1. Purpose and nature

It is RandomBlowup Pty Ltd trading as RBU Digital (‘We’ ‘Us’ and ‘Our’) policy to respect your privacy regarding any information we may collect from you across our website, https://www.rbu.digital

We collect your personal information so We can offer you the best possible service.

The purpose of this Privacy Policy is to inform you how We intend to collect, store, use, disclose, protect and otherwise handle your personal information in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Privacy Act). We understand that the privacy of your data is important to you.

We will only collect your personal information in a lawful and reasonable way that is non-invasive. When you provide Us with your personal information you consent to the use, disclosure and handling of that personal information in accordance with this Privacy Policy (as reasonably amended from time to time).

There may be occasions when We permit your personal information to be shared with a related entity, including Our related companies, business partners, other third parties and their respective employees, in order for them to supply the services from Clover4 or otherwise to you. Any such use shall be undertaken in the same manner and in compliance with this Privacy Policy.

We do not make any representations, guarantees, warranties or promises as to the way in which We or our business partners will or may use, store, collect, dispose, protect or otherwise handle your personal information.

What is "Personal Information"?

The Privacy Act 1988 (Cth) currently defines "Personal Information" as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable:

(i)whether the information or opinion is true or not; and

(ii)whether the information or opinion is recorded in a material form or not.

If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as "Personal Information" and will not be subject to this Privacy Policy.

2. Collecting and retaining your information

a) The types of personal information collected by Us include: Your name, telephone number, email or other contact information through our contact email.

b) When you visit our website, we may automatically collect certain information about your device and how you interact with our site, including:

• Time spent on pages
• Browser type and version
• Device type (desktop, mobile, tablet)
• Operating system
• Geographic location (country/city level)
• Referral source (how you found our site)
• IP address (anonymised)

This data is collected through cookies and similar tracking technologies.

3. How we use information

We use the information collected to:

• Understand website traffic patterns and user behavior
• Improve website functionality and user experience
• Identify and resolve technical issues
• Analyze which content is most valuable to visitors
• Maintain the security and integrity of our website

4. Online data collection

Whenever anyone uses Our website We collect data about their visit. We use that data for various purposes, including improving and maintaining Our site’s usability and security. We may also collect information based on how you use Our website, by using ‘cookies’, web beacons and other similar technologies.

5. Data protection and LLM training

In the event that We receive information from you that We have not asked for and which is not necessary for Our provision of goods and services to you We will de-identify and destroy such information in a lawful manner (this includes any information received from a minor).

We commit to protecting your personal data and ensuring that it is not used to train or be retained by any Large Language Model (LLM) used in Our services.

We do not collect, store, or process any personally identifiable information (PII) from our clients. Our LLMs are trained on publicly available, anonymised, and aggregated data sources, such as:

• Public datasets
• Web scraping of publicly available data

We strictly adhere to the following principles:

• No data collection: We do not collect or gather any PII related to our clients.
• No data storage: We do not store any personal data collected from our clients.
• No data retention: We do not retain any personal data for longer than necessary, and we ensure that it is deleted or anonymized after a specified period.
• No LLM training: We do not use or process any PII in the training or development of our LLMs.

Our commitment to this clause ensures that your data remains secure and is only used for its intended purpose: supporting you with your digital agency needs. By engaging with Our services, you can be confident that your personal information is protected and will not contribute to the training or retention of any LLM.

6. Unsolicited information

In the event that We receive information from you that We have not asked for and which is not necessary for Our provision of goods and services to you We will de-identify and destroy such information in a lawful manner (this includes any information received from a minor).

7. Storing Personal Information

We take the security of your personal information seriously. In order to keep your personal information safe, We take reasonable steps to protect your personal information from misuse, loss and unauthorised access, modification or disclosure.

Whenever We store your personal information, We will always take proper steps to protect it, as detailed in Australia’s privacy legislation. When We no longer need your information, it will be destroyed, deleted or de-identified. Most of the Personal Information is or will be stored for a minimum of 90 days after the end date of the promotional period.

Although We will do Our best to keep your information safe, there always remains a risk of that information being compromised (e.g. by third party malicious or criminal attacks). You should always make sure to keep any personal and login details safe, and educate yourself on the best ways to safeguard your information, e.g. recognise phishing email, sharing passwords and keep up to date with any security material provided to you.

8. Disclosure of your Personal Information

We will only disclose your personal information to third parties in the following circumstances:

a) to sub-contractors that provide services to Us to facilitate the services We provide to you;

b) to third parties that require prize information to distribute a promotional prize to you

c) Third parties where you consent to the use or disclosure;

d) as otherwise required by law or to comply with legal process, including, but not limited to, civil and criminal subpoenas, court orders or other compulsory disclosures;

e) as reasonably necessary to respond to claims of a violation of the rights of third parties, whether or not the third party is a user, individual, entity or government agency;

f) for any internal purpose required by Us, including, without limitation, to manage your Clover4 account and other billing purposes, to respond to your inquiries, to allow outside vendors to perform services required by Us, and to otherwise manage and operate Clover4, and develop new services and products;

g) as reasonably necessary to detect, prevent and address fraud and other illegal activity and to prevent death or imminent bodily harm; or as reasonably necessary to protect the rights and property of Ours or its officers, directors, employees or agents.

9. Data breaches

A data breach occurs when Personal Information or intellectual property held by Us is subject to unauthorised access, disclosure, modification, or is lost.

An "eligible data breach", in accordance with the Privacy Act, occurs when there is a data breach that is likely to result in serious harm to any of the individuals to whom the information relates and we are unable to prevent the likely risk of serious harm with remedial action.

We, including all our people, take breaches of privacy very seriously. If we suspect a privacy breach has occurred, our priority is to contain and assess the suspected breach in accordance with our Data Breach & Security Compromise Policy.

10. Cross-border disclosure

Your Personal Information will not be disclosed to recipients outside Australia unless you expressly request us to do so. If you request us to transfer your Personal Information to an overseas recipient, the overseas recipient will not be required to comply with the Australian Privacy Principles and we will not be liable for any mishandling of your information in such circumstances.

11. General data protection regulation

Under the UK and EU General Data Protection Regulation ("GDPR"), We may have some additional obligations with respect to the "personal data" collected from residents of the UK or EU as a data importer. We will comply with all obligations imposed on data importers under the GDPR with respect to the personal data of EU and UK residents, including the GDPR Standard Contractual Clauses in respect of EU transfers or the international data transfer agreement (IDTA) or the international data transfer addendum to the European Commission’s standard contractual clauses for international data transfers (Addendum) in respect of the UK transfers to the extent that they may apply to Us and our relationships with third parties.

12. Accessing and correcting your information

Australian Privacy Principle 12 permits you to obtain access to the Personal Information We hold about you in certain circumstances, and Australian Privacy Principle 13 allows you to correct inaccurate Personal Information subject to certain exceptions.

You can access or correct the Personal Information that We hold about you by calling or writing to Us by using the contact details set out below in clause 15. We will do Our best to respond to you within a reasonable time. In order to access or correct your information We will need to identify you.

There are some situations where We might refuse or limit, or be unable, to correct or provide you with access to information, such as when the information is commercially sensitive. If that happens, We will write to you and let you know why.

We will do Our best to keep your personal information accurate and up-to-date. If any of your details change, such as your name, address or phone number – please let Us know by using the contact details at clause 15.

13. Complaint procedure

If you have a complaint regarding Our use of your personal information, please contact Us by using the contact details set out in clause 15. We may ask you to address your complaint in writing to assist Our investigation.

We will do Our best to resolve the complaint as quickly as We can and We will provide you with an estimated response time frame in relation to your complaint. We will endeavour to respond to your complaint within 7 days.

If a complaint remains unresolved, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

14. How to contact us about Privacy Policy

If you have any queries, or if you seek access to your Personal Information, or if you have a complaint about our privacy practices, you can contact Us through: hello@rbu.digital.

15. Changes to Privacy Policy

We may review and change this Privacy Policy at any time, so We encourage you to review this Privacy Policy from time to time. If We change this Privacy Policy, We will post an updated version on Our website to notify you of this change. By continuing to utilise Our services after any changes to the Privacy Policy, you will be deemed to have accepted those changes to the Privacy Policy.

Policy last updated: 29th April 2025