2. Personal information is defined in the Privacy Act 1988 (Cth) and means information or an opinion about an identified individual, or an individual who is reasonably identifiable.
3. We may from time to time be bound by and we otherwise opt in to comply with the Australian Privacy Principles contained in the Privacy Act.
What personal information we collect
5. We only collect personal information you give us directly, or which is collected automatically as part of your activities with us (including usage data or cookies on our website).
6. When we collect information, we will ensure the individual has given verifiable consent or there is some other lawful basis for collection and processing. We will generally explain to the individual why we are collecting it, who we give it to and how we will use or disclose it.
7. The personal information that we collect includes:
a) identifying information, including your name, contact details including your email, home address and billing address, and phone number;
b) business names;
c) social media domain and web addresses;
d) transactional information, including information you provide as part of a transaction with us or that is generated as a result of that transaction;
e) financial information, including payment details, credit card numbers or bank details;
f) information we are required or authorised to collect and process under law to identify you or verify information you have provided;
g) usage information, including data about your interaction with our website through devices you use; and
h) computer and connection information such as page views, traffic, URLs, IP address and web log information.
9. Our Site does support “Do Not Track” requests.
11. Our services are not intended for children and we do not knowingly collect personal information from individuals who are children.
Why we collect personal information
12. The purpose for which we collect personal information is to enable the effective provision of our services to you and our other customers, including to:
a) execute your requests for our services;
b) improve and optimise our services, business and our users’ experience;
c) to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
d) to send you marketing and promotional messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting. You may opt out of receiving these direct marketing communications at any time. Our electronic marketing activities will comply with the requirements of the Spam Act 2003 (Cth);
e) to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
f) to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties; and
g) to consider your employment application.
When we will use, process or disclose personal information
13. We will only use, process or disclose your personal information for the primary purpose for which it was collected or otherwise as relevant national laws allow. We may otherwise use and disclose your personal information to detect, prevent and investigate fraudulent behaviour, if you have given us consent for the use or disclosure or it is required or authorised by law.
14. If those purposes for which we have collected the information involve providing personal information about an individual to any third party, we will take appropriate and reasonable steps to ensure any personal information is protected.
15. We may disclose personal information for the purposes described above to:
a) our employees and related bodies corporate;
b) data processors, including third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you);
c) professional advisers, dealers and agents;
d) payment systems operators (e.g. merchants receiving card payments);
e) our existing or potential agents, business partners or partners;
f) our sponsors or promoters of any competition that we conduct via our services;
g) anyone to whom our assets or businesses (or any part of them) are transferred;
h) specific third parties authorised by you to receive information held by us; and/or
i) other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.
Where your personal information be held and processed
16. We will process your personal information in our servers in Australia.
17. We will provide your information to third parties that provide services to us solely for the purpose of providing those services, including third parties that provide our payment gateway, marketing and technology support services. This may include providing your information to third parties that are located outside of Australia.
18. Where your personal information is transferred outside Australia (including the USA, UK, India, Bangladesh and the EU), we will take steps to ensure that overseas recipients will deal with that information in a way that is consistent with the Australian Privacy Law or applicable national laws.
Security and retention of personal information
19. We take reasonable steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse. For example, only authorised personnel can access personal information we hold, and firewalls are used to protect against cybersecurity risks. However, we cannot guarantee the security of your personal information.
20. We will only use, process or store personal information for as long as required by the purpose it has been collected, including where such purpose relates to our legitimate interest, and for a longer period where you have given consent to such processing, as long as such consent is not withdrawn. We may be obliged to retain personal information for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Third parties and information you receive through us
22. Where you transact with another person or entity through us, we may enable you to obtain the personal information of that person or entity. You acknowledge that in these circumstances you are the data controller of that data and you should, where required, inform that other person about your privacy practices and otherwise comply with relevant national laws.
23. Using the personal information of any person you receive through us for any other purpose other than to perform the transaction we enable is prohibited by this policy.
Your rights and our complaints procedure
24. We have appointed a privacy officer who can be contacted at firstname.lastname@example.org.
25. You have certain rights in relation to the personal information we collect and hold about you. We will allow an individual to:
a) know what personal information we maintain about you and request a copy of your personal information which we will provide;
b) request us to correct information we hold about you;
c) if you are bound by the GDPR, withdraw consent where they have previously given their consent to the use or processing of their personal information;
d) if you are bound by the GDPR, object to the processing of your personal information; and
e) if you are bound by the GDPR, ask us to delete or restrict how we use your personal information.
26. If you are bound by the GDPR and you ask us to delete or restrict how we use your personal information you acknowledge that this is subject to some exceptions and it will impact your access to our Services.
28. To make a complaint about how we handle your personal information, you may contacting us at email@example.com. We will respond to your complaint within a reasonable time after it is received. If you are not satisfied by our response, you may acquire further information regarding privacy from the Office of the Australian Information Commissioner.
Effective: 13 April 2021