Privacy & Credit Reporting Policy
We take your privacy extremely seriously and are committed to ensuring that your personal information is protected in compliance with all Australian laws. This Privacy and Credit Reporting Policy (Policy) describes what, why and how we collect and use your personal information and credit information, how we protect it and how you can contact us.
Coffee Capsules 2 U Pty Ltd ACN 606 485 661 (CC2U) of 38 Ricketty, Mascot, NSW 2020, and its related bodies corporate (we, our, us) recognise the importance of protecting the privacy and the rights of individuals in relation to their personal information. This Policy explains the types of personal information that we may collect and hold, how that information is used and with whom the information is shared. It also sets out how you can contact us if you have any queries or concerns about this information.
References to CC2U Group companies in this Policy include CC2U and any entity, the majority of whose shares or equity is owned or controlled directly or indirectly by CC2U.
We respect your rights to privacy under the Privacy Act 1988 (Cth) (Act), including the Australian Privacy Principles (APP’s), Part IIIA of the Act and the Privacy (Credit Reporting) Code 2014 (CR Code). We comply with all of the Act’s requirements in respect of the collection, management and disclosure of your personal information. The Act and the CR Code contain provisions regarding the use and disclosure of credit information, which applies in relation to the provision of both consumer credit and commercial credit (as defined by the Act).
The Act and the CR Code place obligations and responsibilities on us to ensure that information collected from individuals is collected, retained and used in line with the APP’s. We shall abide by the following APP’s at all times:
APP No. |
|
Part 1 – Consideration of personal information privacy |
|
APP 1 |
Open and transparent management of personal information |
APP 2 |
Anonymity and pseudonymity |
Part 2 – Collection of personal information |
|
APP 3 |
Collection of solicited personal information |
APP 4 |
Dealing with unsolicited personal information |
APP 5 |
Notification of the collection of personal information |
Part 3 – Dealing with personal information |
|
APP 6 |
Use or disclosure of personal information |
APP 7 |
Direct marketing |
APP 8 |
Cross-border disclosure of personal information |
APP 9 |
Adoption, use or disclosure of government related identifiers |
Part 4 – Integrity of personal information |
|
APP 10 |
Quality of personal information |
APP 11 |
Security of personal information |
Part 5 – Access to, and correction of, personal information |
|
APP 12 |
Access to personal information |
APP 13 |
Correction of personal information |
Further information regarding the APP’s can be obtained from the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
We need to collect personal information from you in order for us to provide products, services and support to you. If you do not provide us with certain information when prompted, we may be unable to sell you products and/or provide certain services, including sales services.
When used in this Policy, the term “personal information” has the meaning given to it in the Act. In general terms, personal information it is any information that can be used to personally identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.
2.1 What personal information do we collect and hold?
We may collect the following types of personal information:
We may also collect any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or online presence, through our representatives or otherwise.
We collect your personal information directly from you, from publicly available sources of information and from third parties:
There are a range of people, organisations and sources from whom or from which we collect your personal information. These may be parties related to the CC2U Group or third parties, including:
CC2U may use information it collects for a wide range of purposes, including to:
3.2 Secondary purposes
We will also use and disclose your personal information for a secondary purpose related to a purpose for which we collected it, where you would reasonably expect us to use or disclose your personal information for that secondary purpose. For example, we will disclose your personal information to third party service providers so that they can provide certain contracted services to the CC2U Group, such as information technology support or programming, hosting services, telephone services, mailing or sending of documents to you digitally or otherwise.
3.3 Other
There will be other instances where we may use and disclose your personal information, including where:
3.4 Combining the information we collect
We may link or combine the information that we collect from the different sources outlined above in the ‘Information we collect’ section above (including information received from other CC2U Group companies about your use of other CC2U Group products and services). Information may be linked via a unique identifier, such as a cookie or account number. Alternatively, we may decide to combine two or more databases into a single database of customer information.
We may do this for your and/or our convenience (for example, to allow you to more easily register for a new service), to allow us to provide a more seamless customer support whenever you contact us and to provide you with better, personalized services, content, marketing and adverts.
4.1 Disclosure of information by CC2U
We do not generally sell, rent or otherwise disclose information about you to third parties without your consent. However, there are exceptions:
We will share your personal information with all related bodies corporate within the CC2U Group. If one CC2U Group company collects your personal information, other CC2U Group companies may use and disclose that personal information for the purposes for which we collected it, described in section 2 above.
Other CC2U Group companies to whom we have disclosed your personal information for one of these purposes may combine this information with details they hold about you. Unless that CC2U Group company provides you with its own privacy policy, it may use your personal data for the purposes explained in this policy.
If you request or agree to receive information or newsletters from one of our business partners, we may provide that third party with your details so that they can respond to your request.
We may use third party service providers to process information on our behalf for the purposes outlined above, including without limitation, web hosting providers, IT systems administrators, couriers, payment processors, web hosting providers, data entry service providers and electronic network administrators. For example, fulfilling orders, delivering packages, sending postal mail and emails, sending text messages (SMS), providing marketing assistance, processing credit card payments, providing fraud checking services and providing customer services. Our service providers operate only in accordance with our instructions, in line with this privacy policy, and are subject to appropriate confidentiality and security obligations.
We may disclose information about you to:
A number of our online services allow you to upload and share messages, photos, video and other content and links with others and/or create a publically accessible profile for your account. For example:
You should not expect any information that you make available to others via our online services to be kept private or confidential. Content and links that you share might, for instance, be forwarded by your recipients to others. You should always exercise discretion when using such services.
4.3 Overseas disclosure
We do not disclose information personal information to third party overseas recipients unless specifically agreed to by both parties in writing. We will notify you if circumstances change regarding overseas disclosure and will comply with the Act in all respects.
4.4 Marketing communications
Where you have opted-into receiving direct marketing communications about CC2U, we may collect and use your personal information to keep you up to date with the latest news, events, special offers and promotions of our brands. Direct marketing involves the use and/or disclosure of personal information to communicate directly with an individual to promote goods and services. This may include:
You can always opt-out from receiving such communications by following the ‘unsubscribe’ link and/or instructions placed (typically) at the bottom of the email. You may also visit social media sites where you are a member to explore op-out options that may provide for targeted advertising. Please note that even if you opt-out from receiving marketing communications from us, you may still receive administrative communications from us (such as order confirmations). You will still also see generic ads on other websites, including on social media sites where you are a member.
We hold your personal information in:
These storage mechanisms may be managed in a number of ways. They may be managed internally by a company in the CC2U Group and may be held locally in Australia, or they could be managed by a third party storage provider with whom the CC2U Group has a contractual relationship and be either managed locally or overseas. We will take all reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure. We do this by:
As our Australian websites are linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us or our related bodies corporate online is transmitted at your own risk.
You may request access to any personal information we hold about you at any time by contacting the Privacy Officer (see details below). Depending on the nature of the request, we may charge for providing access to your personal information, however, such charge will not be excessive. If the personal information we hold about you is inaccurate, incomplete or not up to date, you may request that we correct the information by contacting the Privacy Officer.
There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you are concerned that we have not complied with your legal rights or applicable privacy laws, you may bring a complaint internally through our complaints process or you may decide to make a formal complaint with the OAIC (www.oaic.gov.au).
If you wish to make a complaint directly to us:
Our website may contain links to other websites that are not operated by CC2U, including websites operated by other CC2U Group companies. We make no representations or warranties in relation to the privacy practices of any of those websites and we are not responsible for the content, security or privacy practices of those websites. You should view the privacy and cookie policies displayed on those websites to find out how your personal information may be used.
We do not knowingly collect personal information from children below the age of 18. If we discover that we have accidentally collected information from a child, we will remove that child’s information from our records as soon as feasibly possible. However, we may collect personal information about children below the age of 18 from the parent or guardian directly.
If you would like more information about our approach to privacy, or if you think that we have breached the APP’s or if you have any concern about the way we have handled your personal information, please contact our Privacy Officer:
Postal Address |
The Privacy Officer Coffee Capsules 2 U Pty Ltd 38 Ricketty Street Mascot, NSW, 2020,
|
|
privacy@coffeecapsules2u.com.au |
We will treat your requests or complaints confidentially. Our Privacy Officer will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in timely and appropriate manner.
11. Changes to privacy policy
We reserve the right to make change this privacy policy at any time. Any updated versions of this privacy policy will be posted on our website. We encourage you to regularly review this privacy policy to make sure you are aware of any changes and how your information may be used.
Credit information relates primarily to your credit related dealings with us and covers various types of information that can be collected by Credit Reporting Bodies (CRB) that report on consumer credit worthiness.
1.1 What credit information do we collect and hold?
Credit information includes:
We may collect credit information about you in any of the circumstances relating to personal information described in section 2.2 of our Privacy Policy. Credit eligibility information is information equivalent to the kinds listed above that we generally collect from CRBs.
This information relates primarily to your dealings with other credit providers (for example, banks, other financial institutions, or other organisations that may provide you with credit in connection with their products and services). It may also include certain credit worthiness information that we derive from the data that we receive from a CRB. Sometimes we may also collect credit eligibility information about you from other credit providers.
1.2 How do we collect your credit information?
We store and safeguard your credit information and credit eligibility information in the ways described in section 5 of our Privacy Policy.
We may disclose your credit information to CRBs. Those CRBs may then include that information in credit reporting information that they provide to other credit providers to assist them to assess your credit worthiness. We may also use and disclose your credit information for other purposes and in other circumstances as described in section 3 of our Privacy Policy, when permitted to do so by the Act.
Our use and disclosure of credit eligibility information is regulated by Part IIIA of the Act and the CR Code. We will only use or disclose such information for purposes permitted by these laws, such as:
If you wish to access or correct errors in any of your credit information or credit eligibility information that we hold, please contact us using the contact details in section 10 of our Privacy Policy. We may apply an administrative charge for providing access to your credit eligibility information, depending on the request.
If you think we have not complied with Part IIIA of the Act or with the CR Code (which regulates credit reporting), you can make a complaint by using the contact details set out in section 10 of our Privacy Policy.
We will acknowledge your complaint in writing as soon as reasonably practicable. We will aim to investigate and resolve your complaint by providing a written response within a reasonable period.
We may need to consult with a CRB or another credit provider to investigate your complaint. While we hope that we will be able to resolve any complaint without needing to involve third parties, if you are not satisfied with the outcome of your complaint you can make a complaint to the OAIC (www.oaic.gov.au).
Dated: 17/07/2015