Privacy and Spam Policy
Zarraffa’s Roastery Pty Ltd (ACN 093 865 555) (Roastery, us or we) manage personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles (APP) contained therein, and the SPAM Act 2003 (Cth) (SPAM Act) (Acts).
This Privacy and SPAM Policy (Policy) outlines the types of personal information that we may collect, how that personal information will be used, disclosed, transferred and stored, and sets out the measures that we take to comply with the Acts.
This Policy does not relate to any of our associated entities or franchisees’ management of your personal information. Where necessary, they will have their own policy.
By visiting our website, or providing us with your personal information, either electronically, in writing, over the telephone or in person, you agree to be bound by the terms and conditions of this Policy, the Acts or other applicable laws of Australia. We reserve the right to update the terms of this Policy at any time.
Personal information means information or an opinion about you, whether true or not, from which your identity is apparent or can reasonably be ascertained. This is whether the information is recorded in a material format or not. Personal information may also include information we may collect about your individual preferences.
1. Why do we collect information from you?
Roastery will only collect personal information from you when is reasonably necessary to undertake our business activities and functions, or as otherwise permitted by law.
We may collect your personal information for one or more of the following reasons:
(a) providing our current and future products or services to you;
(b) facilitate any order made by you on our website;
(c) to assist with your queries;
(d) processing an application (including an employment or franchise application) that you have made;
(e) dealing with your information if you are an employee or franchisee;
(f) for surveys, direct marketing, promotions or competitions;
(g) to ensure the proper function of the website and online software;
(h) for our marketing, planning, product development and research requirements;
(i) for the promotion of us, our suppliers, entities we sponsor and/or third party partners;
(j) to communicate with you;
(k) to respond to your requests, questions, comments and complaints;
(l) to publish your reviews, forum posts or other content on our website;
(m) to notify you about special offers and products or services available from us or our participating partners;
(n) to solicit information from you;
(o) to resolve disputes or resolve problems;
(p) to prevent prohibited or illegal activities;
(r) as may otherwise be described to you at the point of collection or pursuant to your consent;
(s) facilitating our internal business operations, including the fulfilment of any legal requirements; and
(t) analysing our services and customer needs with a view to developing new and/or improved services.
We may also use your personal information for other purposes not listed above which will be made clear to you at the time we collect your personal information, or for such purposes as may be required or permitted by law.
2. What information do we collect from you?
The types of personal information that we collect may include your:
(c) date of birth;
(d) telephone number;
(e) e-mail address;
(h) credit card or other form of payment information;
(i) opinion in relation to any of our business activities via surveys and/or competitions and trade promotions; or
(j) other such information (including proof of identity) that is relevant for us to provide our products and services to you in the manner that you have requested, or to comply with the law.
We do not generally collect sensitive information from you; however, if you provide such information to us, we will only collect that information with your express consent and only where such information is reasonably required in order for us to provide our products or services to you. We shall not disclose sensitive information to any other party without your consent.
If you are making an application or enquiry in relation to employment with Roastery, or are an existing employee, we may collect additional information from you such as:
(a) details relating to you;
(b) details of your referees,
(c) information provided by your referees;
(d) credit checks;
(e) criminal history checks;
(f) results of any profile testing;
(g) results of any pre-employment testing;
(h) identity documents;
(i) tax file number;
(j) health information; or
(k) details of your next of kin.
3. How we collect your information
Information may be collected from you in numerous ways, including:
(a) via our website;
(b) via our social media pages;
(c) in writing:
(i) if you complete an order on our website;
(ii) if you complete an entry form for any competition and/or trade promotion;
(iii) if you complete any survey;
(iv) if you post us your information;
(d) if you call us; or
(e) if you provide us with your information in any other format such as verbally or via text message.
3.2 Information via the website and online software
Every time you use our website, information may be collected by us or on our behalf via services such as Google Analytics.
Types of information collected may include:
(a) the date and time of your visit to our website and online software;
(b) your IP address;
(c) the address of the documents you access;
(d) the type of browser and operating system you are using;
(e) any address of a recurring site and any other website you are about to visit; and
(f) the information you submit regarding payment particulars, including credit card details which are captured by our online software and database.
The information that may be collected provides us with details about how the website is being used including the frequency and duration of visits, and which web pages you have accessed on the website.
4. Personal details
We may run competitions or offer added benefits to you and we may ask you to provide us with your personal details for these purposes. Giving your personal details to us is absolutely optional, however if you do not provide your personal details we may not be able to contact you or give you access to those benefits.
We are often required by law to confirm the identity and age of our competition winners, and if required, may request this type of identification may be required from you.
4.1 Failure to provide Personal Information
If the personal information you provide to us is incomplete and/or inaccurate, or you choose not to provide us with the personal information that we have requested, it may affect our ability to provide you with our products and services.
4.2 Dealing with Roastery anonymously or through a pseudonym
If possible you will have the option of interacting with us anonymously or through a pseudonym, however, where you are requesting products or services from us, it may become impracticable to provide those products or services to you without verifying your identity.
5. Use and disclosure of information
5.1 Use of information
We will not sell, distribute, rent, licence, disclose or reveal, share or pass your information or personal details onto any third parties, other than in accordance with this Policy, and to those who are contracted to us to keep your information or personal details confidential.
We will not disclose your information or personal details collected by us for any purpose other than where:
(a) it is for the primary purpose in which it was collected;
(b) to our related entities, suppliers, employees, consultants, contractors or agents for the primary purpose or for other purposes directly related to the primary purpose for which the personal information was collected;
(c) to relevant federal, state and territory authorities for the purpose of investigating food safety or a health issue, including a workplace health and safety matter;
(d) it is required to ensure the proper functioning of the website;
(e) your personal details are to be used by a participating third party contracted to us and the participating third party is bound by a confidentiality agreement with us;
(f) we are required or authorised by law or if it is reasonably necessary to enforce the law (whether in Australia or overseas);
(g) the information or personal details is necessary for the establishment, exercise or defence of a legal claim;
(h) to others that you have been informed of at the time any personal information is collected from you; or
(i) you have given express (or implied) consent to us for a prescribed purpose.
5.3 Sending information overseas
You consent to the disclosure of your personal information outside Australia, and acknowledge that we are not required to ensure that overseas recipients handle your personal information in compliance with the Privacy Act. We will, however, where practicable in the circumstances, take reasonable steps to ensure that overseas recipients use and disclose such personal information in a manner consistent with this Policy and the APP’s.
SPAM is an electronic message that is both unsolicited and commercial in nature. We assure you that:
(a) we have crafted an internal policy to educate our staff and implement clear guidelines and rules in relation to the dissemination of commercial electronic messages;
(b) you are at liberty to unsubscribe from any mailing list to which you have previously subscribed. If for any reason there appears to be no facility to be removed from the mailing list, please send us an email as detailed in clause 10 of this policy, or alternatively you may call (07) 5500 0899 within ordinary business hours and request to speak to our SPAM Policy Administrator, and
(c) we will not use address-harvesting software for any reason.
To assist us in combating SPAM we request your assistance with the following:
(d) if you receive an unauthorised commercial or offensive message, which appears to originate from our email address, please assume that it has been sent in error and notify us immediately on the above noted contact details;
(e) please ensure that you unsubscribe from any of our mailing lists if you decide you no longer wish to receive commercial messages from us or our contracted third parties; and
(f) if you do subscribe to any of our mailing lists, please ensure that we have your current details at all times, by updating us on any change in or cancellation of your email address.
7. Security of your information
We will take all reasonable steps to ensure that all information or personal details collected from you is stored in a secure environment accessed only by our authorised personnel.
Where we store your personal information depends on what interaction you have had with us or one or more of our franchisees, however, some areas may include:
(a) electronic databases, including those for processing customer enquiries or feedback;
(b) email databases for marketing communications; and
(c) paper based forms.
Please keep in mind that no information transmitted over the internet can be guaranteed to be 100% secure. We will endeavour to protect your information or personal details, however we cannot ensure or warrant the security of any Information or personal details you transmit to us or receive from our online software. These activities are conducted at your own risk.
If a substantial data breach has or may have occurred (for example, your personal information was shared with unauthorised persons) we will notify you as soon as is practicable and the Office of the Australian Information Commissioner about that actual or possible breach.
We only keep your personal information for as long as it is required for the purpose for which it was collected or as otherwise required by law. We will take appropriate measures to destroy or permanently de-identity your personal information if we no longer need to retain it. These measures may vary depending on the type of information concerned, the way it was collected and how it was stored.
8. Credit Card information
We use the third parties to process any sales paid for via credit card. Depending on your interaction with us, will determine which payment gateway we use.
(a) Where we utilise PayPal Australia Pty Limited (ABN 93 111 195 389) (PayPal) to process any sales paid for via credit card, we do not directly hold any payment information other than a billing address and a contact email on the website servers. In accordance with PayPal policies, we may be able to view credit card details, however, we will only use such information for the purposes of credit card verification, transaction approval or to provide a refund. Any information collected by PayPal may be used in accordance with the PayPal privacy or other policies and is beyond our control. To view PayPal policies please refer to the PayPal website located at www.paypal.com.au.
(b) Where we utilise our everyday banking partner and their merchant facilities (which may change from time to time) to process any sales paid for via credit card, we will directly hold payment information, including full details of your credit card, and share only with our related entities. Such payment information will be held and treated in accordance with this Policy and the APP’s.
Where we use the payment gateway processor, Web Active Corporation Pty Ltd (ACN 086 209 403) (“eWay”) to process any sales paid for via credit card, you will be subject to their policies in addition to ours. We do not directly hold any payment information other than a billing address and a contact email on the Website servers. In accordance with eWay policies, we are able to view partial credit card details, however, your complete credit card number cannot be viewed. We will only use such information for the purposes of credit card verification, transaction approval or to provide a refund. All transactions by eWay are performed under 128 Bit SSL Certificate and transaction data is encrypted for storage within eWAY's bank-grade data centre. Any information collected by eWay may be used in accordance with the eWay privacy or other policies and is beyond our control. To view PayPal policies please refer to the eWay website located at www.eway.com.au.
Our website may contain links to other web sites on the Internet. Please be aware that we are not responsible or liable for the privacy practices of such other web sites.
We encourage our users to be aware when they leave our site to read the privacy statements of each and every web site that collects personally identifiable information. You access destination links at your own risk. Because we want to provide you with the best service possible, we would appreciate your comments about any external links at: email@example.com.
10. Third party advertising services
We may utilise certain third-party advertising services (e.g. organizations such as FastClick or Google) to display advertising for our advertisers. These third-party services may place a cookie on your computer for the purposes of ad tracking and presentation. We do not share personally identifiable visitor information with these third-party services.
11. Unsubscribing from the Roastery email database
To unsubscribe from our e-mail database please send an e-mail to firstname.lastname@example.org with the following message typed into the body of the e-mail. The message you need to type or copy into the body of your e-mail is “UNSUBSCRIBE”.
12. Access to, and correction of information
You may request access to the personal information that we hold about you at any time by contacting our Privacy Officer using the details set out in this Policy. We will respond to any such request for access to personal information within a reasonable time frame and will provide you access to the personal information that we hold that belongs to you, unless we are authorised not to do so by law, or an AAP exemption applies. We may charge you a reasonable fee for processing your request and should we decline you access to your personal information, we will provide you with a written explanation setting out the legal reasons for doing so.
If, upon receiving access to your personal information, or at any other time, you believe the personal information that we hold about you is inaccurate, incomplete or out of date, please notify our Privacy Officer using the details set out in this Policy.
Where you notify us that your personal information is inaccurate, incomplete or out of date, we will take reasonable steps to correct the information unless we are authorised not to do so by law. Should we decline your request to correct your personal information we will provide you with a written explanation setting out the legal reasons for doing so.
13. Merger or acquisition
If the website or Roastery is merged or acquired by another entity, the information or personal details may be transferred to such entity as a part of the merger or acquisition.
14. How to contact us
If you have any concerns or questions regarding your privacy, please contact our Privacy Officer:
Telephone: 07 5500 0899
Post: 1/54 Siganto Dr Helensvale QLD 4212
Should you believe that we have not fulfilled our obligations under the Privacy Act, have not complied with the terms of our Policy, or would like to appeal a decision made by us relating to your personal information, you can make a complaint in writing to our privacy officer using the details set out in this Policy. We will respond to you within a reasonable period of time to acknowledge your complaint and inform you of the next steps we will take in dealing with your complaint.
If you are unhappy with a response that you have received from Roastery, you may direct your complaint directly to the Australian Information Commissioner. The details of the Australian Information Commissioner are listed on their website: www.oaic.gov.au
© 2015 Zarraffa’s Roastery Pty Ltd. All Rights Reserved.
Privacy Statement last updated June 2015.