leadpages
This policy explains how we collect, use, store and share personal information through the LeadPages platform at leadpages.com.au and the customer websites we build and host on it. We handle personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), and, where it applies, the EU/UK GDPR.
Where the GDPR applies, our legal bases are performance of a contract, your consent (which you may withdraw), and our legitimate interests in running and improving the service.
Our sites use only the cookies and similar technologies needed to operate the site and measure basic performance. We do not use third-party advertising cookies or sell tracking data. Where required, sites will ask for your consent to non-essential cookies.
We use trusted providers to run the platform. Each processes information only as needed to provide their service to us:
| Provider | Purpose |
|---|---|
| Supabase | Database and authentication |
| Vercel | Website hosting and serverless functions |
| Stripe | Payment processing |
| Resend | Transactional and campaign email delivery |
| Cloudinary | Image storage and delivery |
| Meta Platforms (Instagram) | Instagram content, only if a customer connects their account |
| Maps / location features, where used on a site |
We do not sell personal information. We disclose it only to these providers, to a business about its own enquiries, or where required by law.
Our providers may store and process data on servers located in Australia. Where information is transferred overseas, we take reasonable steps to ensure it is handled consistently with the APPs and, where applicable, use appropriate GDPR transfer safeguards.
A business may email its own past enquirers about offers or updates. Every such email includes a one-click unsubscribe link, and a business can also mark any contact as opted-out. Once unsubscribed, that address is excluded from future bulk email from that business. This is separate from operational emails (such as a reply to an enquiry).
We keep personal information for as long as needed to provide the service and to meet legal, accounting or reporting obligations, after which it is deleted or de-identified. A business may delete individual enquiries at any time.
To request deletion of personal information we hold, email privacy@webculture.au with the details you’d like removed. We will action verified requests within a reasonable time. Deletion of Instagram-sourced data is covered in the Instagram Data Use & Deletion page.
We use reasonable technical and organisational measures — including encryption in transit, access controls and reputable infrastructure providers — to protect personal information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
The platform is intended for businesses and their adult customers. It is not directed at children, and we do not knowingly collect information from children.
If a customer connects an Instagram account, we access and use Instagram data strictly as described in our Instagram Data Use & Deletion page, in line with Meta’s Platform Terms and Developer Policies.
We may update this policy from time to time. The “last updated” date shows the current version, and material changes will be notified where appropriate.
For any privacy question or complaint, contact us at privacy@webculture.au or U5, 47-49 Vicars St, Mitchell ACT 2911. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.