Privacy Policy

Document:	Privacy Policy
Entity:	Iszac Wayne Enterprises Pty Ltd (ABN 11 669 539 459)
Version:	3.2
Effective Date:	26/04/2026
Last Updated:	26/04/2026
Last Reviewed By:	Iszac Wayne, Founder & Managing Director
Governing Law:	Western Australia, Australia

1. Overview & Scope

Iszac Wayne Enterprises Pty Ltd (ABN 11 669 539 459), trading as Pendulum ("we", "us", "our"), is committed to protecting the privacy of our clients and prospective clients in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy applies to personal and business information collected through our website, client onboarding processes, our service delivery platforms, and all service delivery activities conducted by Pendulum. It governs how we handle information about individuals who interact with us in a business-to-business (B2B) context.

Pendulum is a B2B service provider. The information we collect is primarily business-related and relates to our clients' operations, authorised representatives, and end-customer lead data processed on our clients' behalf.

2. Information We Collect

2.1 Client & Contact Information

Business name, ABN/ACN, registered address
Name, title, and contact details of authorised representatives
Email addresses and phone numbers used for business communications
Billing and payment details (processed via third-party payment providers)

2.2 Business Lead Data (Processed on Behalf of Clients)

As part of delivering our Services, we process lead and pipeline data on behalf of our clients. This may include:

Prospective customer names, phone numbers, and email addresses
Enquiry source, date/time, and lead status
Automated response logs and follow-up records
CRM pipeline stages and conversion data

In this capacity, Pendulum acts as a data processor on behalf of our clients (the data controllers). Clients remain responsible for ensuring their collection of this data complies with applicable laws.

2.3 Website & Analytics Data

IP address, browser type, device information
Pages visited, session duration, referral source
Form submissions and audit call bookings
Cookie data (see our Cookie Policy)

2.4 Correspondence & Communications

Emails, calls, and meeting notes relating to service delivery
Support requests and feedback
Onboarding questionnaire responses

3. How We Use Your Information

Purpose	Legal Basis
Delivering and managing our Services	Contractual obligation
Client onboarding and system configuration	Contractual obligation
Invoicing and financial record-keeping	Legal obligation
Service communications and support	Legitimate business interest
Analytics to improve our services	Legitimate business interest
Marketing to existing clients and prospects (opt-out available)	Consent / legitimate interest
Legal, regulatory, and compliance obligations	Legal obligation

We do not sell personal information to third parties. We do not use client lead data for any purpose other than delivering services to the respective client.

4. Third-Party Platform Integration & Data

Pendulum's Services are built on and integrate with GoHighLevel, a US-based CRM and marketing automation platform. In using our Services, client and lead data is processed through GoHighLevel's infrastructure.

International Transfer Notice: GoHighLevel operates servers primarily in the United States. By engaging Pendulum's services, clients acknowledge that their business and lead data may be transferred to and processed in the United States under GoHighLevel's data handling practices and terms of service.

We rely on GoHighLevel's contractual commitments and data processing agreements to ensure appropriate safeguards for any international data transfers. Clients may review GoHighLevel's privacy policy at gohighlevel.com/privacy-policy.

4.1 Other Third-Party Integrations

Google Analytics, Website analytics (US-based, subject to Google's terms)
Meta (Facebook) Pixel, Advertising and retargeting analytics
LinkedIn Insight Tag, B2B advertising analytics
Payment processors, Billing and invoicing (details provided at point of sale)

5. Data Retention

We retain personal and business information for a minimum of 7 years from the date of last service delivery or final transaction, in accordance with Australian taxation, corporations, and financial record-keeping obligations.

Data Category	Retention Period
Client contracts and service agreements	7 years post-contract
Financial and billing records	7 years post-transaction
Client lead & pipeline data (processed)	Duration of engagement + 12 months
Email and written correspondence	7 years
Website analytics data	26 months (Google Analytics default)
Marketing contact preferences	Until opt-out or 3 years of inactivity

Upon written request from a client following cessation of services, we will delete operational lead data earlier than the default retention period, provided there is no legal obligation to retain it.

6. Your Rights Under Australian Privacy Law

Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the right to:

Access, Request access to personal information we hold about you
Correction, Request correction of inaccurate or out-of-date information
Complaint, Lodge a complaint about how we have handled your information
Opt-out of direct marketing, Unsubscribe from marketing communications at any time
Anonymity, Where practicable, interact with us anonymously (limited by service delivery requirements)

To exercise these rights, contact us using the details in Section 9. We will respond to access and correction requests within 30 days.

If you are unsatisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or by phone on 1300 363 992.

7. Data Security

We implement reasonable technical and organisational measures to protect personal information from unauthorised access, disclosure, alteration, or loss, including encrypted data transmission (TLS/SSL), access controls, and regular review of our data handling practices.

No method of data transmission or storage is completely secure. In the event of a data breach likely to result in serious harm, we will notify affected parties and the OAIC in accordance with the Notifiable Data Breaches scheme under the Privacy Act.

8. Changes to This Policy

We may update this Privacy Policy from time to time. The current version will always be available on our website. We will notify active clients of material changes via email with at least 14 days' notice before changes take effect.

9. Contact & Complaints

For privacy-related enquiries, access requests, corrections, or complaints, please contact:

Iszac Wayne, Founder & Managing Director
Iszac Wayne Enterprises Pty Ltd (Pendulum)
ABN 11 669 539 459 | Perth, Western Australia
Email: mail@pendulumcro.com
Phone: +61 450 188 985

We aim to acknowledge all privacy enquiries within 5 business days and resolve complaints within 30 days.