Love Cosmetics Pty Ltd ACN 134 601 791 (Loving Tan, We, Our, Us and other similar terms) takes all reasonable steps to implement processes and procedures for the responsible management of personal information.
We collect personal information:
The type of personal information We collect includes Your name, address, telephone number, email, details of the goods you purchase, any other information provided via a Customer account signup form and any additional information You provide to Us.
Where You contact Us on behalf of Your employer, the information You provide often contains information about Your employment, position and employers contact details. In those circumstances certain employment information is collected.
Information will only be collected directly from You unless You authorise another person to provide the information.
3.2 Sensitive information
Loving Tan does not collect sensitive information or sensitive personal information as defined in s 6 of the Privacy Act 1988 (Cth) or in Article 9 of the GDPR respectively except where this is voluntarily provided by You.
Sensitive information, or under the GDPR referred to as special category information, includes information or opinion about an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, genetic data, biometric data, sex life or sexual orientation, or health information (Sensitive Information). We do not usually collect Sensitive Information about customers, but where We do, it will only be used by Us in accordance with section 6 of the Privacy Act 1988 (Cth) and Article 9 of the GDPR:
(a) for the primary purpose for which it was obtained;
(b) for a secondary purpose that is directly related to the primary purpose;
(c) with Your explicit consent; or
(d) where required or authorised by law.
3.3 Device information and cookies
When You visit our website, We may collect certain information about Your device, including details about Your Web browser, IP address, time zone, and some of the cookies that are installed on Your device. Additionally, as You browse, We collect information about the individual Web pages, goods You view, what Websites or search terms referred You, and information about how You interact with Us online.
We collect device information using the following technologies:
(a) “Cookies” which are data files placed on Your device or computer which may include an anonymous unique identifier;
(b) “Log files” which track actions occurring on the website, and collect data including Your IP address, browser type, internet service provider, referring/exit pages, and date/time stamps; and
(c) “Web beacons”, “tags”, and “pixels” which are electronic files used to record information about how You browse Websites.
Please note that We do not alter our Websites’ data collection and use practices when We see a Do Not Track signal from Your browser.
Through Our use of Google Analytics, the information generated by the cookie about Your use of the website (including Your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating Your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage.
Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.
We do not collect personal information or associate the information collected via cookies, web beacons, tags, log files or pixels with other personal information We collect.
5.1 General use
We use personal information collected as part of Our business operations which are primarily associated with the provision of Our goods to You. Examples of when Your information may be used include:
(a) informing You about Our goods;
(b) providing You with the goods requested;
(c) administration needs in relation to providing You with goods, including managing Your account;
(d) dealing with requests, enquiries or complaints and other customer care related activities;
(e) marketing Our goods generally; and
(f) carrying out any activity in connection with a legal, governmental or regulatory requirement imposed on Us or in connection with legal proceedings, crime or fraud prevention, detection or prosecution.
5.2 Direct marketing
Where You have elected to be included on our mail list or to receive other electronic communications, We may use Your contact details to send You those communications. To opt-out of receiving marketing material, You may contact Us via the details below or select the “unsubscribe” link provided in that communication.
6. Accessing Your information
Upon Your request and after satisfying ourselves of Your identity, We will provide access to the personal information We hold about You except in certain prescribed circumstances. These include, where:
(a) We believe giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
(b) giving You access would be unlawful;
(c) granting access would have an unreasonable impact on the privacy of other individuals;
(d) the request for access is frivolous or vexatious; or
(e) there are anticipated legal proceedings.
7. Data integrity
So that We can best provide Our goods to You, it is important that your personal information is up to date.
We take reasonable steps to ensure the personal information We collect, use and disclose is accurate, complete and up-to-date. You have a right to correct incorrect information at any time and may do so by contacting Us using the details provided below.
If You become aware Your information is no longer accurate, complete or up-to-date please contact Us.
8. Sharing information
We may disclose personal information to:
(a) employees, a related entity and Our professional advisors, such as Our lawyers and accountants;
(b) law enforcement agencies to assist in the investigation and prevention of criminal activities; and
(c) Our third party contractors or service providers with whom We have a business association, including:
(i) marketing service providers;
(ii) accounting service providers; and
(iii) information technology service providers including cloud application providers.
Finally, We may also share Your personal information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information We receive, or to otherwise protect Our rights.
9. Offshore transfers
The personal information We collect may be transferred out of Australia, the EU or the United States and to countries including but not limited to Australia, the EU and the United States where it is processed by third party providers, of cloud-based services, who assist Us to manage marketing material for Our goods, management of Our customer base and support processes, email, website hosting, office administration, courier and accounting services. Loving Tan relies solely on reputable service providers such as:
(a) Klaviyo to help manage our newsletter, including managing your consent to receive the newsletter and the unsubscribe facility. You can read more about how Klaviyo uses Your personal information here: https://www.klaviyo.com/privacy; and
(b) Enchant to manage Our customer support processes, including product returns and customer satisfaction. You can read more about how Enchant uses Your personal information here: https://www.enchant.com/privacy.
While We do not otherwise actively disclose Your personal information to other overseas entities, the service providers We engage may use international data centres and disaster recovery sites. Consequently, these providers may have access to Your information.
Regardless of where You reside Your right to Privacy is protected in Australia pursuant to the Privacy Act 1988 (Cth) which is administered by the Office of the Australian Information Commissioner (OAIC). The OAIC is contactable via their Website at https://www.oaic.gov.au/.
10. Anonymity and use of pseudonyms
We may interact with You anonymously or through the use of pseudonyms if You have questions general in nature. However, You are required to provide true and accurate details when requesting the supply of goods. You agree to provide accurate information if so required.
We take commercially reasonable steps to protect the personal information We hold from misuse, loss and unauthorised access, modification or disclosure. We do this by:
(a) maintaining and keeping our systems up to date;
(b) using secure servers protected from unauthorised access, modification or disclosure;
(c) using secure sockets layer (SSL) encryption to transfer data across public networks, such as the internet;
(d) relying on reputable service providers;
(e) limiting the collection of Your personal information to that which We reasonably require; and
(f) destroying by document shredder any physical records containing personal information about You that We do not require for the purposes outlined in this document
12. Data retention
If We hold personal information about You, and We do not need that information for any purpose, We will take reasonable steps to destroy or de-identify that information, in accordance with the APPs and the GDPR, unless We are prevented from doing so by law.
Under Australian law, financial records, such as those relating to financial transactions, must be retained for seven (7) years after the transactions associated with those records are completed.
We envisage Your personal information will be deleted or de-identified within ten (10) years, if it is no longer reasonably required.
You may make a request to Us in writing to remove Your personal information and, where permitted, We will do so in accordance with the APPs and the GDPR.
13. Use of de-identified data
The data We collect may have analytical value to Us and other third parties. We reserve the right to process, distribute or sell information We collect through our services. However, We will only distribute data which has been deidentified. Deidentified data will not include personal information such as Your name, address, phone number, email address or other information which would reasonably allow You to be identified.
14. Additional rights under the GDPR
If You are an EU resident or citizen or are located in the European Economic Area, You have the right to access the personal information We hold about You and to ask that Your personal information be corrected, updated, or deleted, restricted or ported to another goods or services provider. You may also object to the processing of Your personal information.
If You would like to exercise these rights, please contact us through the contact information below.
15. Complaints procedure
Loving Tan is a customer service-oriented business. Therefore, if You have a complaint about Our collection or use of personal information pertaining to You, then We would ask You to contact Us. Our Privacy Officer can be contacted via the information provided below.
If after investigating Your complaint and reporting to You our findings, You are still not satisfied then We ask You to consult:
The Australian Information Privacy Commissioner
Alternatively, if You are an EU resident or citizen You may contact Your local supervisory authority.
16. Contacting Us
For more information about our privacy practices, if You have questions, or if You would like to make a complaint, please contact Us using the details provided below:
PO Box 1333
Stafford, QLD 4053
This policy was last updated on 19 May 2020