Privacy policy.

At A Touchy Subject, we are conscious of your privacy and this Privacy Policy tells you how we use your information.

We may collect your information offline or online through our website: https://www.atouchysubject.com (Site) and other related third-party platforms. However, please be assured that all personal and sensitive information we collect will be treated in accordance with the Privacy Policy below, the Privacy Act, and the Australian Privacy Principles. 

Types of personal information

The types of personal information we may collect about you include:

  • your name, images, and complete contact details;

  • your age and/or date of birth;

  • your credit card or payment;

  • any customer survey results and customer service history;

  • information about your access and use of our Site;

  • additional personal information that you provide to us; and

  • any other personal information requested by us and/or provided by you or a third party such as Google or our third-party payment processor.

Collection and use of personal information

We may collect, hold, use, and disclose personal information for the following purposes:

  • to enable you to access and use our Site;

  • to contact and communicate with you;

  • for internal recordkeeping, administrative purposes, invoicing, and billing purposes;

  • for analytics, market research, and business development;

  • for advertising and marketing;

  • to comply with our legal obligations and resolve any disputes that we may have; and

  • to consider an employment application.

Disclosure of personal information to third parties

We may disclose personal information to:

  • third-party service providers to enable them to provide their services;

  • our employees and contractors; 

  • our existing or potential agents or business partners;

  • sponsors or promoters of any competition we run;

  • anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;

  • credit reporting agencies, courts, tribunals, and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;

  • courts, tribunals, regulatory authorities, and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or to establish, exercise, or defend our legal rights;

  • third parties, including agents or sub-contractors, who assist us in providing information, products, services, or direct marketing to you. This may include parties located, or that store data, outside of Australia; and

  • third parties to collect and process data, such as Google Analytics or other relevant businesses. This may include parties that store data outside of Australia.

By providing us with personal information, you consent to the disclosure of your information outside of Australia and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with the Privacy Act (Act) and the Australian Privacy Principles (APPs).

Note: The Act and the APPs may not regulate third parties overseas. If any third party engages in any act or practice that contravenes the APPs, it would not be accountable under the Act.

How we treat personal information that is also sensitive information

Information classified as “Sensitive Information” has a higher level of protection under the APPs. 

Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information, or biometric information.

Provided you consent, your sensitive information (if we hold any) may only be used and disclosed for purposes relating to the primary purpose for which the sensitive information was collected. Sensitive information may also be used or disclosed if required or authorised by law.

Your rights and controlling your personal information

Choice and consent: By providing personal information to us, you consent to us collecting, holding, using, and disclosing your personal information in accordance with this Privacy Policy. You do not have to provide personal information to us, however, if you do not, it may affect your use of this Site or the products and/or services offered on or through it.

Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this Privacy Policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

Restrict: If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below.

Access: You may request details of the personal information that we hold about you. An administrative fee may be payable for the provision of such information.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details below. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date.

Complaints: If you wish to make a complaint about how we have handled your personal information, please contact us using the details below and provide us with full details of the complaint. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint.

Unsubscribe: To unsubscribe from our e-mail database or opt out of communications (including marketing communications), please contact us using the details below or opt-out using the unsubscribe or opt-out facilities provided in the communication.

Overseas transfer

Your personal information may be transferred to an overseas jurisdiction with substantially similar data protection laws such as the United States of America, the United Kingdom, or countries within the European Union (EU). These countries have data protection laws, which protect personal information in a way that is at least substantially similar to APPs and there will be mechanisms available to you to enforce protection of your personal information under that overseas law. 

We do not require overseas recipients to comply with the APPs and we will not be liable for a breach of the APPs if your personal information is mishandled. 

GDPR

In some circumstances, the European Union General Data Protection (GDPR) provides additional protection to individuals located in Europe. Where this is the case, there may be additional rights and remedies available to you under the GDPR if your personal information is handled in a manner inconsistent with that law.

Storage and security

We are committed to ensuring that the personal information we collect is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure your personal information and protect it from misuse, interference, loss, unauthorised access, modification, and disclosure.

We cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that the personal information we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.

Cookies, web beacons, and Google Analytics

We may use cookies and web beacons on our Site from time to time. 

While cookies don’t tell us your email address, they do allow third parties, like Google and Facebook, to track you as part of our retargeting campaigns. If and when you choose to provide our Site with personal information, this information may be linked to the data stored in the cookie.

Web beacons monitor your behaviour on our Site and collect data about your web page viewing. 

We also use Google Analytics to collect and process data from time to time. 

Links to other websites

We do not have any control over Third Party Websites and we are not responsible for the protection and privacy of any personal information that you provide whilst visiting them. Third Party Websites are not governed by this Privacy Policy, even if you followed a link from our website to the Third Party Website.

Amendments

We may, at any time and at our discretion, vary this Privacy Policy. We recommend regularly checking this Privacy Policy to remain updated on any amendments.

For any questions or notices, please contact our Privacy Officer at:

Victoria Cullen Pty Ltd trading as A Touchy Subject ABN 32650389058 (also we or our throughout this privacy policy)

Email: victoria@atouchysubject.com

Last update: 31 January 2022