Your Privacy and Vellum Interiors (ABN 79 930 240 614) (referred to in these terms as ”Vellum Interiors”, “we”, “us”, and “our”).
Who we are and how you can contact us
You can contact us for privacy-related concerns through our Contact Form.
We will only use your personal information in compliance with Australian Privacy Laws (Privacy Act (1988 (Cth)), Australian Privacy Principles and, to the extent applicable, with the EU General Data Protection Regulation (GDPR) and any replacement legislation or regulation, or guidelines and standards governing the use, storage or transmission of personal data.
Our Role in your Privacy
As we are the providers of the services on this Site, we determine how and why your data is processed. We do not sell or rent your details to any third parties. We are committed to protecting your privacy and we want you to know exactly what information is collected and how we use it.
When and How we collect Data
From the moment you visit our Site, we are collecting data, sometimes you might provide this data by completing a form or setting up an account, otherwise we might collect the data automatically. We may also collect data when:
- You engage our services
- You complete any sign-up forms, application forms or an email to any of our nominated emails
- You participate in any request for additional data such as client surveys
- You accept our cookies and other tracking technologies on any device you use to interact with us
- You voluntarily submit your data to us for any reason
Types of Data we may collect (including automatically) may include
- Personal details (e.g. name, date of birth)
- Contact details (e.g. residential address, postal address, email address, contact number)
- Financial information (e.g. bank details, credit card details)
- Data that identifies you (your IP address, login, browser type, time zone, browser plugins, geolocation, operating system and version) – we do not link this with any personal Data
- Data on how you use our Site (URL clicks,services views, how long you are on our pages and other actions)
- Data relating to your communication with other users of our services
- Information to verify your identity (e.g tax file number, drivers licence or passport)
How and why we use your Data and disclosure
Under data laws, we are only allowed to use your data for specific reasons and where we have the legal basis to do so.
We will use your data for the purposes it was collected and related purposes including:
- To run our Site
- Provide you with products, information and services
- Customer support
- Make your experience on our Site more efficient and enjoyable
- Market research e.g. we may contact you for feedback about our services
- Provide you with information about events, other products or services or opportunities that may be of interest
- Marketing (with your consent)
- Monitor your compliance with our Website Terms and Conditions
We may disclose your data for the purposes it was collected and also:
- As required by law subject to our obligations
- With your consent
- Within our business
- Send you marketing material (with your consent)
- To enable us to provide our services by sharing it with third parties
Your Privacy Rights
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact form.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
Where we collect sensitive information, it will be strictly for the purposes necessary to enable the use of or access to our services and as authorised or required by law or where you have consented to such disclosure. Sensitive information that we collect may include information about your gender, race, ethnicity, religious, political and philosophical beliefs, legal capacity, finances and health.
We use Google Analytics functions. You can find out how your data is collected here and there are instructions here on how to opt-out of Google Analytics data tracking.
Choose not to provide personal data
You can choose not to provide us with any personal data. If you do this, we will not be able to provide you with any services, however, you can continue to use our Site and browse the pages of our Site.
Turning off cookies
Don’t want marketing?
We will always let you know before we collect any data from you what the intended use is and if we intend to use it for marketing and if third parties are involved we will obtain your consent (which you can withdraw at any time). You can change your mind about marketing material by opting out by:
- completing the contact us form on our contact page; or
- by unsubscribing within the email if you have previously subscribed to our newsletter.
You can exercise your rights at any time by contacting us through our Contact Us Form.
You can access information we hold about you
We will provide you with the information within 30 days of your request, unless doing so would adversely affect the rights and freedoms of others (e.g. another person’s confidentiality or intellectual property rights). We will tell you if we can’t comply with your request and why.
You can contact us to ask us to correct any information we hold about you, that you believe is inaccurate.
Objections to using data for profiling or automated decisions
We may use your data to determine what services are relevant to you (e.g. tailoring our emails based on your behaviour). Otherwise, the only circumstances in which we will use this data is to provide our services to you.
You have the right to be forgotten
You have the right to request that your data be erased. This means we have to delete all information that we hold about you, except to the extent of any information we are required to hold due to our legal obligations.
You have the right to make a complaint regarding the use of your data
If you have any complaints regarding how your data is handled, please contact us through our Contact Form. If you are not satisfied with our response to your complaint you may seek a review by contacting the Office of the Australian Information Commissioner.
How secure is the data collected?
We realise that our customers trust us to protect their data and whilst we cannot guarantee the security of any information you transmit to us, or receive from us, we take that task seriously and maintain reasonable and appropriate physical, electronic and procedural safeguards to help protect your data. This includes the following:
- Storing electronic data with reputable third party storage providers who have appropriate security protections
- Limit access to personal information to individuals who need to know.
- Using payment providers who are PCI DSS compliant
- We do not store your payment details
Where we store data
We use service providers based in Mossman, Australia. If we transfer personal data outside of Australia, we will ensure that your privacy rights are adequately protected by ensuring these service providers have the same or similar measures in place to protect data shared.
How long we store data for
We will keep your data for as long as we need it and this period will also depend on your interactions with us. If you have made a purchase with us, we will keep a record of your purchase for the period necessary for invoicing and tax purposes. When we no longer need to keep your information, we will delete it permanently or anonymise Data which is no longer necessary.
Third parties who process your data
We share data with third parties in the following circumstances:
- Other companies in our group of companies, as necessary to operate our Site
- Our suppliers and service providers working for us e.g. payment processors
- Our professional and legal advisors
- Third parties engaged in fraud prevention and detection
- Law enforcement or other government authorities
- Share with third parties who enable us to provide our services which may include:
- payment processors such as Stripe, PayPal, Xero, Shopify who may process your payment for any services bought from us;
- Social media and analytics such as Facebook, Instagram and Google Adwords for purpose of custom audience generation and the development of targeting criteria;
- Where we have your consent to do so or otherwise where we are legally permitted to do so.
All of our real-time credit card authorisations are handled by secure third-party gateway providers and these are secured by the highest level of security. The following measures are taken to protect your data:
- Payments are fully automated with an immediate response
- Your complete credit card number cannot be viewed by us or any outside party
- All transaction data is encrypted for storage within our third party gateway suppliers bank-grade data centre, further protecting your credit card data
- Our third party gateway provider is an authorised third party processor for all the major Australian banks
- Our third party gateway provider will at no time touch your funds, all monies are directly transferred from your credit card to the merchant account held by us
We use third-party gateway providers that are widely respected for providing secure and reliable online payment solutions. We have chosen to deal with the best so you can feel safe that your personal information is kept safe and secure at all times. While we attempt to protect the information in our possession, no security system is perfect and we cannot promise that information about you will remain secure in all circumstances.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for all organisations that handle branded credit cards from major card schemes. PCI DSS is a standard mandated by the card brands like Visa, Mastercard, American Express and Discover and is managed by the PCI Security Standards Council.
PCI-DSS requirements help ensure the secure handling of credit card information through our Site and the service providers.
Age of consent
By using this Site, you warrant that you are at least 18 years of age. We accept no liability should our Site be accessed or used by anyone under the age of 18 and we do not knowingly collect data from anyone under the age of 18.
Cookies and how to block them
What are cookies?
Unfortunately, they are not the edible kind! “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. Cookies can also be used to analyse traffic and for advertising and marketing purposes. They do not harm your systems and the HELP function in your browser will tell you how to restrict or block the cookies. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org. If you use browser settings to block all cookies, you may not be able to access all or parts of our Site.
We may use web beacons (or clear gifs) on our website and in our emails. So basically when we send emails, we have the ability to track behaviour such as who opened the emails, who clicked the links and collection information such as your IP address, your browser or email type, we then put this information together to improve the performance of our email campaigns and provide you with better services specific to your needs. You will always have the ability to opt out of any emails we send just click the link in the email that says “unsubscribe”.