Privacy Policy

Effective Date: 7 July 2026
Last Updated: 7 July 2026


1. About This Privacy Policy

My Lasting Minutes (“Site”, “we”, “us”, or “our”) is a personal blog and platform for sharing poetry, stories, songs, and life reflections, operated by Gerhardus Steyn (also known as “Gazza”) (“Operator”). This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you visit or interact with our Site at https://lastingminutes.com/.

This Policy is designed to be compliant with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and guidance from the Office of the Australian Information Commissioner (OAIC). It is also intended to align with applicable international privacy frameworks, including the EU General Data Protection Regulation (“GDPR”) and UK GDPR (where processing relates to individuals in the EEA or UK), and the California Consumer Privacy Act (“CCPA”) as amended by the CPRA (for California residents).

By accessing or using the Site, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of it, please discontinue use of the Site.

2. Who We Are and Contact Information

The Site is a personal, non-commercial blog operated by an individual. We are based in Australia and committed to respecting the privacy of all visitors, whether located in Australia or internationally.

Primary Contact Methods:

Please contact us using one of the following easy and visible methods prominently displayed on the website:

  • The contact form available on the website (recommended where present)
  • The email link(s) provided in the footer and/or sidebar of the homepage

These channels make it simple to reach us with privacy questions, requests to access or correct your personal information, complaints, or general feedback.

3. Personal Information We Collect

We collect personal information (as defined under the Privacy Act and equivalent laws) only to the extent necessary for the operation of a simple public blog. The Site currently has minimal interactive features.

3.1 Information Collected Automatically

Like most websites, when you visit the Site our servers and any third-party service providers we use automatically collect technical and usage information, including:

  • IP address and approximate geolocation (city/country level), device identifiers, browser type/version, operating system, screen resolution, and internet service provider
  • Usage data: pages viewed, time and date of visits, duration of visit, referring URLs or search terms used to reach the Site, navigation paths
  • Cookies, pixels, web beacons, and similar tracking technologies (detailed in Section 4)
  • Server logs and error reports for security, debugging, and performance monitoring

This information helps us operate the Site securely, understand audience engagement with our poetry, stories, and reflections, detect issues, and improve content and functionality. It is generally collected in aggregated or anonymized form where possible and is not used to personally identify individual visitors except where necessary for security, legal compliance, or with additional information.

3.2 Information You Provide Directly

Current state: The Site does not currently offer user accounts, registration, commenting systems, contact forms, newsletters, or any other features that directly solicit personal information from visitors.

Future features: If we introduce interactive features (e.g., comments, a contact form, or newsletter signup), we will collect only the minimum necessary information (such as name, email address, and message content) for the stated purpose. We will update this Policy, provide clear notice at the point of collection, and obtain consent where required by law (including APP 3 and GDPR consent requirements).

3.3 Information from Third Parties and Social Features

The Site may include social sharing buttons or embedded content (e.g., links to social platforms or video/audio embeds for songs). When you interact with these (e.g., click “Share”), the relevant third-party platform may collect data about you according to their own privacy policy and may provide us with limited referral or engagement data. We do not receive or control personal information directly from these platforms unless you explicitly authorize sharing with us.

4. Cookies and Tracking Technologies

We use cookies (small text files stored on your device) and similar technologies (such as local storage, session storage, and pixels) to enhance your experience, enable basic Site functionality, analyze traffic, and support security features.

Categories of Cookies We May Use

  • Strictly Necessary / Essential Cookies: Required for the Site to function correctly (e.g., security, load balancing, basic navigation). These cannot be disabled via our systems.
  • Analytics / Performance Cookies: Help us understand how visitors use the Site (e.g., which poems or stories are most read, traffic sources). We may use services such as Google Analytics. These cookies are typically first- or third-party.
  • Functional Cookies: Remember your preferences or settings (currently minimal on this simple blog).
  • Targeting / Advertising Cookies: Not currently used. We do not serve personalized advertisements or engage in cross-site tracking for advertising purposes.

Managing Cookies: You can control or delete cookies at any time through your browser settings (usually under Privacy or Security settings). Most browsers allow you to block cookies, delete existing ones, or receive alerts before a cookie is set. Disabling essential cookies may impair Site functionality. For Google Analytics specifically, you can opt out using Google’s tools or browser add-ons.

We respect “Do Not Track” (DNT) signals sent by browsers where technically feasible, although support for DNT varies across websites and browsers. For more information on Google’s privacy practices, see Google’s Privacy Policy.

5. How We Use Your Personal Information (Purposes)

We use the personal information we collect for the following limited purposes, consistent with APP 6 and GDPR principles of purpose limitation and data minimisation:

  1. Site Operation and Improvement: To deliver, maintain, secure, and enhance the Site, its content (poetry, stories, songs, reflections), and user experience.
  2. Analytics and Insights: To understand visitor engagement, popular content, traffic sources, and trends so we can create more meaningful reflections and improve navigation.
  3. Security and Integrity: To detect, prevent, investigate, and respond to security incidents, fraud, abuse, spam, or technical problems.
  4. Legal Compliance and Rights Protection: To comply with applicable laws, regulations, legal processes, or governmental requests; to enforce our terms of use; and to protect the rights, property, or safety of the Operator, visitors, or others.
  5. Responding to Inquiries: To address questions, feedback, or requests you may send us (once contact mechanisms are available).

We do not use personal information for automated decision-making with legal or similarly significant effects, nor for unsolicited direct marketing. Any future marketing communications would only occur with your prior consent (or soft opt-in where permitted) and with a clear unsubscribe option.

6. Disclosure and Sharing of Personal Information

We do not sell, rent, lease, or trade your personal information for monetary or other consideration.

6.1 Recipients of Personal Information

We may disclose personal information to the following categories of recipients, always subject to appropriate safeguards:

  • Service Providers and Processors: Third parties that provide services on our behalf, including web hosting and infrastructure providers, content delivery networks (CDN), analytics providers (e.g. Google), security services, and (if added in future) email or form processing services. These parties are bound by contracts requiring them to process data only for our specified purposes, implement appropriate security, and comply with privacy laws including the APPs where applicable.
  • Legal and Regulatory Authorities: When required or permitted by law, court order, subpoena, or governmental request; or to cooperate with law enforcement investigations.
  • Protection of Rights: To protect the rights, property, or safety of the Operator, our visitors, or the public; to enforce our terms; or in connection with legal claims or disputes.
  • Business Transfers: In the unlikely event of a merger, acquisition, corporate reorganization, or sale of substantially all assets, personal information may be transferred to the successor entity, subject to this Policy (or an updated version notified to you).

6.2 Overseas / International Transfers (APP 8 & GDPR Chapter V)

Some of our service providers (and their sub-processors) are located outside Australia, including in the United States and other countries where cloud infrastructure and analytics providers operate (e.g., Google). When we disclose personal information to overseas recipients, we take reasonable steps (as required by APP 8) to ensure that the recipient handles the information in a manner consistent with the APPs. This may include entering into contractual arrangements with appropriate data protection clauses.

For transfers subject to GDPR (personal data of EEA/UK individuals), we rely on valid transfer mechanisms such as European Commission Standard Contractual Clauses (SCCs), UK International Data Transfer Addendum, adequacy decisions where applicable, or other lawful bases approved by relevant supervisory authorities.

By using the Site, you understand and consent to the transfer, storage, and processing of your information in jurisdictions that may have data protection laws different from (and potentially less protective than) those in your country of residence. We are committed to protecting your information regardless of location.

7. Data Security

We implement reasonable technical, organisational, and physical security measures appropriate to the nature of the personal information we hold and the risks involved. These include: use of HTTPS encryption for data in transit, secure hosting environments, access controls and authentication, regular software updates, and monitoring for suspicious activity.

While we take data protection seriously and strive to protect your information, no website, server, or internet transmission is 100% secure. We cannot guarantee absolute security against all threats. In the event of a data breach that is likely to result in serious harm to individuals, we will notify affected individuals and the OAIC in accordance with the Privacy Act’s Notifiable Data Breaches (NDB) scheme, and comply with equivalent notification obligations under other applicable laws (e.g., GDPR Articles 33–34).

8. Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, to comply with legal, accounting, or reporting obligations, to resolve disputes, or to enforce our agreements. Retention periods vary depending on the type of information:

  • Server logs and technical/usage data: Typically retained for short periods (weeks to several months) for security, analytics, and operational purposes, after which it is deleted or irreversibly anonymised.
  • Analytics data: Retained in aggregated, anonymised, or pseudonymised form for longer periods to understand long-term trends; identifiable elements are deleted in accordance with the service provider’s policies (e.g., Google Analytics default retention settings or user-configured shorter periods).
  • Information from future interactive features: Retained only as long as needed for the purpose (e.g., responding to a message) or until you request deletion, subject to legal retention requirements.

You may request deletion of your personal information at any time (see Section 9). We will honour such requests subject to legal or legitimate overriding interests (e.g., security logs that must be kept for a defined period).

9. Your Privacy Rights and How to Exercise Them

We respect and support the privacy rights granted to you under applicable laws. Below is a summary of key rights. To exercise any right, please contact us using the details in Section 2. We will verify your identity where appropriate and respond within the timeframes required by law (generally 30 days for APP requests; 1 month extendable for GDPR; 45 days for CCPA).

9.1 Australian Privacy Principles (APPs) – Rights for All Individuals

  • Access (APP 12): Request a copy of the personal information we hold about you.
  • Correction (APP 13): Request correction of information that is inaccurate, out-of-date, incomplete, irrelevant, or misleading.
  • Complaints: If you believe we have interfered with your privacy or breached the APPs or this Policy, contact us first. We will investigate and respond in good faith. If you remain unsatisfied, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) (www.oaic.gov.au or 1300 363 992).

9.2 GDPR / UK GDPR Rights (EEA, UK, and Certain Other Individuals)

In addition to access and correction, you may have the following rights (subject to conditions and exceptions):

  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent at any time (where processing relies on consent)

You also have the right to lodge a complaint with your local supervisory authority (e.g., the Information Commissioner’s Office (ICO) in the UK or the relevant Data Protection Authority in your EU member state).

9.3 CCPA / CPRA Rights (California Residents)

If you are a California resident, you have the following rights regarding personal information we have collected about you in the preceding 12 months:

  • Right to Know: Categories and specific pieces of personal information collected, sources, business purposes, and categories of third parties with whom shared.
  • Right to Delete personal information we hold about you (subject to exceptions such as legal obligations or security needs).
  • Right to Correct inaccurate personal information.
  • Right to Opt-Out of Sale/Sharing for cross-context behavioral advertising (we do not sell or share personal information for these purposes).
  • Right to Non-Discrimination for exercising any of these rights.

To exercise CCPA rights, submit a verifiable consumer request via the contact details above. We will respond within 45 days (extendable by 45 days if needed) and will not discriminate against you for making a request.

10. Children’s Privacy

The Site is not directed to, and we do not knowingly collect personal information from, children under the age of 13 (or under 16 in certain jurisdictions such as the EEA). If we become aware that we have inadvertently collected personal information from a child without appropriate parental consent, we will take prompt steps to delete that information.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately using the details in Section 2 so we can investigate and take appropriate action.

11. Third-Party Websites, Links, and Embedded Content

The Site may contain links to external websites, social media platforms, or embedded third-party content (for example, video or audio players for songs, or sharing widgets). These third parties operate independently and have their own privacy policies and terms. We do not control, endorse, or accept responsibility for the privacy practices, content, or security of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

12. International Users and Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of Australia, without regard to its conflict of law principles. If you access or use the Site from outside Australia, you do so voluntarily and at your own risk. You are responsible for complying with any local laws applicable to you. Our collection and processing of personal information will be conducted in accordance with this Policy and Australian privacy law, with additional rights and protections afforded where required by the laws of your jurisdiction (including GDPR rights for EEA/UK individuals and CCPA rights for California residents).

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the addition of new features, changes in technology, legal requirements, or for other operational reasons. The “Last Updated” date at the top of this Policy indicates when the current version became effective.

We will post any revised Policy on this page (https://lastingminutes.com/privacy-policy/ or equivalent). For material changes that significantly affect your rights or how we handle your information, we will provide prominent notice on the Site and/or notify you by email if we have a valid email address for you. Your continued use of the Site after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.

14. Contact Us and Making a Privacy Request or Complaint

We take your privacy seriously and welcome your questions, requests to exercise your rights (such as access or correction of your personal information), or any feedback. The easiest and most visible ways to contact us are:

  • Using the contact form on the website (if available)
  • Clicking the email link(s) provided in the footer and/or sidebar of the homepage

Operator: Gerhardus Steyn (Gazza)
Website: https://lastingminutes.com/

For Australian residents: If your concern is not resolved satisfactorily through direct contact with us, you may contact the OAIC to make a privacy complaint.


This Privacy Policy is effective as of the date first written above and replaces any prior versions.


Thank you for visiting My Lasting Minutes.
We hope our reflections bring you a moment of connection that lasts.

I’m Gazza

Welcome to My Lasting Minutes.
Here I share my poetry, stories, songs, and reflections on life. My hope is to turn a minute of thought into something that outlasts me — and leaves behind something worth remembering.

Let’s connect