2. COLLECTION OF PERSONAL AND SENSITIVE INFORMATION
2.1 We collect personal and sensitive information when you:
(a) register for membership and/or log into our Website;
(b) interact with us through the phone, in person, via email or our Website and you provide us your details;
(c) purchase or subscribe to our products or services;
(d) subscribe to our mailing list;
(e) enter our competitions or promotions; or
(f) apply for positions at our Business or you are our contractor.
2.2 We collect personal and sensitive information to:
(a) improve our products and services;
(b) provide our product or service to you;
(c) communicate with you;
(d) offer you promotional product or market our product that you are interested in;
(e) keep a record of your order for possible refund or exchange;
(f) keep our customer database;
(g) to investigate any complaints that you make;
(h) to investigate whether you are in breach of our terms and conditions;
(i) verify your identity;
(j) to notify you of vacant positions if you applied for jobs at our Business;
(k) comply with the law or to use your information as permitted under the law; and
(l) use your information for purposes that are related to the above.
2.3 We collect and hold following types of personal and sensitive information:
(a) your contact details that may include your name, date of birth, business name, billing address, postal address, email address, fax number and phone number;
(b) optional personal information that you consent to provide, including your interests in a particular area, gender or age; and
(c) optional surveys that provide personal information including whether you like our Business or Website and what you like or do not like.
2.4 We will only collect your personal and sensitive information using fair and lawful means.
2.5 We do not store credit card details as we use payment gateways and/or third party processor.
2.6 If we receive unsolicited personal and sensitive information, we may destroy it or ensure that it is de-identified if it is lawful and reasonable to do so.
3.1 We may, from time to time, use ‘cookies’ which are small data file placed on your machine or device to store information.
(a) authentication cookies that monitor whether you are logged in or not;
(b) session cookies that allow you to remain logged in and keep track of your activities until the browser shuts down;
(c) persistent cookies that help us monitor our services by recording your browser activities and they do not expire upon browser shut down; and
(d) flash cookies to personalise your experience.
(a) improve the performance by reporting any errors that occur;
(b) provide statistics about how the Website is used;
(c) remember settings that you used on our Website;
(d) identify that you are logged into the Website;
(e) link to social networks like Facebook and Instagram; and
(f) provide ads that are tailored to you.
3.4 Please note that although cookies do not generally store personal and sensitive information, they may contain your IP address. However you are effectively anonymous to us because the data are collected in aggregate.
4.1 All credit card transactions are implemented under industry standard encryption.
4.2 For credit card transactions we use a third party processor (e.g. PayPal) and/or payment gateway (e.g. Fat Zebra, Afterpay) that we may change from time to time so that:
(a) payments are processed in real time; and
(b) we do not have access to your credit card numbers.
4.3 We use database management system to store most of the personal information and it contains security features, such as encryption, firewall and anti-virus, to ensure the protection and integrity of our data.
5. ANONYMITY AND PSEUDONYMITY
5.1 You may interact anonymously or by using a pseudonym, for example when you:
(a) call us;
(b) use our online forums that does not require membership; or
(c) email us,
and you may refuse to give your details.
5.2 You must provide your personal information when you:
(a) purchase goods that require delivery;
(b) register for membership and/or log into our Website;
(c) sign up for mailing list;
(d) lodge a complaint; and
(e) are required to provide personal information under the law.
6. DISCLOSURE OF PERSONAL INFORMATION
6.1 We only disclose your personal and sensitive information for purposes that are reasonably related to our Business.
6.2 We will not disclose your personal and sensitive information to third parties for payment, profit or advantage.
6.3 We may disclose your personal and sensitive information to third parties, from time to time, to assist us in conducting our Business, including:
(a) technology service providers including internet service providers or cloud service providers;
(b) couriers such as Australia Post and/or international postal service entities;
(c) data processors that analyse our website traffic or usage for us;
(d) agents that perform functions on our behalf, such as mailouts, debt collection, marketing or advertising;
(e) our related bodies corporate; and
(f) to persons, entities or courts as required under the law.
6.4 We may disclose your personal and sensitive information to third parties:
(a) to provide the service you wish to use;
(b) to improve our Business, services, products and Website;
(c) to customise and promote our services which may be of interest to you;
(d) to comply with or as permitted under the law; or
(e) with your consent.
6.5 You consent to the disclosure of your personal and sensitive information to entities located overseas and we will use reasonable endeavours to ensure they are subject to similar privacy legislation when handling such information.
7. DIRECT MARKETING TO YOU
7.1 We will not send you unsolicited commercial electronic messages in contravention of the Spam Act 2003 (Cth).
7.2 We may use the non-sensitive information you gave us for the purpose of promoting and marketing our Business to you if we:
(a) use the information that you reasonably expected us to use for promoting and marketing our Business to you; and
(b) provide you a simple method to opt-out.
7.3 We will not contact you to promote or market our Business if you requested us not to.
8. ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION
ACCESSING YOUR PERSONAL INFORMATION
8.1 You may request access to your personal information that we hold and we will:
(a) verify your identity;
(b) charge you to cover the cost of meeting your request, if any, but not for the request itself; and
(c) within a reasonable period of time, comply with your request.
8.2 We may refuse to allow you to access your personal information if we are not required to do so under the Australian Privacy Principles.
CORRECTING YOUR INFORMATION
8.3 You may request to correct your personal information that we hold and we will update your personal and sensitive information so that it is up-to-date, accurate, complete, relevant and not misleading.
HOW TO CONTACT US
8.4 If you would like to access or correct your personal information, please contact us by:
9.1 If you believe we breached the Australian Privacy Principles under the Privacy Act 1988 (Cth) or a registered Australian Privacy Principles Code, you may lodge a complaint as follows:
(a) firstly, contact us in writing to the email or postal address in clause 8.4 and include the following in your complaint:
(i) your contact details;
(ii) section or provision of the Australian Privacy Principles or Code that you believe we breached; and
(iii) our practice or policy that you believe breaches the relevant Australian Privacy Principle or Code,
(b) and you must allow us a reasonable time, about 30 days, to reply to your complaint; and
(c) secondly, you may complain to the Office of the Australian Information Commissioner if:
(i) you are not satisfied with our response; or
(ii) we do not respond to you within a reasonable time without sufficient explanation.
10. DEFINITIONS AND INTERPRETATION
10.1 Unless contrary intention appears:
(a) Australian Privacy Principles means the principles under the Schedule 1 of the Privacy Act 1988 (Cth).
(b) Business means Friends of Dorothy
(c) sensitive information means sensitive information as defined under Privacy Act 1988 (Cth).
(d) personal information means personal information as defined under Privacy Act 1988 (Cth).
(e) You (whether in capitals or not) means the user of our Website and Your and Yours have corresponding meanings.
(f) We (whether in capitals or not) means Friends of Dorothy Floristry and our related body corporates and Us and Ours have corresponding meanings.
(g) Website means:
10.2 The word ‘include’ is used without any limitation.