Privacy Policy – hudela

Privacy Policy

Effective Date: 1 July 2025 | Last Updated: 1 July 2025

This Privacy Policy describes how hudela (legal name: Lux, referred to in this document as “we”, “us”, or “our”) collects, uses, discloses, stores, and protects your personal information when you visit or interact with our website located at hudela.info (the “Website”).

We are committed to protecting your privacy and handling your personal information in an open and transparent manner in accordance with the Privacy Act 1988 (Cth) (the “Privacy Act”) and the Australian Privacy Principles (APPs) contained in Schedule 1 of that Act. We also take into account applicable guidance issued by the Office of the Australian Information Commissioner (OAIC).

Please read this policy carefully. By using this Website or submitting any information through it, you acknowledge that you have read, understood, and agree to the collection and use of your information in accordance with this policy. If you do not agree, please discontinue use of the Website.

1. About Us

The entity responsible for your personal information is:

Trading Name: hudela
Legal Name: Lux
Website: hudela.info
Address: Lux
Phone: 3242454535
Privacy Enquiries Email: [email protected]

We are established and operate in Australia. If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us using the details above.

2. What Personal Information We Collect

We collect personal information that you voluntarily provide to us, as well as certain technical information collected automatically when you visit our Website. “Personal information” has the meaning given to it under the Privacy Act 1988 (Cth) and refers to information or an opinion about an identified individual, or an individual who is reasonably identifiable.

2.1 Information You Provide Directly

When you submit a contact form on our Website, we collect the following information:

Full Name – so we can address you properly in our response.
Email Address – to respond to your enquiry.
Phone Number – optionally provided so we may contact you by telephone.
Message Content – the details of your enquiry, question, or request.

You are not required to provide all of the above fields; however, failure to provide certain information (such as a name or email address) may prevent us from responding to your enquiry.

2.2 Information Collected Automatically

When you visit our Website, certain technical data is automatically collected by our web server and any analytics or functional tools we use. This may include:

IP Address – your internet protocol address, which may be used to infer a general geographic region.
Browser Type and Version – e.g., Chrome 124, Safari 17.
Operating System – e.g., Windows, macOS, iOS, Android.
Referring URL – the page or website you were on before visiting our site.
Pages Visited and Time Spent – which pages you viewed and how long you stayed on each page.
Date and Time of Visit – timestamp of your interactions with the Website.
Device Identifiers – certain identifiers associated with your device.

Some of this data, particularly when combined with other information, may constitute personal information under the Privacy Act.

2.3 Sensitive Information

We do not intentionally collect sensitive information (as defined under the Privacy Act, including health information, racial or ethnic origin, religious beliefs, criminal records, etc.) through this Website. Please do not include sensitive information in any contact form submissions. If you inadvertently provide sensitive information, we will handle it in accordance with APP 3 and take steps to de-identify or destroy it as appropriate.

3. How We Collect Personal Information

In line with Australian Privacy Principle 3, we collect personal information only by lawful and fair means, and not in an unreasonably intrusive way. We collect personal information through the following channels:

Contact Forms: When you voluntarily complete and submit any contact or enquiry form on the Website.
Automatic Collection: Via cookies, web server logs, and similar technologies when you browse the Website (see Section 5 below).
Third-Party Tools: Through analytics or performance tools that may be integrated into the Website (see Section 6 below).
Email and Phone: If you contact us directly via the email address or phone number listed on the Website.

Where it is reasonable and practicable to do so, we will collect personal information directly from you.

4. How We Use Your Personal Information

We use the personal information we collect for the purposes for which it was collected and for related purposes that would reasonably be expected. Specifically, we may use your personal information to:

Respond to your enquiries, questions, and requests submitted through contact forms.
Provide you with information about our products, services, or promotions that you have requested.
Improve and maintain the functionality and performance of our Website.
Analyse aggregated, de-identified data to understand how visitors use the Website and to improve user experience.
Protect the security and integrity of the Website and our business systems.
Comply with our legal obligations under Australian law.
Enforce our legal rights and resolve disputes.

We will not use your personal information for any purpose that is incompatible with the primary purpose of collection without your consent, or unless an exception under the Privacy Act applies.

We do not use your personal information for:

Selling, renting, or leasing your personal information to third parties for marketing purposes.
Automated profiling or decision-making that produces significant legal effects about you.
Direct marketing without your express or implied consent (and we always provide you with an easy way to opt out).

5. Cookies and Tracking Technologies

Our Website uses cookies and similar tracking technologies to enhance your browsing experience and to help us understand how the Website is being used. A cookie is a small text file that is stored on your device when you visit a website.

5.1 Types of Cookies We Use

Strictly Necessary / Functional Cookies: These cookies are essential for the Website to operate correctly. They enable core features such as page navigation, form functionality, and security. You cannot opt out of these cookies without disabling the Website’s core functions.
Analytics Cookies (Optional): If we have enabled analytics services on the Website, these cookies collect information about how visitors use the site, such as which pages are most visited and whether visitors receive error messages. This data is aggregated and de-identified where possible. You may opt out of analytics cookies via your browser settings or a cookie consent tool.
Performance Cookies: These cookies help us understand how the Website performs across different devices and connection types. They do not collect information that personally identifies you.

5.2 Managing Cookies

You can control and manage cookies through your web browser settings. Most browsers allow you to:

View the cookies stored on your device.
Delete some or all cookies.
Block cookies from being set by all or specific websites.

Please note that disabling certain cookies may affect the functionality of our Website. For information on managing cookies in your browser, refer to your browser’s help documentation (e.g., Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Edge).

5.3 Do Not Track

Some browsers offer a “Do Not Track” (DNT) feature. Our Website may not currently respond to DNT signals. We will update this policy if that changes.

6. Third-Party Services and Disclosure

We may use certain third-party services that operate in connection with our Website. These services may collect, receive, or process personal information as part of their normal operation. We take reasonable steps to ensure these providers handle personal information appropriately.

6.1 Google Fonts

Our Website may load fonts from Google Fonts, a service provided by Google LLC (USA). When your browser requests a font file, your IP address is transmitted to Google’s servers. Google states it does not use this data to build user profiles or for advertising purposes. For more information, please refer to Google’s Privacy Policy. If we embed Google Fonts locally to avoid third-party requests, no data is sent to Google.

6.2 Tailwind CSS CDN

Our Website may load stylesheets via the Tailwind CSS CDN. Requests to a CDN provider may result in your IP address being transmitted to that provider’s servers (typically located in the United States or elsewhere). CDN requests are generally transient and the provider does not typically use this data for user profiling. Please consult the relevant CDN provider’s privacy policy for further detail.

6.3 Web Hosting and Email Services

We use third-party hosting providers to operate this Website and to receive and store contact form submissions. These providers act as our data processors and are contractually required to handle your data securely and only on our instructions.

6.4 Other Disclosures

We may also disclose your personal information to third parties in the following circumstances:

Legal Compliance: Where required or authorised by Australian law, a court order, or a lawful request by a government authority.
Enforcement: To protect our legal rights, prevent fraud, or enforce our terms of service.
Business Transfer: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction, subject to equivalent privacy protections.
With Your Consent: For any other purpose with your express or implied consent.

7. International Data Transfers

Your personal information may be transferred to, stored, or processed in countries outside of Australia, including but not limited to the United States, where third-party service providers (such as hosting providers, font delivery networks, or analytics services) operate servers.

Where we disclose personal information to an overseas recipient, we take reasonable steps, consistent with Australian Privacy Principle 8, to ensure that the overseas recipient does not breach the APPs in relation to the information. This may include:

Assessing the adequacy of the recipient country’s privacy framework.
Entering into contractual arrangements with overseas recipients that require them to comply with the APPs.
Relying on applicable exceptions under APP 8.2 where applicable (e.g., where you have consented to the transfer after being informed of the risks).

By using our Website, you acknowledge that your information may be transferred internationally as described above. If you have concerns about international transfers, please contact us using the details in Section 13.

8. Data Security

We take the security of your personal information seriously. In accordance with Australian Privacy Principle 11, we take reasonable steps to protect the personal information we hold from misuse, interference, loss, and from unauthorised access, modification, or disclosure.

Our security measures include:

SSL/TLS Encryption: Our Website uses Secure Sockets Layer (SSL) / Transport Layer Security (TLS) encryption to protect data transmitted between your browser and our servers.
Access Controls: Personal information is accessible only to authorised personnel who require access to perform their duties.
Secure Email Handling: Contact form submissions are transmitted over encrypted channels and stored securely.
Regular Security Reviews: We periodically review our security practices and update them in response to new threats.
Data Minimisation: We only collect the information reasonably necessary for our stated purposes.

Despite our best efforts, no method of transmission over the internet or method of electronic storage is 100% secure. If you believe your information has been compromised, please contact us immediately at [email protected].

In the event of an eligible data breach (as defined under the Notifiable Data Breaches (NDB) scheme in Part IIIC of the Privacy Act), we will notify the OAIC and affected individuals in accordance with our obligations.

9. Data Retention

We retain personal information only for as long as is necessary to fulfil the purposes for which it was collected, or as required by law. In accordance with Australian Privacy Principle 11.2, once personal information is no longer needed for any purpose for which it may lawfully be used or disclosed, we will take reasonable steps to destroy or de-identify it.

Our general retention periods are as follows:

Contact Form Submissions: Retained for up to 3 years from the date of submission, or until you request deletion and there is no legal basis for further retention.
Web Server Logs: Typically retained for up to 90 days, unless required for security investigations or legal purposes.
Analytics Data: Where analytics are enabled, data is retained as per the analytics provider’s retention settings (typically up to 26 months in aggregate or anonymised form).
Email Correspondence: Retained for as long as reasonably necessary for business purposes or legal compliance, typically up to 7 years.

Where personal information is no longer required, it will be securely deleted, shredded, or de-identified using appropriate methods.

10. Your Rights and Choices

Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have certain rights with respect to your personal information. We respect and support the exercise of these rights.

10.1 Right of Access (APP 12)

You have the right to request access to the personal information we hold about you. We will respond to access requests within a reasonable timeframe (generally within 30 days) and will provide the information in a format that is accessible and useful to you. In limited circumstances, we may be required to deny access to certain information (e.g., where providing access would pose a serious threat to the safety of another person, or where it would be unlawful to do so). Where access is denied, we will give you written reasons.

10.2 Right to Correction (APP 13)

If you believe that personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant, or misleading, you may request that we correct it. We will take reasonable steps to correct the information within 30 days, or such further time as is agreed between us.

10.3 Right to Deletion / Destruction

You may request that we delete or de-identify personal information we hold about you where it is no longer required for any lawful purpose. We will comply with such requests unless we are required to retain the information by law or for a legitimate business purpose.

10.4 Right to Data Portability

Under the proposed Consumer Data Right (CDR) framework and evolving Australian privacy reform proposals, data portability rights may apply in certain sectors. Where applicable and technically feasible, we will provide personal information you have submitted to us in a structured, commonly used format upon request.

10.5 Right to Complain

If you believe we have breached your privacy rights, you may:

Contact us directly at [email protected] to raise your concern. We will investigate and respond within 30 days.
If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or by calling 1300 363 992.

10.6 Opting Out of Communications

If you have received any marketing or promotional communications from us and wish to opt out, you may do so at any time by:

Clicking the “unsubscribe” link in any marketing email we send you.
Contacting us directly at [email protected] and requesting to be removed from our mailing list.

We will process opt-out requests promptly and in accordance with the Spam Act 2003 (Cth).

11. Children’s Privacy

Our Website is not directed to, and we do not knowingly collect personal information from, children under the age of 15 years. We follow the guidance of the OAIC in relation to handling children’s information with heightened care.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected]. We will take prompt steps to delete that information from our systems.

If we become aware that we have inadvertently collected personal information from a child under 15 without verifiable parental consent, we will delete that information as quickly as practicable.

12. Links to Third-Party Websites

Our Website may contain links to external websites operated by third parties. This Privacy Policy does not apply to those third-party websites. We encourage you to review the privacy policies of any third-party sites you visit, as we have no control over their content or privacy practices and cannot accept responsibility for them.

The inclusion of a link to a third-party website does not imply our endorsement of that site or its privacy practices.

13. How to Contact Us About Privacy

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal information, please contact our Privacy Officer using the following details:

Company: hudela (Lux)
Address: Lux
Phone: 3242454535
Email: [email protected]
Website: hudela.info

We will acknowledge your request within 5 business days and aim to fully respond within 30 days. If more time is required, we will notify you of the expected timeframe and the reasons for the delay.

14. Changes to This Privacy Policy

We may update or amend this Privacy Policy from time to time to reflect changes in our business practices, technology, legal requirements, or for other legitimate business reasons. We will notify you of material changes by:

Posting the updated Privacy Policy on our Website with a revised “Last Updated” date at the top of the page.
Where required by law, providing more prominent notice (such as a notification banner on our homepage).

Your continued use of the Website after any changes to this Privacy Policy constitutes your acceptance of the updated policy. We encourage you to review this page periodically to stay informed about how we protect your information.

If any change materially reduces your rights or increases our ability to use your personal information in a new way, we will seek your consent as required under the Privacy Act.

15. Australian Privacy Principles Compliance Statement

We are committed to full compliance with the 13 Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). A summary of our approach to each principle is as follows:

APP 1 (Open and transparent management): We maintain this Privacy Policy and make it freely available on our Website.
APP 2 (Anonymity and pseudonymity): Where practicable, you may interact with our Website anonymously. However, submitting a contact form requires identifying information to enable us to respond.
APP 3 (Collection of solicited personal information): We only collect personal information that is reasonably necessary for our functions and activities.
APP 4 (Dealing with unsolicited personal information): If we receive personal information we did not solicit, we will determine whether we could have collected it under APP 3, and if not, destroy or de-identify it.
APP 5 (Notification of collection): This Privacy Policy serves as our collection notice, and we notify individuals at or before the time of collection.
APP 6 (Use or disclosure for primary purpose): We use personal information for the purpose for which it was collected, or a directly related secondary purpose, or as required by law.
APP 7 (Direct marketing): We will not use or disclose personal information for direct marketing without your consent, and we provide an easy opt-out mechanism.
APP 8 (Cross-border disclosure): We take reasonable steps to protect your information when disclosed overseas (see Section 7).
APP 9 (Government-related identifiers): We do not adopt, use, or disclose government-related identifiers such as Tax File Numbers as personal identifiers.
APP 10 (Quality of personal information): We take reasonable steps to ensure the personal information we hold is accurate, up-to-date, and complete.
APP 11 (Security of personal information): We protect personal information using reasonable security safeguards (see Section 8).
APP 12 (Access to personal information): We will provide you access to your personal information upon request (see Section 10.1).
APP 13 (Correction of personal information): We will correct personal information that is inaccurate upon request (see Section 10.2).

16. Governing Law

This Privacy Policy is governed by the laws of the Commonwealth of Australia and the state or territory in which Lux operates. Any disputes arising out of or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of Australia.

Nothing in this Privacy Policy limits or excludes any rights you have under applicable Australian consumer protection laws, including the Australian Consumer Law (Schedule 2 of the Competition and Consumer Act 2010 (Cth)).