Home/Privacy Policy

Privacy Policy

Effective Date: 11 June 2026

Man of Many Pty Ltd (ABN 73 163 331 280) (“us”, “we”, or “our”) operates the manofmany.com website, associated mobile applications, newsletters, membership services and related digital products (collectively, the “Services”).

We are bound by the Australian Privacy Act 1988 (Cth) (“Privacy Act”) and the Australian Privacy Principles (“APPs”), including the amendments made by the Privacy and Other Legislation Amendment Act 2024 (Cth). Where we collect personal information from individuals located in the European Economic Area (“EEA”) or the United Kingdom (“UK”) and the General Data Protection Regulation (“GDPR”) or UK GDPR applies to that processing, we comply with the applicable obligations under those laws.

By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please discontinue use of our Services. Unless otherwise defined below, terms used in this Privacy Policy have the same meanings as in our Terms & Conditions.

Definitions

  • Service: The manofmany.com website and related digital products operated by Man of Many Pty Ltd.
  • Personal Data: Data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession). This may include identifying details such as name, email address, or any other data that can be used to identify you.
  • Usage Data: Data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  • Cookies: Small files stored on your device (computer or mobile device).
  • Hashed Identifier: A one-way cryptographic transformation (we use SHA-256) of an identifier such as an email address. A hashed identifier cannot be reversed to reveal the original value, but it can be matched against the same identifier hashed elsewhere. We treat hashed identifiers as personal information and protect them accordingly.
  • Audience Segment: A group of readers who share a content interest pattern (for example, readers who have recently engaged with several watch articles). Segments are built from reading behaviour and are used for content recommendations and, with your consent, advertising.
  • Consent Management Platform (CMP): The tool we use to collect, record and honour your consent choices for cookies and data processing.
  • Data Controller: A natural or legal person who (alone, jointly with others, or in common with others) determines the purposes for which and the manner in which any personal information is, or is to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.
  • Data Processor (or Service Provider): Any natural or legal person who processes data on behalf of the Data Controller. We may use the services of various Service Providers to process your data more effectively.
  • Data Subject (or User): Any living individual who is using our Service and is the subject of Personal Data.
  • Automated Decision-Making (AI): Any automated processing of personal data that uses machine learning or algorithms to make decisions or recommendations without human intervention, such as personalisation or automated content moderation.
  • Doxxing: The malicious posting or sharing of another person’s personal or identifying information with the intention to harass, threaten, or otherwise harm them.

Information We Collect

Information You Provide Directly

We collect personal information that you voluntarily provide when you:

  • Create a membership account: email address, display name, password (encrypted), membership tier selection, referral source
  • Subscribe to our newsletter: email address, name, content preferences, subscription date
  • Submit comments or user-generated content: display name, email address, comment text, IP address
  • Contact us: name, email address, subject matter and content of your communication
  • Participate in surveys or competitions: responses, contact details, demographic information (age range, location, interests)
  • Engage with branded content or promotions: contact details and any information you provide through partner campaigns

We may use your Personal Data to contact you with newsletters, marketing or promotional materials, or other information that may be of interest to you. You can opt out of receiving such communications at any time by following the unsubscribe link in any email, or by contacting us directly.

First-Party Login, User Profiles and Progressive Profiling

When you create an account or sign in, we may collect additional Personal Data to set up your user profile. This can include:

  • A username and password (stored in encrypted form)
  • Postcode, job type, job level, or salary range, if you choose to provide them
  • Any content, comments, posts, or items you save or upload to your profile

We build profiles progressively. Rather than asking for everything at once, we may invite you to share additional optional details over time (for example, first name and category interests after you have engaged with our newsletter, or demographic details after a period of regular reading). Every one of these requests is optional. Declining never affects your access to our content, and you can view, edit or remove any profile field at any time in your account settings.

If you sign in using a social sign-in provider such as Google, we receive your email address and basic profile details from that provider, and the provider is notified that you signed in to our Service.

Providing optional data like salary range or job details helps us personalise content and provide more relevant recommendations. You remain free to omit or edit these fields at any time.

Sensitive Information

We do not knowingly collect any sensitive information (e.g. racial/ethnic data, health data) under Australian law, and we do not build audience segments that are defined by, or designed to infer, health conditions, sexual orientation, religious beliefs, political opinions or other sensitive attributes. Our segments are defined by content engagement only (for example, articles read in a product category). If you believe you have provided us with sensitive data, please contact us so we can delete or otherwise appropriately protect it.

Browser Notifications

If you see pop-up notifications from our website in Chrome or Safari, you can remove them by adjusting your browser’s notification settings. Further instructions for managing notifications can be found here for Chrome and here for Safari.

Information Collected Automatically

When you access our Services, we automatically collect:

  • Device and browser information: device type, operating system, browser type and version, screen resolution, language settings
  • Usage data: pages visited, articles read, time spent on pages, scroll depth, click patterns, search queries within our site, referring URLs, exit pages
  • Network information: IP address (used for approximate geolocation at city/state level, then anonymised), internet service provider
  • Server and security logs: request logs collected through our content delivery and security provider (Cloudflare), used for security, performance and, where you have consented, audience measurement
  • Cookie and tracking data: unique identifiers set by cookies, pixels, and similar technologies (see Cookies and Tracking Technologies section for full details)

Information from Third Parties

We may receive information about you from:

  • Advertising partners: hashed or pseudonymised identifiers used for audience matching and ad measurement (e.g., ID5 universal identifiers)
  • Analytics providers: aggregated demographic and interest data from Google Analytics 4
  • Payment processors: transaction confirmation and payment status from Stripe (we never receive or store your full credit card number)
  • Social media platforms: publicly available profile information when you interact with our social media content or log in via a social platform

Location Data

With your permission, we may collect and store location data (e.g. your postcode). You can enable or disable location services at any time in your device settings. If provided, this information helps us tailor the Service to show you relevant local content or events.

How We Use Your Information

Service Delivery and Operations

  • Providing, maintaining and improving our website and content
  • Processing and managing your membership account, including billing through Stripe
  • Delivering newsletters and email communications via Mailchimp
  • Moderating comments and user-generated content
  • Responding to your enquiries and support requests
  • Allowing you to participate in interactive features (e.g. commenting, saving posts)

Personalisation and Content Recommendations

  • Recommending articles and content based on your reading history and stated interests
  • Customising newsletter content to match your preferences
  • Tailoring the frequency and type of communications you receive

Analytics and Performance

  • Understanding how our audience engages with our content to inform editorial decisions
  • Measuring website performance, traffic patterns and content effectiveness
  • Conducting audience research and analysis (using aggregated, de-identified data)
  • A/B testing of site features, layouts and content presentation

Advertising and Commercial Operations

  • Serving relevant advertising through Google Ad Manager and programmatic demand partners
  • Measuring advertising campaign performance for our commercial clients
  • Building first-party audience segments based on content consumption patterns (e.g., “watch enthusiasts”, “fitness readers”), used for contextual targeting and, where you have consented, for personalised and segment-targeted advertising (see Audience Segments, Profiling and Identity Linking below)
  • Offering advertisers the ability to direct their campaigns at audience segments. Advertisers never receive your personal information, your reading history or your individual profile; they receive only campaign delivery against a segment and aggregated reporting
  • Facilitating data matching with advertising partners using hashed, pseudonymised identifiers, never plain-text personal information, and only where you have consented

Security and Fraud Prevention

  • Detecting and preventing fraudulent activity, spam and abuse
  • Protecting against misuse or potential doxxing, and ensuring the safety of our users
  • Protecting the security and integrity of our Services
  • Enforcing our Terms and Conditions
  • Complying with applicable laws, regulations, legal processes or governmental requests
  • Establishing, exercising or defending legal claims

We rely on various legal grounds to process your Personal Data, such as performance of a contract, user consent, and legitimate interests, in accordance with the Australian Privacy Act and relevant regulations.

Audience Segments, Profiling and Identity Linking

Advertising funds our free journalism. We want to be specific about how reader data supports that, because we think most privacy policies are deliberately vague on this point.

What We Build

  • Audience segments: We group readers by content engagement over a rolling 30-day window (for example, readers who have engaged with several watch articles recently). Segments are rebuilt nightly and a reader’s membership of a segment lapses automatically as their reading changes.
  • Interest scores: We may compute an interest score for a reader within a category, based on how recently and how often they have read in that category. Scores are used to decide segment membership and to personalise content and newsletters.

How Identity Linking Works

If you have given us your email address (for example, as a newsletter subscriber or account holder) and have consented to personalisation or marketing, we may link your activity across our own systems using a hashed version of your email address (SHA-256). This linking connects your newsletter engagement (Mailchimp), your on-site reading (Google Analytics 4) and our server logs (Cloudflare) into a single profile. We never use the plain-text email address as the linking key, we do not attempt to identify readers who have not given us their email address, and we do not link profiles for readers who have declined the relevant consent.

How Advertisers Use Segments

  • On-site and newsletter targeting: An advertiser can ask for their campaign to be shown to a segment (for example, “readers interested in watches”). The advertiser receives campaign delivery and aggregated reporting only. They never receive your identity, contact details, reading history or profile.
  • Publisher-provided identifiers (PPIDs): Where you have consented to personalised advertising, we may pass a pseudonymous publisher-provided identifier to Google Ad Manager so that segment targeting and frequency capping work across your visits. The PPID is generated by us, is meaningless outside our ad server, and does not reveal your identity to Google or to advertisers.
  • Look-alike audiences: Where you have consented to data sharing with advertising platforms, we may share your hashed email address with Meta or TikTok so those platforms can build a “look-alike” audience of similar users for our own or an advertiser’s campaign. The platform matches the hash against its own user base and then discards unmatched hashes in accordance with its terms. You can withdraw this consent at any time and we will exclude you from future exports.

What We Never Do

  • We never give or sell advertisers your name, email address, contact details or individual reading history.
  • We never build segments designed to infer sensitive attributes such as health conditions, sexual orientation, religion or political views.
  • We never include readers who have opted out. If you withdraw consent, your profile is flagged and excluded from all segment rebuilds within 24 hours, and from all future platform exports.

We use a certified Consent Management Platform (currently Google’s Privacy & Messaging consent solution, integrated with our advertising systems) to collect and record consent in regions where consent to advertising and tracking technologies is required, including the EEA, the UK and applicable US states. Visitors in those regions are shown a consent message before non-essential advertising technologies load. As we expand our consent tooling, choices will be presented in the following categories, each of which you can accept or decline independently:

  • Strictly necessary: Required for the site to function. Always active and not subject to consent.
  • Preferences: Remembering your settings and choices between visits.
  • Analytics: Measuring how the site and our content are used.
  • Marketing: Advertising delivery, measurement and data matching with advertising partners.
  • Personalisation: Content recommendations, behavioural profiling, audience segments and personalised newsletters.

In addition, where a practice described in this policy requires your consent, we ask for it separately at the point it becomes relevant, for example when you register or subscribe: receiving our newsletter; behavioural profiling of your reading; personalised advertising; and sharing of hashed identifiers with advertising platforms. None of these is bundled with another, and none is a condition of reading our content.

The consent record we keep: When we record a consent choice, the record includes the date and time, the categories you accepted or declined, and the version of this Privacy Policy then in force, so that we can prove and honour your choices. Consent records are retained for 7 years.

Withdrawing consent: You can change or withdraw any consent at any time: through the consent message where it is shown in your region, through your account preferences, or by emailing [email protected]. Withdrawal takes effect within 24 hours for audience segments and platform exports, and immediately for cookies on your current device. Withdrawal does not affect the lawfulness of processing before the withdrawal.

Artificial Intelligence and Automated Decision-Making

We use computer programs, including AI and machine learning tools, that process personal information automatically. In line with the transparency requirements introduced into the Privacy Act by the Privacy and Other Legislation Amendment Act 2024, this section describes the kinds of personal information used and the kinds of decisions made.

Kinds of personal information used in automated processing: reading and engagement history (pages visited, articles read, scroll depth), newsletter interaction (opens and clicks), stated preferences and profile fields you have provided, comment text, and pseudonymous identifiers (cookie IDs, hashed email).

Kinds of decisions and recommendations made automatically:

  • Content recommendations: algorithms analyse reading patterns to suggest relevant articles. These recommendations do not have a significant legal or personal impact on you.
  • Audience segment membership and interest scoring: automated rules decide which audience segments a consenting reader belongs to, which affects the advertising and recommendations they see. These decisions do not affect your access to content, pricing or any legal rights.
  • Comment moderation: automated systems flag potentially harmful content for human review. You may request human review of any automated moderation decision by contacting us at [email protected].
  • Editorial assistance: AI tools (such as Claude, Gemini and ChatGPT) are used to assist with research, fact-checking and editing workflows. AI-generated text is never published as original journalism without human review, editing and verification. Our full Responsible AI Usage & Ethics Policy is published separately.
  • Internal analytics: AI-powered tools help us analyse audience trends, business performance and operational data. This processing uses aggregated or de-identified data wherever possible.

We do not use automated decision-making that produces legal effects or similarly significant effects on individuals without human oversight. You may request human review of any automated decision that affects you by contacting [email protected].

No Doxxing Policy

We are committed to preventing the malicious publication of private personal information (“doxxing”). Under the Criminal Code Amendment (Prohibition of Doxxing) Act 2024 (Cth), the malicious release of personal data is a criminal offence in Australia. We prohibit users of our Services from posting another person’s private information without consent, and we will cooperate with law enforcement in investigating any doxxing incidents.

If you encounter doxxing or feel your personal data has been misused in this manner, please notify us at the contact details below, and we will take prompt action to investigate and remove infringing content.

Advertising & Data Matching

We may partner with advertising and analytics providers (e.g. ID5) for the purpose of delivering relevant ads or aggregated audience insights. Where you have consented under the Marketing category, we may share a hashed or coded identifier (e.g. hashed email) with these partners so they can recognise you across different sites in a privacy-respecting way. This helps us:

  • Avoid showing you repetitive ads
  • Show ads more aligned with your interests
  • Increase our ad revenue, which supports our free content

We treat hashed identifiers with the same care as direct personal information. Our partners are contractually bound to protect data and use it only for agreed purposes.

Our current programmatic demand partners include: Google Ad Exchange, Google AdSense, Magnite (Rubicon), Teads, OpenX, Media.net, Microsoft/Xandr (AppNexus) and GumGum. A complete and current list is maintained in our ads.txt file.

You can opt out of data matching or targeted advertising at any time through the consent message where it is shown in your region, by contacting us at [email protected], or by using the opt-out tools listed under Advertising Opt-Out Options below. You will still see ads, but they may be less personalised.

If you are located in the EEA or UK and the GDPR or UK GDPR applies to our processing of your personal data, we rely on the following legal bases:

  • Account creation and membership services: Performance of a contract (Art. 6(1)(b))
  • Newsletter delivery: Consent (Art. 6(1)(a))
  • Essential cookies and site functionality: Legitimate interest (Art. 6(1)(f))
  • Analytics and performance measurement: Consent (Art. 6(1)(a)) via our Consent Management Platform
  • Advertising, ad personalisation, audience segmentation and data matching: Consent (Art. 6(1)(a)) via our Consent Management Platform
  • Comment moderation and content integrity: Legitimate interest (Art. 6(1)(f))
  • Security and fraud prevention: Legitimate interest (Art. 6(1)(f))
  • Legal compliance and regulatory obligations: Legal obligation (Art. 6(1)(c))

Where we rely on legitimate interest, we have conducted a balancing assessment to ensure our interests do not override your fundamental rights and freedoms. You may request details of these assessments by contacting us.

Man of Many is established in Australia, does not have an establishment in the EEA or UK, and has not appointed an EU or UK representative. We do not apply behavioural profiling, audience segmentation or identity linking to visitors we identify as located in the EEA or UK. Should that change, we will put in place the arrangements the GDPR and UK GDPR require and update this policy first.

How We Share Your Information

We do not sell your personal information to anyone in the conventional sense: no one can buy your name, email address, contact details or reading history from us. Advertisers buy advertising directed at audience segments; they never receive the underlying personal data. With your consent, we may share hashed identifiers with advertising platforms for matching and look-alike audiences as described above. Some United States state privacy laws define “sale” or “sharing” broadly enough to cover that kind of disclosure, so we provide an opt-out (see United States State Privacy Rights below). Beyond that, we share personal information only in the following circumstances:

Service Providers and Processors

We engage trusted third-party service providers who process personal information on our behalf, subject to contractual obligations to protect your data and use it only as we instruct. These include:

  • Cloud hosting and database (Supabase, Vercel): account data, usage data for infrastructure and data storage
  • Content delivery and security (Cloudflare): IP addresses and request logs for performance, security and, with consent, audience measurement
  • Email marketing (Mailchimp/Intuit): email, name, preferences, engagement for newsletter delivery and analytics
  • Payment processing (Stripe): email, payment metadata (no card numbers) for membership billing
  • Web analytics (Google Analytics 4): pseudonymised usage data, device info for audience measurement
  • Advertising delivery (Google Ad Manager): pseudonymous identifiers and consent signals for ad serving, frequency capping and reporting
  • Consent management (Google Privacy & Messaging): consent choices and related technical data
  • Content management (WordPress, self-hosted): content, comments, user accounts for website operation
  • Customer support (Google Workspace): email correspondence for communication

When you click an affiliate link to a retailer, the affiliate network operating that link (our current networks include Skimlinks, Commission Factory and Kutoku) records the click and any resulting purchase for commission purposes. These networks do not receive your name or contact details from us. Our Affiliate Policy & Disclosure explains this in full.

These third parties only access Personal Data to perform tasks on our behalf and are contractually obligated not to disclose or use it for other purposes.

Business Transfers

If Man of Many Pty Ltd is involved in a merger, acquisition, asset sale, restructuring or insolvency proceeding, your personal information may be transferred as part of that transaction. We will notify you before your personal information becomes subject to a different privacy policy.

We may disclose personal information where we reasonably believe disclosure is necessary to:

  • Comply with a legal obligation, court order, subpoena or government request
  • Protect the rights, property or safety of Man of Many, our users or the public
  • Detect, prevent or address fraud, security or technical issues
  • Enforce our Terms and Conditions

United States State Privacy Rights

If you are a resident of California or another US state with a comprehensive privacy law, you may have rights to know, access, correct and delete personal information, and to opt out of the “sale” or “sharing” of personal information for cross-context behavioural advertising. Where we share hashed identifiers with advertising platforms, that may qualify as a “sale” or “share” under those laws. You can opt out at any time through the consent or privacy options message shown to visitors in applicable US states, or by emailing [email protected] with the subject “Do Not Sell or Share”. We do not knowingly sell or share the personal information of anyone under 18. We honour opt-out preference signals such as Global Privacy Control where technically supported.

Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

  • Membership account data: duration of membership + 2 years after cancellation (contractual and legal/tax obligations)
  • Newsletter subscriber data: until you unsubscribe + 30 days (grace period for resubscription)
  • Reader profiles and audience segment data: deleted or irreversibly de-identified after 24 months of inactivity
  • Consent records: 7 years (to evidence consent for regulatory purposes)
  • Privacy request records: 3 years after fulfilment (your raw email address is deleted on fulfilment; only a hashed reference is retained)
  • Comment and user-generated content: indefinite (published content) or until deletion requested
  • Payment records: 7 years from transaction date (Australian tax law)
  • Analytics data (GA4): 14 months (Google default retention)
  • Server logs and IP addresses: 90 days (security and fraud prevention)
  • Cookie data: varies by cookie (see Cookies section)
  • Correspondence and enquiries: 2 years from last contact
  • Job applicant data: 12 months from application date

When retention periods expire, we securely delete or irreversibly anonymise the data.

International Data Transfers

Man of Many is based in Australia. Your personal information may be transferred to, and processed in, countries other than your country of residence, including the United States, where many of our service providers are based (Supabase, Stripe, Mailchimp, Google, Vercel, Cloudflare).

For transfers from the EEA or UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, adequacy decisions where applicable, and Binding Corporate Rules of our service providers where available.

For transfers from Australia, we take reasonable steps to ensure overseas recipients handle your personal information consistently with the APPs, in accordance with APP 8.

Data Security

We implement reasonable and appropriate technical and organisational measures to protect personal information against unauthorised access, loss, misuse or alteration. These measures include:

  • Encryption: data in transit protected by TLS 1.2+ (HTTPS); sensitive data at rest encrypted using AES-256
  • Access controls: role-based access with principle of least privilege; multi-factor authentication required for all administrative systems
  • Password security: user passwords are salted and hashed using bcrypt; we never store passwords in plain text
  • Payment security: PCI DSS compliant through Stripe; we never receive, process or store credit card numbers on our systems
  • Infrastructure: hosted on Supabase (SOC 2 Type II certified) and Vercel with automated security patching
  • Monitoring: continuous monitoring for suspicious activity, with incident response procedures in place
  • Staff training: mandatory privacy and security awareness training for all employees and contractors

No method of electronic transmission or storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security. We continuously assess and update our security practices to reduce risks of data breach.

Data Breach Notification

We maintain a data breach response plan under the Notifiable Data Breaches (NDB) scheme in Part IIIC of the Privacy Act. If we suspect an eligible data breach, we will:

  • Assess the suspected breach within 30 days of becoming aware of it, as required by the NDB scheme
  • Where we form the view that the breach is likely to result in serious harm, notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable after forming that view
  • For EEA/UK residents, notify the relevant supervisory authority within 72 hours where required by the GDPR

Cookies and Tracking Technologies

What Are Cookies?

Cookies are small pieces of text sent to your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognise you and make your next visit easier and the Service more useful to you. We also use similar technologies including pixels, web beacons and local storage.

Cookies can be “persistent” or “session” cookies. Persistent cookies remain on your personal computer or mobile device when you go offline, while session cookies are deleted as soon as you close your web browser.

How We Use Cookies

We classify cookies into five categories. In regions where our consent message is shown, no category other than strictly necessary is active until you consent to it.

Strictly Necessary Cookies (Always Active)

These are required for our website to function and to record your consent choices. They cannot be disabled.

  • wordpress_sec_* (Man of Many): WordPress authentication. Session
  • PHPSESSID (Man of Many): Server session management. Session
  • FCCDCF / FCNEC (Google consent management): Store your consent choices. 13 months

Preference Cookies (Require Consent)

These remember your settings and choices between visits, such as display preferences and saved-article state.

Analytics Cookies (Require Consent)

These help us understand how visitors interact with our website.

  • _ga (Google Analytics): Distinguishes unique users. 2 years
  • _ga_* (Google Analytics): Maintains session state. 2 years
  • _gid (Google Analytics): Distinguishes unique users. 24 hours
  • _gat (Google Analytics): Throttles request rate. 1 minute

Marketing Cookies (Require Consent)

These are used to deliver relevant advertising, measure ad campaign performance, and match audiences with advertising partners. They include cookies set when you interact with embedded social media content.

  • __gads (Google Ad Manager): Ad serving and frequency capping. 13 months
  • __gpi (Google Ad Manager): Ad personalisation. 13 months
  • IDE (Google/DoubleClick): Ad targeting and measurement. 13 months
  • MUID (Microsoft Advertising): User identification for ads. 13 months
  • prebid_* (Prebid.js): Header bidding auction data. Session to 30 days
  • id5id (ID5): Universal identifier for ad matching. 90 days
  • _fbp (Meta/Facebook): Page interaction tracking. 90 days
  • fr (Meta/Facebook): Ad delivery and measurement. 90 days
  • VISITOR_INFO1_LIVE (YouTube/Google): Video player preferences. 6 months
  • YSC (YouTube/Google): Video view tracking. Session

Personalisation Cookies (Require Consent)

These support content recommendations, audience segments and personalised newsletters, including the identifiers used to link your reading across visits as described in Audience Segments, Profiling and Identity Linking above.

We implement Google Consent Mode v2, which communicates your consent choices to Google services. The following consent signals are managed:

  • ad_storage: controls advertising cookies
  • analytics_storage: controls analytics cookies
  • ad_user_data: controls sending user data for advertising
  • ad_personalization: controls ad personalisation features

When you decline consent, Google services operate in a privacy-preserving mode using aggregated, cookieless measurement.

For programmatic advertising, we comply with the IAB Europe Transparency and Consent Framework v2.2. Your consent preferences are communicated to all participating advertising vendors through the TCF consent string.

Third-Party Cookies

In addition to our own cookies, we may also use various third parties’ cookies to report usage statistics of the Service, deliver advertisements on and through the Service, and so on. We partner with third parties that collect information across various channels, including offline and online, for purposes of delivering more relevant advertising to you. Our partners may place or recognise a cookie on your computer, device, or directly in our emails/communications, and we may share personal information with them if you have consented and have submitted such information to us, such as your name, postal address, email address, or device ID. Our partners may link the non-personal information we share with them to the cookie stored on your browser or device, and they may collect information such as your IP address, browser or operating system type and version, and demographic or inferred-interest information. Our partners use this information to recognise you across different channels and platforms over time for advertising, analytics, attribution, and reporting purposes.

You can manage your cookie preferences at any time by:

  • Using the consent or privacy options message where it is shown in your region
  • Adjusting your browser settings to block or delete cookies
  • Using opt-out mechanisms provided by advertising networks (see Advertising Opt-Out Options)

If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser. Please note that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, and some of our pages might not display properly.

Where Can You Find More Information About Cookies?

Your Rights

Rights Under Australian Privacy Law

Under the Privacy Act, you have the right to:

  • Access your personal information held by us
  • Request correction of inaccurate, incomplete, out-of-date or misleading personal information
  • Complain about a breach of the APPs

In addition, although Australian law does not currently require it, we voluntarily extend the following to all users regardless of location:

  • Deletion: request deletion of your personal information, which we will action across all our systems (including audience segments and any advertising platform exports) except where we are legally required to retain specific records
  • Copy of your data: request a copy of the personal information we hold about you in a commonly used electronic format

Additional Rights for EEA and UK Residents (GDPR)

Where the GDPR or UK GDPR applies, you also have the right to:

  • Erasure (“right to be forgotten”): request deletion of your personal data in certain circumstances
  • Restriction: request that we restrict processing of your personal data
  • Portability: receive your personal data in a structured, commonly used, machine-readable format
  • Object: object to processing based on legitimate interest, including profiling
  • Withdraw consent: where processing is based on consent, withdraw that consent at any time without affecting the lawfulness of prior processing
  • Automated decision-making: not be subject to decisions based solely on automated processing that produce legal or similarly significant effects

How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: [email protected]
Post: Privacy Officer, Man of Many Pty Ltd, Level 3, 69 Reservoir Street, Surry Hills NSW 2010

What happens next: we will acknowledge your request, ask you to verify your identity (usually by replying from, or confirming control of, the email address linked to your data), log the request, and action it across every system that holds your data. We will respond within 30 days for requests under Australian law, or one month for requests under GDPR/UK GDPR (extendable by a further two months for complex requests, with notification). Deletion requests also remove you from audience segments within 24 hours of verification and from any future advertising platform exports. There is no fee for making a request, unless it is manifestly unfounded or excessive.

Unsubscribing from Communications

You can unsubscribe from our marketing emails at any time by clicking the “unsubscribe” link at the bottom of any email, updating your preferences in your membership account, or contacting us at [email protected]. We will process your request within 5 business days. You may still receive transactional communications related to your membership or account.

Advertising Opt-Out Options

In addition to managing cookies through our Consent Management Platform, you can opt out of personalised advertising through:

Opting out of personalised advertising does not mean you will stop seeing advertisements. It means the ads you see may be less relevant to your interests.

Do Not Track Signals

We do not respond to legacy Do Not Track (“DNT”) browser signals. You can enable or disable DNT in your browser settings, but our tracking behaviour will not change in response to a DNT signal. We honour Global Privacy Control (GPC) opt-out preference signals where our consent tools support them, as described in United States State Privacy Rights above. You can also manage your tracking preferences through the consent options described in this policy.

Our Service may contain links to external websites. We do not control and assume no responsibility for their content or privacy policies. We encourage you to read the privacy policy of every website you visit.

Children’s Privacy

Our Service is not intended for anyone under the age of 18 (“Children”). We do not knowingly collect Personal Data from minors, and account registration requires you to confirm that you are 18 or older. If you believe your child has provided Personal Data, please contact us. We will promptly remove such data.

Changes to This Privacy Policy

We may update our Privacy Policy periodically to reflect changes in our practices, technology, legal requirements or other factors. When we make material changes, we will:

  • Update the “Effective Date” at the top of this policy
  • Post a notice on our website for at least 30 days
  • For material changes that affect your rights, notify you by email (if you have an account or subscription)
  • Where a change expands how your data is used for advertising or profiling, ask for fresh consent rather than relying on your earlier choices

We encourage you to review this Privacy Policy periodically for any updates.

Complaints

If you believe we have breached the Australian Privacy Principles or your rights under the GDPR, you may:

1. Contact us first: we will investigate and respond within 30 days.

Email: [email protected]
Post: Privacy Officer, Man of Many Pty Ltd, Level 3, 69 Reservoir Street, Surry Hills NSW 2010

2. Escalate to the regulator if you are unsatisfied with our response:

  • Australia: Office of the Australian Information Commissioner (OAIC): oaic.gov.au | Phone: 1300 363 992
  • EEA: Your local Data Protection Authority
  • UK: Information Commissioner’s Office (ICO): ico.org.uk

Contact Us

If you have any questions about this Privacy Policy, AI usage, anti-doxxing measures, or wish to opt out of data matching, audience segments or personalised advertising, please contact us at:

General enquiries: [email protected]
Privacy enquiries: [email protected]
Sales: [email protected]
Editorial: [email protected]
Address: Level 3, 69 Reservoir Street, Surry Hills NSW 2010, Australia

Last Updated: 11 June 2026

Read all of our Editorial Policies & Standards here:
Advertising & Sponsorships Policy
Affiliate Policy & Disclosure
Complaints Policy
Corrections Policy
Diversity Policy
Editorial Policy
Ethics Policy
Fact-Checking Policy
Feedback Policy
No Bylines Policy
Ownership & Funding Info
Permissions, Copyright & Content Licensing
Privacy Policy
Responsible AI Usage & Ethics Policy
Terms & Conditions
Unnamed Sources Policy