Privacy Policy

Bratty Blinks (“we”, “us”, “our”) is a lash extension and brow studio operated by Pia, with locations in Hoppers Crossing and South Melbourne, Victoria, Australia.

We are committed to protecting your personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). This policy explains how we collect, use, store, and protect your information when you visit our website or use our services.

We may collect the following types of personal information:

Information you provide directly

• Booking information (via Acuity Scheduling): name, email address, phone number, service preferences, and appointment history
• Loyalty program: first name, email address, mobile number, and lash style preference
• Training enquiries: name, email address, phone number, and your message

Information collected automatically

• IP address and approximate location
• Browser type, device type, and operating system
• Pages visited, time spent, and referring URL
• Clicks, scrolls, and interaction patterns (via session recordings)

We use the information we collect to:

• Process and manage your bookings
• Administer the loyalty rewards program
• Respond to training enquiries
• Improve our website and user experience
• Analyse website traffic and usage patterns
• Monitor and fix technical errors
• Comply with legal obligations

Our website uses cookies and similar technologies. When you first visit our site, a consent banner allows you to accept or reject non-essential cookies. We categorise them as follows:

Essential (always active)

• Vercel Analytics — privacy-focused, cookieless web analytics that collects anonymous page view and performance data. No personal information is collected.
• Sentry — error monitoring and performance tracking to identify and fix technical issues. Only technical error data is collected.
• localStorage — used to remember your cookie consent choice, modal dismissal, and UI preferences. This data stays on your device and is not transmitted to us.

Analytics (requires your consent)

• Google Analytics 4 — collects anonymised usage data including page views, sessions, traffic sources, and general demographics. Google may set cookies on your device.
• Microsoft Clarity — records anonymised session replays, heatmaps, and click patterns to help us understand how visitors use our site. Clarity may set cookies on your device. Personal information entered into forms is automatically masked.

You can change your cookie preferences at any time by clearing your browser’s localStorage for this site or using your browser’s built-in cookie management settings.

We use the following third-party services to operate our business. Each service has its own privacy policy governing how they handle your data:

• Acuity Scheduling — online booking management
• Google Analytics — website analytics
• Microsoft Clarity — session recordings and heatmaps
• Vercel — website hosting and analytics
• Sentry — error monitoring
• Supabase — database services

We encourage you to review the privacy policies of these services for details on how they process your information.

We take reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification, or disclosure. This includes:

• Encrypted connections (HTTPS) across our entire website
• Restricted access to personal information on a need-to-know basis
• Industry-standard security practices maintained by our third-party service providers

While we strive to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security.

Under the Australian Privacy Principles, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate or outdated information
• Request deletion of your personal information where it is no longer needed
• Opt out of marketing communications at any time
• Withdraw cookie consent by clearing your browser data
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached

To exercise any of these rights, please contact us using the details below.

• Booking data is retained for as long as necessary to provide our services and meet legal or business requirements
• Loyalty program data is retained until you unsubscribe or request deletion
• Training enquiries are kept for a reasonable period to manage and follow up on your enquiry
• Analytics data is subject to the retention policies of Google, Microsoft, and Vercel respectively

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate action.

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised “last updated” date. We encourage you to review this policy periodically.

If you have any questions about this privacy policy or wish to exercise your rights, you can reach us at:

• Phone: 0468 161 806
• Instagram: @brattyblinksmelb
• Hoppers Crossing: 7 Old Geelong Rd, Hoppers Crossing VIC 3029
• South Melbourne: 272 Coventry St, South Melbourne VIC 3205