Legal
Privacy Policy.
Last updated: May 2026
This Privacy Policy explains how Bespoke Creatives ("we", "us", "our") collects, uses, stores, and protects your personal information when you visit our website or book a consulting session. We are committed to handling your information responsibly and in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1. About this policy
Bespoke Creatives is an AI consulting business operated by Bahushruth Mitte, based in Australia. This policy applies to personal information collected through our website (bespokeaucreatives.com) and the booking and contact forms embedded within it.
While Bespoke Creatives may currently qualify for the small business exemption under the Privacy Act 1988 (annual revenue threshold), we uphold the Australian Privacy Principles as a matter of standard practice. This is consistent with the scheduled December 2026 removal of the small business exemption, which will bring all Australian businesses under the Act.
If you have any questions about this policy, contact us at admin@bespokeaucreatives.com.
2. What personal information we collect
We collect only what is necessary to provide our services:
- Name and email address: collected when you book a session via Cal.com or submit a contact form via Formspree
- Session notes: information discussed during consulting sessions that we record for the purpose of delivering session recaps and tracking progress
We do not seek or solicit sensitive information (including health, racial or ethnic origin, political opinions, religious beliefs or affiliations, sexual orientation, or criminal record). However, sensitive information may arise incidentally during a consulting session if you choose to share it as part of your business context. In such cases, any information included in your session notes is recorded only where relevant to the service being delivered, and used solely for that purpose. By participating in a session, you consent to any information you voluntarily share being recorded in your session notes for this purpose.
We do not collect payment card details, as those are handled entirely by Stripe (see Section 7).
3. How we collect it
We collect personal information through the following channels:
- Cal.com booking form: when you book an AI OS Consulting Session
- Formspree contact form: when you submit an enquiry via our website contact form
- Direct communication: when you email us or reply to session-related emails
We collect personal information only from you directly. We do not collect it from third parties without your knowledge.
4. Why we collect it
We use your personal information for the following purposes:
- To schedule and manage your consulting session
- To send you session-related communications: confirmation emails, session recap emails, and reminders
- To respond to enquiries submitted via our contact form
- To manage client relationships in our CRM system (GoHighLevel)
- To follow up on any proposals, audits, or builds discussed during sessions
We will not use your personal information for purposes unrelated to the above without your consent.
5. Disclosure to third parties
We use the following third-party services to operate our business. Your personal information is disclosed to these services in the course of delivering our services to you:
- Cal.com: booking platform. Stores your name, email, and booking details. Cal.com Privacy Policy →
- Stripe: payment processing (via Cal.com). Handles payment card data directly. Stripe Privacy Policy →
- GoHighLevel: CRM and session management. Stores your name, email, and session-related notes. GoHighLevel Privacy Policy →
- Formspree: contact form processor. Receives and forwards contact form submissions. Formspree Privacy Policy →
- Supabase: database infrastructure. Stores session records including name, email, session dates, and session notes. Supabase Privacy Policy →
- Google Fonts: typography. When you load our website, your IP address is transmitted to Google's servers to serve the font files. Google Privacy Policy →
We do not sell, rent, or trade your personal information to any third party. We may disclose personal information if required to do so by law or in response to a valid legal request.
6. Overseas recipients: APP 8
All of the third-party services listed above (Cal.com, Stripe, GoHighLevel, Formspree, Supabase, and Google) are based in the United States. By using our booking form or contact form, you consent to your personal information being transferred to and handled by these overseas recipients.
By providing this consent, the accountability provisions of Australian Privacy Principle 8 (APP 8) of the Privacy Act 1988 do not apply to these disclosures. This means that if an overseas recipient mishandles your information, we may not be liable for that breach under Australian law. We encourage you to review each provider's privacy policy (linked above) before submitting your information.
We have selected reputable, established platforms and have taken reasonable steps to satisfy ourselves that each provider maintains appropriate data security standards, but we cannot guarantee their compliance with Australian law.
7. Payment information
Session payments are processed by Stripe, accessed through Cal.com's booking platform. Bespoke Creatives does not store, process, or have access to your payment card details at any point. Card data is entered directly on Cal.com/Stripe's secure environment and flows to Stripe only.
If you have questions about a payment, contact Cal.com's support or refer to Stripe's Privacy Policy.
8. Website and third-party links
Our website contains links to third-party websites and services including Cal.com, GitHub, Claude.ai, and others. Clicking these links takes you to sites operated by third parties, each with their own privacy policies. We are not responsible for the privacy practices or content of those sites.
We encourage you to read the privacy policy of any third-party site you visit before submitting personal information to it.
9. Security
We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, and disclosure. Specifically:
- All website connections use HTTPS (encrypted in transit)
- Personal information held in GoHighLevel is protected by GoHighLevel's own security infrastructure, access controls, and encryption at rest
- Access to client data is restricted to authorised personnel only (currently, the sole operator of Bespoke Creatives)
No method of data transmission or storage is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security. In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and relevant authorities as required by law.
10. Direct marketing and communications
By booking a session, you may receive:
- Session confirmation and reminder emails (operational, not marketing)
- A session recap email summarising what was built and next steps
- Follow-up communications related to your session or any proposals discussed
Under APP 7, session follow-up communications may qualify as direct marketing. If you do not wish to receive these communications, you may opt out at any time by emailing admin@bespokeaucreatives.com with "Unsubscribe" in the subject line. We will process your request promptly and at no cost to you.
We will not use your personal information for unrelated direct marketing without your consent.
11. Your rights: access, correction, and deletion
Under the Australian Privacy Principles, you have the right to:
- Access the personal information we hold about you
- Request correction of information that is inaccurate, out of date, incomplete, or misleading
- Request deletion of your personal information (subject to any legal obligations we may have to retain records)
To exercise any of these rights, email admin@bespokeaucreatives.com with your request. We will respond within a reasonable period and at no charge. In some circumstances we may need to verify your identity before processing your request.
12. Complaints
If you believe we have breached the Australian Privacy Principles or otherwise mishandled your personal information, we want to hear from you first.
Step 1: Contact us directly
Email admin@bespokeaucreatives.com with details of your complaint. We will acknowledge receipt within 5 business days and aim to resolve the matter within 30 days.
Step 2: Escalate to the OAIC
If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
- Website: oaic.gov.au
- Phone: 1300 363 992
- Post: GPO Box 5218, Sydney NSW 2001
13. Children
Our services are primarily directed at business owners, founders, and professionals. Individuals under the age of 18 are welcome to use our services, but must have obtained consent from a parent or legal guardian before booking. By booking a session, individuals under 18 confirm that such consent has been obtained.
If you believe we have received a booking from a minor without appropriate consent, contact us at admin@bespokeaucreatives.com and we will address it promptly.
14. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations. The "Last updated" date at the top of this page will reflect the most recent revision.
We encourage you to review this page periodically. Continued use of our website or services after a change constitutes acceptance of the updated policy.
15. Contact us
For any privacy-related questions, requests, or concerns:
Bespoke Creatives
Email: admin@bespokeaucreatives.com
Website: bespokeaucreatives.com