Lastup dated: 18 June 2026
This Privacy Policy applies toall personal information collected by Saraiya Design Pty Ltd trading asPolycrafts Studio (we, us or our) via the website locatedat www.polycraftsstudio.com (Website) and through the creative services we provide to you.
Polycrafts Studio is a servicesbusiness. We create high-end cinematic brand and marketing content for brands,product owners and agencies. Clients engage us directly; we do not operateclient logins or a self-serve portal. The kind of Personal Information that wecollect from you will depend on how you engage with us and our services. ThePersonal Information which we collect and hold about you may include:
• Contact and Business Information: your fullname, email address, phone number, business or brand name, role, and othercompany details you provide when you enquire about or engage our services.
• Project Brief and Brand Materials: the creativebrief and instructions you provide, brand colours, brand guidelines,tone-of-voice and any other brand-related information, together with productassets you supply for use in your project, including:
◦ 3D model files (where you have one), in formats such as .OBJ, .FBX, .STL, .3DS, .DAE
◦ product image and label files, in formats such as .JPG,.PNG, .GIF, .WEBP, .SVG
◦ product descriptions, specifications and any relatedinformation you provide
• Service Details: the service option you selectfor each product Cinematic Hero Film, Ad Creative Package, or MonthlyCreative Partner along with chosen deliverable formats and aspect ratios(such as 16:9 (1920x1080), 9:16, 9:16 (UGC), 1:1, 4:5, and 4K images), revisionrequests and history, and feedback or approvals you provide during a project.
• Payment Information: payment is required upfrontbefore work begins. We send you a Stripe payment link, and your payment isprocessed by Stripe, our third-party payment processor, in USD. Your fullbanking and credit card details are collected and securely stored by Stripe only, we do not have access to or store your complete payment card information. Wereceive limited payment information from Stripe, such as transactionconfirmation, payment amount, billing details and invoice records.
• Communication Records: email correspondence,enquiries, support requests, feedback, project approvals and revision requests,and any other communications between you and Polycrafts Studio.
• Technical and Website Usage Information: IPaddress, browser type and version, device type and operating system, cookiesand similar tracking technologies, pages viewed, time spent on the Website,click patterns, and Website navigation data.
We collect this information tocommunicate with you, scope and quote your project, process your payment,produce and deliver your creative content, and manage our relationship withyou.
The Privacy Act 1988 (Cth) (PrivacyAct) defines types of information, including Personal Information andSensitive Information.
Personal Information meansinformation or an opinion about an identified individual, or an individual whois reasonably identifiable:
• whether the information or opinion is true or not; and
• whether the information or opinion is recorded in amaterial form or not.
Personal Information we collectincludes your contact and business details, project briefs and brand materials,payment records and communication records. If the information does not discloseyour identity or enable your identity to be ascertained, it will in most casesnot be classified as “Personal Information” and will not be subject to thisPrivacy Policy.
Sensitive Information isdefined in the Privacy Act as including information or opinion about suchthings as an individual’s racial or ethnic origin, political opinions,membership of a political association, religious or philosophical beliefs,membership of a trade union or other professional body, criminal record orhealth information.
We do not knowingly orintentionally collect Sensitive Information. Our services do not require it.However, if Sensitive Information is inadvertently collected or provided to us,it will be used by us only:
• for the primary purpose for which it was obtained;
• for a secondary purpose that is directly related to theprimary purpose; and
• with your consent or where required or authorised bylaw.
• Direct Engagement: We collect PersonalInformation directly from you when you contact us, enquire about our services,discuss your project, agree to engage us, and provide your brief, brandmaterials and product assets.
• Product Content and Brand Materials: We collectproduct-related and brand information when you send us 3D models, productimages, labels, brand colours, brand guidelines, product descriptions and anyadditional information about your product or project.
• Payment Processing through Stripe: When you payfor a project, payment information is collected and processed as follows:
◦ we send you a Stripe payment link and payment isrequired upfront before work begins;
◦ your banking and credit card details are collected andsecurely stored by Stripe, our third-party payment processor;
◦ we do not directly access, collect or store yourcomplete banking or credit card information;
◦ we receive limited payment information from Stripe,such as transaction confirmation, payment amount in USD, billing details andinvoice records;
◦ Stripe handles all sensitive financial data incompliance with PCI DSS Level 1 standards.
• Technical Information and Cookies: We collectcookies and similar tracking technologies from your device which enable us toidentify when you use the Website, track your IP address, browser type, deviceinformation and operating system, monitor page views and navigation patterns,and remember your preferences. As a general rule, it is not possible toidentify you personally from our use of cookies alone.
• Communications: We collect information when youcommunicate with us by email or other channels regarding your project,feedback, enquiries or complaints.
• Third-Party Sources: Where reasonable andpracticable, we collect your Personal Information from you only. However, wemay receive limited information from third parties, including paymentconfirmation data from Stripe and technical data from our cloud storage,file-sharing and hosting providers. When we receive information from a thirdparty, we will take reasonable steps to make you aware of this collection.
• We do not knowingly collect Sensitive Information. IfSensitive Information is inadvertently provided to us, we will handle it inaccordance with the Privacy Act and the requirements set out in clause 2 above.
We collect and use your PersonalInformation for the following purposes:
• to respond to your enquiries and communicate with youabout your project;
• to scope, quote and plan your project;
• to process your upfront payment in USD through Stripe;
• to receive and use the brief, brand materials andproduct assets you provide;
• to build 3D models of your products where required;
• to produce your selected service - Cinematic Hero Film,Ad Creative Package, or Monthly Creative Partner — and deliver the agreedformats and aspect ratios;
• to process revision requests and manage the revisionworkflow;
• to communicate with you about your project, deliverystatus and account matters;
• to provide support and respond to your enquiries orcomplaints;
• to enforce our terms of engagement;
• to improve our services and Website;
• to comply with our legal obligations under Australianlaw.
We customarily disclose PersonalInformation to:
• Stripe, for secure payment processing and transactionmanagement;
• cloud storage and file-sharing providers, where yourbrand materials, product assets and finished content are stored and delivered;
• our service providers and contractors who assist inproducing your content;
• email and IT service providers for communications,Website maintenance and technical support.
Your Personal Information mayalso be exposed from time to time to maintenance and support personnel actingin the normal course of their duties.
By using our Website or engagingour services, you consent to the receipt of direct marketing material. We willonly use your Personal Information for this purpose if we have collected suchinformation directly from you, and if it is material of a type which you wouldreasonably expect to receive from us. We do not use Sensitive Information indirect marketing activity. Our direct marketing material will include a simplemeans by which you can request not to receive further communications of thisnature, such as an unsubscribe button or link.
We take the security of yourPersonal Information seriously and implement reasonable security measures toprotect it from unauthorised access, misuse, modification or disclosure. Thesemeasures include:
• secure storage of your contact, project and accountinformation;
• secure cloud storage for brand materials, productassets and finished content;
• use of Stripe’s PCI DSS Level 1 compliant paymentprocessing system for all financial transactions;
• secure transmission protocols (HTTPS/SSL) for datatransfer between your browser and our servers;
• access controls limiting personnel access to PersonalInformation on a need-to-know basis;
• regular security assessments and updates to oursystems.
When we no longer require yourPersonal Information for the purpose for which we obtained it, we will takereasonable steps to destroy, anonymise or de-identify it. Most of the PersonalInformation stored in our client files and records, including project assetsand finished content, will be kept for a maximum of 7 years to fulfil ourrecord-keeping obligations under Australian law.
The Australian PrivacyPrinciples:
• Permit you to obtain access to the Personal Informationwe hold about you in certain circumstances (Australian Privacy Principle 12); and
• Allow you to correct inaccurate Personal Informationsubject to certain exceptions (Australian Privacy Principle 13).
If you wish to access or correctyour Personal Information, you may do so by contacting us in writing using thecontact details provided at the end of this Privacy Policy. We will respond toyour request within a reasonable timeframe, typically within 30 days.
In some circumstances, we mayneed to refuse your request to access or correct your Personal Information. Ifwe do so, we will provide you with written reasons for our refusal (exceptwhere it would be unreasonable to do so) and inform you of the mechanismsavailable to complain about the refusal.
Please note that paymenttransaction records processed through Stripe are subject to Stripe’s dataretention and access policies. For access to complete payment card details, youwill need to contact Stripe directly.
If you have a complaintconcerning the manner in which we maintain the privacy of your PersonalInformation, including how we handle your contact details, project materials,payment information or any other aspect of our privacy practices, pleasecontact us using the contact details provided at the end of this PrivacyPolicy.
When making a complaint, pleaseprovide as much detail as possible, including:
• your name and contact information;
• a description of the privacy concern or complaint;
• any relevant dates, transactions or interactions;
• what outcome you are seeking.
All complaints will beconsidered by management at Saraiya Design Pty Ltd trading as PolycraftsStudio. We may seek further information from you to clarify your concerns andbetter understand the issue. We will investigate your complaint and aim torespond to you within 30 days of receiving it. If we need additional time toinvestigate, we will inform you of the delay and provide an estimated timeframefor resolution.
If we agree that your complaintis well founded, we will, in consultation with you, take appropriate steps torectify the problem. This may include correcting or updating your PersonalInformation, improving our privacy practices and procedures, providing you withan explanation or apology, or taking other action as appropriate to addressyour concerns.
If you remain dissatisfied withthe outcome of your complaint or our response, you may refer the matter to theOffice of the Australian Information Commissioner at oaic.gov.au.
Your Personal Information may bedisclosed to recipients outside Australia in the following circumstances:
• Payment Processing through Stripe: When you makepayment in USD through our payment processor Stripe, your payment informationmay be transferred to and stored on Stripe’s servers, which may be locatedoutside Australia. Stripe is a US-based company that operates globally andmaintains data centres in multiple jurisdictions. Stripe is required to complywith applicable data protection laws, including the General Data ProtectionRegulation (GDPR) where applicable.
• Cloud Storage and File-Sharing Services: Yourbrand materials, product assets and finished content may be stored with cloudstorage and file-sharing providers whose servers may be located outsideAustralia. We take reasonable steps to ensure these service providers handleyour Personal Information in accordance with the Australian Privacy Principles.
• Service Providers: We may engage overseasservice providers to assist with content production, 3D modelling, technicalsupport or other aspects of our service delivery. When we do so, we takereasonable steps to ensure these providers protect your Personal Information.
• Your Express Consent: If you expressly requestus to transfer your Personal Information to an overseas recipient (such asrequesting delivery of files to an overseas email address or cloud storage), wewill do so with your consent.
• Accountability: Where we disclose your PersonalInformation to overseas recipients for the purposes of providing our services,we take reasonable steps to ensure that the overseas recipient handles yourinformation in a manner consistent with the Australian Privacy Principles.However, if you expressly consent to the overseas disclosure, the overseasrecipient will not be required to comply with the Australian Privacy Principlesand we will not be liable for any mishandling of your information by thatoverseas recipient in such circumstances.
• Countries of Disclosure: Your PersonalInformation may be disclosed to recipients in the United States (Stripe paymentprocessing) and other countries where our cloud storage and service providersoperate. The specific countries may vary depending on the service providers weengage from time to time.
In some circumstances, theEuropean Union General Data Protection Regulation (GDPR) provides additionalprotection to individuals located in Europe. Where this is the case, there maybe additional rights and remedies available to you under the GDPR if yourPersonal Information is handled in a manner inconsistent with that law.
If you have any queries, or ifyou seek access to your Personal Information, or if you have a complaint aboutour privacy practices, you can contact us through: info@polycraftsstudio.com.
Saraiya Design Pty Ltd trading as Polycrafts Studio
29 Alfred St, St Peters, NSW,2044, Australia