Legal

Privacy Policy

Last updated: 8 May 2026

Document status This Privacy Policy has been drafted with reference to the Privacy Act 1988 (Cth), the Australian Privacy Principles, the EU General Data Protection Regulation, and the California Consumer Privacy Act, and is intended to describe our actual privacy practices for digitalventurestudio.com. It has not yet been formally reviewed by external legal counsel; we will complete that review and remove this notice. If anything in this Policy is unclear or appears inconsistent with our practices, please contact us at rick@digitalventurestudio.com and we will respond and update.

1. About this Privacy Policy

This Privacy Policy explains how Rick Musial trading as Digital Venture Studio (ABN 72 820 742 115), of 7 Wandoo Street, O'Connor ACT 2602, Australia ("we", "us", "our", "Digital Venture Studio") collects, uses, stores, shares, and protects your personal information when you visit digitalventurestudio.com (the "Website").

This Policy is written to comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). It also addresses obligations under the EU General Data Protection Regulation (GDPR) for visitors in the European Economic Area and the California Consumer Privacy Act (CCPA) for residents of California.

This Policy applies to the marketing website only. Our products — Touchstone (usetouchstone.ai), The Assay (theassay.ai), and Eulogize This (eulogizethis.com) — have their own privacy policies that govern those services.

By using the Website, you agree to this Privacy Policy. If you do not agree, please do not use the Website.

2. Who we are

Digital Venture Studio is operated by Rick Musial, an Australian sole trader using the registered business name "Digital Venture Studio" (ABN 72 820 742 115).

For any privacy-related question, request, or complaint, contact us at rick@digitalventurestudio.com or by post at 7 Wandoo Street, O'Connor ACT 2602, Australia.

3. What information we collect

3.1 Information you provide

The Website's primary point of data collection is the contact form. When you complete it, you provide:

Name — required
Email address — required
Company or organisation — optional
Referral source — optional, how you heard about us
Service interest — optional, the area you're enquiring about
Message — required, your enquiry

You may also provide personal information if you contact us directly by email, by post, or through any social profile we maintain.

3.2 Information collected automatically

When you visit the Website, our hosting provider (Vercel) automatically receives standard technical information needed to serve the page. This includes:

Your IP address
Browser type and operating system
The page you requested and the referring page (if any)
The date and time of the request

This information is used to deliver the Website to you, to detect and prevent abuse, and for basic operational diagnostics. We do not use third-party advertising trackers, marketing analytics platforms, or cross-site tracking on the Website.

3.3 Cookies and similar technologies

The Website uses minimal cookies. We do not set advertising cookies, marketing cookies, or third-party tracking cookies. Our hosting provider may set short-lived technical cookies for content delivery and security; these do not identify you personally and are not shared with third parties for advertising purposes.

3.4 Information from third parties

We do not buy or rent personal information from third parties. We may receive information from publicly available sources (for example, when reviewing a LinkedIn profile linked in an enquiry), and we receive information you choose to share with us through professional networks.

4. Why we collect this information

We collect personal information to:

Respond to enquiries you submit via the contact form
Discuss and, where appropriate, deliver our services to you
Maintain a record of our communications with you
Operate and improve the Website
Comply with legal and regulatory obligations

Our lawful basis for processing under GDPR is, depending on context:

Legitimate interests — to respond to your enquiry and maintain a record of our communications
Contract — where we go on to deliver services to you under a separate written engagement
Consent — for any optional processing where we ask explicitly
Legal obligation — where we are required to retain or disclose information by law

5. Marketing communications

We do not currently send marketing emails to people who submit enquiries. If we begin doing so, we will only do so with your consent and we will provide a clear unsubscribe mechanism in every marketing email. We will continue to send transactional and engagement-related communications (for example, a reply to your enquiry) regardless of marketing preferences — these are not marketing.

6. Who we share your information with

We share personal information only with the following processors, and only as needed to operate the Website and respond to you:

Vercel (United States, global edge network) — Website hosting and content delivery
Formspree (United States) — Contact form intake; enquiries submitted via the form are forwarded to our email
Google (Gmail / Google Workspace) (United States) — Email delivery and storage; we read and reply to your enquiry from Google's email infrastructure

We have terms of service or data processing agreements with these providers under their published terms.

We may also disclose personal information:

To professional advisors (lawyers, accountants) under duty of confidentiality
If required by law, court order, or regulatory request
To protect the rights, property, or safety of Digital Venture Studio, our users, or the public
In connection with a sale, merger, or restructure of Digital Venture Studio (subject to the new entity assuming the obligations of this Privacy Policy)

We do not sell your personal information. We do not share it with advertisers, data brokers, or marketing platforms.

7. Sending data overseas (international transfers)

Each of the third-party providers listed above processes data in the United States. By using the Website, you consent to your personal information being transferred to and processed in the United States and other countries where our providers operate.

The United States does not have an Australian-equivalent privacy law, but our providers maintain industry-standard security and contractual commitments. For visitors in the European Economic Area, the United Kingdom, and Switzerland, we rely on Standard Contractual Clauses or equivalent transfer safeguards published by our providers where required.

8. How long we keep your information

We keep your personal information only for as long as we need it for the purposes described in this Policy:

Contact form submissions and email correspondence — retained for as long as is reasonably necessary to respond to you, deliver any agreed services, and maintain a complete record of our dealings (typically up to 7 years for business records, consistent with Australian taxation and accounting obligations)
Server logs from Vercel — retained per Vercel's published log retention policy (short-lived; typically days to weeks)

You can ask us to delete your personal information earlier — see Section 9.

9. Your rights

You have the following rights regarding your personal information. To exercise any of them, contact us at rick@digitalventurestudio.com. We will respond within 30 days (or a shorter period if required by law).

9.1 All visitors (Privacy Act / Australian Privacy Principles)

Access — ask for a copy of the personal information we hold about you
Correction — ask us to correct information that is inaccurate, out of date, incomplete, irrelevant, or misleading
Complaint — make a complaint about how we have handled your personal information; if you are not satisfied with our response, you can escalate to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au

9.2 Additional rights under GDPR (EU/UK visitors)

Erasure — ask us to delete your personal information ("right to be forgotten")
Restriction — ask us to limit how we use your information while a dispute is being resolved
Portability — ask us to provide your information in a structured, machine-readable format you can move to another service
Object — object to processing based on legitimate interests or for direct marketing purposes
Withdraw consent — where we rely on consent, withdraw it at any time (this does not affect processing already done)
Complaint to a supervisory authority — you can lodge a complaint with the data protection authority in your country

9.3 Additional rights under CCPA (California residents)

Right to know — what categories and specific pieces of personal information we have collected, the sources, the purposes, and the third parties we have shared it with
Right to delete — request deletion of personal information we have collected
Right to opt out of sale — we do not sell personal information; this right is automatically respected
Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights

We may need to verify your identity before fulfilling a rights request, to protect your information from being released to someone else.

10. Security

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, and disclosure. These steps include:

Encryption of data in transit (HTTPS) for the Website itself
Use of reputable third-party providers with their own security commitments and data processing agreements
Access controls and authentication for systems holding personal information
Regular review of access permissions

No system is perfectly secure. If we become aware of a data breach affecting your personal information, we will notify you and any required authorities in accordance with the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth).

11. Children

The Website is not directed at children under 18. We do not knowingly collect personal information from anyone under 18. If you believe a child has provided us with personal information, contact us at rick@digitalventurestudio.com and we will delete it.

12. Links to other sites

The Website contains links to other sites, including our products (Touchstone, The Assay, Eulogize This), our published writing on third-party platforms (LinkedIn, Medium, etc.), and external resources we cite. We are not responsible for the privacy practices of those sites.

The privacy policies of our products govern those products specifically. Visiting digitalventurestudio.com is not the same as creating an account with Touchstone or The Assay; if you sign up for one of our products, the relevant product privacy policy applies in addition to (or in place of) this one.

13. Changes to this Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect any change. Material changes will be communicated through the Website. Continued use of the Website after a change takes effect constitutes acceptance of the updated Policy.

14. Contact

For any privacy question, request, or complaint:

Email: rick@digitalventurestudio.com

Postal: 7 Wandoo Street, O'Connor ACT 2602, Australia

If you are not satisfied with how we have handled your privacy concern, you can escalate to:

Office of the Australian Information Commissioner (OAIC) — www.oaic.gov.au — for Australian visitors
The data protection authority in your country — for EU/UK visitors
The California Attorney General — for California residents