Collection of Personal & Sensitive Information
We collect personal and sensitive information when you:
(a) register for membership and/or log into our Website;
(b) interact with us through the phone, in person, via email or our Website and you provide us your details;
(c) purchase or subscribe to our products or services;
(d) subscribe to our mailing list;
(e) enter our competitions or promotions; or
(f) apply for positions at our Business or you are our contractor.
We collect personal and sensitive information to:
(a) improve our products and services;
(b) provide our product or service to you;
(c) communicate with you;
(d) offer you promotional product or market our product that you are interested in;
(e) keep a record of your order for possible refund or exchange;
(f) keep our customer database;
(g) to investigate any complaints that you make;
(h) to investigate whether you are in breach of our terms and conditions;
(i) verify your identity;
(j) to notify you of vacant positions if you applied for jobs at our Business;
(k) comply with the law or to use your information as permitted under the law; and
(l) use your information for purposes that are related to the above.
We collect and hold following types of personal and sensitive information:
(a) your contact details that may include your name, date of birth, business name, billing address, postal address, email address, fax number and phone number;
(b) optional personal information that you consent to provide, including your interests in a particular area, gender or age; and
(c) optional surveys that provide personal information including whether you like our Business or Website and what you like or do not like.
We will only collect your personal and sensitive information using fair and lawful means.
We do not store credit card details as we use payment gateways and/or third party processor.
If we receive unsolicited personal and sensitive information, we may destroy it or ensure that it is de-identified if it is lawful and reasonable to do so.
We may, from time to time, use ‘cookies’ which are small data file placed on your machine or device to store information.
(a) authentication cookies that monitor whether you are logged in or not;
(b) session cookies that allow you to remain logged in and keep track of your activities until the browser shuts down;
(c) persistent cookies that help us monitor our services by recording your browser activities and they do not expire upon browser shut down; and
(d) flash cookies to personalise your experience.
(a) improve the performance by reporting any errors that occur;
(b) provide statistics about how the Website is used;
(c) remember settings that you used on our Website;
(d) identify that you are logged into the Website;
(e) link to our social media networks; and
(f) provide ads that are tailored to you.
Please note that although cookies do not generally store personal and sensitive information, they may contain your IP address. However you are effectively anonymous to us because the data are collected in aggregate.
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express etc.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
All credit card transactions are implemented under industry standard encryption so if you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
For credit card transactions we use a third party processor (e.g. PayPal, AfterPay) and/or payment gateway (e.g.Shopify Payments or Eway) that we may change from time to time so that:(a) payments are processed in real time; and
(b) we do not have access to your credit card numbers.
We use database management system to store most of the personal information and it contains security features, such as encryption, firewall and anti-virus, to ensure the protection and integrity of our data.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
Anonymity and Pseudonymity
You may interact anonymously or by using a pseudonym, for example when you:
(a) call us;
(b) use our online forums that does not require membership; or
(c) email us,
and you may refuse to give your details.
You must provide your personal information when you:
(a) purchase goods that require delivery;
(b) register for membership and/or log into our Website;
(c) sign up for mailing list;
(d) lodge a complaint; and
(e) are required to provide personal information under the law.
Disclosure of Personal Information
We only disclose your personal and sensitive information for purposes that are reasonably related to our Business.
We will not disclose your personal and sensitive information to third parties for payment, profit or advantage.
We may disclose your personal and sensitive information to third parties, from time to time, to assist us in conducting our Business, including:
(a) technology service providers including internet service providers or cloud service providers;
(b) couriers such as Australia Post and/or international postal service entities;
(c) data processors that analyse our website traffic or usage for us;
(d) agents that perform functions on our behalf, such as mailouts, debt collection, marketing or advertising;
(e) our related bodies corporate; and
(f) to persons, entities or courts as required under the law.
We may disclose your personal and sensitive information to third parties:
(a) to provide the service you wish to use;
(b) to improve our Business, services, products and Website;
(c) to customise and promote our services which may be of interest to you;
(d) to comply with or as permitted under the law; or
(e) with your consent.
You consent to the disclosure of your personal and sensitive information to entities located overseas and we will use reasonable endeavors to ensure they are subject to similar privacy legislation when handling such information.
Direct Marketing to You
We will not send you unsolicited commercial electronic messages in contravention of the Spam Act 2003 (Cth).
We may use the non-sensitive information you gave us for the purpose of promoting and marketing our Business to you if we:
(a) use the information that you reasonably expected us to use for promoting and marketing our Business to you; and
(b) provide you a simple method to opt-out.
We will not contact you to promote or market our Business if you requested us not to.
Accessing & Correcting Your Personal Information
You may request access to your personal information that we hold and we will:
(a) verify your identity;
(b) charge you to cover the cost of meeting your request, if any, but not for the request itself; and
(c) within a reasonable period of time, comply with your request.
We may refuse to allow you to access your personal information if we are not required to do so under the Australian Privacy Principles.
You may request to correct your personal information that we hold and we will update your personal and sensitive information so that it is up-to-date, accurate, complete, relevant and not misleading.
If you would like to access or correct your personal information, please contact us on firstname.lastname@example.org
If you believe we breached the Australian Privacy Principles under the Privacy Act 1988 (Cth) or a registered Australian Privacy Principles Code you may lodge a complaint as follows:
Contact us 'in writing' to the email email@example.com and include the following in your complaint:
-your contact details;
-section or provision of the Australian Privacy Principles or Code that you believe we breached; and
-our practice or policy that you believe breaches the relevant Australian Privacy Principle or Code,
You must allow us a reasonable time, about 30 days, to reply to your complaint.
If you are not satisfied with our response or we do not respond to you within a reasonable time without sufficient explanation you can make a complain to the Office of the Australian Information Commissioner.
Definition and Interpretation
Unless a contrary intention appears:
(a) Australian Privacy Principles means the principles under the Schedule 1 of the Privacy Act 1988 (Cth).
(b) Business means The Fashion Wok
(c) sensitive information means sensitive information as defined under Privacy Act 1988 (Cth).
(d) personal information means personal information as defined under Privacy Act 1988 (Cth).
(e) You (whether in capitals or not) means the user of our Website and Your and Yours have corresponding meanings.
(f) We (whether in capitals or not) means The Fashion Wok and our related body corporates and Us and Ours have corresponding meanings.
(g) Website means:
The word ‘include’ is used without any limitation.
Changes in our Policy
For complaints/enquires regarding our above privacy or security policies please contact: firstname.lastname@example.org