Last Updated: Jun 03, 2025

Introduction

iterush Digital Pty Ltd ("Siterush", "we", "us", or "our") respects your privacy. This Privacy Policy explains how we collect, use, and protect the information you provide when you visit https://siterushdigital.com, purchase our services, or otherwise interact with us (collectively, the “Services”).

Please read this Privacy Policy carefully. We will alert you to any changes to this Policy by changing the "last updated" date at the top of this Policy. Any changes become effective immediately upon publication on our website, and you waive specific notice of any changes to the Policy by continuing to use and access our service(s).You are deemed to have accepted any changes to any revised Privacy Policy by your continued use of our service(s) after the revised Privacy Policy is posted.

INFORMATION  WE COLLECT

By engaging with our Services you consent to the collection and processing of the data categories below.

Personal Data
Information that identifies you as an individual or business representative, such as name, business name, email address, telephone number, postal address, and any content you supply for your project (copy, images, store credentials).

Derivative Data
Information automatically collected by our servers or analytics tools, such as IP address, browser type, referring URL, pages viewed, and timestamps.

Financial Data
We exclusively process payments through Stripe. We never store full card numbers or CVC codes; Stripe supplies us only with transaction identifiers, the last 4 digits, and expiry date. Please review Stripe’s Privacy Policy https://stripe.com/privacy for details.

Third‑Party & Social‑Networking Data
If you interact with us via platforms such as LinkedIn, we may receive your public‑profile information subject to your settings on those platforms.

Other Data
From time to time you may voluntarily provide additional information (e.g. testimonial videos). Submission of such data is entirely optional.

When We Collect Information

We collect information when you:

• Visit or navigate any page under the siterushdigital.com domain;

• Complete a contact form, intake survey, or schedule a call;

• Purchase a service or sign an order agreement;

• Subscribe to a newsletter or download gated content;

• Interact with marketing emails, SMS, or live chat;

• Upload assets or feedback to Airtable or our client portal.

COOKIES

We may use cookies for tracking purposes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer, Chrome, Firefox, or Safari) settings. Each browser is a little different, so look at your browser's Help menu to learn the correct way to modify your cookies.

Disabling cookies may impact some features such as calendar bookings.

When We Collect Information

We collect information when you:

• Deliver, operate, and improve the Services;

• Create, manage, and secure your account and projects;

• Process payments, issue invoices, and detect fraudulent transactions;

• Communicate proposals, project status, and support updates;

• Send B2B marketing or educational content where legally permitted (each email contains an unsubscribe link);

• Personalise your experience and recommend relevant services;

• Analyse aggregated statistics to enhance UX, conversion rates, and product decisions;

• Enforce our Terms of Service and protect our rights;

• Comply with legal and regulatory obligations.

Data Sharing Commitment

We do not sell, trade, or rent personal information. We share it only with trusted service providers that help us operate the Services and that are bound by confidentiality and data‑protection obligations.

Our key service providers include:

• Stripe – payment processing (USA/EU)

• Webflow – website hosting & CDN (USA)

• GoHighLevel – CRM & communications (USA)

• Google Workspace and Microsoft 365 – email & productivity (USA/EU)

• Airtable – project and content handling (USA)

• Shopify – e‑commerce platform for client stores (USA/Canada)

• Professional advisers – accountants and legal counsel (Australia/USA)

Each provider processes data solely under our instructions for the purposes listed above.

Legal Bases for Processing

We rely on one or more of the following legal bases:

• Legitimate interests – service delivery, improvement, fraud prevention, and marketing to existing or prospective B2B clients;

• Performance of a contract – fulfilling services you order;

• Consent – newsletters, non‑essential cookies, or where otherwise required by law;

• Legal obligation – accounting, taxation, and record‑keeping.

Security of Your Information

We prioritize the security of your data by following industry best practices and leveraging the robust infrastructure provided by our trusted third‑party service providers. These providers maintain modern safeguards—including encrypted data transfers, secure data storage, regular backups, and access controls—to help protect against unauthorized access, use, or disclosure. While no system can guarantee absolute security, we continually monitor and review our practices to reduce risks.

Data Retention

We retain personal information only as long as needed for the purposes outlined in this Policy (or longer if required by law):

• Client project files: 5 years after final delivery — for support, warranties, and portfolio reference.

• Accounting records: 7 years — to satisfy Australian and U.S. statutory obligations.

• Contractual & billing data: 7 years — for auditing and dispute‑resolution purposes.

• Marketing contacts: until you unsubscribe or after 24 months of inactivity — to maintain list hygiene.

• Analytics logs: 26 months (Google default) — for aggregated trend analysis.

You may request earlier deletion where legally permissible.

Your Rights

Depending on your jurisdiction, you may have rights to:

• Access the personal information we hold about you

• Correct, inaccurate, or incomplete information

• Delete or request erasure of your information

• Restrict or object to processing

• Data portability

• Withdraw consent at any time (where processing is based on consent)

To exercise any right, email hello@siterushdigital.com.

California Privacy Rights (CCPA)

The State of California has established its own unique regulations that apply to California residents. As of its effective date of January 1, 2020, we are also compliant with the California Consumer Privacy Act Of 2018, Cal. Civ. Code §§ 1798.100 Et Seq. (CCPA).

Any California resident may request, free of charge, the personal information we have collected or stored about themselves or about a member of their household. For security purposes, we reserve the right to ask for verification of your identity and proof of your California residency at the time of your request.

Any California resident has a right to request the personal data we have collected, or request deletion of the personal data we have collected, including but not limited to:

• Access the personal informAny personally identifying information, such as a real name, alias(es), mailing or resident address, IP address, email address, account name, biometrics, or any other data that could uniquely identify a California resident.

• Commercial information, including products or services purchased, obtained, or considered, search history, interactions with our website, or any other purchasing or browsing history of our site and/or offer(s).

• Geolocation data

• Professional or employment-related information.

We reserve the right to collect any of the above data on California residents and their households.

We DO NOT sell your data. California residents can email us at hello@siterushdigital.com to explicitly request to opt-out of any future data sales, should our policies change.

California residents also have the option to request a full deletion of their account and any data we have collected and associated with them.

We agree to comply with any data request or deletion made pursuant to the CCPA in a reasonable timeframe, during normal business hours and excluding holidays or our pre-scheduled time off.

Fair Information Practices

Consistent with the Fair Information Practice Principles, we will notify affected individuals via email within seven (7) business days of a data breach likely to result in a significant risk to their rights and freedoms. We also support the individual redress principle, enabling pursuit of legally enforceable rights against non‑compliant data processors.

CAN SPAM ACT

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to: Send information, respond to inquiries, and/or other requests or questions.

To be in accordance with CANSPAM, we agree to the following: