Privacy Policy

1. About Us

This website is operated by:

Operator	Myles Agnew
Trading as	mylesagnew.com
Website	https://www.mylesagnew.com
Location	Sydney, New South Wales, Australia
Contact email	[email protected]
Contact via	https://bookme.name/mylesagnew

2. Scope and Application

This Privacy Policy applies to all personal information we collect through:

• The mylesagnew.com website and all associated pages
• Coffee chat bookings made via bookme.name/mylesagnew
• Email correspondence, social media interactions, and any other communications you initiate with us
• Any consulting, advisory, or other services we provide

We are committed to handling your personal information in accordance with the Privacy Act 1988 (Cth) ("Privacy Act") and the 13 Australian Privacy Principles ("APPs") set out in Schedule 1 of that Act.

3. What Personal Information We Collect (APP 3)

"Personal information" means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not, and whether recorded in material form or not (Privacy Act 1988, s 6).

3.1 Information You Provide Directly

We may collect the following personal information when you interact with this website or our services:

• Name: your full name or preferred name when booking a coffee chat or making contact
• Email address: for communication, booking confirmations, and follow-up correspondence
• Phone number: if voluntarily provided through a booking or contact form
• Professional details: job title, organisation, industry sector, or technical context you share during a coffee chat or consultation
• Communications content: the content of emails, messages, or notes you send to us
• Booking information: date, time, and subject matter of any booked consultation

3.2 Information Collected Automatically

When you visit this website, certain technical information may be collected automatically, including:

• Log data: IP address, browser type and version, operating system, referring URL, pages visited, time and date of visit, and time spent on each page
• Device information: device type, screen resolution, and language preferences
• Cookies and similar technologies: see Section 9 (Cookies) for full details

3.3 Sensitive Information

We do not intentionally collect sensitive information (as defined in the Privacy Act, including health, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, or criminal record information). Please do not include sensitive information in any booking or communication with us. If sensitive information is inadvertently disclosed to us, we will handle it with additional care in accordance with APP 3.

3.4 Anonymity and Pseudonymity (APP 2)

Where practicable, you may interact with this website and make general enquiries without identifying yourself. However, if you wish to book a coffee chat or receive personalised advice, we will need to collect your name and contact details to facilitate the engagement.

4. How We Collect Your Personal Information (APP 3)

We collect personal information through:

• Booking forms: via the third-party booking platform bookme.name when you schedule a coffee chat or consultation
• Direct communication: when you contact us via email, social media (Twitter/X, LinkedIn, Instagram, YouTube), or other channels
• Website analytics: automatically collected technical data as described in Section 3.2
• Social media: publicly visible interactions on our social media profiles
• Third-party referrals: information provided to us by event organisers (e.g., WordCamp Brisbane) or professional networks

We only collect personal information by lawful and fair means, and we collect only the information that is reasonably necessary for the purposes described in this policy (APP 3.1).

5. Why We Collect and Use Your Information (APP 6)

We collect, hold, use, and disclose personal information for the following primary purposes:

Purpose	Details
Booking management	To schedule, confirm, and follow up on coffee chats and consultations
Service delivery	To provide cybersecurity advice, guidance, and consulting services you have requested
Communication	To respond to your enquiries, questions, and correspondence
Website improvement	To analyse website usage patterns and improve content, navigation, and user experience
Security and fraud prevention	To monitor for and respond to malicious activity, abuse, or security threats
Legal obligations	To comply with applicable laws, regulations, and court orders
Direct marketing	To send you relevant updates, newsletters, or security content — only with your consent (see Section 7)

We will not use your personal information for a purpose other than the primary purpose of collection, or a directly related secondary purpose, unless we have obtained your consent or an exception under the APPs applies (APP 6.1).

6. Disclosure of Personal Information (APP 6)

6.1 Third Parties We May Share Information With

We may disclose your personal information to the following categories of third parties, strictly for the purposes outlined in Section 5:

• bookme.name (Booking platform): your name, email, and phone number are processed by our booking provider to facilitate coffee chat scheduling. Their privacy policy is available at bookme.name. We encourage you to review it.
• Email and communication providers: we use standard email infrastructure. Emails may be processed by our email provider's servers.
• Website hosting providers: server and infrastructure providers that host this website may process technical log data.
• Analytics providers: anonymised or pseudonymised website usage data may be processed by analytics tools (see Section 9).
• Social media platforms: Twitter/X, LinkedIn, Instagram, and YouTube. If you interact with us via these platforms, those providers' privacy policies apply. We do not control how these platforms handle your data.
• Legal and regulatory authorities: we may disclose information where required by law, court order, or regulatory requirement, including to the Office of the Australian Information Commissioner (OAIC).

6.2 We Do Not Sell Your Information

We do not sell, rent, or trade your personal information to third parties for commercial purposes. Ever.

6.3 Overseas Disclosure (APP 8)

Some of the third-party service providers we use may store or process data outside Australia. These may include cloud hosting or email infrastructure providers with servers in the United States, European Union, or other jurisdictions. Before disclosing personal information to overseas recipients, we take reasonable steps to ensure those recipients handle the information in a manner consistent with the APPs (APP 8.1).

By providing your personal information to us, you consent to it being transferred to, stored, or processed in countries outside Australia in accordance with this policy.

7. Direct Marketing (APP 7)

We may use your name and email address to send you relevant security content, newsletter updates, or information about our services, but only where:

• you have provided explicit consent for us to do so; or
• you are an existing client or contact and the communication is related to services similar to those previously provided, and you have not opted out.

Every marketing communication we send will include a clear and easy mechanism to unsubscribe or opt out. We will honour unsubscribe requests promptly (within 5 business days at most, in accordance with the Spam Act 2003 (Cth)).

We will not use or disclose your personal information for direct marketing if you have requested we not do so.

8. How We Store and Protect Your Information (APP 11)

8.1 Storage

Personal information is stored in a combination of:

• Secure cloud-based email and calendar systems
• Third-party booking platform (bookme.name)
• Secure notes and project management tools with access controls

8.2 Security Measures

We take reasonable steps to protect personal information from misuse, interference, and loss, and from unauthorised access, modification, and disclosure (APP 11.1). Given our expertise in cybersecurity, our security practices include but are not limited to:

• Use of strong, unique credentials and multi-factor authentication (MFA) on all accounts that store personal data
• Encrypted communications and storage where practicable
• Access controls limiting who can access personal information
• Regular review of third-party service providers for security posture
• HTTPS enforced on this website

8.3 Data Retention

We retain personal information only for as long as necessary to fulfil the purposes described in this policy or as required by law. Specifically:

• Booking and consultation records: retained for up to 7 years to support any follow-up, dispute resolution, or legal obligations
• Email correspondence: retained while the relationship is active and for a reasonable period thereafter
• Website analytics data: typically anonymised or aggregated within 26 months
• Marketing consent records: retained for as long as we conduct marketing activities to you, and for a reasonable period after opt-out to demonstrate compliance

8.4 Destruction of Information (APP 11.2)

When personal information is no longer required, we will take reasonable steps to destroy or de-identify it securely, unless we are required by law or a court or tribunal order to retain it.

9. Cookies and Tracking Technologies

9.1 What Are Cookies?

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work efficiently and to provide information to website owners.

9.2 How We Use Cookies

This website may use the following types of cookies and technologies:

Cookie Type	Required?	Purpose
Essential / functional	Yes	Necessary for the website to function correctly. Cannot be disabled.
Analytics / performance	No (opt-in)	Track how visitors interact with the website (e.g. pages visited, time on site). Data is anonymised or pseudonymised where possible.
Third-party (social media)	No (opt-out)	Set by social media platforms (Twitter/X, LinkedIn, YouTube, Instagram) when you click links to those platforms. Subject to their own privacy policies.
Booking platform	Conditional	Set by bookme.name when you use the booking tool. Subject to bookme.name's own privacy policy.

9.3 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. Note that disabling certain cookies may affect the functionality of this website. For guidance on managing cookies, refer to your browser's help documentation.

10. Access to and Correction of Your Information (APP 12 & 13)

10.1 Your Right to Access (APP 12)

You have the right to request access to the personal information we hold about you. To make an access request, please contact us using the details in Section 14. We will respond within a reasonable time (generally within 30 days).

We may decline to provide access in certain circumstances permitted under APP 12, for example where providing access would unreasonably impact another individual's privacy, or where we are required or authorised to refuse access by law. If we decline your request, we will explain why in writing.

10.2 Your Right to Correction (APP 13)

If you believe that personal information we hold about you is incorrect, out of date, incomplete, irrelevant, or misleading, you have the right to request that we correct it. We will take reasonable steps to correct the information and, if we correct information that we have previously disclosed to a third party, we will notify that third party of the correction where reasonable and practicable.

10.3 Fees

We will not charge a fee for making an access or correction request, or for correcting information. If we impose a charge to give access (e.g. for extensive or complex requests), we will advise you of the fee before proceeding and will not charge an amount that is unreasonable.

11. Privacy Complaints (APP 1)

11.1 How to Make a Complaint

If you believe we have breached the APPs, or the Privacy Act more generally, we encourage you to contact us in the first instance so we can investigate and attempt to resolve your concern.

To lodge a complaint, please contact us using the details in Section 14, with the subject line 'Privacy Complaint'. Please provide:

• Your name and contact details
• A clear description of the privacy concern or alleged breach
• Any supporting information you consider relevant

11.2 Our Response Process

We will acknowledge your complaint within 5 business days and aim to provide a substantive response within 30 days. If we are unable to resolve your complaint within 30 days, we will advise you of the reason for the delay and the expected resolution timeframe.

11.3 Escalation to the OAIC

If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

12. Children's Privacy

This website and our services are directed at adults and professionals. We do not knowingly collect personal information from children under the age of 18 without verifiable parental consent. If we become aware that we have inadvertently collected personal information from a child under 18, we will take steps to delete it promptly.

13. Australian Privacy Principles — Compliance Summary

This table summarises how this Privacy Policy addresses each of the 13 Australian Privacy Principles:

APP	Principle	Addressed In
1	Open and transparent management of personal information	This entire Privacy Policy; regular review and update commitment
2	Anonymity and pseudonymity	Section 3.4 — anonymity option for general website browsing
3	Collection of solicited personal information	Sections 3 and 4 — lawful, fair, necessary collection only
4	Dealing with unsolicited personal information	Section 3.3 — sensitive information; unsolicited data destroyed if not needed
5	Notification of the collection of personal information	Section 5 — purposes stated at time of collection via this policy
6	Use or disclosure of personal information	Sections 5 and 6 — use limited to primary purposes; no unauthorised disclosure
7	Direct marketing	Section 7 — consent-based; clear opt-out on every communication
8	Cross-border disclosure of personal information	Section 6.3 — overseas providers; reasonable steps taken
9	Adoption, use or disclosure of government identifiers	Not applicable — we do not collect or use government identifiers
10	Quality of personal information	Section 10.2 — correction rights; we maintain accurate, current information
11	Security of personal information	Section 8 — storage, security measures, and data retention policies
12	Access to personal information	Section 10.1 — right to access; 30-day response commitment
13	Correction of personal information	Section 10.2 — right to correct; no unreasonable fees

14. Contact Us

For any privacy-related enquiries, requests, or complaints, please contact:

15. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. When we make material changes, we will:

• Update the 'Last Updated' date at the top of this policy
• Post the revised policy on this website at www.mylesagnew.com/privacy-policy.html
• Where the changes are significant, take additional steps to notify you (e.g. via email if you are a subscriber)

We encourage you to review this policy periodically. Continued use of our website or services following a policy update constitutes your acceptance of the revised policy.