What is personal information?
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
The types of personal information we collect may include:
- your name;
- address details;
- contact information;
- financial information.
Whose personal information do we collect?
We collect personal information from people who are connected to our business activities, including:
- service providers;
How do we collect your personal information?
Where possible, we will collect your personal information directly from you. This may be in person, for example when:
- you purchase a product;
- you visit our website.
We also may obtain personal information from third parties such as contractors and suppliers. If we collect personal information about you from a third party and it is unclear that you have consented to the disclosure of your personal information to us, we will take reasonable steps to contact you and ensure that you are aware of the circumstances surrounding the collection and purposes for which we collected your personal information.
Website usage information and cookies
A cookie does not identify you personally. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance.
We may gather your IP address as part of our business activities. This information does not identify you personally.
Why do we collect your personal information?
We may collect your personal information for a number of purposes, including:
- Sales and delivery of our products– including preparing sales documentation, obtaining credit/debit card information to complete a sale and arranging delivery.
- Marketing-to communicate with you about products and services.
- Fraud risk mitigation- to confirm identities when payment is made using credit card.
Opting out of direct marketing communications
Where we use your personal information to send you marketing and promotional information by post, email or otherwise, we will provide you with an opportunity to “opt out” of receiving such information. By electing not to opt-out, we will assume we have your consent to receive similar information and communications in the future. We will always ensure that our opt-out notices are clear, conspicuous and easy to take up.
If you do not wish to receive direct marketing communications from us, please contact us at email@example.com.
To whom do we disclose your personal information?
We may disclose your personal information to others in order to carry out our activities. This may include:
- Third parties for marketing purposes. However, we do not sell, trade or otherwise transfer any of your personal information.
- Contractors and service providers. We may provide your personal information to contractors or service providers which perform services on our behalf, such as delivery drivers, mailing houses, printers, information technology services providers (including cloud computing service providers) database contractors and telemarketing agencies.
Where is your personal information stored?
We take all reasonable steps to protect all of the personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure. Your personal information will be stored on a password protected electronic database, which may be on our database, a database maintained by a cloud hosting service provider or other third party database storage or server provider. Backups of electronic information are written to drives which are stored offsite.
Hard copy information is generally stored in our offices, which are secured to prevent entry by unauthorised people. Any personal information not actively being used is archived.
Where personal information is stored with a third party, we will ensure we have arrangements which require those third parties to maintain the security of the information.
Your personal information will stay on the database indefinitely until you advise you would like it removed, unless we de-identify it or destroy it earlier in accordance with privacy law requirements.
Your direct debit or credit cards
We use Secure Socket Layer (SSL) certificates for encrypting your credit card and debit card numbers, your name and address so that it cannot be viewed by any third party over the internet.
Access to your personal information
We will, upon your request, and subject to applicable privacy laws, provide you with access to your personal information that is held by us. However, we request that you identify, as clearly as possible, the type(s) of information requested. We will deal with your request to provide access to your personal information within 30 days and you agree we may charge you our reasonable costs incurred in supplying you with access to this information.
Your rights to access personal information are not absolute and privacy laws dictate that we are not required to grant access in certain circumstances such as where:
- access would pose a serious threat to the life, safety or health of any individual or to public health or public safety;
- access would have an unreasonable impact on the privacy of other individuals;
- the request is frivolous or vexatious;
- denying access is required or authorised by a law or a court or tribunal order;
- access would be unlawful, or
- access may prejudice commercial negotiations, legal proceedings, enforcement activities or appropriate action being taken in respect of a suspected unlawful activity or serious misconduct.
If we refuse to grant you access to your personal information, we will provide you with reasons for that decision (unless it is unreasonable to do so) and the avenues available for you to complain about the refusal.
Third Party Links
In an attempt to provide you with increased value, we may include third party links on our site. These linked sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these linked sites (including if a specific link does not work).
Updating your personal information
You may ask us to update, correct or delete the personal information we hold about you at any time. We will take reasonable steps to verify your identity before granting access or making any corrections to or deletion of your information. We also have obligations to take reasonable steps to correct personal information we hold when we are satisfied that it is inaccurate, out of date, incomplete, irrelevant or misleading for the purpose for which it is held.
If you require access to, or wish to update your personal information, please contact us at firstname.lastname@example.org.
The Privacy Officer
Happy Hearts Australia Inc.
PO Box 85
Moffat Beach Qld 4551
We will endeavour to respond to your complaint or query within 30 days of receipt.
If you are dissatisfied with our response, you may refer the matter to the Australian Information (Privacy) Commissioner see www.oaic.gov.au.
This page was last updated on: 27 August, 2014.
Got a question? We'd love to hear from you. Send us a message and we'll respond as soon as possible.