Information we collect
In order to provide our customers with our products and services, we may collect and use personal information about you and others. If we are not provided with all the personal information we request, we may not be able to supply our products and services.
The type of information we collect includes names, addresses, credit card information (if you buy products or services from us) and other contact details.
We do not normally collect or store ‘sensitive information’, as defined in the Privacy Act 1988 (eg. information about ethnic origin, religious beliefs or health). However, where we are required to and it is practicable to do so, we will seek your consent before collecting your sensitive information and inform you of the purpose at the same time.
How we collect personal information
Generally, we collect an individual’s personal information from that individual. For example when you make an enquiry via this website or order a product from us.
However, occasionally we may also collect personal information from someone other than the individual, for example from if someone buys a product as a gift for someone and provides us with the other person’s name and address for delivery.
How we store personal information
We take all reasonable steps to keep secure any personal information which we hold about you and to protect your personal information from loss, misuse or unauthorised alteration.
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Access to personal information is limited to those of our personnel who specifically need it to carry out their business responsibilities. We also maintain physical security procedures to manage and protect the use and storage of physical records containing personal information.
Payments - Shopify
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight about how credit card details, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy)
Purpose of collection
We collect personal information so we can:
- identify our customers, potential customers and their representatives
- inform you or others of any initiatives we think may be of interest to you or them
- inform you or others about our products and services and the benefits of using our products and services
- provide you or others with information about offers or other benefits that may become available
- seek your opinion or comments about our products and services
- carry out billing and/or debt recovery activities
- carry out our management, administrative quality assurance and complaint handling activities in a professional and efficient manner
- develop and implement initiatives to improve our products and services
Use and Disclosure
We use and disclose the personal information we collect for the purposes indicated above, and for other secondary purposes.
We usually disclose the personal information we collect to our related entities, service providers and contractors, who help us supply our products and services.
Except where indicated above, we will not use or disclose personal information unless:
- the individual concerned has consented to the use and disclosure;
- the third party is our service provider or contractor, in which case we will require them to use and disclose the personal information only for the purpose for which it was provided to them;
- the third party is a person involved in a dealing or proposed dealing (including a sale) of all or part of our assets and business;
- the third party is a credit reporting agency, your creditor, banker, financier, credit provider, mortgage insurer or trade insurer;
- the disclosure is to a related body corporate; or
- the disclosure is permitted, required or authorised by or under law.
We may use personal information to advise the individual concerned of new products and marketing initiatives that we think may be of interest to them. This may include product and service offerings, newsletters and general information about us.
Those who prefer not to receive information about our products and services can ask to be removed from the relevant circulation list by contacting contact us, using the details listed below.
We never disclose personal information to a third party for the purpose of allowing them to direct market their products or service on an individual, unless individuals have expressly consented to that disclosure.
If at any time you want to know what personal information we hold about you, you are welcome to request access to that information by contacting us, using the details listed below. However, where:
- the access impacts on the privacy of others;
- the request for access is frivolous or vexatious;
- there are existing or anticipated legal proceedings; or
- such access can be denied under law or by a law enforcement agency,
we may deny your request for access. We may also charge a fee to cover the reasonable costs we incur in processing your request.
Quality & correction
At all times we strive to ensure that the information we hold about you is accurate, complete and up-to-date. If at any time you believe the personal information that we hold about you is incorrect, incomplete or inaccurate, you should let us know. We will use all reasonable efforts to correct the information.
Website & cookies
To ensure we are meeting the needs and wants of our website users, and to develop our online services, we may collect aggregated information by using cookies or similar electronic tools.
We do not use this technology to access any personal information of a user in our records and a user cannot be personally identified from a cookie.
We are committed to constantly improving our procedures so that personal information is treated appropriately. If you feel that we have failed to deal with your personal information in accordance with this policy, please contact us, using the details listed below, so we have an opportunity to resolve the issue to your satisfaction.
We will log your complaint and our privacy officer will:
- listen to your concerns and grievances;
- discuss with you the ways in which we can remedy the situation; and
- put in place an action plan to resolve your complaint and improve our information handling procedures if appropriate.
No disclosure to overseas recipients
We are not likely to disclose personal information to overseas recipients.
If you require more detailed information about our information handling practices or if you have any concerns about our handling of your personal information, please let us know by contacting us at:
Harriott & Hound
We will endeavour to respond to your concerns as quickly as possible.