1. ABOUT THIS POLICY
This section explains how to read this policy and describes its purpose.
1.1 INTERPRETATION OF THIS DOCUMENT AND GENERAL OVERVIEW
Defining specific terms:
•“Growth Gurus” means Growth Gurus Pty Ltd and its subsidiaries and parents.
•“Privacy information” means personal information and sensitive information.
•“Personal information” has the meaning given to that term in the Privacy Act 1988 (Cth) and includes information that is capable of identifying an individual such as name, address and date of birth.
•“Sensitive information” has the meaning given to that term in the Privacy Act 1988 (Cth) and includes information relating to health or religion, racial or ethnic origin.
•“We”, “us” and “our” refer to Growth Gurus.
•“APPs” refer to the Australian Privacy Principles set out in Schedule 1 to the Privacy Act 1988 (Cth).
In respect of the collection, use and disclosure of privacy information, Growth Gurus is subject to the Australian Privacy Principles. All personal information received on behalf of Growth Gurus is at all times respected, including the protection and security of all personal records.
1.2 PURPOSE OF THIS POLICY
The Growth Gurus Privacy Policy explains how our organisation protects your personal information. Our Privacy Policy lays down the principles by which we collect, store, use and disclose any personal information you provide to us or we collect from other sources.
Our Privacy Policy also informs clients, prospective clients, stakeholders and anyone else whose personal information is protected in dealing with Growth Gurus, about how they can access their personal information, correct personal information held by us, lodge complaints or make any related enquiry.
2. TYPE OF INFORMATION WE COLLECT AND HOLD
Growth Gurus collects a range of personal information, such as your name, address, telephone number, email address, your age, date of birth and your banking details, credit information. We need this information to deliver necessary and effective services to all our clients and to understand and forecast our business.
We may also collect information about you from your access to our website for statistical purposes. This information is usually anonymous and we do not use it to identify individuals. However, due to the nature of internet protocols, such information might contain details that identify you, such as your IP address, internet service provider, the web page directing you and your activity on our website.
3. HOW WE COLLECT YOUR INFORMATION
We may collect your personal information from a variety of sources, including:
•an online order you complete and submit to us or an order you place over the telephone with us;
•a telephone or in-person inquiry or discussion about our products, services and accounts;
•mail correspondence, emails or other electronic means (including by accessing our website and use of the "contact us" form);
•publicly available sources of information; and
•Growth Gurus point of sales systems and reports.
We may also collect information from a friend or someone who refers our services to you, the vendor of any business we acquire, a wholesale service provider who provides services to you, a marketing bureau or third party contractor (including any of our dealers or resellers) and a credit reporting agency (where we undertake a credit check).
We collect personal information directly from you, unless it is unreasonable or impracticable to do so.
We collect data from our website using various technologies, including “cookies”. Put simply, a “cookie” is a text file that our website sends to your browser which is stored on your computer as an anonymous tag identifying your computer (but not you) to us. You can set your browser to disable cookies. However, some parts of our website may not function properly (or at all) if cookies are disabled.
3.1 COOKIES
Here is a list of cookies that we use. We’ve listed them here so that you can choose if you want to opt-out of cookies or not. _session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc). _shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart. _secure_session_id, unique token, sessional storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
4. EFFECT OF NON-PROVISION OF PERSONAL INFORMATION, ANONYMITY AND PSEUDONYMITY
From time to time you may be able to deal with us anonymously or by using a pseudonym. For example, without limitation, if you have a general inquiry about us, and/or our goods and services, we may be able to respond to your inquiry on an anonymous or pseudonymous basis.
However, if the personal information we request for the provision of our goods and/or services is not provided to us, or you provide the information anonymously or pseudonymously, then we may be unable to provide the goods and/or services to you.
Further, we may need to verify your identify as part of our response to a request to access and/or correct personal information we hold about you, or as part of our complaints handling procedure. If we are unable to verify your identify, or you continue to engage with us in an anonymous or pseudonymous basis, then we may be unable to complete your request or pursue our complaints handling procedure.
5. PURPOSE FOR WHICH WE COLLECT AND DEAL WITH YOUR INFORMATION
As a general principle, we only use personal information for the primary purpose for which we collect the information or a secondary purpose related to the primary purpose for which you would reasonably expect us to use the collected information or otherwise as permitted or authorised by law (including the APPs).
We will make you aware of the purpose for which we collect your information by notifying you about all the relevant matters of that collection before or at the time of collection, including by reference to this privacy policy.
We will not use your information for an unrelated secondary purpose unless we obtain your written consent or an exception applies, such as it is impracticable to obtain your consent and we believe that collecting, using or disclosing your information is necessary to lessen a serious threat to the life, health or safety of any individual.
We collect, hold and use personal information for the following purposes:
• fulfilling an agreement with you or a party related to you (such as your employer) for our supply of our goods and/or services;
• processing your transaction and administering your account, including by processing of invoices, bills, statement of accounts and related financial matters necessary for our providing of your goods and/or services;
• addressing queries, warranty claims or resolving complaints;
• advising you of developments or changes to our products and/or services as well of special offers made available on a limited basis;
• marketing, advertising or otherwise promoting our products and/or services, including by way of holding competitions;
• seeking your participation (on a voluntary basis) in advertising campaigns, events, launches, customer testimonials and focus groups;
• undertaking market research in relation to our products and services;
• undertaking and completing our internal business functions and operations, including decisions on employment applications and engagement of contractors;
• maintaining and developing our internal business systems;
• improving our website and our products and services; and
• complying with our obligations under any applicable laws.
We may disclose your personal information to third parties, such as our dealers and resellers, any marketing agency we engage to facilitate our promotions, banks, professional advisers, courts, tribunals, regulatory authorities, other companies and individuals for the purpose of:
• complying with our obligations owed to you under any contract between us and you, or as required by law;
• undertaking credit checks and collecting debts on overdue and outstanding payments owed to us; and
• enabling those third parties to perform services on our behalf, such as delivering packages, addressing warranty claims, sending correspondence and processing payments.
They will have access to your personal information required to perform these services, but we will not authorise them to use your information for any other purpose.
We also disclose your information to third parties that provide services to us, such as auditors, financial services or insurance companies, for them to complete their obligations owed to us under agreements that we have entered into for the purpose of undertaking our business operations and activities. This information may include scrambled credit card details; although these will only be used with your consent for any transactions with them.
We may also disclose personal information to prospective investors in or purchasers of some or all of our business.
In addition, we may provide statistics (with personal identifiers removed) about our customers, readers, sales, traffic patterns and related site functions to reputable third parties primarily for the purpose of assisting us to improve our service offering.
You have the right to tell us that you do not wish us to send information to you other than for the primary purpose for which we collect your personal information. We will always attempt to ensure our disclosure of personal information to other organisations is carried out in a manner which does not personally identify individuals
6. DIRECT MARKETING
We may directly market our products and services to you on the basis that you would reasonably expect us to do so, where we have collected your personal information from you already. Where we collect your personal information from a third party, we will not use your personal information to directly market to you without your consent.
Please note that we will also comply with other laws that are relevant to marketing, including the Spam Act 2003 (Cth), the Do Not Call Register Act 2006 (Cth) and the Competition and Consumer Act 2010 (Cth).
All direct marketing communications you receive will include an easy opt-out procedure if at any time you wish us to cease sending you information.
7. THE CONSEQUENCES OF NOT PROVIDING US WITH PRIVACY INFORMATION
Your withholding of personal information from us might mean we are unable to perform some essential functions related to our products and/or services, including one or all of the purposes listed above in section 5.
8. CROSS BORDER TRANSFER OR DISCLOSURE OF INFORMATION
We may also disclose your personal information to our affiliates in China, overseas suppliers and our technology infrastructure may make use of cloud infrastructure or servers located in Sydney, Australia.
In the event we disclose your personal information overseas, we will ensure that adequate security mechanisms are in place to protect your information. For example, we will disclose your information for the purpose of our affiliate packing and sending your orders to your nominated address if you buy online or over the telephone.
Wherever reasonably practicable, we will first seek your consent to such cross-border disclosure. Please note that where you consent to such cross-border disclosure, we will be exempt from the requirements of the Act in relation to such disclosed information. Where it is not reasonably practicable for us to obtain your consent we will otherwise comply with the requirements of the Act.
8.1 SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall. Payment: If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
8.2 THIRD PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act. Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.LinksWhen you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
8.3 SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
9. MAINTAINING THE INTEGRITY, CURRENCY AND SAFETY OF YOUR PRIVACY INFORMATION.
This section explains how Growth Gurus holds your personal information, how you can access and update your personal information, complain about an alleged breach of the APPs or make any related enquiry.
9.1. MAINTAINING CURRENCY OF YOUR INFORMATION
Growth Gurus relies on accurate and reliable information to deliver necessary and effective services. If we are satisfied that any of the information we have about you is inaccurate, out-of-date, irrelevant, incomplete or misleading, or you request we correct any information, we will take reasonable steps to ensure the information held by us is accurate, up-to-date, complete, relevant and not misleading.
The practical measures by which Growth Gurus avoids having an incorrect record of an individual’s information include asking you to complete the appropriate forms and requesting that you periodically update this information in writing.
If we disclose your personal information that is later corrected, we will, or else you may ask us to, notify the entity that received the incorrect information about that correction.
Should we refuse to correct the information, we will explain the reasons for refusal. We will also provide you with information about our complaint procedure if you wish to lodge a formal complaint about our refusal.
9.2. SAFETY OF YOUR INFORMATION
All personal information is securely stored using appropriate physical and/or electronic security technology, settings and applications, and by ensuring staff dealing with personal information is trained in our privacy policies and procedures.
These policies are designed to protect personal information from unauthorised access, modification or disclosure; and from misuse, interference and loss.
10 ACCESSING YOUR INFORMATION OR LODGING A COMPLAINT
10.1 ACCESSING AND CORRECTING INFORMATION
You are entitled at any time, upon request, to access your personal information held by us. We will respond within a reasonable time after the request is made and give access to the information in the manner requested by you, unless it is impracticable to do so. We are entitled to charge you a reasonable administrative fee for giving you access to the information requested.
Should you be refused access to your information, we will explain the reasons for refusal - any exceptions under the Privacy Act or other legal basis relied upon as the basis for such refusal – and, if you wish to lodge a formal complaint about our refusal, we will explain the complaint procedure.
10.2 LODGING A COMPLAINT
If you wish to complain about an alleged breach of the privacy of your personal information, or an alleged breach of the APP’s, the complaint should be made by emailing our Privacy Officer at scale@growthgurus.io
We will acknowledge receipt of your complaint and we will endeavour to deal with your complaint and provide you with a response within a reasonable time following our receipt of your complaint (generally 30 days of our receipt of your complaint). Where a complaint requires a more detailed investigation it may take longer to resolve. If this is the case, we will provide you with progress reports.
We will verify your identify and seek, where appropriate, information from you in connection with the complaint.
Where required by law, we will acknowledge your complaint in writing and provide information in writing on how we will deal with your complaint. Further, if required to do so by law, we will provide our determination on your complaint to you in writing.
We may refuse to investigate and deal with a complaint if we consider it to be vexatious or frivolous.
If you are dissatisfied with the outcome of your complaint, you may seek an internal review of our decision, which will be completed by an officer not previously involved in your complaint. If you remain dissatisfied, you may escalate your complaint to the office of the Australian Information Commissioner.
