We respect the privacy of our Website users, customers and other members of the public we interact with and are committed to protecting your security and privacy.
We collect information about you through our Website in an effort to improve your shopping experience, as well as communicate with you about our products, services and promotions. We do not sell or rent your personal information to third parties.
We release account and other personal information only when we believe release is necessary to comply with law; facilitate court proceedings; enforce or apply our Terms; or protect the rights, property, or safety of Timeless, its personnel, our users, or others.
3. TYPES OF INFORMATION COLLECTED
We may collect personal information from you (including, without limitation, your name, email address, phone number, and postal address) when you visit our Website, register with our Website, place an online order, save your information with us online, contact us with a question or concern, or participate in a promotion or competition. If you transact business with us in-store we may also collect such personal information. The purpose of collection of such information is to facilitate the uses referred to in section 4.
We collect personal information to the extent possible directly from the individuals to whom the information relates and only if reasonably necessary for one or more of our functions or activities. We may collect this information in various ways, e.g. by emails, through enquiries from our website, over the phone, verbally in-store and in other written forms.
We receive and collect the name of the domain and host from which you access the Internet; the Internet protocol (IP) address of the computer you are using; the browser software you use and your operating system; the date and time you access our site; and any search engine or inbound hyperlink used to reach this website. This information is used only for statistical purposes and in regards to how we may enhance the customer experience generally and does not involve use of your personal information.
Our website uses "cookies," which are small data files that are stored on your computer when you visit a website. Cookies enable you to shop on our website and may be used in a variety of ways to enhance or personalize your online browsing and shopping experience. Cookies may be used to personalise your visits to this website, eliminate the need for you to repeatedly enter the same information, enable us to improve the content, reliability and functionality of this website, evaluate the effectiveness of the advertising on this website and track website usage patterns. Accepting a cookie will not give us access to any data on your computer other than the data stored in the cookie. Although you may configure your web browser to not accept cookies, you may experience a loss of functionality as a result.
4. HOW WE USE YOUR INFORMATION
We may use personal information that you have provided to us in one or more of the following ways:
- To process and fulfill your order, including sending emails to confirm your order status and shipment, along with customary business communications, and to otherwise operate our business as it applies to you.
- To perform authorised financial transactions with you.
- To verify your identity and to assist you if you have forgotten your username or password.
- To communicate with you and to send you information by email, postal mail or other means about our products, services and promotions, where you agree to receive such information and subject to the Australian Privacy Principles.
- To help us learn more about your shopping preferences and personalise our Website in accordance with your preferences.
- To protect the security or integrity of our Website and our business.
- To protect our legal interests and fulfil our regulatory obligations (if and to the extent necessary)
- To respond to your enquiries and communicate with you if necessary.
In relation to marketing and promotional material and information, you always have the choice not to receive such material and information. We will promptly remove any member from our database or mailing list upon the members' request. Please contact us if you wish to opt out of receiving communications from us.
In addition to use of personal information, we may use other information not constituting personal information that becomes available to us through your use of our Website. We may use this in an aggregated, de-identified way, to analyse trends and statistics and to improve or update our Website or our goods and services.
We outsource a number of services to contracted service providers (CSPs) from time to time. Our CSPs may see some of your personal information. Typically our CSPs would include our information technology service providers, cloud software and server providers, internet service suppliers, legal and other professional advisors, insurance brokers, loss assessors and underwriters, superannuation fund managers and contracted consultants.
We take all reasonable steps to ensure that the terms of service with our CSPs recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach these obligations.
Our Website is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).7. WEBSITE & CREDIT CARD SECURITY
We take all reasonable steps to protect your personal information, including internal and external security, restricting access to personal information, maintaining technology products to prevent unauthorised computer access and regularly reviewing our technology to maintain security.
We take website and credit card security extremely seriously, and always endeavour to provide a secure safe platform on which to conduct online transactions. Our Website uses the industry standard Secure Sockets Layer (SSL) protocol, which encrypts your information as it is transmitted over the internet. This encryption scrambles details such as credit card number, billing details and delivery address so that generally, other computers are unable to decipher the information, ensuring privacy and security. To make sure you are accessing a secure server, check for the unbroken key or closed lock symbol located generally either at the bottom left or top right of your browser window. If it appears, then SSL is active. You can double check this by looking at the URL as well. If SSL is active, then the first characters of that line will read 'https' rather than just 'http'.
It is important for you to protect against unauthorised access to your password and to your computer. Ensure you logout when you have finished visiting our Website especially if you access our Website from a shared computer.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Australia and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
If we are acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.10. ACCESS & CORRECTION
Subject to some exceptions set out in privacy law, you can gain access to your personal information that we hold. Important exceptions include access that would impact on the privacy rights of other people.
For more information about access to your information see our Access Policy below. For more information about applying to correct your information, see our Correction Policy below.10.1 ACCESS POLICY
If you wish to obtain access to your personal information you should contact our Privacy Coordinator as per section 12 below.10.2 CORRECTION POLICY
If you find that personal information that we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to correct it by contacting our Privacy Coordinator as per section 12 below.
We will take such steps as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
If we have disclosed personal information about you that is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to notify the third parties to whom we made the disclosure and we will take such steps (if any) as are reasonable in the circumstances to give that notification unless it is impracticable or unlawful to do so.
You have a right to complain about our handling of your personal Information if you believe that we have interfered with your privacy. If you are making a complaint about our handling of your personal information, it should first be made to us in writing. You can make complaints about our handling of your personal information to our Privacy Coordinator as per section 12 below.
You can also make complaints to the Office of the Australian Information Commissioner (OAIC) by phone on 1300 363 992, by email at firstname.lastname@example.org, by facsimile on 02 9284 9666, by post to GPO Box 2999 Canberra ACT 2601 or any of the other methods outlined on their website here.
When we receive your complaint:
- We will take steps to confirm the authenticity of the complaint and the contact details provided to us to ensure that we are responding to you or to a person whom you have authorised to receive information about your complaint;
- Upon confirmation we will write to you to acknowledge receipt and to confirm that we are handling your complaint in accordance with our policy.
- We may ask for clarification of certain aspects of the complaint and for further detail;
- We will consider the complaint and may make inquiries of people who can assist us to established what has happened and why;
- We will require a reasonable time (usually 30 days) to respond;
- If the complaint can be resolved by procedures for access and correction as per sections 10.1 and 10.2 above we will suggest these to you as possible solutions;
- If we believe that your complaint may be capable of some other solution we will suggest that solution to you, on a confidential and without prejudice basis in our response.
If the complaint cannot be resolved by means that we propose in our response, we will suggest that you take your complaint to any recognised external dispute resolution scheme to which we belong or to the Office of the Australian Information Commissioner.
12. QUESTIONS OR CONCERNS ABOUT PRIVACY
If you wish to obtain access to, a correction of, or make a complaint regarding the handling of your personal information you should contact our Privacy Officer by either:
- email at email@example.com;
- phone on 1300 227 949; or
- post to PO BOX 932, Toowong QLD 4066.