This website (our Website) is owned and operated by The Sweater Collective (we, us and our).
Scope of policy
2. “Personal Information” under the Privacy Act 1988 (Cth) (the Privacy Act) is defined to mean information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
Collection of Personal Information
Why do we collect Personal Information?
4. We collect and hold Personal Information that is reasonably necessary for the services we provide.
How do we collect Personal Information?
5. We will generally collect Personal Information from you directly through your use of our Website including when you visit, access, contact us or use other services provided on our Website.
6. We may also collect Personal Information through applications, email or other communication with you, or through a face-to-face meeting or telephone conversation with you.
What form of Personal Information do we collect?
7. We may collect and hold the following types of Personal Information:
(a) Your name;
(b) Your date of birth;
(c) Age range;
(d) Your gender;
(e) Details about your health, including disabilities;
(f) Information about your support requirements;
(g) Details of your guardians and nominees;
(h) National Disability Insurance Scheme number and plan information;
(i) Financial information and funding arrangements;
(j) Your phone number;
(k) Your nationality;
(l) Your email address;
(m) Your mailing address and delivery address;
(n) Organisation with which you are affiliated as an employee, contractor or agent;
(o) Payment details; and
(p) Information provided by you when you use or request other services available on our Website.
8. In the course of providing our services to you, we may also collect and hold more detailed personal information as required to perform our services.
9. If you choose to correspond with us through email, we may retain the content of your email messages together with your email address and our responses. We provide the same protections for these electronic communications that we employ in the maintenance of information received by mail and telephone.
Retaining your Personal Information
10. We will retain your personal information for the duration of your use of the Website. When you cease use of the Website we will retain your Personal Information for no longer than 7 years or for any such period that it is necessary for us to retain your Personal Information (the Retention Period).
11. We will make your personal Information available to you if requested.
Destruction of your Personal Information
12. Once the Retention Period has lapsed, we will ensure the timely and secure destruction and/or disposal of your Personal Information, including both physical information and cyber information.
13. If at any other time, you request we destroy and/or dispose of your Personal Information, we will comply with your request in a timely matter, to the extent that it does not interfere with the conduct of our business.
Breach of Personal Information
Security of your Personal Information
14. We will endeavour to protect your Personal Information from unauthorised interference (including access or disclosure).
Informing you of a Data Breach
15. A data breach will occur if there has been unauthorised interference to your Personal Information, and that interference is likely to result in serious harm to you (Data Breach).
16. If there is a Data Breach, we will determine if the Data Breach has caused or is likely to cause serious harm. If we determine that serious harm has or will be caused, we will notify you and the relevant reporting body of the Data Breach.
How we use your Personal Information
17. We collect, use and disclose Personal Information for purposes associated with conducting our business, providing services to you, marketing and promotional efforts, and to improve our content and service offerings, including:
(a) Facilitating services between you and us, entities associated with us and/or third-party individuals and organisations who we work with or alongside to provide services to you;
(b) Monitoring the use of our Website;
(c) Improving the quality of our service;
(d) Administrative purposes;
(e) Marketing communications purposes;
(f) Statistical analysis of the usage of our Website; and
(g) Complying with the law, including privacy legislation.
18. Occasionally, we may also use the Personal Information we collect to notify you about important changes to our Website and new services we think you will find valuable. You may notify us at any time if you do not wish to receive these offers by emailing us at the link provided on notifications, or by contacting us at our contact email address at the end of this policy.
19. If you have given us your express consent to:
(a) Provide you with direct marketing communications; or
(b) Provide your Personal Information to third party individuals and organisations who we work with or alongside to provide services to you),
we may collect, hold, use and disclose Personal Information in accordance with that consent to enable us (or those third-party individuals and organisations, as the case may be) to provide you information about, and offer you, goods and services.
20. If you give us consent to provide you with direct marketing communications, you can later request not to receive direct marketing communications. You may also request that we do not provide your Personal Information to any of our third party providers in order for them to provide you with direct marketing communications.
21. Such information may be shared with others as de-identified data in aggregated form.
22. Personally-identifiable information or business information will not be shared with third parties except as required by law (including disclosure to government agencies or at their direction) or where you have given us your express consent to do so.
23. We may need to provide your Personal Information to third parties who we engage to assist us to provide goods and services to you, such as:
(a) Service providers who we engage to assist us in providing services to you;
(b) Information technology service providers; and
(c) Payment processors.
24. Where your Personal Information is disclosed to these third parties, they will only be authorised to use your Personal Information for the purpose that we supplied it to them. If those third parties are located overseas, then your Personal Information may be transferred overseas.
Cookies and data activity
25. We may use standard technology called ‘cookies’ and similar technologies on our Website. Cookies are small data files that are stored on your computer when you visit a particular app or website, which allow your web browser to remember certain information.
27. Sometimes information that you upload is provided with associated metadata. If you do not want us to use the metadata you must remove it before uploading it onto our Website and other applications and tools.
Data security and storage
29. Personal Information collected by us will be stored and processed on servers located both within and outside Australia. To prevent unauthorised access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online.
30. In other limited circumstances, we may need to send your Personal Information overseas. These circumstances include:
(a) Where we have a supplier assisting us with the provision of goods and services and our business functions; and
(b) Where a third-party application is being used in connection with our interactions with you.
Links to other applications and websites
32. Our Website may contain links to other applications, websites and tools that are owned, controlled or operated by us. We are not responsible for the practices employed by applications linked to or from our Website or the information or content contained on them.
Legal disclosure of Personal Information
34. We reserve the right to disclose any Personal Information which identifies you as required by law and when we believe that disclosure is necessary to protect our rights, or to comply with a judicial proceeding, court order, or legal process served on our Website.
How to opt-out or access your Personal Information
35. If you:
(a) Want to find out what Personal Information we hold about you;
(b) Believe any of your Personal Information held by us is inaccurate, out of date, incomplete or it is not necessary for us to continue to hold it;
(c) Want to request not to receive direct marketing communications or that we do not provide your Personal Information to any of our third party providers in order for them to provide you with direct marketing communications; or
(d) Wish to make a complaint about a breach of the Privacy Act, Australian Privacy Principles or a privacy code that applies to us,
please contact us by emailing us at our contact email address at the end of this policy.
36. If you are not happy with our response, you may complain directly to the Australian Privacy Commissioner.
37. For any queries, complaints or requests regarding this policy or our handling or use of your Personal Information, please contact us at email@example.com.