1. About this policy
At esthergretton.com we respect your privacy and are committed to handling personal information responsibly.
This Privacy Policy explains how we collect, hold, use and disclose personal information when you:
* visit our website;
* communicate with us;
* subscribe to our emails;
* register for an event or masterclass;
* purchase or participate in the Get Clear & Grow program or another service;
* participate in coaching calls, communities, surveys or feedback activities; or
* otherwise interact with our business.
We seek to handle personal information consistently with the Privacy Act 1988 (Cth) and the Australian Privacy Principles where they apply to us. We may also choose to follow these principles as a matter of good practice where they do not legally apply.
2. What is personal information?
Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable.
Depending on how you interact with us, we may collect:
* your name;
* email address;
* telephone number;
* business name, role and website details;
* billing and transaction information;
* information provided in registration, application or enquiry forms;
* your business goals, challenges, progress and other information shared during coaching;
* questions, assignments, workbook responses and feedback submissions;
* correspondence between you and us;
* testimonials, reviews, photographs, audio or video recordings where you have agreed to provide them;
* technical information such as your IP address, browser type, device type and website activity; and
* marketing preferences and records of your communications with us.
We generally do not require sensitive information. Please avoid providing health information or other sensitive information unless it is reasonably necessary for us to provide the service and you consent to us collecting it.
3. How we collect personal information
We may collect personal information:
* directly from you through our website, forms, emails, calls, surveys and program platforms;
* when you purchase, register for or participate in our services;
* when you attend a webinar, masterclass, group call or other event;
* when you interact with our social media accounts;
* through cookies, pixels, analytics tools and similar technologies;
* from payment, email, scheduling, webinar, hosting, course-platform and customer-management providers; and
* from another person where you have authorised them to provide the information or where it is otherwise lawful to do so.
Where practicable, we will collect personal information directly from you.
4. Why we collect and use personal information
We may collect, hold and use personal information to:
* respond to enquiries;
* assess registrations or applications;
* process purchases and administer payment plans;
* provide programs, coaching, resources and support;
* manage your access to online platforms and communities;
* personalise and improve our services;
* communicate program information, reminders and announcements;
* provide customer service and resolve complaints;
* send marketing communications where permitted;
* measure website, campaign and program performance;
* conduct research, analysis and business planning;
* prevent fraud, misuse and security incidents;
* maintain business, accounting and legal records;
* enforce our agreements and protect our legal rights; and
* comply with legal and regulatory obligations.
Where required, we will obtain your consent before using personal information for a purpose that is materially different from the purpose for which it was collected.
5. Payments
Payments may be processed by third-party payment providers, including Stripe.
We do not ordinarily receive or store your complete payment-card details. Payment providers process those details under their own privacy policies and security arrangements.
We may retain limited transaction information, such as the amount paid, payment status, invoice details and the last digits or expiry details made available by the payment provider.
6. Marketing communications
We may use your contact details to send information about our programs, services, masterclasses, resources and business updates where:
* you have consented;
* you would reasonably expect us to do so; or
* it is otherwise permitted by law.
You may unsubscribe at any time using the unsubscribe link in an email or by contacting us.
Unsubscribing from marketing will not prevent us from sending essential transactional or service communications relating to a purchase, registration or active program.
7. Cookies, analytics and tracking
Our website and marketing systems may use cookies, pixels and similar technologies to:
* operate the website;
* remember preferences;
* understand how visitors use the website;
* measure advertising and campaign performance;
* improve content and services; and
* present relevant advertising.
Information collected may include your IP address, device identifiers, browser information, pages viewed, links selected and the date and time of your visit.
You can restrict cookies through your browser settings. Some website functions may not work correctly if cookies are disabled.
8. Disclosure of personal information
We may disclose personal information where reasonably necessary to:
* payment processors;
* website, hosting and domain providers;
* email-marketing and customer-relationship platforms;
* course, membership and community-platform providers;
* videoconferencing, webinar and scheduling providers;
* cloud-storage and document-management providers;
* information technology, cybersecurity and technical-support providers;
* accountants, bookkeepers, insurers and professional advisers;
* contractors assisting with administration, marketing or service delivery;
* debt-recovery providers where a valid debt remains unpaid;
* regulators, courts, government agencies or law-enforcement bodies where required or authorised by law; and
* a purchaser or adviser in connection with a proposed sale, transfer or restructure of the business.
We do not sell personal information.
We require service providers to handle information only for authorised purposes and to apply appropriate confidentiality and security protections where reasonably practicable.
9. Overseas disclosure and storage
Some service providers may store or process information outside Australia.
The countries involved may vary depending on the provider’s infrastructure and subcontractors and may include the United States, New Zealand, the United Kingdom, countries within the European Union and other locations identified in the provider’s privacy documentation.
Where the Australian Privacy Principles apply, we will take reasonable steps required by law before disclosing personal information to an overseas recipient.
Because cloud-provider locations can change, you may contact us for current information about the service providers we use and their published data-hosting arrangements.
10. Coaching calls, communities and recordings
Group coaching calls, online communities and interactive events may involve participants sharing information with each other.
You should not disclose information in a group setting that you do not wish other participants to hear or see. We ask all participants to respect confidentiality, but we cannot guarantee that another participant will comply.
We will tell you before recording a call or event where you may be identifiable. Where appropriate, you may participate with your camera or microphone disabled or contact us about another reasonable arrangement.
Recordings may be made available to current participants for program-delivery purposes. We will obtain separate permission before using an identifiable recording, image, testimonial or case study for public marketing, unless its intended public use was made clear when it was collected.
11. Security
We take reasonable steps to protect personal information from misuse, interference, loss and unauthorised access, modification or disclosure.
These measures may include:
* access controls and password protections;
* multifactor authentication where available;
* secure cloud and payment providers;
* limiting access to people who require it;
* maintaining software and security protections;
* secure disposal or de-identification practices; and
* reviewing suspected security incidents.
No internet transmission or storage system is completely secure. You should use strong, unique passwords and protect your own devices and program login details.
12. Data breaches
Where we become aware of a suspected data breach, we will assess and respond to it promptly.
Where the Notifiable Data Breaches scheme applies and a breach is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner as required by law.
13. Retention and deletion
We retain personal information only for as long as reasonably necessary for:
* providing services;
* maintaining business and transaction records;
* resolving disputes;
* enforcing agreements;
* meeting insurance, taxation, accounting and legal requirements; and
* legitimate business administration.
Retention periods vary according to the type of information and applicable requirements.
When information is no longer reasonably required, we will take reasonable steps to destroy it securely or de-identify it, unless we are legally permitted or required to retain it.
A request for deletion may not be fulfilled where retention is required for legal, taxation, fraud-prevention, dispute or recordkeeping purposes.
14. Access and correction
You may request access to personal information we hold about you or ask us to correct information that is inaccurate, out of date, incomplete, irrelevant or misleading.
Please contact us using the details below. We may need to verify your identity before processing a request.
We will respond within a reasonable period. In some circumstances permitted by law, we may refuse access or correction. Where required, we will explain the reason for the refusal and available complaint options.
15. Anonymity and pseudonyms
You may interact with us anonymously or using a pseudonym where lawful and practicable.
We will generally require accurate identifying and contact information where necessary to process a payment, enter into a contract, provide personalised coaching, maintain records or comply with the law.
16. Third-party websites and services
Our website, emails and program materials may contain links to third-party websites or services.
We are not responsible for the privacy, security or content practices of third parties. You should review their privacy policies before providing personal information.
17 Privacy complaints
If you believe we have mishandled your personal information, please email esther@esthergretton.com with details of your concern. We will investigate your complaint and aim to respond within 30 days.
If the Privacy Act 1988 applies to us and you are not satisfied with our response, you may be entitled to lodge a complaint with the Office of the Australian Information Commissioner.
18. Changes to this policy
We may update this Privacy Policy to reflect changes to our practices, technology or legal obligations.
The current version will be published on our website with its effective date. Where a change materially affects how we handle information already collected, we will take reasonable steps to notify affected individuals and obtain consent where required.
19. Contact
Questions, access requests, correction requests and privacy complaints may be directed to:
Esther Gretton
Email: esther@esthergretton.com
Website: www.esthergretton.com
Privacy Policy
ESTHER GRETTON - COPYRIGHT 2026 ©