Peggy Sue Soaps Pty Ltd (“PEGGY SUE CO”) is committed to complying with applicable privacy laws (including the Privacy Act 1988 (Cth) and to the extent applicable, the EU General Data Protection Regulation (GDPR).), which set clear standards relating to our collection, storage, use and disclosure of any personal information we obtain as part of our business operations.
PEGGY SUE CO recognises the importance of privacy. Our respect for our customers' and other individuals' right to privacy of their personal information is paramount. We have policies and procedures to ensure that all personal information is handled by us in accordance with applicable privacy laws.
- Our general policies relating to management of personal information;
- The type of personal information we collect and the purposes for collection, how we use and disclose this information, and how we store this information; and
- How you can obtain access to and correct any personal information we hold about you.
1. What personal information do we collect?
1.1. PEGGY SUE CO collects personal information from customers, employees, contractors, agents, and other individuals. We collect this information when it is necessary for business purposes.
1.2. So that we can provide services to you, we may ask you for personal information such as:
- Your name;
- Telephone number;
- Email address;
- Payment information;
- Transaction information;
- Account information (including but not limited to username and password);
- Verification of Identity documents (including but not limited to driver’s licence, identification card, bank card, and bank statements); or
- any other personal information you submit to us.
- 3. The personal information we collect may be provided on forms filled out by individuals (including when you register on PEGGY SUE CO’s website and when you agree to purchase products from us), when you visit PEGGY SUE CO’s website, in face-to-face meetings, email messages, telephone conversations, or from third parties. If you contact us, we may keep a record of that contact. We will collect personal information about you only from you where it is reasonable and practical to do so, or as required by law.
- 4. Generally, you have no obligation to provide any information requested by us. However, if you choose to withhold requested information, we may not be able to provide you with any products and services that depend on the collection of this information (particularly where our collection of this information is required by law).
- 5. In appropriate cases, we may collect personal information about you from third parties, such as your employer.
- 6. If you (or your employer) create a commercial account, we may collect information about you from third parties (for example, from your employer, service providers, agents, advisers and brokers).
2. How is personal information used and disclosed?
2. 1. The personal information we collect is confidential. Our purpose in collecting information about you is to provide you with a better website experience, to provide products or services to you and to operate our business.
2. 2. Some examples of when we may need to collect, use, and disclose this information are in relation to property or supplier enquiries, for email newsletter registration, for providing customers with products and services, and for customer complaint handling.
2. 3. PEGGY SUE CO may use your personal information to advise you of new products and services or special offers or promotions. PEGGY SUE CO’s agents or contractors from time to time may also use your personal information to provide information to you about products and services that they may offer from time to time. If at any time you do not wish to receive such information from us, or our agents, you can opt out of receiving such information when registering on PEGGY SUE CO’s website, or you may remove your name from our list by calling us on (02) 4631 1402 and asking to be removed from our mailing list. Alternatively, if we have sent you this information by email, you can use the unsubscribe link at the end of the email. In either case, please allow five (5) business days for this request to be processed.
2. 4. In the course of our business, we use a range of service providers to help us maximise the quality and efficiency of our services and business operations. This means that individuals and organisations outside of PEGGY SUE CO may sometimes have access to personal information held by PEGGY SUE CO and may use this on behalf PEGGY SUE CO. We require our service providers to adhere to strict privacy guidelines and not to keep this information or use it for any unauthorised purpose.
2. 5. We may also share non-personal, de-identified and aggregated information for our own research or promotional purposes. Under no circumstances will we or any of our related entities sell your details to marketing agencies without your consent.
2. 6. PEGGY SUE CO does not routinely disclose personal information to any third parties. PEGGY SUE CO will not use or disclose any personal information about you without your consent unless:
- required or authorised by law;
- we believe this is necessary to provide you with the products or services you have requested;
- it is necessary to implement our Terms and Conditions of Sale;
- it is necessary to protect the rights, property or personal safety of a PEGGY SUE CO employee, another customer, or any member of the public or PEGGY SUE CO; or
- some or all of the assets and operations of the business are or may be transferred to another party by way of sale of some or all of PEGGY SUE CO’s business.
3. How do we store personal information?
3. 1. PEGGY SUE CO will endeavour to take all reasonable steps to keep secure any information we hold about you and keep this information accurate and up to date. Your personal information may be stored in hard copy or electronically (including on secure servers in controlled facilities). PEGGY SUE CO has security processes in place to protect personal information from misuse, loss or unauthorised access, modification, or disclosure. The types of measures we take vary with the type of information and how it is collected and stored. We require our employees, agents, contractors, and data processors to respect the confidentiality of any personal information held by us.
4. General Data Protection Regulation (GDPR) for the European Union (EU)
4. 1. PEGGY SUE CO will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.
4. 2. We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.
4. 3. We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it.
4. 4. We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose. We will keep your data safe and secure.
4. 5. We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation.
4. 6. We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law.
4. 7. We do not collect or process any personal information from you that is considered "Sensitive Personal Information" under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or if it is being collected subject to and in accordance with the GDPR.
4. 8. You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.
5. Your rights under the GDPR
5. 1. If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. PEGGY SUE CO complies with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU
5. 2. Except as otherwise provided in the GDPR, you have the following rights:
- to be informed how your personal information is being used;
- access your personal information (we will provide you with a free copy of it);
- to correct your personal information if it is inaccurate or incomplete;
- to delete your personal information (also known as "the right to be forgotten");
- to restrict processing of your personal information;
- to retain and reuse your personal information for your own purposes;
- to object to your personal information being used; and
- to object against automated decision making and profiling.
5. 4. We may ask you to verify your identity before acting on any of your requests.
6. Hosting and International Data Transfers
6. 1. Information that we collect may from time to time be stored, processed in or transferred between parties or sites located in countries outside of Australia. These may include, but is not limited to, USA.
6. 2. We and our other group companies have offices and/or facilities in USA. Transfers to each of these countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from PEGGY SUE CO.
6. 3. The hosting facilities for our website are situated in USA. Transfers to each of these Countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from PEGGY SUE CO.
6. 4. Our Suppliers and Contractors are situated in USA. Transfers to each of these Countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from PEGGY SUE CO.
6. 5. You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
7. Access to and correction of your personal information
7. 2. Upon your request, we will provide you with access to any of your personal information we hold (except in limited circumstances in which it is permitted by law for us to withhold this information). If you require access to your personal information, please contact us. We will require proof of identity before we provide you with access to your personal information. We will usually be able to respond to your request within fourteen (14) days.
7. 3. PEGGY SUE CO will take reasonable steps to correct any information which is found not to be accurate, complete, or up to date. If you wish to change personal information that is inaccurate, incomplete, or out-of-date, please contact us and we will amend this record. If you wish to have your personal information deleted, please contact us and we will take all reasonable steps to delete it unless we need to keep it for legal reasons.
8. Problems, future changes, and more information