Privacy Policy

Magdalene Lingerie

Privacy Policy

Last updated: 17/09/2024

Parties

  • Magdalene Lingerie of 5-7 Layfield St, South Melbourne ("the Company");
  • Individuals who access and use the Company's website and services ("Individuals").

Background

  • This Privacy Policy sets out how Magdalene Lingerie collects, uses, discloses and stores personal information of individuals ("Individuals") who access and use the Company's website and services.
  • The Company collects personal information from Individuals for the primary purpose of providing products and services to Individuals at their request.
  • The Company is committed to complying with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth).
  • This Privacy Policy applies to all personal information collected by the Company, including information collected online via the Company's website, mobile applications, online forms, surveys and any other interactive functions, as well as offline in person and over the telephone.
  • By providing personal information to the Company or using its services, Individuals agree to the terms of this Privacy Policy and consent to the collection, use, disclosure and storage of their personal information in the manner set out in this policy.
  • This Privacy Policy may be updated from time to time. Individuals should check this page periodically for updates.
  1. Definitions
    • Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
    • Sensitive information means information or an opinion about an individual's racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, or criminal record. It also includes health information and biometric information about an individual.
    • Individual means any natural person.
    • Company means Magdalene Lingerie and any related bodies corporate, and includes its officers, employees, contractors, agents and successors.
  2. Collection of Personal Information
    • The types of personal information that the Company may collect from Individuals includes names, contact details, demographic information, preferences, interests and other information provided when Individuals register for services, make purchases or communicate with the Company.
    • The Company may also collect personal information such as IP addresses, device identifiers and information from cookies, page tags, pixel tags and other similar technologies when Individuals visit and use the Company's website and services.
    • The Company primarily collects personal information directly from Individuals, but may also collect personal information from third parties including referral partners, advertising networks, analytics providers, search information providers and publicly available sources.
    • The purposes for which the Company collects personal information include:
      • To provide products and services to Individuals and communicate with Individuals;
      • To assess the performance of the Company's services, conduct research and analytics; and
      • For direct marketing purposes if the Individual has consented.
    • The Company will only collect sensitive information about an Individual with the Individual's consent and if the information is reasonably necessary for the Company's functions or activities.
    • Collection of personal information is with the Individual's consent, which can be withdrawn at any time by contacting the Company. Individuals can choose to interact anonymously with the Company where possible.
  3. Use of Personal Information
    • The primary purposes for which the Company collects, holds, uses and discloses the personal information include responding to Individuals' enquiries, providing requested products and services to Individuals, and complying with any other obligations under applicable laws.
    • The Company may also use personal information for secondary purposes including:
      • To contact Individuals about new products and services, offers and promotions that may be of interest;
      • To conduct surveys and questionnaires to better understand Individual needs and improve Company products and services;
      • For internal record keeping, administrative purposes and statistical analysis;
      • For debt collection, credit reporting or fraud detection and prevention purposes; and
      • As required or authorised by law.
    • The Company may disclose personal information to overseas recipients located in the United States, United Kingdom and European Union. Any overseas disclosure does not affect an Individual's rights or the Company's obligations under the Privacy Act.
    • The Company may use personal information for the purposes of direct marketing unless the Individual has opted out. Individuals can opt out of direct marketing at any time by contacting the Company.
  4. Disclosure of Personal Information
    • The Company may disclose an Individual's personal information to third party service providers that assist in operating its website and business, fulfilling orders and providing support services.
      • Any third parties that have access to personal information are required to keep information confidential and secure.
    • In the event the Company undergoes a business transition such as a merger, acquisition by another company, or sale of all or a portion of its assets, Individuals' personal information will likely be among the assets transferred.
    • The Company may also disclose personal information to comply with a legal obligation, for law enforcement, to protect the rights, property or safety of the Company, its employees, Individuals or others.
      • This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction.
    • Individuals' personal information will not be otherwise shared, sold, rented or disclosed without consent, except as provided in this Privacy Policy.
  5. Access to and Correction of Personal Information
    • Right of access. An Individual has a right to request access to any personal information the Company holds about them.
      • Upon receiving a request, the Company will respond within 30 days or a longer period as agreed and provide access to the information.
      • In limited circumstances set out in the Privacy Act, the Company may refuse access to personal information.
    • Right of correction. If an Individual believes personal information held about them is inaccurate, incomplete, out of date, irrelevant or misleading, they have a right to request correction of the information.
      • The Company will take reasonable steps to correct the personal information to ensure it is accurate, up-to-date, complete, relevant and not misleading.
      • If the Company refuses a request for correction, it will give written notice with reasons for the refusal and information on how to make a complaint.
    • Process for requests. Requests for access or correction must be made in writing and provide proof of identity.
      • The Company does not charge a fee for requests for access or correction.
      • The Company will respond to requests within 30 days or a longer period as agreed with the Individual.
  1. Identifiers
    • The Company collects IP addresses and uses cookies for purposes such as system administration, to gather broad demographic information, and to monitor the level of activity on the Company's website.
    • IP addresses and cookies are not linked to any personal information.
    • Individuals may choose to opt out of the Company's use of cookies by turning them off in their browser settings.
    • Individuals are deemed to consent to the Company's use of IP addresses and cookies by continuing to use the Company's website.
    • IP address and cookie information is stored securely on the Company's servers located in Australia and is retained for a period of 12 months.
    • After 12 months, IP address and cookie information is automatically deleted from the Company's systems.
    • Individuals may access, correct or delete the IP addresses and cookie information stored about them by contacting the Company.
  2. Anonymity
    • Right to anonymity. Where lawful and practicable, Individuals have the right to interact anonymously with the Company.
    • Exceptions to anonymity. Anonymity does not apply:
      • Where the Company is required by law to deal with individuals who have identified themselves.
      • Where it is impracticable for the Company to deal with individuals who have not identified themselves or have used a pseudonym, including for new or existing customer contracts and transactions.
    • Use of pseudonyms. Individuals may use pseudonyms when dealing with the Company where:
      • It is practicable for the Company to do so; and
      • The purpose of collection, use or disclosure can be met without identifying the Individual.
    • Explanation of circumstances. The Company will inform Individuals of any circumstances where anonymity or use of a pseudonym does not apply, such as where identification is required by law or it is impractical for transactions to be completed anonymously or using a pseudonym.
  3. Transborder Data Flows
    • The Company may disclose personal information to its related bodies corporate and third party suppliers and service providers located overseas for the purposes of providing products and services to individuals, including data storage.
    • The countries where personal information may be disclosed include United States of America, the United Kingdom, and Asia.
    • By providing personal information to the Company, individuals consent to their personal information being transferred to and processed in these overseas countries.
    • The Company will take reasonable steps to ensure any overseas recipient complies with the Australian Privacy Principles or is subject to a law or binding scheme substantially similar to the Australian Privacy Principles. This includes including privacy obligations in contracts with overseas recipients.
    • The laws of some overseas countries may require personal information disclosed in that country to be disclosed to foreign authorities under lawful orders. The Company is not able to guarantee that foreign authorities will not access personal information in these countries.
    • If the Company stores personal information overseas, reasonable steps will be taken to protect information by utilising appropriate data storage security measures in those countries.
    • Individuals have a right to access or correct their personal information held overseas. They may make a complaint if they believe the Australian Privacy Principles have been breached, even if the information is held overseas.
  4. Sensitive Information
    • The Company will only collect sensitive information with the consent of the individual or if required by law. Consent will be obtained through clear and prominent notice stating why the sensitive information is collected and how it will be used and disclosed.
    • Sensitive information will only be used for the purpose for which it was collected or a directly related purpose.
    • Sensitive information will not be disclosed without consent, unless required by law.
    • Sensitive information will be subject to higher security measures than other personal information due to its sensitive nature. Access will be restricted to authorized personnel on a need-to-know basis.
    • The Company will take reasonable steps to destroy or permanently de-identify sensitive information that is no longer needed for the purpose of collection.
    • Individuals have the right to access and correct their sensitive information by contacting the Company.
    • Any complaints regarding the handling of sensitive information should be directed to the Company's Privacy Officer.
  5. Personal Information about Third Parties
    • If an Individual provides personal information to the Company about another person, the Individual warrants that they have that person's consent or are otherwise authorised by law to provide the information to the Company.
    • The Company will assume that the third party has consented to the matters set out in this Privacy Policy, including the collection, use and disclosure of their information for the purposes set out in this Privacy Policy.
    • If the Company receives a complaint that the consent provided by the Individual in clause 10.1 is invalid, the Company will take reasonable steps to contact the Individual who provided that personal information and request that they obtain fresh consent from the third party.
    • If the fresh consent in clause 10.3 cannot be obtained by the Individual, the Company will destroy the personal information of the third party.
    • Individuals should take reasonable steps to make third parties aware of this Privacy Policy and the fact that their personal information has been provided to the Company.
    • This Section 10 does not apply to information collected, used or disclosed by the Company in relation to its role as an agent or under a contract with a third party.
  6. Making Information Accessible
    • The Company will provide Individuals with access to their personal information held by the Company upon request.
    • Individuals can make a request for access to their personal information by contacting the Company via email or post.
    • The Company will respond to requests for access within 30 days of receipt of the request and provide access to the personal information.
    • In some limited circumstances, the Company may need to refuse access to personal information based on the exceptions permitted under the Privacy Act, such as where the disclosure may threaten the life, health or safety of an individual or serious threat to public health or public safety.
    • Individuals can request correction of any personal information held by the Company that is inaccurate, out of date, incomplete, irrelevant or misleading at any time.
    • Individuals can make a request for correction of personal information by contacting the Company via email or post.
    • The Company will take reasonable steps to correct the personal information within 30 days of the request.
    • If the Company refuses to correct the personal information as requested, it will provide written notice to the individual with reasons for the refusal and notify them of any options for complaint.
  7. Data Quality and Security
    • The Company will take reasonable steps to ensure that the personal information it collects is accurate, up to date and complete. Individuals may contact the Company at any time to update or correct their personal information.
    • The Company will take reasonable steps to protect the personal information it holds from misuse, interference, loss, unauthorised access, modification or disclosure.
    • The Company uses a variety of physical, technical and administrative safeguards to secure the personal information, including firewalls and data encryption.
    • Only authorised personnel are provided access to personal information and they are required to comply with the Company's privacy policies.
    • Credit card details are encrypted during transmission using SSL encryption technology.
    • Personal information is stored on secure servers that are not accessible by the public.
    • While the Company takes reasonable steps to protect personal information, it cannot guarantee the security of personal information transmitted to or stored by the Company electronically. Transmission and storage of information online is at the Individual's own risk.
  8. Privacy Policy Updates and Changes
    • The Company may, at its discretion, update or amend this Privacy Policy at any time by publishing the amended Privacy Policy on the Company's website.
    • When the Company makes any material changes to this Privacy Policy, the Company will notify Individuals of such changes by email and by posting a notice on the Company's website.
      • Continued use of the Company's services after any changes constitutes acceptance of such changes.
    • It is the responsibility of the Individual to ensure their personal information provided to the Company is kept up to date.
    • Individuals may access or correct their personal information held by the Company, or request that the Company update inaccurate or out-of-date personal information, by contacting the Company.
      • Upon request, the Company will take reasonable steps to update or correct the personal information held as soon as practicable, unless the Company reasonably believes that the individual requesting the change is not authorised to do so or that the personal information is correct.
  1. Complaints
    • Any Individual may lodge a complaint about the handling of their personal information by contacting the Company's Privacy Officer via email at magdalenelingerie@gmail.com or by mail to the address listed on the Company's website.
    • A complaint must be in writing and set out the details of the complaint.
    • Upon receipt of a complaint, the Privacy Officer will acknowledge the complaint within 7 days.
    • The Privacy Officer shall investigate the complaint and respond to the Individual with a written response outlining its decision within 30 days of receipt of the complaint.
    • If the Individual is not satisfied with the response, they may lodge a written complaint with the Office of the Australian Information Commissioner within 6 months of receipt of the Company's response.
    • An Individual will not face any detrimental action as a consequence of lodging a complaint with the Company or the Information Commissioner.
    • The Privacy Officer shall maintain a record of all complaints received for a period of 5 years and their corresponding outcomes. This Privacy Policy was last updated on 17/09/2024.