Last updated: 30 April 2026 Effective: 30 April 2026

Privacy at a glance

A short summary of what’s in this policy. Read the full policy below for detail.

Who we are. Real Minds, Artificial Intelligence (ABN 98 648 626 859) — a small Australian business based in Melbourne.
What we collect. Information you give us through forms, purchases, subscriptions, and our Business Analyser Tool — plus standard technical information about your visit.
Why. To run the website, deliver our services, communicate with you, and measure whether our advertising is working.
Marketing tracking. We use Meta Pixel, Meta Conversions API, and Google Analytics to measure how our website is performing and how our advertising is working. These run by default. You can opt out at any time by emailing us, or by blocking cookies in your browser.
Email. We only send marketing email to people who actively subscribe through a double opt-in confirmation. Submitting a contact form does not subscribe you.
Where data goes. Mostly Australia. Some processing happens in Singapore, the United States, and the European Union — see the International Data Transfers section.
Your choices. Unsubscribe from email at the foot of any of our messages. Email hello@realmindsai.au to access, correct, or delete your information, or to opt out of marketing entirely.
Sensitive information. We do not collect sensitive information through this website.
Automated decisions. We use AI to generate insight summaries in our Business Analyser Tool. A human consultant reviews any output before it shapes a commercial decision — see the Automated Decision-Making section.

Who we are

realmindsai.com.au and realmindsai.au are operated by Real Minds, Artificial Intelligence (ABN 98 648 626 859) — referred to in this policy as “Real Minds AI”, “we”, “us”, or “our”.

We are the data controller for personal information collected through these websites and the services described below.

This Privacy Policy explains what we collect, why we collect it, how we use it, who we share it with, and the choices you have. It is written to comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), and — where applicable — with the EU/UK General Data Protection Regulation (GDPR).

If you do not agree with how this policy describes our use of your information, please do not use the websites or our services.

What we collect

We collect personal information in three ways: information you give us directly, information collected automatically when you use the website, and information from third parties.

Information you give us

Contact and enquiry forms. Your name, email address, phone number (if provided), organisation, and the contents of your message.
Course purchases. Your name, email address, billing address, phone number, and payment information processed by our payment provider (Stripe).
Newsletter and lead-magnet sign-ups. Your email address and (optionally) first name. We use a double opt-in flow — see Consent and Recordkeeping below.
Survey responses. When you complete one of our surveys, the responses you give. Survey submissions are treated as internal feedback only and are not used for marketing.
Business Analyser Tool. See the dedicated Business Analyser Tool section below.
Course progress and engagement. When you enrol in a course, our learning platform records your enrolment, lesson progress, and any submissions you make as part of the course.

Information collected automatically

When you visit our websites, we automatically collect technical information about your device and browsing session, including:

Web browser type, language, and version
Operating system and device characteristics
IP address and approximate region (used to apply the right consent rules)
Referring website or search terms that brought you here
Pages viewed, time on page, and how you interact with the site
Cookies and similar browser-storage entries (described in Cookies and Similar Technologies below)

Most of this is standard web-server data, used to keep the site working and secure.

Information from third parties

We may receive information about you from:

Payment provider (Stripe) — confirmation that a transaction has occurred, plus the limited billing details necessary for fulfilment and tax records. We do not store your full credit card number.
Authentication providers — if you sign in to a service through a third-party account, we receive the basic profile information that provider shares.
Spam protection (Cloudflare Turnstile) — see Spam Protection below.

Sensitive information

We do not collect sensitive information through this website. “Sensitive information” includes information about your health, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, or criminal record. If sensitive information is ever required for a specific service, we will ask for your express opt-in consent at the time of collection — we will not collect it via cookies, pixels, or default settings.

Cookies and Similar Technologies

Real Minds AI uses cookies and equivalent browser-storage technologies to make the website work, remember your preferences, understand how the site is used, and measure the performance of our advertising.

We group the cookies in use into four categories:

Category	What it does
Functional	Makes the site work — login, cart, course progress, language.
Preferences	Remembers your settings between visits.
Statistics	Helps us understand how the site is used in aggregate (Google Analytics).
Marketing	Measures the performance of our advertising on Meta. Includes the Meta Pixel described in the next section.

Managing cookies

Cookies are managed at the browser level. Most browsers let you:

View and delete cookies stored by individual websites
Block all cookies from a specific site
Block third-party cookies entirely
Clear cookies whenever the browser closes

How to do each varies by browser — search “manage cookies” in your browser’s help to find the controls.

If you would like us to stop sending personal information to Meta or other advertising platforms regardless of your browser settings, email hello@realmindsai.au and we will add you to our suppression list.

Marketing Pixels and Conversion Tracking

Real Minds AI runs paid advertising on Meta (Facebook and Instagram). To know whether our advertising is working — for example, whether someone who saw an ad later signed up for a course — we use two technologies:

Meta Pixel runs in your browser. It records key events (page views, form submissions, purchases) and sends them to Meta along with a small set of identifiers (a Meta browser cookie, your IP address, browser user agent).

Meta Conversions API runs on our server. It records the same events directly from our server to Meta. We use it together with the Pixel because browsers increasingly block tracking scripts, which would otherwise mean we lose the conversion measurement we need to manage advertising spend responsibly.

What we send to Meta

When you submit a form or complete a course purchase, we send Meta:

Hashed personal data — email address, name, phone, and billing details where relevant. Hashed using SHA-256 (one-way) so Meta cannot read the original values directly.
Event details — which form was submitted, which course was purchased, the value of the transaction, the page URL.
Meta browsing identifiers — Meta’s own browser cookies (_fbp, _fbc), your IP address, your browser user agent.

For ordinary page views (no form submission, no purchase), we send only event details and Meta browsing identifiers — no personal data.

A note on hashing

Hashing scrambles your email or name into a fixed code that Meta cannot reverse on its own. However, in combination with other information Meta already holds — for example, if you also have a Facebook account with the same email — a hashed identifier can match you to an existing user. We disclose this honestly so you can make an informed choice about whether to give us your details. The OAIC explicitly recognises that hashed personal information can still identify an individual when matched with other data.

Opting out

If you would prefer that we send nothing at all to Meta:

Email hello@realmindsai.au and we will add you to our advertising suppression list. We will action within 14 days.
Or block third-party cookies in your browser, which will prevent the Pixel from running. (This won’t stop our server-side Conversions API — for that, use the email opt-out above.)

Spam Protection

To stop bots and automated submissions, our forms are protected by:

Cloudflare Turnstile — a privacy-respecting alternative to traditional CAPTCHA. Turnstile may run a brief challenge in your browser to confirm you are human. It collects limited technical data (e.g. browser characteristics) for that purpose and does not track you across sites or build a profile. Cloudflare’s privacy notice is available at https://www.cloudflare.com/privacypolicy/.
A honeypot field — an invisible field that humans cannot see and so do not fill in. Bots that fill in every field are detected and blocked. No data about you is collected by this technique.

Business Analyser Tool

Our Business Analyser Tool offers two levels of engagement.

Instant Opportunity Scan

When you use the Business Analyser form we collect the business name and any focus areas you type, together with the website URL you supply. This URL is processed in a secure language-model environment hosted in cloud infrastructure located in Singapore or the United States to generate an on-screen insight summary.

No personal information is captured, stored, or retained at this stage.

Dive Deeper ROI Report

If you choose to proceed with the Dive Deeper ROI Report, we collect:

Your name, title and email address
Your company name and details about the company such as employee numbers and industry
Optional comments you provide

These details, along with selected public snippets from your website, are securely processed in the same cloud-based environment to generate a deeper ROI report.

The report is reviewed by an RMAI consultant before it is sent to the email you confirmed.

Final reports are stored securely in our Australian Microsoft 365 tenancy. Submission records are also maintained in a customer relationship management (CRM) system used by our team to manage follow-up.

Automated Decision-Making

We use artificial intelligence (specifically, large language models) in the Business Analyser Tool to generate insight summaries and ROI reports from the information you give us.

A human consultant reviews any output before it shapes a commercial decision that affects you. We do not use these tools to make solely-automated decisions about you. The tools assist our human team — they don’t replace the team.

You have the right to:

Ask which automated processing has been applied to your information
Request a human review of any output
Receive an explanation of how an output was produced

Contact hello@realmindsai.au to exercise any of these rights.

This section will be expanded as the Privacy Act 1988 automated decision-making transparency obligations come into effect (10 December 2026), and will list the specific decision types and information categories used.

Why we process your data

Customer data security is our top priority. We process only the minimum data necessary for the purpose described. Specifically, we process personal information to:

Operate, secure, and improve the website
Deliver the products and services you request (course enrolment, consultations, reports)
Communicate with you about an enquiry, purchase, or your account
Send marketing communications only where you have actively subscribed (see Consent and Recordkeeping)
Measure the effectiveness of our advertising in accordance with the Marketing Pixels and Conversion Tracking section
Comply with our legal obligations (e.g. tax records, responding to lawful requests)

Information collected automatically is used to identify potential abuse and to compile aggregate statistics about website usage. Aggregate statistics are not associated with any identifiable individual.

You can browse the website without telling us who you are. Some features (purchasing a course, submitting a form, subscribing to email) require us to collect personal information.

We follow the principle of data minimisation — we only collect what is strictly necessary for the purpose for which we collect it.

We keep records of user consent where required, including:

When you sign up to our mailing list or download a lead-magnet, we use a double opt-in flow:

You provide your email (and optionally your first name) on a sign-up form.
We send you a confirmation message.
Only when you click the confirmation link in that message do we add you to our list.

We record the timestamp, source URL, and IP address at the moment of confirmation as evidence of your consent.

Our email service provider is Mailchimp (operated by Intuit Inc., United States). You can unsubscribe at any time using the link at the foot of every email we send, or by contacting us directly.

Contact form submissions

When you submit a Contact form, we store your submission in our website (via the Contact Form 7 and Flamingo plugins) and forward a copy by email to the team for follow-up.

Submitting a Contact form does not subscribe you to marketing email. We treat Contact form submissions as direct correspondence, not as marketing consent. If you would also like to subscribe to our newsletter, there is a separate sign-up — or tick the optional checkbox on the contact form where offered.

Survey responses

Survey responses are stored in our website for our own analysis and feedback. They are not used to send you marketing email and are not added to any marketing audience.

How to opt out of marketing

If you change your mind, every channel has a simple opt-out:

To stop…	What to do
Marketing emails	Click the unsubscribe link at the foot of any email from us. Takes effect within 24 hours.
Cookie-based marketing tracking	Block third-party cookies in your browser settings — this stops the Meta Pixel and similar in-browser tracking.
Server-side conversion tracking (Meta Conversions API)	Email hello@realmindsai.au with your email address and ask us to exclude your records. We will action within 14 days.
All marketing entirely	Email hello@realmindsai.au with your email address; we will remove you from every marketing channel and add you to our suppression list.

You do not need to give a reason. We will never penalise you for opting out.

Data Retention and Security

We retain personal information only for as long as necessary for the purpose for which it was collected, or as required by law. Specifically:

Instant Opportunity Scan logs (URL only) — automatically deleted after 30 days
Dive Deeper ROI Report submissions — retained for 24 months, after which they are anonymised or deleted
Course enrolment and progress — retained for the duration of your enrolment plus seven years (for tax and educational records)
Newsletter subscribers — retained while you remain subscribed; removed within 30 days of unsubscribing
Contact form submissions — retained for 24 months, then deleted

We protect your data with:

TLS encryption during transmission
Encryption at rest
Multi-factor authentication for administrative access
Regular review of access permissions

You can request access, correction, or deletion of your information at any time by emailing hello@realmindsai.au.

International Data Transfers

Some data may be processed or stored outside of Australia, including:

Singapore and the United States — language model processing for the Business Analyser Tool
United States — Meta (advertising measurement, where you have consented or under the reduced-payload + Limited Data Use posture described above), Mailchimp (email service, where you have actively subscribed), Cloudflare (spam protection)
European Union — historical CRM platform records prior to our migration to Australian-hosted infrastructure

All third-party service providers are contractually required to protect your data in accordance with the Australian Privacy Principles.

Children’s privacy

Our services are designed for adults — typically professionals and organisations engaging with us for AI training, consulting, or related services. We do not knowingly collect personal information from anyone under the age of 16.

If you believe a child has provided personal information to us, please contact hello@realmindsai.au and we will delete it promptly.

Your rights

If you are an Australian resident

Under the Privacy Act 1988, you have the right to:

Access the personal information we hold about you
Request corrections or updates to inaccurate information
Request deletion of your personal information
Withdraw your consent for any data processing based on consent
Opt out of direct marketing at any time
Lodge a complaint about how we have handled your information

To exercise any of these rights, email hello@realmindsai.au or write to us at the postal address below.

If you are a European or UK resident

Under the GDPR / UK GDPR, you have the right to:

Be informed about how your personal data is used
Access your personal data
Have inaccurate data corrected (rectification)
Have your data erased (“right to be forgotten”)
Restrict processing of your data
Data portability — receive your data in a portable format
Object to processing
Not be subject to automated decision-making and profiling

To exercise these rights, contact us at hello@realmindsai.au.

We process your information either to fulfil contracts with you or to pursue our legitimate business interests as described above. Your information may be transferred outside of Europe — including to Australia, Singapore, and the United States — under appropriate transfer mechanisms.

Complaints

If you have a concern about how we have handled your personal information, we want to know. We aim to resolve complaints quickly and fairly.

Step 1 — Contact us first. Email hello@realmindsai.au or write to us at the postal address below. Please tell us:

What happened
When it happened
What outcome you would like

We will acknowledge your complaint within 5 business days and provide a substantive response within 30 days.

Step 2 — External escalation. If you are not satisfied with our response, you can lodge a complaint with:

Australia — Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or 1300 363 992
EU/UK residents — your local data protection authority

Links to other websites

Our website may contain links to other websites that are not owned or controlled by us. We are not responsible for the privacy practices of those sites. Please read the privacy notice of every site you visit that may collect personal information about you.

Information security

We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards to protect against unauthorised access, use, modification, or disclosure of personal data in our control and custody.

No data transmission over the Internet or a wireless network can be guaranteed. While we apply appropriate safeguards, we cannot warrant absolute security.

Legal disclosure

We will disclose any information we collect, use, or receive if required or permitted by law — for example, to comply with a subpoena or similar legal process. We may also disclose information when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page and, for material changes, post a notice on the website or email subscribers.

We encourage you to review this policy periodically.

Contact us

For any matter relating to this policy or your personal information:

Real Minds, Artificial Intelligence ABN 98 648 626 859 U4 / 65 Beetham Parade Rosanna VIC 3084 Australia

Phone — 0480 032 916
Privacy matters — hello@realmindsai.au
General matters — hello@realmindsai.au

If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner at oaic.gov.au (Australian residents) or your local data protection authority (EU/UK residents).