Login Account

Start typing to find articles and guides.

Latest Articles Articles Guides
Articles AI Finance & business World Growth Health Science & discovery

Your cart is empty

Privacy policy

Effective date: 30 April 2026

Introduction

This Privacy Policy explains how we collect, use, store, share and protect your personal information when you interact with Goodmachine.

It applies whenever you visit our website, browse or buy from our online store, create an account, subscribe to our emails, download a free or paid digital guide, leave a review or comment, complete a form, or contact us.

We are committed to handling your personal information responsibly and in line with the privacy laws that apply to you, wherever you are located.

By using Goodmachine, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use our website or store.

1. Who we are

Goodmachine ("Goodmachine", "we", "us", "our") publishes articles, newsletters, digital PDF guides, bundles and related digital products at whatisgm.com. Our website and online store are operated using Shopify.

Goodmachine is the trading name of XTRI Pty Ltd, the entity responsible for your personal information (the "data controller" for the purposes of applicable data protection laws).

  • Company: XTRI Pty Ltd (ABN 73 694 733 956)
  • Registered address: 1 Denison Street, North Sydney NSW 2060, Australia
  • Contact: hello@whatisgm.com

If you have any questions about this Privacy Policy or how we handle your information, contact us at hello@whatisgm.com.

2. Information we collect

We collect the information reasonably needed to run Goodmachine, deliver digital products, process payments, provide support, improve your experience and meet our legal obligations.

Depending on how you interact with us, this may include:

  • Identity and contact details — name, email address, billing address, country, phone number (if provided) and your communication preferences.
  • Account details — login information, account activity, purchase history, download history, subscription or membership status, refund history and support history.
  • Order and purchase information — products purchased, free guides accessed, bundles purchased, order number, order value, currency, taxes, discount codes, payment status, fulfilment status, refunds, chargebacks and receipts.
  • Payment-related information — payment method type, transaction identifiers and billing information. Full card numbers are processed by our payment providers and are not stored by us in full.
  • Digital access information — download links, download attempts, access history, file delivery status and technical issues relating to delivery of your guides.
  • Marketing data — email subscriptions, consent records, opens, clicks, unsubscribe status, preferences and campaign activity.
  • Interaction data — likes, comments, reviews, testimonials, survey answers, saved content, product feedback and support messages.
  • Technical and usage data — IP address, device type, browser type, operating system, approximate location (derived from IP), referring URLs, pages and products viewed, search terms, cart and checkout activity, cookie and similar identifiers, and store analytics.
  • Content you submit — any comments, responses, reviews, messages or other material you choose to provide.

We do not seek to collect sensitive information (such as health, racial or ethnic origin, religious beliefs or similar categories). Please do not submit sensitive information to us, including in comments, reviews or support messages.

We may also receive information about you from our service providers, including Shopify, payment providers, analytics providers, advertising platforms, email providers, fraud-prevention tools and customer support tools.

3. How we collect information

We collect information when you:

  • visit our website or browse our store;
  • subscribe to our emails or newsletters;
  • create, use or update an account;
  • buy, download or access a free or paid digital guide;
  • purchase bundles, subscriptions, memberships or other digital products;
  • use checkout, Shop Pay, Apple Pay, Google Pay, PayPal or another payment method;
  • like, save, share, comment on, review or respond to content;
  • complete a survey, form, quiz, waitlist or feedback request;
  • contact us by email or another support channel;
  • interact with our emails, social pages, ads or embedded content.

Some information you provide directly. Other information is collected automatically through Shopify, cookies, pixels, analytics tools, server-side events, logs and similar technologies (see Section 5).

4. How and why we use your information

We use your personal information for the following purposes. Where the law requires us to identify a legal basis for processing (for example, in the EU, UK and EEA), the relevant basis is shown alongside each purpose.

Purpose Legal basis (where required)
Process orders, payments, receipts, refunds and chargebacks; deliver your digital guides; manage your account, downloads and access Performance of a contract with you
Provide customer support and respond to your enquiries Performance of a contract / legitimate interests
Send transactional and service messages (receipts, download links, order and account notices, password resets, refund updates) Performance of a contract / legal obligation
Send marketing emails where you have subscribed or opted in Consent (you can withdraw it at any time)
Operate, maintain, secure and improve our website, store and products Legitimate interests in running our business
Measure website, store, product and campaign performance; analytics; advertising measurement, retargeting and conversion tracking Consent (for non-essential cookies/tracking) / legitimate interests
Detect and prevent fraud, misuse, unauthorised sharing, chargeback abuse and security incidents Legitimate interests / legal obligation
Enforce our Terms of Service, licences and policies Legitimate interests / legal obligation
Comply with legal, accounting, tax and regulatory obligations Legal obligation

Where we rely on consent, you can withdraw it at any time (this does not affect processing carried out before withdrawal). Where we rely on legitimate interests, we have balanced those interests against your rights, and you can object (see Section 11).

5. Cookies, advertising and Meta Pixel

We use cookies, pixels, tags, server-side events and similar technologies to operate our site, keep your account and checkout working, remember your preferences, measure performance, understand how our content is used, prevent fraud and support advertising measurement.

Categories of cookies and similar technologies we use:

  • Essential — required for the site, account and checkout to function. These cannot be switched off.
  • Analytics/performance — help us understand how the site and products are used.
  • Advertising/targeting — help us measure and improve advertising and reach relevant audiences.

Meta Pixel and Meta Conversions API

As at the effective date, we use Meta Pixel and the Meta Conversions API through Shopify. This means browser-based and server-side event data may be sent to Meta to measure advertising performance, attribute purchases, improve reporting, build audiences and support retargeting.

This may include data such as page views, product views, cart and checkout activity, purchase events, order value, currency, hashed contact information (where available), device and browser information, and IP address. Meta may connect this information with your Meta account, device or browser, depending on your settings and Meta's systems.

Other tools we may add

We may later add tools such as Google Analytics, Google Ads tags, TikTok Pixel or Pinterest Tag. If we do, those providers may use cookies, tags or server-side events to measure usage, improve advertising relevance, understand conversions, build audiences and report performance.

Your choices

  • You can usually control cookies through your browser settings. If you disable some cookies, certain features may not work properly.
  • You can control advertising preferences through Meta, Google, TikTok, Pinterest and other relevant platform settings.
  • Where required by law, we will ask for your consent before using non-essential cookies, pixels or similar technologies (for example, through a cookie banner).
  • We honour recognised browser-based opt-out signals, including Global Privacy Control (GPC), where applicable law requires.

A note on "selling" and "sharing" your data

We do not sell your personal information for money. However, when we share advertising and event data with platforms like Meta to measure and target advertising, this activity may be treated as a "sale" or "sharing" of personal information under some US state laws (such as California's). You can opt out of this — see Section 11.3 and our ‹Do Not Sell or Share My Personal Information link›.

6. Marketing communications

If you subscribe, buy a guide, create an account, download a free product or otherwise opt in, we may send you emails about articles, guides, offers, product updates, launch announcements, surveys and related Goodmachine updates.

You can unsubscribe from marketing emails at any time using the unsubscribe link in any email, or by contacting hello@whatisgm.com.

We may still send you transactional and service messages (such as receipts, download links, account notices, password resets, security alerts, refund updates and support replies), as these are not marketing.

SMS: We do not currently use SMS marketing. If we add it, we will only send SMS marketing where you have expressly opted in, and you will be able to opt out at any time.

7. How we share your information

We share personal information only where necessary, with trusted service providers who help us operate Goodmachine and who are required to protect your information. These include providers for:

  • Shopify store hosting, checkout, customer accounts, digital downloads and ecommerce operations;
  • payment processing, fraud prevention and chargeback handling;
  • digital file delivery, hosting and download links;
  • email, newsletters, marketing automation and transactional messaging;
  • analytics, advertising measurement and campaign reporting;
  • customer support, review management and surveys;
  • accounting, tax, legal and compliance;
  • storage, security and general business operations.

We may also disclose information:

  • where required by law, court order, regulator or government authority;
  • to enforce our rights, terms, policies or agreements;
  • to protect our customers, the public, our systems or our business;
  • in connection with a merger, acquisition, restructure, financing, sale of assets or similar transaction.

We do not sell your personal information for money. See Section 5 for how advertising-related sharing may be treated under certain US state laws.

8. International data transfers

Goodmachine operates globally, and our service providers (including Shopify, payment providers, email and analytics providers, advertising platforms and support tools) may store and process your information in countries other than where you live.

This may include the United States, Canada, Ireland, the United Kingdom, the European Union, Singapore, Australia and other locations where our providers or their infrastructure operate.

Where we transfer personal information across borders, we take reasonable steps to ensure it remains protected in line with this Privacy Policy and applicable law. For transfers from the EU, UK or EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum) where required.

9. Security

We take reasonable technical and organisational measures to protect your personal information from misuse, interference, loss, and unauthorised access, modification or disclosure.

No website, store, checkout, email system or digital service can be guaranteed to be completely secure. You are responsible for keeping your account credentials confidential and for notifying us if you suspect unauthorised access to your account.

If a data breach occurs that is likely to result in serious harm, we will notify affected individuals and relevant regulators as required by applicable law.

10. How long we keep your information

We keep personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy. The actual period depends on the type of information and why we hold it. As a guide:

  • Order, payment and tax records — typically retained for the period required by tax and accounting laws (often around 7 years).
  • Account and download records — for as long as your account is active, then for a reasonable period afterwards.
  • Marketing data — until you unsubscribe or withdraw consent, then for a short period to honour your preferences.
  • Support messages — for a reasonable period after your enquiry is resolved.
  • Analytics and advertising data — in line with the retention settings of the relevant tools.

When information is no longer needed, we take reasonable steps to delete, de-identify or securely destroy it.

11. Your privacy rights

Your rights depend on where you live. Below we set out rights that apply to everyone, followed by additional rights for specific regions. To exercise any right, contact hello@whatisgm.com. We may need to verify your identity first, and we will respond within the timeframe required by applicable law. You will not be discriminated against for exercising your rights.

11.1 Rights available to everyone

Wherever you are, you can ask us to:

  • access the personal information we hold about you;
  • correct information that is inaccurate or out of date;
  • unsubscribe from marketing at any time;
  • ask questions or raise a concern about how we handle your information.

11.2 EU, UK and EEA residents (GDPR / UK GDPR)

If you are in the EU, UK or EEA, you also have the right to:

  • request erasure ("right to be forgotten");
  • restrict or object to certain processing (including direct marketing and profiling);
  • data portability (receive your data in a portable format);
  • withdraw consent at any time, where we rely on consent;
  • lodge a complaint with your local data protection authority.

Our legal bases for processing are set out in Section 4.

11.3 United States residents (including California)

Depending on your state, you may have the right to:

  • know/access the categories and specific pieces of personal information we collect;
  • delete personal information we hold about you;
  • correct inaccurate personal information;
  • opt out of the "sale" or "sharing" of personal information and of targeted advertising — use our ‹Do Not Sell or Share My Personal Information link›, adjust your platform settings (Section 5), or contact us;
  • be free from discrimination for exercising your rights.

We honour recognised opt-out preference signals such as Global Privacy Control (GPC) where required.

11.4 Australian residents

If you are in Australia, you have rights under the Australian Privacy Principles, including to access and correct your personal information. If you are not satisfied with our response to a privacy complaint, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

11.5 Canadian residents

If you are in Canada, you have rights under applicable Canadian privacy laws (such as PIPEDA), including to access and correct your information and to withdraw consent, subject to legal and contractual limits.

12. Reader-submitted content

If you submit comments, responses, reviews, testimonials, survey answers or other content, we may review, moderate, edit, refuse, remove or publish that content in line with our Terms of Service and editorial standards.

Please do not submit private, sensitive or confidential information in public comments, reviews or responses.

13. Children's privacy

Goodmachine is intended for a general adult audience. Our paid products, checkout and accounts are intended for people aged 18 and over.

Although some articles and guides discuss parenting, education and family life, we do not knowingly collect personal information from children. Specifically, we do not knowingly collect personal information from children under 13 (or under 16 in the EU/UK/EEA) without appropriate parental consent. If you believe a child has provided us with personal information, contact us at hello@whatisgm.com and we will take reasonable steps to delete it.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new effective date. If changes are significant, we will take reasonable steps to notify customers, subscribers or account holders.

15. Contact and complaints

If you have a question, request or complaint about your privacy, contact us at:

Goodmachine (XTRI Pty Ltd)
Email: hello@whatisgm.com
Address: 1 Denison Street, North Sydney NSW 2060, Australia

We will review your request or complaint and respond within a reasonable time and as required by applicable law. If you are not satisfied with our response, you may be able to contact the data protection authority in your country or region (for example, the OAIC in Australia, the ICO in the UK, your local EU data protection authority, or your US state Attorney General).