Customer Privacy Policy
Current as at November 2018
1. DEFINITIONS
In this Policy and Procedure:
-
Act means the Privacy Act 1998 (Cth).
-
Company means Bedtime Store
-
Designated contact person means the Chief Executive Officer.
-
Health information means information about an individual’s health or disability (at any time), as well as other personal information collected while an individual is receiving a health service (such as notes about symptoms, observations and/or opinions of an individual’s health, prescription information, test results and reports).
-
Personal information means information or an opinion about an individual whose identity is apparent or can reasonably be ascertained from the information or opinion. The information may or may not be true and may or may not be in writing.
-
Policy means the Bedtime Store Customer Privacy Policy.
-
Sensitive information is a subset of personal information and means information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health information, genetic information or biometric information.
-
Worker means a permanent, casual or temporary employee, apprentice or trainee, independent contractor, sub-contractor, labour-hire employee or volunteer engaged by the Company.
2. PURPOSE
-
The Company acknowledges its obligations under privacy law and is committed to protecting and maintaining the security of personal information obtained through its operations.
3. SCOPE
-
The Company is bound by the Act.
-
This Policy explains how the Company collects verbal and written information and how the Company may store, maintain, disclose and use that information.
-
The Australia Privacy Principles (APP) set out the obligations that businesses must comply with and these have been incorporated into the Policy to ensure compliance with the appropriate legislation.
4. POLICY AND PROCEDURE STATEMENT
-
The Company takes its obligations to protect this information very seriously. All workers must ensure that private information is collected and stored in a safe, secure and confidential manner. This will be achieved by ensuring the integrity of the manner in which information is collected and stored. Failure to comply with this policy may result in disciplinary action. The action taken will depend on the circumstances but may involve a warning, counselling, demotion or dismissal.
5. GUIDELINES
-
The Company will ensure access to personal information is limited only to those people necessary, who require the information in order to perform their duties.
-
The Company will only use or disclose personal information for the primary purpose for which the information was collected.
-
When information is to be used or disclosed for a purpose other than the primary purpose for which it was collected, consent will first be obtained from the individual, except in the following circumstances:
-
where the individual would reasonably expect the Company to use or disclose the information for that secondary purpose and that purpose is related to the primary purpose of collection, or, in the case of sensitive information, directly related to the primary purpose;
-
where use or disclosure for a secondary purpose is required or authorised by or under an Australian law or a court or tribunal order;
-
a permitted general situation (as defined in the Act) exists in relation to the secondary use or disclosure;
-
a permitted health situation (as defined in the Act) exists in relation to the secondary use or disclosure; or
-
the Company reasonable believes that secondary use or disclosure is reasonably necessary for one or more enforcement related activities.
-
-
The following guidelines must be followed in relation to the collection and use of private information.
5.1 When do we collect your personal information?
-
The Company collects personal information in a number of ways. At times, we are required to collect personal information in the normal course of providing goods and services for our customers. The activities and functions of the business that may require us to collect personal and/or sensitive information include:
-
assessing an individual’s suitability for our products and services,
-
arranging in-home presentations,
-
handling customer complaints,
-
managing maintenance or delivery requests,
-
processing customer purchases and finance,
-
processing rental agreements,
-
promoting the Company’s goods and services (whether physically or online), and
-
receiving instructions from an individual.
-
5.2 How do we collect your personal information?
-
The Company will only collect personal information from an individual by lawful and fair means. Common ways that we may collect personal information about you include:
-
when you access and use our website,
-
during conversations with our workers,
-
when you communicate with us directly by email, telephone, direct mail or any other means, and/or
-
if you are a candidate for employment, when you complete forms in relation to the recruitment and selection process, for the purposes of assessing your suitability for the role.
-
-
We may also collect personal information (other than sensitive information) about you from third parties where appropriate, including:
-
if you are a candidate for employment, from your nominated referees or a recruitment agency provided you have authorised us to do so,
-
from our related bodies corporate,
-
from publicly available sources, and
-
from private company data providers (such as DataU).
-
-
We will only ever collect sensitive information directly from the individual it concerns.
-
We will typically collect all other personal information from the individual directly, unless it is unreasonable or impracticable to do so or we are otherwise required or permitted by law to collect information from a third party.
5.3 What personal information do we collect?
-
We may collect the following types of personal information from you:
-
your salutation, full name and contact details such as your residential or business address, email address and telephone number,
-
your gender, age and date of birth and occupation,
-
your company name (if applicable),
-
your signature,
-
proof of identity, such as your driver’s licence or passport number,
-
your bank account, finance or other payment details,
-
your health information,
-
if you are a candidate for employment, we may collect other information as further set out in our application forms or during the recruitment process (e.g. information relating to your employment history, working eligibility rights, suitability for the role you are applying for, and your referee contact details),
-
other information you may supply to us.
-
5.4 What other information might we collect?
-
The Company may also collect information from you that is not personal information because it does not identify you personally. This information is normally retained with your personal information and may include:
-
information we require to deliver, service or fulfil our warranty and repair obligations (under contract or Australian consumer law) for any products and/or services provided;
-
your marketing preferences, including the type of marketing materials you wish to receive and the method of delivery (e.g. email, SMS, direct mail, or other);
-
information you provide to us via application forms, or directly to Workers in relation to our products and services;
-
information you provide to us via other forms on our website (such as competition entries, surveys or enquiry forms).
-
5.5 Why do we collect personal information?
-
We may use or disclose your personal information for:
-
the purposes for which it was collected and disclosed, including related or incidental purposes which would be reasonably expected by you,
-
other purposes to which you have consented, and/or
-
as otherwise authorised or required by law.
-
-
Some of the primary purposes for which we commonly collect, use and disclose personal information are:
-
to offer, sell and deliver products and/or services to customers whether directly or with the assistance of external service providers,
-
to provide information and/or advice on health care packages and government schemes available from time to time,
-
to market our products and/or services directly to you, including through in-home presentations, consultations, special promotions and campaigns in place from time to time that may be of interest to you,
-
to answer your queries and provide tailored advice or information,
-
to carry out activities relevant to fraud and loss prevention, customer analysis, sales analysis, quality control, repairs and market research,
-
to carry out a full and proper investigation into any complaints brought against the Company,
-
to comply with any relevant laws and/or regulations, or to comply with any directions given by regulators or authorities, and
-
if you are a candidate for employment, to assess your suitability for a position at the Company.
-
5.5 What if I refuse to provide personal information?
-
If we are unable to collect, use or disclose your personal information as stipulated in this Policy, some or all of the following may occur:
-
we may be unable to offer our products and/or services to you, to the requested standard or at all,
-
we may be unable to provide further information about our products and/or services that you have purchased from us, or may intend to purchase in the future,
-
we may be unable to tailor the content of our direct marketing communications to suit your preferences,
-
your experience when interacting with us may be delayed or not as efficient as you may expect, and
-
if you are a candidate for employment, we may not be able to process your application for a position with the Company.
-
5.6 How do we store, hold and destroy personal information?
-
The Company may hold your personal information in either electronic or hard copy form.
-
If you provide information to us electronically we retain this information in our computer systems and databases. This includes computer software programs, internet servers and hosted internet solutions provided by third parties.
-
If you provide information to us in hard copy (paper), this information is destroyed if and when it has been transferred to our electronic files.
-
The Company will take reasonable steps to destroy or de-identify any personal information it holds if it is no longer required for any purpose stipulated in this Policy or otherwise permitted by law.
5.7 How do we secure your personal information?
-
The Company understands the importance of your personal information and have reasonable security procedures in place to safeguard and secure the information it collects in order to prevent unauthorised access, modification or disclosure and misuse, interference or loss.
-
This includes but is not limited to encyrpted databases and communication systems, workplace surveillance, extensive security measures, an employee privacy policy and regular training for our workers.
-
Additionally, with respect to any third party provider of personal information, we require an assurance that all information has been lawfully obtained and handled in compliance with Australian privacy law.
5.8 When do we disclosure your personal information?
-
Your personal information may be disclosed in accordance with this Policy to any of the following:
-
our Workers and third party service providers, to the extent reasonably necessary in connection with our relationship with you,
-
This may include, but is not limited to, auditors, sales consultants, IT consultants, external delivery companies, finance providers, mailing houses, couriers, payment processors and data entry service providers.
-
-
our related bodies corporate,
-
our business advisors and financial lenders, including lawyers, accountants or other professional service providers, to the extent reasonably required;
-
our suppliers and distributors with whom we have commercial relationships to the extent reasonably necessary in connection with our relationship with you;
-
to any person required and authorised by law (e.g. the police service, ambulance service, or government departments or regulators within Australia in connection with law enforcement activities).
-
-
Where personal information is shared with a third party, the Company will reinforce the confidential nature of this information and either party’s privacy obligations with respect to use or disclosure for secondary purposes. The Company will also seek assurance from third parties that personal information within their possession is managed and destroyed appropriately, in compliance with Australian privacy law. The Company will endeavour to reflect this discussion in writing and seek mutual agreement from the third party.
-
Some of our associated companies with whom we may be required to share personal information are located overseas. These associated companies will often be subject to privacy and confidentiality obligations dictated by laws in their own jurisdictions. Nevertheless, in circumstances where disclosure is necessary, we will take such steps as are reasonable to ensure that the overseas recipient does not breach Australian privacy law.
-
Your personal information will not be shared, sold, rented or disclosed other than as described in this Policy.
5.9 Cookies
-
The Company may use temporary (session) cookies or permanent cookies when you access our global website.
-
Cookies can be used to track usage behaviour and aggregate data to allow us to customise your experience on our website.
-
You can switch off cookies by adjusting the settings on your web browser.
5.10 Direct Marketing Communications
-
If you have consented, or if otherwise permitted by law, we may use all or part of your personal information to send you direct marketing communications and information via email, SMS, or registered post about our products and services.
-
Within all marketing communications, the Company will provide a simple means for individuals to “opt out” and unsubscribe from the Company’s mailing list. Namely, you will be able to unsubscribe from emails by clicking the unsubscribe link on the footer of the email communication you have received. Alternatively, you may opt out of receiving marketing communications at any time by contacting us via the details provided below.
-
If you have indicated a preference for a method of communication, we will endeavor to use that method wherever practical to do so.
-
We do not provide your personal information to any other organisations for the purposes of direct marketing.
5.11 How can you access your personal information?
-
If you believe we hold personal information about you, you may obtain access by making a request in writing via the following channels:
-
Email: info@bedtimestore.com.au
-
Phone: (07) 3184 6040
-
Mail: 84 Parramatta Road, Underwood QLD 4119
-
-
Subject to any exemptions which may apply at law, we will provide a record of your personal information to you, normally via your preferred contact method (phone, email or mail). We will not normally charge a fee for granting access to personal information but reserve the right and discretion to do so.
-
We may ask you to verify your identity and for proof of identity to ensure that personal information we hold is not improperly accessed.
5.12 How can you request a correction your personal information?
-
If you would like to request us to update or amend the personal information we hold about you, please contact us and we will make the requested amendments, subject to any exemptions which may apply at law.
-
We reserve the right to be satisfied that the information collected is inaccurate, out-of-date, incomplete, irrelevant or misleading.
-
We may also ask you to verify your identity and for proof of identity to ensure that personal information we hold is not improperly accessed.
6. CANDIDATES AND EMPLOYEES
-
This Policy does not generally apply to current and former employees of the Company, in relation to personal information held about them in its employment records. If you are a current or former employee and have a query about your personal information, please contact us using the details below.
7. PRIVACY COMPLAINTS
-
If you believe that we have breached your privacy rights in any way or you would like to discuss any issues about this Policy please contact us using the details below.
-
All such enquiries or complaints will be taken seriously and handled with impartiality and discretion.
-
If you wish to submit a complaint, please provide us with all relevant details such as the date and time of the incident or communication, the circumstances surrounding the event and your concerns about what was said or done. You will also receive an acknowledgment from us within 14 days confirming receipt of your complaint.
-
Once you have submitted your complaint we will assess it to determine whether or not you have complained about a privacy issue which is covered by the relevant privacy laws. If you have complained about something which is not appropriately dealt with under privacy law, we will write to you and explain why we are unable to address your complaint.
-
If you have complained about something which the relevant privacy laws cover, we will thoroughly investigate all aspects of your complaint including ascertaining the relevant facts and what your expectations are for any resolution. During our investigation we may need to seek further information from you as to the nature of or factual circumstances surrounding your complaint.
-
We will endeavor to respond to you, using your preferred contact method if you have indicated one, at all times promptly and to offer a practical solution which is consistent with our legal obligations. If we are unable to resolve your complaint, we will explain why.
-
If you are not satisfied with the outcome of our assessment of your complaint, you may wish to contact the Office of the Australian Information Commissioner.
8. CONTACTING US
-
If you would like to contact us in relation to this Policy or your personal information, including to make a complaint or opt out from direct marketing, please contact us at:
-
Email: info@bedtimestore.com.au
-
Phone: 07 3184 6040
-
Mail: 84 Parramatta Road, Underwood QLD 4119
-
Please note we may update our Privacy Policy from time to time. Please contact us if you would like an updated version of our Privacy Policy.
9. GENERAL
This Policy is available online at www.bedtimestore.com.au/privacy
Upon request, the Company will provide copies of this Policy to its Workers.
Any enquiries in relation to this Policy should be directed to Designated Contact Person.