (as defined in the Privacy Act) unless you voluntarily provide it and we are legally permitted to collect it.

We collect personal information through the following means:

• Contact forms and free quote request forms on our website
• Email, phone, and face-to-face communications
• Google Analytics — anonymised website traffic and behaviour data
• Meta Pixel — Facebook/Instagram advertising and conversion tracking
• Google Ads Conversion Tracking — ad performance measurement
• Cookies and similar tracking technologies (see Section 8)
• Client onboarding documents and service agreements
• Publicly available sources (e.g., business directories, social media profiles)

We collect personal information only by lawful and fair means and not in an unreasonably intrusive way, consistent with APP 3.

We collect, hold, use, and disclose personal information for the following purposes:

• To respond to your enquiries and provide accurate service quotes
• To deliver agreed digital marketing services to clients
• To manage and administer our business relationship with you
• To process invoices and payments
• To send service updates, marketing insights, or promotional content (with your consent — see Section 7)
• To analyse, maintain, and improve our website’s performance and user experience
• To comply with our legal and regulatory obligations
• To detect, investigate, and protect against fraud, security incidents, and unlawful activity

We will not use or disclose your personal information for a purpose other than the primary purpose of collection without your consent, except where permitted or required by law (APP 6).

We may share your personal information with trusted third-party service providers who assist us in operating our business. These include:

• Google LLC — Google Analytics, Google Ads (website analytics and advertising)
• Meta Platforms, Inc. — Facebook/Instagram advertising and audience tracking
• Email marketing and CRM platforms — for client communication and campaign management
• Web hosting and cloud infrastructure providers — for website operation and data storage
• Accounting and payment processing platforms — for invoicing and financial management
• Legal, accounting, and professional advisors — where required for compliance or dispute resolution

We share personal information only to the extent necessary for the stated purpose. We require our service providers to handle personal information in a manner consistent with the Australian Privacy Principles.

We do not sell, rent, or trade your personal information to any third party for their own marketing or commercial purposes.

Some third-party providers we use are located outside Australia. Your personal information may be transferred to, stored in, or processed in overseas countries, including:

• United States of America — Google LLC, Meta Platforms, Inc., and various cloud platforms
• Ireland — Meta Platforms Ireland Limited (European operations)

Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient does not breach the APPs (APP 8.1). Where practicable, we use providers that maintain privacy and security standards comparable to Australian law.

We may use your personal information to send you information about our services, industry insights, tips, and promotional offers where you have consented, or where we reasonably believe you would expect to receive such communications based on a prior business relationship.

You have the right to opt out of direct marketing at any time at no cost, by:

• Clicking the “Unsubscribe” link in any marketing email we send you
• Emailing us at hello@astrads.com.au with the subject line “Unsubscribe”
• Calling us on 0485 560 093

We will process opt-out requests promptly. We will never use sensitive information for direct marketing without your express consent. All email communications comply with the Spam Act 2003 (Cth), including identification of sender and provision of a functional unsubscribe mechanism.

Our website uses cookies and similar technologies to enhance your browsing experience, analyse website performance, and support advertising functions. Types of cookies used include:

• Essential cookies — Required for the website to function correctly (cannot be disabled)
• Analytics cookies — Google Analytics collects anonymised data about how visitors interact with our site (pages visited, time on site, referral source)
• Advertising cookies — Google Ads and Meta Pixel measure ad effectiveness and enable targeted and remarketed advertising

You can control or disable non-essential cookies through your browser settings. Most modern browsers allow you to manage cookie preferences. Note that disabling certain cookies may affect website functionality and your browsing experience.

Australia does not currently mandate a cookie consent banner (unlike GDPR in Europe). However, we disclose our use of tracking technologies here as a matter of best practice and transparency.

We take reasonable steps to protect the personal information we hold from misuse, interference, loss, unauthorised access, modification, or disclosure. Our security measures include:

• Secure HTTPS encrypted data transmission across our website
• Password protection and access controls on all systems holding personal data
• Limiting access to personal information to staff and contractors with a genuine need
• Regular review of our data handling and security practices
• Use of reputable, security-certified third-party platforms and services

While we implement robust security practices, no internet transmission or electronic storage system is completely secure. We cannot guarantee the absolute security of information transmitted to or from our website. If you suspect a security incident involving your data, please contact us immediately.

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our general retention periods are:

• Enquiry and contact form data: up to 3 years from last contact
• Client records and service agreements: up to 7 years (consistent with the Income Tax Assessment Act 1997 (Cth) and Australian accounting obligations)
• Website analytics data: up to 26 months (Google Analytics default retention setting)
• Marketing communications data: until you unsubscribe or withdraw consent

When personal information is no longer required, we take reasonable steps to destroy or permanently de-identify it securely.

You have the right under the Privacy Act to request access to the personal information we hold about you, and to request correction of information that is inaccurate, out of date, incomplete, irrelevant, or misleading.

To make an access or correction request:

• Email us at hello@astrads.com.au with the subject line “Privacy Access Request” or “Privacy Correction Request”
• We will respond within 30 days of receiving your request
• We may require you to verify your identity before granting access
• We will provide access free of charge unless the request is complex or time-consuming

If we are unable to provide access or make a correction, we will provide written reasons and advise you of any recourse available to you, including your right to complain to the OAIC.

If you believe we have handled your personal information in a way that does not comply with the Australian Privacy Principles, or you have a privacy concern, please contact us first so we can attempt to resolve the matter internally:

We will acknowledge your complaint within 5 business days and aim to resolve it within 30 days. If we are unable to resolve your complaint to your satisfaction, you may escalate it to the Office of the Australian Information Commissioner (OAIC):

We may update this Privacy Policy from time to time to reflect changes in our business practices, services, or legal obligations under Australian law. When we make material changes, we will update the “Last Updated” date at the top of this page.

We encourage you to review this Privacy Policy periodically. Continued use of our website or services after any updates constitutes your acceptance of the revised policy.

For any privacy-related enquiries, access requests, complaints, or general questions about this policy: