Privacy Policy

 

Boomerang Effect Pty Ltd, trading as “John Novak Sport” (ABN: 28 161 365 224) (“the Company”, “we”, “us” or “our”) is committed to protecting the privacy of individuals and is bound by the Australian Privacy Principles (“APPs”) set out in the Privacy Act 1988 (Cth) (as amended from time to time) (“the Act”). We will only collect, use or disclose personal information in accordance with the Act and this Privacy Policy.

This Privacy Policy applies to the collection, use, disclosure and handling of personal information (including sensitive information as defined by the Act) by the Company, including personal information collected via www.johnnovaksport.com (“Website”).

This Privacy Policy explains how the Company protects your personal information under the APPs. By accessing or using this Website you agree to be bound by this Privacy Policy. If you do not agree, please exit this Website and refrain from using any of its contents.

The Company may amend or update this Privacy Policy at any time at its sole discretion. You should regularly review this Privacy Policy. By continuing to use the Website after such changes, you accept this Privacy Policy as it applies from time to time.

Minors. This Website is not intended for use by minors (defined as persons under the age of 16) without the express consent of a parent or legal guardian. If a minor wishes to use this Website or access any of our services, a parent or legal guardian must: (a) review and agree to our Terms and Conditions on the minor’s behalf; (b) take responsibility for the minor’s use of the Website and compliance with those Terms; and (c) be the contracting and billing party for any purchases. By permitting a minor to use this Website, the parent or legal guardian confirms they have read and accepted our Terms and Conditions. We do not knowingly collect personal information from minors without the consent of a parent or legal guardian. If we become aware that we have inadvertently collected personal information from a minor without such consent, we will take immediate steps to delete that information. If you believe we may have collected information from a minor without parental or guardian consent, please contact us immediately.

 

1.  Collection of Personal Information

1.1  How Do We Collect Personal Information?

The Company collects personal information:

• Directly from you when you contact our business, fill in an enquiry form, register for an account, purchase a product or service, participate in a survey, or otherwise interact with us or our Website; and
• From third parties including other companies within our group, affiliate or partner companies, public records, credit reporting agencies, information service providers, and third-party analytics providers. We also use third-party services to analyse website traffic (see Section 1.5 below).

Personal information is collected and held only to the extent reasonably necessary for one or more of the Company’s functions or activities, including the sale, promotion and distribution of services through direct-to-customer and online marketing.

Any person may access or use the Website via the internet without registering with or disclosing any personally identifying information to the Company, where lawful and practicable. Individuals may also have the option of remaining anonymous or using a pseudonym when dealing with the Company.

1.2  What Type of Personal Information Do We Collect?

Personal information collected and held by the Company during our relationship with you may include (but is not limited to):

• Your email address, first name, last name and other contact details;
• Date of birth, home address, postcode and country of residence;
• Telephone numbers;
• Payment details including billing address (note: full credit card details are processed securely by our payment provider — see Section 1.5);
• Personal information provided in surveys, testimonials and complaints;
• Internet Protocol (IP) address, occupation, employment and industry;
• Areas of interest and information relating to your dealings with us; and
• Any personal information you volunteer while using this Website, including via cookies or your interactions with any AI-assisted tools or chatbots on the Website.

1.3  Why Do We Collect Personal Information?

The purposes for which we collect your personal information include:

• Providing you with our services, information and content;
• Managing our relationship with you;
• Communicating with you about our services, promotions and events;
• Improving and developing our services and Website;
• Complying with our legal and regulatory obligations; and
• Any other purpose notified to you at the time of collection.

1.4  Cookies

The Company may place a cookie (a small text or pixel file) on any computer you use to access this Website. Cookies help us:

• Recognise you as a returning visitor;
• Display content and promotions relevant to you based on your onsite behaviour;
• Improve our Website and service features; and
• Detect activity that may breach our Terms and Conditions.

If you do not want to receive cookies, you can change your browser settings at any time. If you use this Website without changing your browser settings, we will assume that you are happy to receive all cookies. More information on managing cookies can generally be found in the help section of your internet web browser.

1.5  Third-Party Service Providers

The Company uses the following third-party services, which may collect or process your personal information on our behalf. We encourage you to review their privacy policies:

• Google Analytics (Google LLC) — We use Google Analytics to analyse how visitors use our Website. Google Analytics uses cookies to collect data such as your IP address, browser type, pages visited and time spent on the Website. Google’s privacy policy is available at google.com/privacy. You can opt out of Google Analytics tracking at tools.google.com/dlpage/gaoptout.
• Payment Processing (Stripe / PayPal) – Payment transactions are processed by our secure payment providers. We do not store your full credit card details on our servers. Your payment data is handled in accordance with PCI DSS (Payment Card Industry Data Security Standard) requirements by our payment provider. Please refer to their privacy policies for full details.
• CRM and Marketing Automation (Keap) – We use Keap (formerly Infusionsoft) to manage customer relationships, automate marketing communications and process service enquiries. Your name, email address and interaction history may be stored and processed by Keap. Keap’s privacy policy is available at com/legal/privacy-policy. You can unsubscribe from marketing emails at any time using the unsubscribe link in any email we send you.
• CRM and Marketing Platform (GoHighLevel) – We use GoHighLevel to manage marketing funnels, automated communications and customer engagement. Your name, email address, phone number and interaction data may be stored and processed by GoHighLevel. GoHighLevel’s privacy policy is available at com/privacy-policy. You can unsubscribe from marketing communications at any time using the unsubscribe link in any message we send you.
• Facebook / Meta Pixel – We use the Meta Pixel on our Website to measure the effectiveness of our advertising, build audiences for our ads and track conversions. The Meta Pixel may collect data about your activity on our Website and share it with Meta Platforms, Inc. You can manage your ad preferences at com/adpreferences. Meta’s privacy policy is available at facebook.com/privacy/policy.

Please note that some of these third-party tools may incorporate artificial intelligence or machine learning features as part of their platforms. We do not control how those third parties use AI and direct you to their own privacy policies for details.

1.6  Unsolicited Personal Information

If the Company receives unsolicited personal information about an individual, we will take steps to afford that information the same privacy protection as solicited personal information, or destroy or de-identify that information if it is lawful and reasonable to do so and only if the information is not contained in a Commonwealth record.

2.  Use and Disclosure

The Company may use and disclose (and you are deemed to consent to the Company using and disclosing) your personal information:

1. For the primary and related purposes for which it is collected, including:

• where necessary or desirable in connection with the provision of this Website, Website materials and our services to you;
• to manage the Company’s relationship with you; and
• to obtain professional, financial, technical, administrative or other advice and services in connection with the operation of the Company’s business, including from external advisors, service providers, social networking sites, subcontractors and suppliers, advertising agencies, research companies and mailing houses;

2. To provide you with information about services and promotional offers available from the Company or its affiliated entities;
3. To provide you with information about products and services available from third-party entities;
4. To investigate, prevent or take action regarding any breach or suspected breach by you of the Website Terms and Conditions, this Privacy Policy, any law or the rights of any person, or to address complaints;
5. To research and enhance our services;
6. To persons who acquire or express an interest in acquiring all or any part of the Company’s business;
7. As required or authorised by or under Australian law or a court or Tribunal order;
8. As required by an enforcement body for one or more enforcement-related activities as defined under the Act; and
9. For any other purpose to which you subsequently consent from time to time.

2.1  Direct Marketing

If we collect personal information from you (and you have consented to its use for this purpose), the Company may use and disclose your personal information (excluding sensitive information) to provide you with information about our Website, services and promotions. We may contact you via email, SMS or other means in accordance with the Spam Act 2003 (Cth) and the Act.

When you enquire about our services, you expressly consent to receiving marketing communications from us. You may opt out of marketing communications at any time by:

• Following the unsubscribe instructions in any email we send you; or
• Contacting us at support@boomerangeffect.com.au or support@johnnovaksport.com.

You may also contact us to request that we do not disclose your personal information to other organisations for the purpose of direct marketing, or to enquire about the source of your personal information held by us.

3.  Artificial Intelligence and Automated Data Processing

This section explains how the Company handles your personal information in connection with artificial intelligence (AI) tools, automated systems and related technologies. It should be read alongside Section 15 of our Website Terms and Conditions.

3.1  Our Current Use of AI

The Company does not currently use AI tools to deliver coaching services. Where AI-assisted tools, chatbots or virtual assistants are introduced to this Website in the future, we will update this Privacy Policy to reflect this and clearly disclose their use to you at the point of interaction.

3.2  Personal Information and AI Interactions

If you interact with any AI assistant, chatbot or automated tool on our Website, please be aware that:

• Any personal information you share during that interaction (including your name, email address, health or performance information) will be collected and handled in accordance with this Privacy Policy;
• Conversation logs and inputs may be retained for the purposes of improving the tool, quality assurance and compliance monitoring;
• AI-generated responses are provided for general information purposes only and do not constitute professional, medical, legal or sports performance advice; and
• We will clearly disclose when you are interacting with an AI system rather than a human.

3.3  We Will Not Use Your Personal Information to Train AI

The Company will not use your personal information to train, fine-tune, evaluate or otherwise develop any artificial intelligence model or system without your express prior written consent. This applies to:

• Any personal information you provide to us directly;
• Any content you submit to the Website; and
• Any data collected about your behaviour or interactions on this Website.

3.4  Prohibition on Users Feeding Personal Information Into AI

As set out in Section 15 of our Website Terms and Conditions, you must not input any personal information of other individuals collected from or through this Website into any AI model, LLM, chatbot or automated system. Doing so may constitute a breach of the Act and of our Terms and Conditions. Please refer to our Terms and Conditions for full details of AI prohibitions that apply to your use of this Website.

3.5  Third-Party AI Tools

Some of our third-party service providers (including analytics, email marketing and advertising platforms) may incorporate AI features as part of their services. We do not control how those third parties use AI and we direct you to their own privacy policies for details (see Section 1.5 above). We take reasonable steps to ensure that any third-party providers we engage comply with their obligations under applicable privacy laws.

3.6  Automated Decision-Making

The Company does not currently make automated decisions that have a legal or similarly significant effect on you. If we introduce automated decision-making in the future (for example, personalised coaching recommendations generated by AI), we will update this Privacy Policy and provide you with information about the logic involved and your right to request human review.

4.  Trans-Border Data Flows

The Company may transfer (and you are deemed to consent to the Company transferring) your personal information outside of Australia in the following circumstances:

10. Where the Company has taken reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to your personal information;
11. Where the Company reasonably believes that the recipient is subject to effective data protection obligations;
12. Where the transfer is necessary for the performance of a contract between you and the Company, or for pre-contractual measures;
13. Where the transfer is for your benefit and it is impracticable for the Company to obtain your consent, but if it were practicable you would be likely to consent;
14. As required or authorised by or under law; and
15. Where you subsequently consent from time to time.

Please note that some of our third-party service providers (including Google Analytics, Meta and our email marketing platform) are based outside Australia and their servers may be located overseas. By using this Website and consenting to this Privacy Policy, you consent to your personal information being transferred to and processed in those jurisdictions.

5.  Data Quality

We will take reasonable steps to keep any personal information we hold about you secure, relevant, accurate, up to date and complete. If any of your personal information changes, please contact us as soon as practicable so we can update our records. However, except to the extent liability cannot be excluded due to the operation of statute, we exclude all liability (including in negligence) for matters outside our control.

6.  Data Retention

The Company retains your personal information only for as long as is necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.

In determining the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process the data, and whether we can achieve those purposes through other means.

Once personal information is no longer required, we will take reasonable steps to destroy or permanently de-identify it in accordance with APP 11.2 of the Act.

7.  Security

The Company takes reasonable steps to protect the personal information we hold from interference, misuse, loss and from unauthorised access, modification or disclosure. Our security measures include:

• Secure Socket Layer (SSL) encryption on our Website;
• Access controls limiting who can access personal information within our organisation;
• Use of PCI DSS-compliant payment processing for credit card transactions; and
• Regular review of our information security practices.

The Company takes reasonable steps to destroy or permanently de-identify any personal information that is no longer needed. However, except to the extent liability cannot be excluded due to the operation of statute, we exclude all liability (including in negligence) for the consequences of any unauthorised access to your personal information. Please notify us immediately if you become aware of any breach of security.

8.  Access to and Correction of Your Personal Information

Under the APPs, you have the right to request access to, and correction of, personal information we hold about you. To make a request, please contact us using the details set out in Section 10 below.

We may charge a reasonable fee for providing access to your personal information where permitted by law. We may refuse access where the Act allows us to do so. If we refuse your request, we will provide written reasons for the refusal and information about how to complain about that decision.

We will not charge you for making a request to correct your personal information, for correcting the information, or for associating a statement of correction with your personal information.

We will endeavour to respond to access and correction requests within a reasonable time and in the manner you request if it is reasonable to do so.

9.  Membership Site, Social Media Groups and Webinars

You acknowledge that any information you choose to make public within our Membership Site, social media groups, courses and webinars, including your personal information, will be publicly available within that area to other members.

You consent to the collection and use by the Company of any information you publish within our Membership Site and Webinars, in accordance with this Privacy Policy and the Website Terms and Conditions.

Important: Please do not share sensitive personal information (including health, financial or identity information) in public areas of our Membership Site or during webinars, as the Company cannot guarantee the privacy of that information once it has been shared in those forums.

10.  Privacy Complaints and Contact

10.1  How to Make a Complaint

If you believe the Company has breached the APPs or this Privacy Policy in relation to your personal information, you may make a complaint by contacting us using the details below. We will endeavour to respond to your complaint within 21 days of receipt and will work with you to resolve it.

10.2  Escalation to the OAIC

If you are not satisfied with our response, or we have not resolved your complaint within a reasonable time, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC). The OAIC can be contacted at:

• oaic.gov.au

10.3  Contact Details

All correspondence regarding this Privacy Policy, including access requests, correction requests and complaints, should be directed to:

Email: support@boomerangeffect.com.au  or  support@johnnovaksport.com

Post:

Customer Service

Boomerang Effect Pty Ltd

ABN: 28 161 365 224  |  ACN: 161 365 224

Botany, NSW, Australia, 2019

Last updated: 30^th March 2026