Compliance Rationale & Legal Basis

1. PURPOSE OF THIS DOCUMENT

Comet Studios provides two distinct categories of service: (1) AI-powered content creation from website scanning via Comet Content Studio, and (2) B2B email outreach on behalf of clients via our Send on Behalf service. This document explains our legal rationale for each service, referencing the specific provisions of the Australian Spam Act 2003 (Cth) and the New Zealand Unsolicited Electronic Messages Act 2007 that we believe support our operating model.

2. SERVICE 1 — WEBSITE SCANNING FOR CONTENT CREATION

2.1 What We Do

Our platform uses automated scanning technology to visit publicly accessible business websites and capture page content, screenshots, and visual elements. This data is used exclusively to generate promotional marketing content — Video Reels, Slide Decks, Talking Head presentations, and Interactive Guided Tours — for the business whose website was scanned.

2.2 What We Do Not Do

• We do not extract, collect, or store email addresses, phone numbers, or any contact information from the websites we scan
• We do not use website scanning to build contact lists for email outreach
• We do not access password-protected pages, bypass paywalls, or circumvent access controls
• We do not scan websites for the purpose of sending unsolicited electronic messages

2.3 Legal Basis — Why This Is Not Address Harvesting

Under AU Spam Act 2003, Schedule 2, Clause 3: "Address-harvesting software" is defined as software that is designed or marketed for use in searching the internet for electronic addresses and collecting, capturing, or otherwise harvesting those addresses. Our scanning software captures visual content (text, images, layout) for video generation — it is not designed for, marketed for, or used for collecting electronic addresses. It therefore falls entirely outside the definition.

Under NZ UEM Act 2007, Section 9: A person must not use "address-harvesting software" or a "harvested-address list" in connection with sending unsolicited commercial electronic messages. Section 4 defines address-harvesting software as software specifically designed to search for electronic addresses on the internet. Our scanning software searches for page content and visual elements for video creation — a fundamentally different purpose. No electronic addresses are targeted, extracted, or stored by the scanner.

3. SERVICE 2 — B2B EMAIL OUTREACH (SEND ON BEHALF)

3.1 What We Do

Our Send on Behalf service enables businesses to have promotional video content delivered via email to other businesses in their target industry and geographic area. We source, verify, and manage the contact database. The client never sees individual contact details — only aggregated delivery statistics.

3.2 Contact Data Sourcing — Separate from Website Scanning

All contact data used for B2B outreach is sourced from an independently maintained master database compiled from:

• Public business directories (Yellow Pages, True Local, NZ Yellow)
• Government registries (ASIC, ABR/ABN Lookup, NZ Companies Office, NZBN Register)
• Professional and industry association listings
• Publicly filed business registrations

This database is compiled through manual research and verification — not through automated web scraping or address-harvesting software. Contact data sourcing is an entirely separate process from our website content scanning service.

3.3 Legal Basis — Australian Spam Act 2003

Section 16(1) — Prohibition and Consent Exception: The Act prohibits sending unsolicited commercial electronic messages unless the recipient has consented. We rely on inferred consent as defined in Schedule 2.

Schedule 2, Clause 2 — Inferred Consent via Conspicuous Publication: Consent may be inferred where:

• The electronic address has been conspicuously published (accessible by the public or a section of the public)
• The publication is not accompanied by a statement that the holder does not wish to receive unsolicited messages
• The message has a strong link to the recipient's business role, function, or duties

Our campaigns satisfy all three conditions: we target business owners, CEOs, and senior decision-makers using addresses published in public directories, and we send content directly relevant to their business marketing — specifically, a professional video showcasing their own business.

Schedule 2, Clause 2(1)(d) — Role-Based Relevance: The message must relate to the recipient's role within their organisation. A marketing video about the recipient's own business is inherently relevant to a business owner, CEO, or marketing decision-maker. This is the strongest possible relevance connection.

Section 16(6)-(9) — Sender Identification & Compliance: Every message we send includes the client's legal business name, physical address, ABN, and a functional unsubscribe link, fully satisfying the sender identification requirements.

3.4 Legal Basis — New Zealand UEM Act 2007

Section 6 — Deemed Consent: Consent is deemed to exist where all three conditions are met:

1. The electronic address has been conspicuously published in a business or official capacity
2. The publication is not accompanied by a statement that the holder does not want unsolicited messages
3. The message is relevant to the recipient's business role, functions, or duties

Our campaigns meet all three conditions. We target business owners and senior decision-makers whose contact details are published in public business directories. The content — a professional marketing video about their own business — is directly relevant to their role as the person responsible for business development and marketing decisions.

Section 9 — Address Harvesting Prohibition: We do not use address-harvesting software as defined in Section 4 of the Act. Our contact database is compiled from publicly available directories through manual research and verification, not through automated internet scraping.

Section 11 — Sender Identification: Every email identifies who authorised the sending (the client), includes their contact details and physical address, and provides a free functional unsubscribe facility.

Section 12 — Unsubscribe: Unsubscribe requests are honoured within 5 working days. Suppression is permanent and cross-channel — once someone opts out, they are never contacted again through any campaign managed by us.

4. WHY OUR SERVICES BENEFIT THE BUSINESSES WE CONTACT

We believe our outreach is genuinely in the interest of the businesses we contact, for the following reasons:

• We showcase their business: Every email contains a professionally produced marketing video featuring the recipient's own business — their branding, services, and unique selling points. This is not a generic sales pitch; it is personalised, high-value content created specifically for them.
• We target senior decision-makers: Our emails go to business owners, CEOs, CTOs, and CFOs — the people who make marketing and technology decisions. These are the individuals best positioned to evaluate whether AI-powered marketing content could benefit their business.
• We demonstrate value before asking for payment: The recipient sees a complete, watermarked preview of their video before any commercial relationship is proposed. They can assess the quality and relevance without any obligation.
• We provide a genuine service: AI-driven marketing content creation is a rapidly growing industry. Many small and medium businesses lack the resources to produce professional video marketing materials. Our service bridges that gap at an accessible price point.
• We respect opt-out immediately: Any business that does not wish to receive further contact can unsubscribe with one click. We honour this permanently and across all channels — no exceptions.

5. SEPARATION OF SERVICES — CONTENT SCANNING VS CONTACT SOURCING

It is critical to understand that our two core activities — website scanning and contact sourcing — are entirely separate processes with different purposes, different data flows, and different legal frameworks:

Where a scanned website URL is cross-referenced against our master contact database to identify the corresponding business contact, this is a database lookup — not an extraction from the website. The contact data pre-exists in our independently sourced database before any scan takes place.

6. RECORD KEEPING & COMPLIANCE EVIDENCE

We maintain comprehensive records to demonstrate compliance if required by ACMA (Australia) or the DIA Anti-Spam Compliance Unit (New Zealand):

• Source records for every contact in our database (directory, registry, date sourced)
• Complete send logs with timestamps, delivery status, and recipient identifiers
• Suppression list with opt-out timestamps and channel records
• T&Cs acceptance records per client (version, timestamp, IP address, full agreement snapshot)
• Campaign request records including industry, region, and targeting parameters
• All records retained for a minimum of 3 years as required by the AU Spam Act

7. REGULATORY REFERENCES

• Spam Act 2003 (Cth) — legislation.gov.au
• Spam Regulations 2021 (Cth) — legislation.gov.au
• ACMA — Avoid Sending Spam — acma.gov.au
• Unsolicited Electronic Messages Act 2007 (NZ) — legislation.govt.nz
• DIA — NZ Spam Law for Businesses — dia.govt.nz
• Privacy Act 1988 (Cth) & APPs — legislation.gov.au
• Privacy Act 2020 (NZ) & IPPs — legislation.govt.nz

This compliance rationale was last reviewed in February 2026. It reflects our understanding of applicable legislation at the time of writing. We are committed to ongoing compliance and will update this document as laws or our services evolve.