- Papinelle’s key business activities include the retail and wholesale sale of sleep wear and associated goods and services (Products). We may use third parties located both locally and overseas in addition to our own resources to provide these Products.
- We are committed to protecting the privacy of everyone who orders our Products, uses our Online Platforms and/or engages with us, for them to understand what Personal Information we collect and store, and why we do so, how we receive and/or obtain that information, the rights an individual has with respect to their Personal Information in our possession, and with complying with current applicable laws in relation to privacy including the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Act), the General Data Protection Regulation (EU) 2016/679 (GDPR), the Privacy Act 2020 (NZ) (NZ Privacy Act) and any other relevant legislation in the jurisdictions in which we operate (together, Privacy Legislation).
THE INFORMATION WE COLLECT
- We may collect Personal Information that allows us to identify who an individual is and share any other Personal Information that may be required in order for us to provide the Products and facilitate our dealings with you.
- The type of information we may collect includes:
- Personal Information - we may collect personal details such as an individual’s name, location, date of birth, gender and nationality allowing us to identify who the individual is.
- Contact Information - we collect information such as an individual’s email address, telephone number, third-party user names, residential, business and postal address and other information that allows us to contact the individual.
- Social Media Information – we collect information about social media accounts linked to you, including data from your profiles regarding reach, impressions and demographics of your followers.
- Financial Information - we collect financial information such as any bank or credit card details used to transact with us and other information that allows us to transact with the individual and/or provide them with our Services.
- Statistical Information - we collect behavioral and statistical information about an individual and businesses in connection with the Services and/or the Online Platforms. This may include information collected from your device such as your device ID, geo-location information, IP address, browsing information and any Personal Information that you may provide directly or indirectly to us via websites, WI-FI services and mobile applications.
WHY WE COLLECT PERSONAL INFORMATION
- We collect your Personal Information so that we can carry out the following actions:
- to enable you to use our Online Platforms;
- to provide our Products and associated services;
- to communicate with you, including about our Products and offers which might interest you;
- to provide you with information or advice;
- to process payments by or to you in connection with our Products;
- to create accounts, tax invoices or receipts;
- to comply with our legal obligations;
- to provide your Personal Information to third parties in order for them to supply the Products to you;
- to consider and respond to complaints made by you;
- to help us manage, develop and enhance our Products and services (including any collaborations or other activities that involve us sharing your Personal Information and data with our third parties);
- to investigate incidents (including potential incidents) which occur on or at our premises; and
- for the general management and conduct of our business.
- We may disclose additional purposes for collection of your Personal Information in collection statements at the point of collection.
HOW INFORMATION IS COLLECTED
- Information is collected in association with your order of our Products, enquiries made about Papinelle (including in respect of recruitment, our Products and/or business), through third parties engaged by us to assist with the provision of the Products or generally dealing with us directly or via our Online Platforms.
WHEN PERSONAL INFORMATION IS USED & DISCLOSED
- We will not use any Personal Information other than for the purpose for which it was collected (or a related purpose) other than with the individual’s permission or we are permitted to do so by law.
- Subject to clause 21, we will not sell an individual’s Personal Information to unrelated third parties.
- There are some circumstances in which we must disclose an individual’s information:
- where we reasonably believe that an individual may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of;
- as required by any law (including the Privacy Act, NZ Privacy Act and GDPR); and/or
- in order to sell our business (in that we may need to transfer Personal Information to a new owner).
- Sensitive information is information about you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs or affiliations, membership of a professional or trade association, membership of a trade union, details of health, disability, sexual orientation or criminal record.
- It is our policy to only collect your sensitive information where it is reasonably necessary for our functions or activities and either you have consented or we are required or authorised under law to do so.
OPTING “IN” OR “OUT”
- An individual may opt to not have us collect their Personal Information. This may prevent us from offering them some or all of our Products or services and may terminate their access to some or all of the Online Platforms they access with or through us.
- If an individual believes that they have received information from us that they did not opt in or out to receive, they should contact us via the contact details set out in clause 49.
- We may use your Personal Information in de-identified form (de-identification being a process by which a collection of data or information is altered to remove or obscure personal identifiers and personal information) to assist us in running our business. We may also provide, including by way of sale, de-identified information in aggregated form, to third parties.
- When your Personal Information is included in de-identified, aggregated data, it is not possible to identify you or anything about you from that data.
THE SAFETY & SECURITY OF PERSONAL INFORMATION
- We may hold your Personal Information in either electronic or hard copy form.
- If you provide information to us electronically we retain this information in our computer systems and databases. If you provide information to us in hard copy (paper) this information is normally retained in our files and a copy is made to our electronic files.
- We will take reasonable steps to protect the personal information that we hold from misuse, loss, unauthorized access, modification or disclosure and we use industry standard security measures to safeguard and protect your information.
- We may disclose your Personal Information to third parties and service providers located overseas in connection with any purpose, including to overseas cloud computing hosts. We take reasonable steps to ensure that any such transfer of Personal Information will only be undertaken in compliance with the Privacy Act and NZ Privacy Act (and the GDPR, where applicable) and does not breach the privacy obligations relating to your Personal Information.
- If an individual suspects any misuse or loss of, or unauthorised access to, their Personal Information, they should let us know immediately.
- We are not liable for any loss, damage or claim arising out of another person’s use of the Personal Information where we were authorised to provide that person with the Personal Information.
HOW TO ACCESS AND/OR UPDATE INFORMATION
- If you would like us to update or amend your Personal Information, please contact us and we will make the requested amendments.
- If you would like us to provide copies to you of your Personal Information which we hold, please contact us and we will comply with your request to the extent required by law.
- We may ask you to verify your identity to ensure that Personal Information we hold is not improperly accessed.
RIGHT TO BE FORGOTTEN
- In the event that you decide that you no longer want us to hold your Personal Information, you may notify us in writing of your desire for us to delete your Personal Information on record. We will use our best endeavours and comply with all legal requirements within a reasonable timeframe to delete your Personal Information, unless we are required by law to retain such information.
- We may use temporary (session) cookies or permanent cookies when you access our Online Platforms and/or Products. This allows us to recognise your browser and track the web pages you have visited. You can switch off cookies by adjusting the settings on your web browser.
- We may offer a free Wi-Fi network service at certain premises.
- If you are carrying a Wi-Fi enabled device within range of one of our Wi-Fi networks, we may pick up certain data that is transmitted from your device (whether or not you join our Wi-Fi network) including:
- your device ID, device type, IP address and MAC address;
- geo-location information and any movement of your device throughout our premises; and
- any other information which you may voluntarily provide to us while accessing our Wi-Fi networks, for example, your name, email address, the details of the websites or mobile applications whilst you are connected to your network.
- If you do not want this information collected, you can disable Wi-Fi and Bluetooth on your device and not sign into the Wi-Fi network.
- We and/or our carefully selected third party business providers may contact you with direct marketing communications and information about the Products or other products and services offered by us via telephone, email, SMS, or regular mail.
- If you have indicated a preference for a method of communication, we will endeavor to use that method wherever practical to do so.
- You may opt out of receiving marketing communications at any time by responding via the channel in which you received the marketing communication, or by contacting us via the contact details set out in clause 49. You can unsubscribe from emails by clicking the unsubscribe link on the footer of the email communication you have received.
- If you are:
- a resident of the European Union accessing our Online Platforms or receiving our Services in Australia or New Zealand; or
- accessing our Online Platforms or receiving our Services from within the European Union,
then in addition to our obligations under the Privacy Act and the NZ Privacy Act, Papinelle is required to comply with the GDPR with respect to your Personal Information.
COMPLAINTS AND DISPUTES
- If an individual needs to contact us or has a complaint about our handling of their Personal Information, they should address their communication in writing to the details below:
- Address: Papinelle Pty Ltd, 112 Oxford St Paddington, NSW 2021 or email our privacy officer firstname.lastname@example.org
- If we have a dispute regarding an individual’s Personal Information, we both must first attempt to resolve the issue directly between us.
- If we become aware of any unauthorised access to an individual’s Personal Information we will inform them at the earliest practical opportunity once we have established what was accessed and how it was accessed. If there is a breach of privacy involving your Personal Information, we will comply with any legal obligations in the Privacy Act and NZ Privacy Act.
- If you are dissatisfied with the response that you receive from us, you may have the right to make a complaint to the Office of the Information Commissioner (Australia) and the Privacy Commissioner (New Zealand).
ADDITIONS TO THIS POLICY
Version Date: May 2021