1. PRIVACY ACT
All Branded Group Pty Ltd (ABN 61 119 875 633) and its Australian related bodies corporate (we, us or our) are organisations and “APP Entities” for the purposes of the Act, and are bound by the Australian Privacy Principles.
No general exemptions under the Act apply to us, or to any of our acts or practices.
3. HOW WE COLLECT, HOLD AND USE PERSONAL INFORMATION
Generally speaking, we collect personal information so that we can endeavour to give you better customer service, provide you with convenient access to our products and services, and provide a better, more tailored customer experience. We will collect your personal information directly from you unless it is unreasonable or impracticable to do so, and will limit the personal information we collect to that which is reasonably necessary for our functions or activities.
The personal information about you we may collect and hold includes but is not limited to your name and address, email address and contact telephone number. We may also hold other personal information that you volunteer to us.
We may collect this information in circumstances that include where (as applicable):
• you contact us or submit an enquiry (such as through our website or by telephone);
• you register for an account on our website and/or subscribe to our newsletters;
• you log in to your account on our website, in which case we may collect certain information relating to what you might look at, and this information may be used to better tailor our services to your requirements;
• you order products from us, including through our online store (All Branded Group Shop);
• we work with you during the design process for products; or
• we deal with suppliers, service providers or other businesses and collect personal information incidentally to those dealings.
We do not generally collect (or, if it is provided to us, retain) any sensitive information (within the meaning of the Act).
If you fail to provide personal information requested by us, there may be a range of consequences, for example we may be unable to process or respond to your request. There will not usually be Australian laws or court/tribunal orders which require or authorise us to collect your personal information.
We will generally only use your personal information for the purpose for which we collected it, and for related purposes we consider would be within your reasonable expectations.
We generally use personal information for the following purposes (as applicable in the circumstances):
• to supply goods or services that you order;
• to customise, produce and supply products, in accordance with your order and design instructions;
• to provide services or information that is requested, to respond to your enquiries, to send you information that you request, or otherwise achieve the purpose for which we have been contacted;
• to keep you up to date with product, service and pricing information that we think you are most likely to want to hear about;
• to send you our newsletters;
• to seek feedback from you and perform market research, so that we can gauge your satisfaction with our service and strive for continuous improvement; or
• to engage in other activities where required or permitted by law.
We may use personal information to contact you for marketing and promotional purposes (such as to provide you with information about our products and services). We periodically email newsletters and customer alerts to you if you register for access to our website. You may request not to receive these communications by contacting us (see section 10 below), or by using the optout function provided for in those communications. If you do not opt-out in either of these ways you will be taken to have consented to receiving such communications from us.
There are no consequences of opting-out of receiving our marketing and promotional communications except that you will no longer receive them, and you may elect to rejoin our marketing list at a later stage if you wish. Where we propose to use your personal information for a purpose other than as outlined above, we will seek your permission (unless we are required or permitted by law to do so without seeking consent).
We take reasonable steps to protect your personal information from misuse, interference and loss as well as unauthorised access, modification or disclosure. For example, information stored on our computer network is protected by security features and procedures. We undertake regular monitoring of our practices and systems to ensure the effectiveness our security policies and identify and implement improvements where appropriate.
We make use of cloud-based services for our business systems. Our data may be stored with these cloud providers in locations outside of Australia. We have reviewed the privacy policies of these providers to ensure that privacy is protected. We have identified, to the extent possible, that this data is stored in the United States, and could be backed up to locations in other countries. We will endeavour to destroy or de-identify your personal information as soon as it is no longer required by us (where permitted by law).
4. ACCESS TO AND CORRECTION OF PERSONAL INFORMATION
You may contact us to request access to or correction of the personal information about you that we hold. We may refuse to allow access or to amend your personal information if we are legally required or entitled to do so. If we do so, we will provide you with written reasons for the refusal (unless it is unreasonable to do so) together with information about the options available to complain about the refusal.
We may require you to pay certain costs in order to access your personal information held by us. We will advise the amount payable (if any) once we have assessed your application for access. We will not however charge a fee for you to lodge a request for access to or correction of your personal information.
If you lodge a request for access to your personal information, we may fulfil that request in any of a range of ways (for example, by supplying you with a copy of that personal information or providing you with the opportunity to inspect our records). We may require you to comply with certain procedures before we allow access to or amendment of your personal information to ensure the integrity and security of information that we hold. Depending on the nature of your request, this may include completing a personal information request form or otherwise verifying your identity to our satisfaction.
We will take reasonable steps to ensure that the personal information that we collect is accurate, up-to-date and complete and the personal information we use and disclose is accurate, up-to-date, complete and relevant. If we are satisfied that any personal information we hold about you is inaccurate, out-ofdate, incomplete, irrelevant or misleading, we will amend our records accordingly.
Please notify us if your personal details change so that we may keep our records current.
5. DISCLOSURE OF PERSONAL INFORMATION TO OTHER ORGANISATIONS AND OVERSEAS
We will generally only disclose your personal information for the purpose for which we collected it, and for related purposes we consider would be within your reasonable expectations. We may disclose your personal information to the following third parties (as applicable in the circumstances):
• certain suppliers that provide services to us (for example, our subcontracted product manufacturers, mail processing businesses, printers, market research companies or other service providers). We generally ensure such organisations are contractually required to ensure that information we disclose is used only for the limited purposes for which we provide it; or
• members of our corporate group. We are not generally likely to disclose personal information to overseas recipients (however refer to section 3.3 regarding our use of cloud service providers).
6. ONLINE PRIVACY
6.1 AUTOMATIC SERVER LOGS
Our servers automatically collect various details when you use our website, including:
• your IP (Internet Protocol) address (generally, an identifier assigned to your computer when it is connected to the Internet);
• the operating system and Internet browser software you are currently using; and
• the data you access (such as web pages or other document files or software), and the time that you access it.
We do not attempt to identify individuals using this information, and only use it for statistical analysis, system administration, and similar related purposes. This information is not disclosed to any other party.
6.3 EMAIL AND MESSAGES
We may collect personal information from you (such as your name and email address, and any other personal information you volunteer) if you send us email. We will use this to contact you to respond to your message, to send you information that you request, and for other related purposes we consider are within your reasonable expectations. We will not use or disclose any such personal information for any other purpose without your consent.
6.4 STORAGE AND TRANSMISSION OF PERSONAL INFORMATION ONLINE
If you provide any personal information to us via our online services (including email) or if we provide such information to you by such means, the privacy, security and integrity of this information cannot be guaranteed during its transmission unless we have indicated beforehand that a particular transaction or transmission of information will be protected (for example, by encryption). If we receive your personal information, we will take reasonable steps to store it such that unauthorised access, modification, disclosure, misuse and loss are prevented.
6.5 OTHER ONLINE SERVICES
7. DATA BREACH
If a data breach or suspected data breach occurs, we will undertake a prompt investigation, which will include an assessment of whether the incident is likely to result in serious harm to any individuals. In such a situation we will comply with the requirements of the Act which may require notification to the Office of the Australian Information Commissioner (OAIC) and affected individuals. Please contact us if you have reason to believe or suspect that a data breach may have occurred, so that we can investigate and, if necessary, undertake appropriate containment, risk mitigation and notification activities as required.
If you believe that a breach of your privacy has occurred, we encourage you to contact us to discuss your concerns. Our contact details can be found in section 10 below. Your complaint will be considered and dealt with by our nominated representative, who may escalate the complaint internally within our organisation if the matter is serious or if necessary to resolve it. Please allow us a reasonable time to respond to your compliant. If you are not satisfied with our resolution, you may make a complaint to the Office of the Australian Information Commissioner, whose contact details can be found at: http://www.oaic.gov.au.