Effective date: 20 March 2026. This policy applies to all services operated by Nightshift Media and to all visitors to nightshiftmedia.com.au.
Nightshift Media is a nightlife and venue marketing agency based in Australia, operating globally. We provide paid advertising management, attribution and tracking systems, conversion design, CRM and retention services, and creative strategy to venues and event promoters. References to "we", "us", or "our" in this policy mean Nightshift Media.
We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where we process personal data of individuals located in the United Kingdom or European Economic Area, we also comply with the UK GDPR and EU GDPR respectively. Where we process personal data of individuals in Canada, we comply with PIPEDA.
We collect personal information only when you voluntarily provide it to us through one of the following channels on this website. We do not collect information passively beyond the analytics described in Section 4.
| Collection Point | Information Collected | Purpose |
|---|---|---|
| Revenue Audit Form (7-step) | Name, email, phone (optional), venue/business name, venue type, location, current ad spend, ad channels, tracking setup, business challenges, referral source | To assess fit and prepare a tailored response to your enquiry |
| General Contact Form | Name, email, phone (optional), venue name, message | To respond to general enquiries |
| Investor / Partner Inquiry Form | Name, organisation, organisation type, area of interest, email, message (optional) | To evaluate and respond to investment or partnership enquiries |
| Investor Notify Loop | Email address only | To notify you if our investment or partnership status changes |
| Account Login (optional) | Name, email, login method (via Manus OAuth) | To authenticate your session if you access gated features |
We do not collect sensitive information as defined under the Privacy Act (such as health information, racial or ethnic origin, political opinions, or financial account details) through this website.
We use the personal information you provide for the following purposes:
Responding to enquiries
Information submitted through our contact and audit forms is used solely to evaluate whether our services are a fit for your business and to prepare a personalised response. We will contact you using the details you provide.
Service delivery
If you engage us as a client, we will use your contact information to deliver, manage, and improve the services agreed under your service agreement. This may include sharing relevant information with third-party platforms (such as Meta, Google, or TikTok) as necessary to operate your advertising campaigns, strictly on your instruction.
Business communications
We may send you information about our services, case studies, or industry insights if you have indicated interest or become a client. You may opt out of non-transactional communications at any time by emailing [email protected] or using the unsubscribe link in any email we send.
Legal and compliance obligations
We may use or disclose your information where required by law, court order, or regulatory authority, or to protect the rights, property, or safety of Nightshift Media, our clients, or the public.
This website uses Umami Analytics, a privacy-first, open-source analytics platform. Umami does not use cookies, does not collect personally identifiable information, does not track users across websites, and is fully compliant with GDPR, PECR, and the Australian Privacy Act. No consent banner is required for Umami. The data collected is limited to anonymised page views, referral sources, and general browser/device type — it cannot be used to identify you.
We do not use Google Analytics, Facebook Pixel, or any other third-party tracking scripts on this website. If this changes, this policy will be updated and a consent mechanism will be implemented where required by law.
This website uses a single, essential session cookie to maintain your authenticated login state if you choose to log in. This cookie is HTTP-only, signed with a secure secret, and expires at the end of your session or after a defined period of inactivity. It is not used for advertising or tracking purposes and does not require consent under Australian law or the GDPR's legitimate interest basis for essential functionality.
No third-party advertising cookies are set by this website.
We do not sell, rent, or trade your personal information to third parties. We may share your information in the following limited circumstances:
Service providers. We use a small number of trusted third-party service providers to operate this website and our business, including cloud hosting, database, and email delivery providers. These providers process data on our behalf and are contractually bound to use it only for the purposes we specify.
Legal obligations. We may disclose information if required to do so by law or in response to a valid legal process.
Business transfers. In the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on this website before your information is transferred and becomes subject to a different privacy policy.
Your personal information is stored in a secured, access-controlled database hosted on infrastructure located in Singapore (AWS ap-southeast-1 region). We implement reasonable technical and organisational measures to protect your information against unauthorised access, disclosure, alteration, or destruction, including encrypted connections (TLS), access controls, and regular security reviews.
No method of transmission over the internet or electronic storage is 100% secure. While we take commercially reasonable precautions, we cannot guarantee absolute security. In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme.
We retain personal information for as long as is necessary to fulfil the purposes for which it was collected, or as required by law. Specifically:
| Data Type | Retention Period |
|---|---|
| Audit and contact form submissions (non-clients) | 24 months from submission, unless you become a client |
| Client contact and engagement data | 7 years from end of engagement (for tax and legal compliance) |
| Investor inquiry data | 36 months from submission |
| Notify loop email addresses | Until you unsubscribe or the notify loop is closed |
| Session authentication data | Duration of session; deleted on logout |
Under the Australian Privacy Act and, where applicable, the GDPR, you have the following rights regarding your personal information:
Access. You may request a copy of the personal information we hold about you.
Correction. You may request that we correct inaccurate or incomplete information.
Deletion. You may request that we delete your personal information, subject to our legal retention obligations.
Objection / Opt-out. You may opt out of marketing communications at any time.
Portability (GDPR). Where applicable, you may request your data in a structured, machine-readable format.
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. We may need to verify your identity before processing your request. We will not charge a fee for reasonable requests.
If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
This website is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us and we will delete it promptly.
This website may contain links to third-party websites, including LinkedIn and ticketing platforms. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies independently.
We may update this Privacy Policy from time to time. The effective date at the top of this page will reflect the date of the most recent revision. We will notify users of material changes by posting a notice on the website. Continued use of the website after changes are posted constitutes your acceptance of the revised policy.
For any privacy-related questions, requests, or complaints, please contact us at: