Click here to go to the Home Page.
Newsletter Sign Up
Click here to go to the Home Page.
Click here to go to the Home Page.

Privacy Policy

Effective Date: August 11th, 2025
Last Updated: September 9th, 2025

We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you visit our website, become a member, or purchase our products or services. It also outlines your rights under the General Data Protection Regulation (GDPR) and other applicable laws.

We keep our privacy policy under regular review and place any updates on this web page. If you want to make sure that you are up to date with our latest changes, we advise you to visit this web page frequently.

Who We Are

We are Steely Rose Productions Pty Ltd and we operate Samuel’s Stable, a membership website offering member benefits including digital content and physical products. We are the Data Controller of your personal information.

We have appointed a Data Protection Officer (DPO) to oversee compliance with this privacy policy. Our DPO monitors GDPR compliance, assesses data protection risks, advises on data protection impact assessments, and cooperates with regulators.

If you have questions about this policy or how we handle your personal information, you can contact our DPO at:

Email: andra@samuelsstable.com
Postal Address: Data Protection Officer (DPO), Steely Rose Productions Pty Ltd, PO Box 1012, Flinders Park SA 5025, Australia

Personal Data We Collect

We may collect the following categories of personal data:

  • when you visit our website: IP address, browser type, device information (via cookies and analytics tools), pages visited, referring/exit pages, time spent on pages
  • when you create an account or purchase: name, email address, billing/shipping address, phone number, login details (username, encrypted password), subscription tier, order history, preferences
  • when we fulfil your order: name, shipping address, and product details are shared with our suppliers
  • when you voluntarily sign up for our newsletter, complete a contact form, respond to our customer surveys, take part on our social media accounts or Discord servers, or send us email.

We do not store full payment card details as third-party providers (e.g., Stripe, PayPal) process your payments securely.

Remove location data (EXIF GPS) before uploading images to our website. Website visitors may download and extract location data from your images.

How We Use Your Personal Data

We process your personal data for the following purposes:

  • to create and manage your membership and personalise your experience

  • to process orders, provide services, and deliver products

  • to get credit references from credit reference agencies

  • to send transactional emails (order confirmations, receipts, membership tier updates)

  • to send digital content updates and newsletters (with your consent)

  • to improve our website and services (analytics, user feedback)

  • to comply with legal obligations (tax records, fraud prevention).

We will not lease, sell, or distribute your personal information to any third parties unless we have your permission or are required to comply with a legal request.

Lawful Basis for Processing (GDPR Article 6)

We process your data under the following lawful bases:
 

  • Contract: To perform the services you request (membership subscriptions, product orders)
  • Legal Obligation: To comply with tax, accounting, and regulatory requirements
  • Consent: For optional email marketing and cookies
  • Legitimate Interests: To improve services and prevent fraud.

How We Share Your Data

We may share your data with:

  • Analytics providers (Google Analytics, privacy-compliant alternatives)
  • Email marketing tools (only if you opt-in)
  • Gelato, Printful, or Printify (print-on-demand fulfillment, physical product delivery)
  • Gravatar (to add your profile picture to your comments)
  • Legal authorities (if required by law)
  • MemberPress (membership management)
  • Payment processors (Stripe, PayPal)
  • Spam detection services (comment and contact spam detection and deletion)
  • WooCommerce (e-commerce platform).

We require all service providers to respect your personal data and comply with the GDPR.

International Data Transfers

Your information, including personal data that we collect from you, may be transferred to, stored at, and processed outside the country in which you live. For example, Gelato operates a global print-on-demand fulfillment network. We transfer your information to print shops closest to your location to fulfil your orders.

Data protection and privacy regulations in these locations may not offer the same level of protection as in the European Economic Area (EEA). By using our services, you agree to this transfer, storing, or processing. We will take all steps reasonably necessary to ensure that your data is treated securely under this Privacy Policy and Standard Contractual Clauses.

Data Storage and Retention

We store your personal data on our website host’s secure data servers. We keep your personal data only for as long as is necessary for the purposes set out in this Privacy Policy, subject to your right to request that we delete your data. We keep and use your information to the extent necessary to comply with our tax and legal obligations, resolve disputes, and enforce our legal agreements and policies.

Your Rights Under GDPR

You have the right to:

  • access: you may request copies of your personal data
  • rectification: you may request that we correct any information you believe is inaccurate or complete information you believe is incomplete
  • erasure: you may request that we erase your personal data, under certain conditions
  • restrict processing: you may request that we restrict the processing of your personal data, under certain conditions
  • object to processing: you may object to our processing of your personal data, under certain conditions
  • data portability: you may request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions
  • withdraw consent at any time: where we are relying on your consent to process your personal data, you may withdraw your consent at any time.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact our Data Protection Officer (DPO) via email, postal address, or our website contact form.

Data Security

We are committed to securing your data and keeping it confidential. We have done all in our power to prevent data theft, unauthorized access, and disclosure by implementing the latest technologies and software, which help us safeguard your data.

While we follow applicable data security advice, we cannot guarantee the security of your personal data beyond recommended and reasonable preventative measures. We commit to informing you of a data breach once we notice it and to letting you know of our remedial actions.

LightSpeed Cache

This site utilises caching in order to facilitate a faster response time and better user experience. Caching potentially stores a duplicate copy of every web page that is on display on this site.

All cache files are temporary, and are never accessed by any third party, except as necessary to obtain technical support from the cache plugin vendor. Cache files expire on a schedule set by the site administrator, but may easily be purged by the admin before their natural expiration, if necessary.

We may use QUIC.cloud services to process and cache your data temporarily. Please see https://quic.cloud/privacy-policy/ for more details.

Links to and Embeds from Other Websites

Our website contains links to other websites. Our privacy policy does not govern linked websites. If you click on these links, your data and privacy protection at the linked destination is not our responsibility. Read the privacy policy of the website you go to before providing it with your personal data.

Our website also contains embedded content, e.g., videos, images, and articles. Embedded content behaves as if you visited the source website. Source websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with their embedded content. If you are logged in to a source website account, the source website can track your interaction with our embedded content.

Children’s Privacy

Our services do not address anyone under the age of 16. We do not knowingly collect personally identifiable information from children under 16. If we discover that a child under 16 has provided us with personal information, we will delete such information from our servers immediately.

If you are a parent or guardian and you know your child has provided us with personal information, please contact us and we will delete your child’s personal data.

Marketing

We would like to send you information about our products and services we think you might like, as well as those of our partners.

Our partners include:

If you agree to receive marketing, you may opt out at a later date. You have the right at any time to stop us from contacting you for marketing or giving your data to our partners. If you no longer wish to be contacted for marketing, please contact our Data Protection Officer (DPO) via email, postal address, or our website contact form.

Authority

Should you wish to make a formal complaint or if you feel we have not addressed your concern satisfactorily, you may contact the Office of the Australian Information Commissioner.