Fun Music Company Privacy Policy

This document was last updated on 1st October, 2025

We care about your privacy.

We will never share your contact details with anyone else, send you advertising from third parties without your consent, or treat you any differently from how we would treat our best friend.

We’ll unsubscribe you from our mailing lists immediately if we are asked, and we won’t send you anything you haven’t requested. We want to make that as clear and as simple as possible. We are not here to do anything other than provide you with simple, easy to use materials for music lessons, and help you make music lessons more fun and enjoyable for your students.

We are not in the business of selling, renting, or trading email lists with other companies for marketing purposes – we just don’t do that. But just in case you don’t believe us, we’ve provided lots of detailed information below on when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it and how we keep it secure.

1. Introduction and Acknowledgement

Fun Music Company Pty Ltd is committed to protecting your privacy and handling your personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth) and, where applicable, the European Union’s General Data Protection Regulation (GDPR).

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information. By accessing or using the Fun Music Company website and services, you acknowledge that you have read and understood this Privacy Policy and consent to the information collection and use practices described herein.

If you have any questions about this policy or how we handle your personal information, please contact our Data Protection Officer using the contact details at the end of this document.

2. Who We Are

Business Name: Fun Music Company Pty Ltd
Australian Business Number: 51 121 090 917
A.C.N: 121 090 917
Location: Adelaide, South Australia, Australia

Data Protection Officer: Kevin Tuck
Email:  Contact via our helpdesk. (privacy matters are prioritized)

3. What Personal Information We Collect

We collect personal information that you provide to us directly and information that is collected automatically when you use our website and services.

Information You Provide Directly:

  • Name and contact information (email address, phone number if provided)
  • Account credentials (username, password)
  • Payment and billing information (processed securely through our payment processors)
  • Communication content (when you contact us for support or assistance)
  • Preferences and interests (related to music teaching resources)
  • Demographic information (if voluntarily provided, such as location, teaching level)

Information Collected Automatically:

  • Technical information (IP address, browser type, device type, operating system)
  • Usage data (pages viewed, links clicked, time spent on site, date and time of visits)
  • Location data (country/state derived from IP address)
  • Cookie data (see Section 7 for details)

Information We Do NOT Collect:

We do not intentionally collect sensitive personal information such as health information, racial or ethnic origin, political opinions, religious beliefs, or biometric data.

4. How We Collect Personal Information

We collect personal information through:

a) Direct Interactions: When you:

  • Register for an account or membership
  • Sign up for our mailing list or free resources
  • Make a purchase of digital products or memberships
  • Contact us through our helpdesk, email, or contact forms
  • Participate in surveys or provide feedback
  • Download free materials or join training programs

b) Automated Technologies: Through:

  • Web server logs that record standard information about your visit
  • Google Analytics 4 (GA4) to understand how visitors use our website
  • Cookies and similar technologies (see Section 7)

c) Third Parties: We may receive information from:

  • Payment processors (transaction confirmations)
  • Email service providers (engagement data)
  • Analytics services (aggregated usage data)

5. Legal Basis for Processing Your Information

We process your personal information based on the following legal grounds:

a) Contract Performance: To provide services you’ve purchased or requested (memberships, digital products, customer support)

b) Consent: When you’ve given explicit consent (e.g., subscribing to our mailing list, accepting cookies)

c) Legitimate Interests: For business purposes such as:

  • Improving our website and services
  • Preventing fraud and ensuring security
  • Analyzing usage patterns to enhance user experience
  • Marketing our own products to existing customers (where permitted)

d) Legal Obligations: To comply with applicable laws, regulations, and legal processes

You have the right to withdraw consent at any time where we rely on consent as the legal basis for processing.

6. How We Use Your Personal Information

We use your personal information for the following purposes:

Primary Purposes:

  • Service Delivery: To provide access to digital products, memberships, and services you’ve purchased
  • Account Management: To create and manage your account, process payments, and handle subscriptions
  • Customer Support: To respond to your inquiries, provide technical assistance, and resolve issues
  • Communication: To send transactional emails (receipts, access credentials, account notifications)

Secondary Purposes:

  • Marketing Communications: To send newsletters, product updates, and promotional offers (you can opt-out at any time)
  • Website Improvement: To analyze usage patterns and improve our website functionality and user experience
  • Security: To protect against fraud, unauthorized access, and ensure the security of our systems
  • Legal Compliance: To comply with legal obligations and respond to lawful requests from authorities

Automated Decision-Making:

We currently do not use automated decision-making systems (including artificial intelligence or algorithms) that make decisions without human intervention that would significantly affect you. If we implement such systems in the future, we will update this policy and provide appropriate information about their use.

7. Cookies and Tracking Technologies

What Are Cookies?

Cookies are small text files placed on your device by websites you visit. They help websites remember your preferences and improve your experience.

Cookies We Use:

a) Essential Cookies:

  • Required for website functionality and security
  • Enable account login and access to membership areas
  • Cannot be disabled without affecting website functionality

b) Analytics Cookies (Google Analytics 4):

  • Help us understand how visitors use our website
  • Collect information about pages visited, time spent, and navigation paths
  • Data is processed in a way that does not directly identify individuals
  • We do not allow Google to use this data for their own purposes

c) Preference Cookies:

  • Remember your settings and preferences
  • Improve your experience on return visits

d) Marketing Cookies:

  • May be used to deliver relevant content and measure effectiveness
  • You can opt-out of these cookies

Managing Cookies:

You can control and manage cookies through your browser settings. Most browsers allow you to:

  • View what cookies are stored
  • Delete cookies
  • Block all or specific cookies
  • Receive notifications before cookies are stored

Please note that disabling certain cookies may limit website functionality.

For EU Visitors: We obtain your consent before placing non-essential cookies on your device, in accordance with GDPR and ePrivacy Directive requirements.

8. Third-Party Services and Data Sharing

We use trusted third-party service providers to help operate our business. We share your personal information only as necessary with:

Service Providers:

  • Keap (formerly Infusionsoft): Email marketing, newsletter delivery, and customer data management. Data stored on secure servers with industry-standard encryption
  • eWAY: Payment processing for credit card transactions. We do not store complete credit card information on our servers
  • PayPal: Payment processing for PayPal transactions
  • Google Analytics 4: Website analytics to understand visitor behavior (anonymized data)
  • Website hosting providers: To store website data and deliver our services

Data Sharing Limits:

We will NOT disclose your personally identifiable information to third parties except:

  • To fulfill service requests you’ve made
  • With your explicit consent
  • To our service providers bound by confidentiality obligations
  • To protect ourselves from liability or prevent fraud
  • To respond to legal processes, court orders, or comply with law
  • In connection with a merger, acquisition, or sale of company assets (with notice to affected users)

International Data Transfers:

Some of our service providers (including Keap and Google Analytics) may store or process data on servers located outside Australia, including in the United States. When we transfer your personal information internationally, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by relevant authorities
  • Service providers with adequate privacy protections
  • Your explicit consent where required

For EU residents: We ensure that international transfers comply with GDPR requirements, including adequacy decisions or appropriate safeguards.

9. Data Security

We take the security of your personal information seriously and implement both technical and organizational measures to protect it:

Technical Measures:

  • Industry-standard encryption (SSL/TLS) for data transmission
  • Secure servers with access controls and firewalls
  • Regular security updates and patches
  • Secure payment processing through PCI-DSS compliant processors
  • Password protection and authentication systems

Organizational Measures:

  • Staff training on privacy and data protection
  • Access to personal information limited to authorized personnel who need it
  • Privacy policies and procedures documented and enforced
  • Regular review of security practices and vendors
  • Incident response procedures for data breaches

Data Breach Notification:

In the event of a data breach that is likely to result in serious harm to individuals, we will:

  • Notify affected individuals as soon as practicable
  • Notify the Office of the Australian Information Commissioner (OAIC) as required
  • For EU residents: Notify relevant supervisory authorities within 72 hours where required by GDPR
  • Take immediate steps to contain and remediate the breach

While we implement strong security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but will promptly address any security incidents.

10. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations.

Retention Periods:

  • Active account data: Retained while your account remains active
  • Transaction records: Retained for 7 years to comply with Australian taxation and business laws
  • Marketing communications: Retained until you unsubscribe or request deletion
  • Support communications: Retained for 2 years after resolution for quality assurance
  • Website analytics: Aggregated data retained indefinitely; individual visit data retained for 26 months (GA4 default)

After retention periods expire, we will securely delete or anonymize your personal information unless we are required by law to retain it longer.

11. Your Privacy Rights

Rights Under Australian Privacy Law:

You have the right to:

  • Access your personal information we hold
  • Correct inaccurate or incomplete information
  • Request deletion of your personal information (subject to legal obligations)
  • Opt-out of marketing communications
  • Withdraw consent where processing is based on consent
  • Complain to the OAIC if you believe we’ve breached your privacy

Additional Rights for EU Residents (GDPR):

In addition to the above, you have the right to:

  • Data portability: Receive your personal information in a structured, commonly used format
  • Restrict processing: Request we limit how we use your data in certain circumstances
  • Object to processing: Object to processing based on legitimate interests or for direct marketing
  • Lodge a complaint: With your local supervisory authority in the EU

Exercising Your Rights:

To exercise any of these rights, please contact our Data Protection Officer at the Fun Music Company helpdesk. We will respond to your request within:

  • 30 days for Australian Privacy Act requests
  • 1 month for GDPR requests (with possible extension to 3 months for complex requests)

We may need to verify your identity before processing certain requests to protect your privacy and security.

12. Marketing Communications and Opt-Out

Email Marketing:

When you sign up for our mailing list or make a purchase, you may receive marketing communications including:

  • Newsletters with teaching tips and resources
  • Product updates and new releases
  • Special offers and promotions
  • Free training programs and materials

How to Unsubscribe:

Every marketing email contains clear unsubscribe instructions. You can opt-out by:

  • Clicking the “unsubscribe” link at the bottom of any marketing email
  • Submitting a request to the Fun Music Company helpdesk
  • Updating your preferences in your account settings

We honor all unsubscribe requests immediately. After unsubscribing, you’ll no longer receive marketing emails, though you may still receive essential transactional emails related to your purchases or account.

Re-subscribing:

If you change your mind, you can re-subscribe at any time through our website or by contacting us.

13. Children’s Privacy

Our services are designed for music educators and are not intended for children under the age of 13 (or 16 in the EU). We do not knowingly collect personal information from children without parental consent.

If you believe we have inadvertently collected information from a child, please contact us immediately at the Fun Music Company helpdesk, and we will take prompt steps to delete that information.

Note: We are monitoring developments in Australian children’s online privacy regulations and will update our practices as required when the Children’s Online Privacy Code is implemented (expected by December 2026).

14. Links to Other Websites

Our website may contain links to third-party websites for your convenience. These links do not constitute endorsement of those websites or their organizations, products, or services.

We are not responsible for the privacy practices or content of third-party websites. We encourage you to review the privacy policies of any third-party websites you visit after leaving our site.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in:

  • Our information practices
  • Legal or regulatory requirements
  • New features or services we offer
  • Feedback from users or regulators

When we make changes:

  • We will update the “Last Updated” date at the top of this policy
  • For material changes, we will notify you via email (if you’ve provided your email address) or through a prominent notice on our website
  • We will publish the updated policy on this page
  • Your continued use of our services after changes constitute acceptance of the updated policy

We encourage you to periodically review this Privacy Policy to stay informed about how we protect your information.

16. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our privacy practices, please contact us:

Data Protection Officer: Kevin Tuck
Email: via Helpdesk

General Contact:
Fun Music Company Helpdesk

Postal Address:
3/55 Gawler Place
Adelaide SA 5000
AUSTRALIA

For Australian Privacy Complaints:

If you are not satisfied with our response to your privacy complaint, you may contact:

Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au
Phone: 1300 363 992

For EU Privacy Complaints:

EU residents may lodge complaints with their local supervisory authority. A list of EU data protection authorities is available at: https://edpb.europa.eu/about-edpb/board/members_en

Summary of Key Points

We collect: Contact information, payment details, and usage data to provide our services
We use it for: Service delivery, customer support, website improvement, and marketing (opt-out available)
We protect it with: Industry-standard encryption, secure servers, and staff training
We share it with: Only essential service providers bound by confidentiality
You can: Access, correct, delete your data, and opt-out of marketing anytime
Contact us: [email protected] for any privacy questions or concerns

Your privacy matters to us.

We’re committed to transparency, security, and giving you control over your personal information.