THE AUSTRALIAN PRIVACY PRINCIPLESWe are bound by the Australian Privacy Principles (“APPs”) contained in the Privacy Act 1998 (“Privacy Act”). The APPs establish minimum standards for the private sector in relation to the collection, handling, use, disclosure, management, access, correction and disposal of ‘personal information’ about natural persons. In summary, ‘personal information’ is information or an opinion relating to an individual which can be used to identify that individual. This may include your name, address, telephone number, email address and profession or occupation.
HOW WE COLLECT PERSONAL INFORMATIONWe collect personal information in a number of ways, including:
- (a) when you provide information directly to us through the Website, in person, by phone or in writing (whether by email, through surveys, competition, promotions or any other electronic or other means) whether by registration or other means (this includes submitting details on orders through our Website);
- (b) when you visit and/or use the Website, in which case we record information sent to us by your computer, mobile device or other device you are using to access the Website;
- (c) by contracting with us; and
- (d) from third parties such as our related entities, service providers to us, operators of linked websites, applications and advertising on the Website.
WHAT PERSONAL INFORMATION WE COLLECT AND HOLDWe may collect the following types of personal information in order to provide you with our services (“Services”):
- (a) your name, username or pseudonym, phone number, mobile telephone number, payment details, email address, address and other contact information;
- (b) any other information provided by you to us including without limitation through use of the Website or Services;
- (c) personal information from your interaction with the Website and its content, our Services and our advertising, including without limitation device identifiers, device type, geo-location information, connection information, statistics on page views, traffic to and from the Website, mobile network information, time, date, referring URL, the type of operating system and browser, ad data, IP address and standard web log data; and
- (d) any other information we consider may assist us in providing or marketing our Services.
AUTOMATIC COLLECTION OF YOUR PERSONAL INFORMATIONWhen you visit our Website, our Internet Service Provider automatically records the following information about you:
- (a) your server address;
- (b) the website you visited immediately prior to ours;
- (c) your domain name;
- (d) date and time of your visit to our Website;
- (e) pages you accessed and the information or documents you downloaded;
- (f) type of browser you used; and
- (g) any other information we request our Internet Service Provider to record from time to time.
HOW PERSONAL INFORMATION IS USEDOur principal purpose in collecting, using and storing your personal information is to provide the Services in a personalised, safe and efficient manner. You consent to us collecting, using, storing, sharing and disclosing your personal information to:
- (a) conduct our business, run competitions and promotions, generate content and provide customer support and payment services (including updates and improvements);
- (b) for our administrative, marketing (including direct marketing), planning, product or service development, quality control, survey and research purposes, and our related bodies corporate, contractors and employees or service providers;
- (c) to conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties, including but not limited to providing your information to a contractor and other goods and services provided in the Website;
- (d) to provide your updated personal information to our related bodies corporate, contractors, employees or service providers;
- (e) provide, administer, market and manage the Website, including but not limited to, providing you with customary search results for use in our Website;
- (f) research, develop and improve the Website;
- (g) communicate with you;
- (h) provide you with access to protected areas of the site;
- (i) conduct surveys to determine use and satisfaction with the Website;
- (l) verify information for accuracy or completeness (including by way of verification with third parties);
- (m) comply with our legal obligations, a request by a governmental agency or regulatory authority or legally binding court order;
- (o) aggregate and/or make anonymous your personal information, so that it cannot be used, whether in combination with other information or otherwise, to identify you;
- (p) resolve disputes and to identify, test and resolve problems;
- (q) notify you about the Website and updates to the Website from time to time;
- (r) supply you with generalised, targeted or personalised marketing, advertising and promotional notices, offers and communications, and measure and improve our marketing, advertising and promotions based on your ad customisation preferences; or
- (s) protect a person’s rights, property or safety.
If you access the Website from a shared device or a device of a third party (such as in an internet café), your personal information may also be available to other persons who access that device.
- (a) our staff members;
- (b) other companies, organisations and contractors and outsourced service providers who assist us to provide, or who perform the Services we provide to you, including:
- (i) information technology service providers;
- (ii) providing of goods or services in the Website;
- (iii) mailing houses;
- (iv) market research organisations; and
- (v) specialist consultants;
- (c) your authorised representatives;
- (d) third parties to whom you expressly ask us to send, or consent to us sending, your personal information;
- (e) government and regulatory authorities and other similar organisations, as required or authorised by law; and
- (f) such entities that we propose to merge with or be acquired by.
We will take reasonable steps to ensure that anyone to whom we disclose your personal information respects the confidentiality of the information and abides by the APPs or equivalent privacy laws.
IF WE CAN’T COLLECT YOUR PERSONAL INFORMATIONIf you do not provide us with the personal information described above, some or all of the following may happen:
- (a) we may not be able to provide the requested products or services to you, either to the same standard or at all;
- (b) we may not be able to run the competitions and promotions in a way that benefits you;
- (c) we may not be able to provide you with information about products and services that you may want; or
- (d) we may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful.
OVERSEAS DISCLOSUREGenerally we are unlikely to disclose your information to entities based overseas, however in limited circumstances this may occur (such as if our servers are located overseas). Such disclosure will comply with the APPs.
Cookies may be used to provide you with the Services, including to identify you as a user of the Website, remember your preferences, customise and measure the effectiveness of the Website and our promotions, advertising and marketing, analyse your usage of the Website, and for security purposes.
You also may encounter Cookies used by third parties and placed on certain pages of the Website that we do not control and have not authorised (such as webpages created by another user). We are not responsible nor liable for the use of such Cookies.
STORAGE AND SECURITYWe store, protect and process your personal information by taking reasonable steps. The reasonable steps we take include protecting the information from misuse or loss and from unauthorised access, modification or disclosure. Where we no longer require your personal information for a permitted purpose under the APPs, we will take reasonable steps to destroy it.
ACCESS TO INFORMATIONSubject to the Privacy Act, you may request to access the personal information we hold about you by contacting us. All requests for access will be processed within a reasonable time.
In certain instances we may not be required or able to provide you with access to your personal information. If this occurs we will give you reasons for our decision not to provide you with such access to your personal information in accordance with the Privacy Act.
There is no application fee for making a request to access your personal information. However, we may charge an administrative fee for the provision of information in certain circumstances such as if you make repeated requests for information or where the information is held by a third party provider.
We endeavour to ensure that the personal information it holds is accurate, complete and up-to-date. If you believe the personal information we hold is inaccurate, please let us know and generally we will amend it upon request. If we disagree with your request, we will only do so on reasonable grounds and we will let you know the reasons for the refusal.
NOTIFIABLE DATA BREACHESIn the event that there is a data breach and we are required to comply with the notification of eligible data breaches provisions in Part IIIC of the Privacy Act 1988 (Cth) or any other subsequent sections or legislation which supersede this Part IIIC, we will take all reasonable steps to contain the suspected or known breach where possible and follow the following process. We will take immediate steps to limit any further access or distribution where possible.
If we have reasonable grounds to suspect that the data breach is likely to result in serious harm to any individuals involved, then we will take all reasonable steps to ensure an assessment is completed within 30 days of the breach.
If remedial action is successful in making serious harm no longer likely, then no notification or statement will be made.
Where we are aware of reasonable grounds to believe serious harm is likely, as soon as practicable, we will provide a statement to each of the individuals whose data was breached or who are at risk. The statement will contain details of the breach and recommendations of the steps each individual should take. We will also provide a copy of the statement to the Office of the Australian Information Commissioner.
We will review the incident and take action to prevent future breaches.
DIRECT MARKETING MATERIALSWe may send you direct marketing communications and information about our products and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list.
LINKSOur website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.