Privacy Policy
Last updated: 1 April 2026
Summary for Australia: We handle personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. You may access or correct your information and complain to us or the OAIC. Overseas visitors may have additional rights under local law.
This Privacy Policy explains how Chroxxendhit (“we”, “us”) collects, uses, stores, and protects personal information when you use https://chroxxendhit.world (the “Site”). We aim to comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), and to respect the rights of individuals in the European Economic Area (EEA), Switzerland, and the United Kingdom (UK) under applicable data protection laws including the UK GDPR and EU GDPR where they apply.
Data controller and contact
Chroxxendhit933 Fernleigh Rd, Brooklet NSW 2479, Australia
Phone: +61 2 6687 1216
Email: welcome@chroxxendhit.world
For privacy-specific requests, please email us with “Privacy Request” in the subject line.
What data we collect
Depending on how you use the Site, we may process:
- Contact form data: name, email address, message content, and your consent record when you submit the contact or feedback form.
- Technical data: browser type, device type, approximate location derived from IP address, pages viewed, and timestamps. This may be collected through strictly necessary operations or optional analytics tools if you consent.
- Cookie and similar technologies data: as described in our Cookie Policy.
We do not intentionally collect sensitive information through the Site. Please do not send health or other sensitive details via the contact form.
Purposes and legal bases for processing
We process personal data for the following purposes:
- Responding to enquiries (performance of steps prior to a contract or our legitimate interest in communicating with Site visitors; where required, your consent recorded via the form checkbox).
- Operating and securing the Site (legitimate interests and, where applicable, compliance with legal obligations).
- Analytics and marketing cookies only if you provide consent via the cookie banner or settings (consent under GDPR/UK GDPR; fair handling under Australian law).
- Legal compliance such as responding to lawful requests from authorities (legal obligation).
Disclosure and international transfers
We use reputable hosting and email providers that may process data in Australia and other countries. Where data is transferred outside your country, we rely on appropriate safeguards where required by law, such as standard contractual clauses or adequacy decisions, and we assess risks in line with applicable requirements.
We do not sell your personal information. We may share data with service providers bound by confidentiality and data-processing terms, or when required by law.
Retention periods
- Contact form submissions: retained for up to twenty-four (24) months after the last message in a thread unless a longer period is needed for legal claims or compliance, in which case we retain only what is necessary.
- Server and security logs: typically retained for up to ninety (90) days unless longer retention is required for security investigations.
- Cookie consent records: stored locally in your browser and, where we log aggregated consent statistics without identifying you, retained for up to twelve (12) months.
- Marketing or analytics records (if used with consent): retained according to the tool’s configuration, generally not more than twenty-six (26) months for analytics aggregates.
When retention periods end, we delete or anonymise data where feasible.
Security measures
We apply administrative, technical, and organisational measures appropriate to the risk, including HTTPS encryption in transit, access controls for systems that store messages, regular software updates, and limited staff access on a need-to-know basis. No online transmission is completely secure; please use the Site thoughtfully.
Notifiable Data Breaches scheme (Australia)
Where the Privacy Act 1988 (Cth) applies, we assess suspected data breaches in line with the Notifiable Data Breaches (NDB) scheme. If an eligible data breach is likely to cause serious harm and we cannot remediate the risk, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required, and describe steps you can take to protect yourself.
Australian Privacy Principles (overview)
We aim to handle personal information consistently with the thirteen Australian Privacy Principles (APPs), including: openness about our practices (APP 1); anonymity where lawful and practicable (APP 2); collection only by fair means and for permitted purposes (APP 3–5); use and disclosure limited to the primary purpose or permitted secondary purposes (APP 6); direct marketing rules where applicable (APP 7); cross-border disclosure safeguards (APP 8); adoption, use, or disclosure of government identifiers only as allowed (APP 9); quality of information (APP 10); security (APP 11); access (APP 12); and correction (APP 13).
Overseas disclosure
Where we disclose personal information to overseas recipients (for example cloud or email infrastructure), we take reasonable steps under APP 8 to ensure overseas recipients do not breach the APPs, including through contractual terms and vendor assessment, except where an exception under the Privacy Act applies.
Direct marketing and the Spam Act 2003 (Cth)
We do not send commercial electronic messages without consent that satisfies the Spam Act 2003 (Cth), including a clear unsubscribe facility where that law applies. If you receive an email from us, it will relate to your enquiry or lawful operational notices unless you have separately opted in to marketing and we have recorded that consent.
Tax file numbers and credit information
We do not request tax file numbers through the Site. We do not provide credit and are not a credit reporting body; we do not collect credit reporting information through general browsing or the contact form.
Your rights
Australia: You may request access to or correction of personal information we hold about you under APP 12 and APP 13. You may complain to us first using the process on our Complaints handling page; if unresolved, you may contact the OAIC at oaic.gov.au or on 1300 363 992.
EEA, UK, and Switzerland (where applicable): You may have the right to access, rectify, erase, restrict processing, object to processing based on legitimate interests, data portability (where processing is based on consent or contract and automated), and to withdraw consent at any time without affecting prior lawful processing. You may lodge a complaint with your local supervisory authority.
To exercise rights, contact us using the details above. We may need to verify your identity before responding. We will answer within the timeframes required by applicable law, typically within thirty (30) days for Australian requests and without undue delay for GDPR-related requests (up to one month, extendable where complex).
Children
The Site is not directed at children under sixteen (16). We do not knowingly collect their data. If you believe we have collected such data, please contact us for deletion.
Automated decision-making
We do not use your data for solely automated decisions that produce legal or similarly significant effects.
Changes
We may update this Policy to reflect legal or operational changes. The “Last updated” date will change accordingly. Material changes may be highlighted on the Site where appropriate.
Related documents
See also our Cookie Policy, Terms of Use, Legal Information, Complaints handling, and Editorial and advertising policy.