Bright Stars Soccer Privacy Policy
This Privacy Policy applies to all personal information collected by Bright Stars Academy Pty Ltd trading as Bright Stars Soccer ("we," "us," or "our") via the website located atwww.brightstarssoccer.com.au (the "Website"). We are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1. Information we collect
The kind of Personal Information we collect and hold depends on how you use the Website and our services. This includes:
Parent/Guardian Details: Names, email addresses, phone numbers, and residential addresses.
Participant (Child) Details: Full name, date of birth, age, and gender.
Sensitive Information: Medical information (including allergies, medical conditions, and emergency medical requirements) and behavioural information relevant to safe participation in our soccer programs.
Emergency Contacts: Name and contact details of secondary emergency contacts.
Financial Information: Billing and payment information processed through secure third-party payment processors.
Website Usage Data: IP addresses, browser type, device information, pages visited, and interaction with website content collected through Meta Pixel and Google Analytics.
2. Types of information & sensitive data
2.1 Personal information: As defined by the Privacy Act 1988 (Cth), this is information or an opinion about an identified individual, or an individual who is reasonably identifiable.
2.2 Sensitive information: This includes health information. We only collect Sensitive Information where it is reasonably necessary for our functions (specifically, the safety of your child on the pitch) and with your explicit consent. We use this information only for the primary purpose for which it was obtained or a directly related secondary purpose.
3. Anonymity and pseudonymity
Where practical, you have the option of interacting with us anonymously or using a pseudonym (for example, making a general enquiry). However, for the purposes of enrolling a child in our programs and complying with insurance and Child Safe Standards, it is impracticable for us to deal with you unless you have identified yourself and the Participant.
4. How we collect information
4.1 Direct collection: We collect information whenever you input data into the Website, related apps, or provide it to us via email or in person.
4.2 Third parties: Occasionally, we may be provided information by a third party. In such cases, we will take reasonable steps to make you aware of this.
4.3 Cookies & tracking: We use cookies and tracking pixels (Meta Pixel/Google Analytics) to customise your experience. While these generally do not identify you personally, they help us improve our service delivery.
5. Purpose of collection & disclosure
We collect information to provide the best service experience and to keep you informed about our business.
5.1 Customary disclosure: We disclose Personal Information to service providers who assist in operating our Website and business (e.g., payment processors, CRM providers).
5.2 Direct marketing: By using our Website, you consent to receiving marketing material. You may "Opt-out" at any time using the unsubscribe link in our communications. We do not use Sensitive Information for marketing purposes.
6. Overseas data transfers
Your information may be stored on servers located overseas (e.g., cloud storage providers). Where a recipient is in a country with data protection laws less comprehensive than Australia's, we take reasonable steps to secure a contractual commitment from them to handle your information in accordance with the APPs.
7. Child data protection & Victorian standards
For information relating to children under 18:
We obtain explicit written consent from parents/guardians before transferring information to any overseas recipients.
We maintain records of all consents in accordance with the Victorian Child Safe Standards.
Access to children's medical and behavioural data is restricted to relevant Ground Control staff on a "need-to-know" basis.
8. Security, retention & data breaches
8.1 Security: We take reasonable steps to protect your data from unauthorised access, misuse, or disclosure.
8.2 Retention: Most records are kept for a maximum of 7 years to fulfil legal and record-keeping obligations. When no longer required, data is destroyed or de-identified.
8.3 Notifiable data breaches: In the event of an "Eligible Data Breach" (unauthorised access or loss of data likely to result in serious harm), we will notify you and the Office of the Australian Information Commissioner (OAIC) as soon as practicable, in accordance with the Privacy Act 1988 (Cth).
9. Access and correction
Under APPs 12 and 13, you have the right to access and correct the Personal Information we hold about you. Please contact us in writing to make such a request.
10. Complaints procedure
If you have a complaint regarding our privacy practices, please contact us at the details below. We will investigate and respond within a reasonable timeframe. If you remain dissatisfied, you may contact the OAIC atwww.oaic.gov.au.
Bright Stars Academy Pty Ltd (ABN 67 695 541 8720 Trading as Bright Stars Soccer
hello@brightstarssoccer.com.au
Document Version 1.0 — Effective 14 March 2026