1. Privacy Statement
1.3 Personal information is defined in the Privacy Act 1988 (Cth) and includes information or an opinion about an identified individual, or an individual who is reasonably identifiable. For example, this may include your name, age, gender, postcode and contact details. It may also include financial information, including your credit card information.
2. Collection of Personal Information
What kinds of personal information do we collect?
2.1 The personal information that we collect about individuals may include, but is not limited to:
(a) your name;
(b) your contact details including your email, home address, telephone number and billing address;
(c) your payment details;
(d) credit card information;
(e) other personal information that we collect in the course of a transaction or that you provide to us when you contact us;
(f) details of the services we have provided to you or that you have enquired about, including any additional information necessary to deliver those services and respond to your enquiries;
(g) any additional information relating to you that you provide to us directly through our website or indirectly through your use of our website or online presence or through other websites or accounts from which you permit us to collect information; or
(h) any other personal information that may be required in order to facilitate your dealings with us.
2.2 We may collect these types of personal information either directly from you, or from third parties. We may collect this information when:
(a) you register or subscribe to our website;
(b) you complete a transaction with us;
(c) a transaction is completed on your behalf; or
(d) you contact us.
2.3 We may collect personal information from individuals who are not customers of our business but whose personal information is given to us by those individuals via our website or in the course of a transaction
2.4 Where reasonably practicable, we attempt to collect information directly from individuals. When we collect information, we will generally explain to the individual why we are collecting it, who we give it to and how we will use or disclose it or, alternatively, those matters will be obvious from the circumstances.
2.5 If we collect information about an individual from someone else, we will take reasonable steps to ensure that the individual is made aware of the matters listed in clause 2.4.
2.6 We will collect personal information from you by lawful and fair means and not in an unreasonably intrusive way.
Why do we collect, use and disclose personal information?
2.7 We may collect, hold, use and disclose your personal information for the following purposes:
(a) to enable you to access and use our website;
(b) to operate, protect, improve and optimise our website, business and our users’ experience, such as to perform analytics, conduct research and for advertising and marketing;
(c) to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
(d) to send you marketing and promotional messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting;
(e) to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
(f) to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties; and
(g) to consider your employment application.
Using our website and cookies
(a) your computer's operating system;
(b) your computer's browser type and capabilities;
(c) your computer's Internet Protocol (IP) address and geolocation;
(d) web pages visited, including how you were referred to each web page; and
(e) web page usage statistics, including the time spent on each web page.
In addition, third parties may place and read cookies on your browser, or use web beacons or similar technologies to collect information.
Cookies can be managed by accessing the individual settings in your browser.
2.9 We will not identify users or their browsing activities, except where required by law or in accordance with our Terms and Conditions of Use and Sale.
3. Using and Disclosing Your Personal Information
3.1 We will generally use or disclose your personal information only for the primary purpose for which it was collected; or for a related secondary purpose where you would reasonably expect us to use or disclose the personal information for that secondary purpose. We may otherwise use and disclose your personal information if you have given us consent for the use or disclosure or it is required or authorised by law.
3.2 Generally, we use and disclose your personal information for the purpose of providing you with the goods or services that you have requested, or otherwise to enable us to carry out our business as an online retailer of goods and services.
3.3 If those purposes for which we have collected the information involve providing personal information about an individual to any third party, we will take appropriate and reasonable steps to ensure any personal information is protected.
3.4 We will generally only use personal information for marketing if you have given express or implied consent or it is impracticable to seek consent before this use.
3.5 When registering with us, you consent to us using your personal information, such as your email address, for direct marketing purposes. This includes sending you deal emails. You may opt out of receiving these direct marketing communications at any time. Our electronic marketing activities will comply with the requirements of the Spam Act 2003 (Cth).
3.6 During purchase, you have the option to opt-in to receiving communication from us for direct marketing purposes. This includes sending you deal emails. You may opt out of receiving these direct marketing communications at any time. Our electronic marketing activities will comply with the requirements of the Spam Act 2003 (Cth).
To whom do we disclose your personal information?
(a) our employees and related bodies corporate;
(b) third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you, including payment gateway, marketing, logistics and technology support services);
(c) professional advisers;
(d) payment systems operators (eg merchants receiving card payments);
(e) our existing or potential business partners or partners;
(f) our sponsors or promoters of any competition that we conduct via our services;
(g) anyone to whom our assets or businesses (or any part of them) are transferred;
(h) specific third parties authorised by you to receive information held by us; and/or
(i) other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.
Disclosure of personal information outside Australia
3.9 We may disclose personal information to third party suppliers that are located outside of Australia including in the USA, UK, Hong Kong, the Philippines and the EU.
3.10 When you provide your personal information to us, you consent to the disclosure of your information outside of Australia and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with Australian Privacy Law. We will, however, take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Australian Privacy Principles.
Payments using third party payment processors - Stripe and eWAY
3.11 We use third party payment processors to assist in securely processing your personally identifiable payment information. Payments are currently processed and managed using Stripe and eWAY.
3.13 If you choose a direct payment gateway to complete your purchase, Stripe and E-Way stores your credit card data. Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction or where you elect, your periodic purchase transactions. After that is complete, your purchase transaction information is deleted.
3.14 Where you elect for periodic purchase transactions:
(a) you will have requested we make automatic periodic payments (ie more than one transaction) using the payment details you provided us during an initial relevant transaction;
(b) your credit card data will be stored by our third party payment processors and used by them periodically to process payments; and
(c) we will use reasonable endeavors to remind of your request for periodic payments prior to those payments being processed.
By way of example, you may wish to attend music classes which are held on a fortnightly basis. Instead of paying for a month of classes in advance, you may request to be billed for these classes on a fortnightly basis. Your request to be billed in this way is a request for periodic purchase transactions.
3.15 All transactions are processed over an industry standard SSL/TLS connection, with a minimum of 128-bit encryption. All transactions are encrypted through the Payment Card Industry Data Security Standard (PCI-DSS).
3.16 All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
3.17 PCI-DSS requirements help ensure the secure handling of credit card information by our website and its service providers.
4. Security of Your Personal Information
4.1 We may hold your personal information in either electronic or hard copy form.
4.2 We take reasonable steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse and we use a number of physical, administrative, personnel and technical measures to protect your personal information. However, we do not guarantee the security of your personal information.
5. Access to Your Personal Information and Complaints Procedure
5.1 Under the Privacy Act 1988 (Cth), you have certain rights to access the personal information we collect and hold about you.
5.2 Generally, subject to the exceptions of APP 12.3, we will allow an individual access to the personal information we hold about them within a reasonable time after it is requested. When requesting such access please identify the precise type/s of information requested.
You may make a request by writing to us by email at firstname.lastname@example.org.
5.3 We take those steps reasonable in the circumstances to ensure that the personal information that we collect, use and disclose is accurate, up to date and complete. Where an individual requests to correct information, we will take reasonable steps to correct the information, having regard to the purpose for which it is held. You may lodge a request to correct personal information in the manner outlined in clause 5.2 above.
5.4 To make a complaint about a breach of the Australian Privacy Principles, which includes how we handle your personal information, you may contact us at the addresses provided in clause 5.2above. We will endeavour to respond to your complaint within a reasonable time after it is received. If you are not satisfied by our response, you may acquire further information regarding privacy from the Office of the Australian Information Commissioner.
6. Contact us