Privacy Policy

Effective date: 10 August 2025
‍
Who we are: This is Media (“we”, “us”, “our”) operates thisismedia.com.au and the TIM Shortlist newsletter.
Contact: hello@thisismedia.com.au · Postal: [Add your postal address]

We respect your privacy. This policy explains what we collect, how we use it, who we share it with, and your choices. We follow the Australian Privacy Act 1988 (Cth) and Australian Privacy Principles. We also outline rights for users in the EEA/UK (GDPR) and California (CPRA).

This page is informational and not legal advice.

What we collect

Information you provide

• Email address (required to send the newsletter), name (optional).
• Preferences you choose (e.g., Food, Wine, Travelling).
• Messages you send us (support, surveys, feedback).
• Orders for paid PDFs/products are processed by our payment provider; we receive order metadata (no full card details).

Information collected automatically

• Device/usage: IP address, browser, device type, pages viewed, referring page, UTM tags.
• Cookies on our site for essentials, analytics, and (if enabled) marketing/ad measurement.
• Email analytics via Mailchimp: opens, clicks, approximate location derived from IP when an email is opened or links are clicked. Mailchimp records open events via a small tracking image in HTML emails and logs click-throughs via a redirect; open/click tracking can be enabled/disabled per campaign. Mailchimp+1

Information from partners

• Email platform (Mailchimp): engagement stats (opens, clicks), signup/confirmation timestamps and IPs for consent records. Mailchimp
• Affiliate networks / ad partners: aggregated performance and purchase attribution (no card numbers).

We do not intentionally collect sensitive information (e.g., health, biometric) and ask that you don’t send it to us.

How we use information

• Send TIM Shortlist and other emails you opt into.
• Personalise content by your selected passions.
• Measure & improve site and newsletter performance (analytics, A/B tests).
• Monetise responsibly: show ads, use affiliate links with clear disclosure.
• Security & compliance: prevent misuse, keep consent records, meet legal obligations.
• Support: respond to messages and requests.

Legal bases (EEA/UK): consent (emails, non-essential cookies), legitimate interests (analytics, basic personalisation, abuse prevention), contract (paid downloads), legal obligation (record keeping).

Email service provider (Mailchimp)

We use Mailchimp (an Intuit company) to manage subscribers, send emails, and measure engagement. Mailchimp stores our subscriber list and processes email events (opens, clicks). Mailchimp’s Data Processing Addendum forms part of its standard terms and incorporates the EU Standard Contractual Clauses (SCCs) for international transfers. Mailchimp+2Mailchimp+2

• Consent records & double opt-in. Mailchimp can record the date/time and IP for signup and confirmation (if double opt-in is enabled). We may use double opt-in where required. Mailchimp
• Open/click tracking. Mailchimp can track whether an email is opened (via a 1×1 pixel) and which links are clicked (via redirect logging). Mailchimp+1
• Security. Mailchimp publishes information about its security program and practices. Mailchimp
• Location. Mailchimp is headquartered in the United States and operates servers in the U.S.; data processed by Mailchimp may be transferred to and stored in the U.S. Mailchimp
• Ownership. Mailchimp is part of Intuit (acquired in 2021). Intuit Inc.+1

You can read more in Mailchimp’s help docs on data privacy and GDPR, and its DPA. Mailchimp+2Mailchimp+2

Cookies and similar technologies

On our site we use:

• Essential cookies for core functionality and security.
• Analytics to understand traffic and improve content.
• Marketing/ads (if enabled) to measure campaigns and show relevant promotions.

You can manage cookies in your browser and (where offered) via our consent banner. Blocking some cookies may limit certain features.

Ads, affiliates, and disclosures

We include tasteful affiliate links in some stories and newsletters. If you buy through those links, we may earn a commission at no extra cost to you. We clearly label sponsored content.

Sharing your information

We share information with:

• Service providers (processors) such as Mailchimp (email), hosting/CDN, analytics, consent management, payments, and support tools—solely to operate our services.
• Advertising/affiliate partners to attribute purchases and measure performance.
• Legal/safety recipients when required by law or to protect our rights and users.
• Business transfers if we undergo a merger, acquisition, or sale of assets.

We do not sell personal information for money. Under the CPRA, “sale” or “share” can include cookie-based ad targeting; you can opt out via our consent tools where available.

International transfers

Where data is transferred outside your country (for example, to the United States when processed by Mailchimp), we rely on SCCs or other appropriate safeguards as permitted by law. Mailchimp+1

Retention

• Newsletter data is kept while you remain subscribed. If you unsubscribe, we retain your email on a suppression list to prevent future sends and may keep minimal records for compliance.
• Analytics/ads data is retained long enough to analyse trends (commonly 13–26 months) and then aggregated or deleted.
• Orders/support are retained as required for tax, accounting, or dispute resolution.

Your choices & rights

Everyone

• Unsubscribe at any time via the link in our emails.
• Manage preferences for topic interests via the link in our emails (when offered).
• Cookies can be controlled in your browser and (where offered) via our consent banner.
• Contact us to access, correct, or delete your information (subject to legal limits).

EEA/UK (GDPR/UK GDPR)
You may have the right to access, rectify, erase, restrict or object, data portability, and to withdraw consent without affecting prior processing. You can also lodge a complaint with your local data protection authority.

California (CPRA)
You may have the right to know, delete, correct, and opt out of sale/share of personal information. We don’t use or disclose sensitive personal information in ways that require a “limit” right.

To exercise rights, email hello@thisismedia.com.au. We will verify requests and respond within required timeframes.

Children

Our site and newsletters are not intended for children under 16. We do not knowingly collect their data. If you believe a child provided information, contact us to delete it.

Security

We use reasonable technical and organisational measures (e.g., encryption in transit, access controls). No method is 100% secure; please use strong, unique passwords and tell us if you suspect unauthorised activity. For Mailchimp’s security overview, see their documentation. Mailchimp

Email compliance notes

Every campaign includes a working unsubscribe link and our physical mailing address, per Mailchimp’s anti-spam requirements and CAN-SPAM compliance, even if you’re outside the U.S. Mailchimp+1

Third-party sites

Our content may link to third-party websites or embeds. Their privacy practices apply when you interact with them.

Changes to this policy

We may update this policy from time to time. If changes are material, we’ll provide a clear notice (for example, on the site or via email). “Effective date” at the top shows when it was last updated.

‍