Effective Date: 23 May 2020
OUR PRIVACY COMMITMENT TO YOU
HS Fresh Food Pty Ltd (ACN 638 495 655) and its related bodies corporate (‘HS Fresh’,‘we’, ‘us’or‘our’) respects your privacy and the trust you place in us by providing us with your personal information.
WHAT IS YOUR PERSONAL INFORMATION?
WHAT PERSONAL INFORMATION WE COLLECT AND HOW WE COLLECT IT
A) Information Provided by You
HS Fresh will collect your personal information when you voluntarily provide it to us through the use of any of our services either through our website, or otherwise when you deal with us in the course of business. For example, when you purchase products and services from us we may ask you to provide personal information, such as you name, mailing address, telephone number, date of birth and email address.
We collect personal information that you provide to us, including when you communicate with us via email or other channels, when you sign up for or request that we send you newsletters, alerts, or other materials or when you respond to our communications or requests for information.
You may deal with us on an anonymous basis or using a pseudonym when making inquiries. However, we may require certain contact details or other information from you to respond to these inquiries.
In some circumstances, we may also request personal information that includes financial information such as your credit card details and other payment information. Financial information will be transacted online via trusted third-party transaction gateways and will never be stored by us. We will only provide those third parties with the personal information they need to deliver the specific transaction services and take reasonable steps to ensure that these companies maintain the confidentiality of your information and are prohibited from using that information except for the purposes for which it was supplied. We cannot be held liable for any issues arising from the processing of your financial information.
B) Unsolicited personal information
If we receive
personal information that we did not take any active steps to collect, we will
determine whether we would have been permitted to collect that information as
part of providing our services in accordance with the law. We will destroy or
de-identify unsolicited personal information that we would not collect as part
of providing our services if it is lawful to do so. If the information is of
the type that we would collect to provide our services, we will contact you to
confirm what information we have been provided and the lawful basis on which we
LEGAL BASIS FOR USAGE OF YOUR PERSONAL INFORMATION
Where we intend to use, collect, hold or process, your personal information, we rely on the following legal grounds:
Performance of a Contract: we may need to collect and use your personal information to enter into a contract with you or to perform a contract that you have with us.
In Our or a Third Party’s Legitimate Interest: we may use your personal information for the purposes of facilitating our internal business operations where we consider use of your personal information to be (a) non-detrimental to you, (b) within your reasonable expectations, and (c) necessary for our own, or a third party’s legitimate purpose.
Compliance with a Legal Obligation: we may be required to use and disclose your personal information to authorised regulatory bodies to comply with our to legal requirements, including tax laws.
WHAT WE DO WITH YOUR PERSONAL INFORMATION AND WHY WE COLLECT IT
We may collect, hold, use and/or disclose your personal information for the following purposes:
- to provide you with the services and products you request;
- to assist with your questions about our services, billing (where relevant), payment methods (where relevant) or use of our website;
- to process or collect payments made in connection with our products and services;
- to carry out our obligations arising from any contracts entered into with you;
- to maintain and develop our relationship with you;
- to evaluate our services and products and to conduct customer surveys;
- to improve our services via internal research and development;
- to maintain and update our records including our database of contacts;
- for our business purposes, including data analysis, submitting invoices, detecting, preventing, and responding to actual or potential fraud, illegal activities, or intellectual property infringement;
- as we believe reasonably necessary or appropriate to comply with our legal obligations, respond to legal process or requests for information issued by government authorities or other third parties and to protect your, our, or others’ rights; and
- for the purposes of direct marketing as detailed below.
USE OF YOUR PERSONAL INFORMATION FOR DIRECT MARKETING
We may use your personal information to send you marketing material including our newsletter and notifications about updates to our blog if we have your permission or a legitimate interest as described above.
If you don’t want to receive direct marketing communications from us, you can follow the ‘unsubscribe’ instructions that appear at the bottom of all emails we send. Otherwise, you can always contact us at email@example.com to update your contact preferences.
We do not provide your personal information to other organisations for the purposes of their direct marketing.
DISCLOSURE OF YOUR INFORMATION TO THIRD PARTIES
The information we collect from you will be kept strictly confidential and secure at all times. Where it is necessary to disclose your personal information to third parties this will be done in a manner that is consistent with the APPs and only for a purpose consistent with the purpose for which the information was originally collected from you.
Importantly, we will not give, sell, rent, loan or otherwise disclose any personal information to any third party, unless:
- you would reasonably expect us to disclose the information in the course of providing our products and services to you;
- you have authorised us to do so;
- we are legally required to do so, for example, in response to a subpoena, court order or other legal process;
- we need to enforce or apply our terms and conditions to which you have agreed (or other terms that have been agreed to apply to our relationship with you);
- it is necessary to protect the rights and interests, property, or safety of HS Fresh, our clients or others;
- our agents or contractors who assist us in providing our services require such information, for example in fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in other tasks from time to time. Our agents and contractors will only use your information to the extent necessary to perform their functions;
- all, or most, of the assets of HS Fresh or any single business unit within HS Fresh are merged with or acquired by a third party, or we expand or re-organise our business, in which case your personal information may form part of the transferred or merged assets.
DISCLOSURE OF PERSONAL INFORMATION OUTSIDE AUSTRALIA
We do not generally disclose personal information outside Australia. However, if we are required for any reason to disclose your personal information to third parties outside Australia, we will take steps to ensure that your privacy rights continue to be protected by ensuring that the relevant third party is either covered by data privacy laws substantially similar to those in Australia or adheres to the APPs.
HOW WE PROTECT YOUR PERSONAL INFORMATION
We take reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. We store information in access-controlled premises and electronic information on secure servers.
In addition, we have procedures that prevent our employees and contractors from unnecessarily accessing your personal information. Only those employees and contractors with a business reason to know have access to such information. We educate our employees about the importance of confidentiality and customer privacy through standard operating procedures and internal policies on data privacy and corporate integrity. We take appropriate disciplinary measures to enforce employee privacy responsibilities.
Your information is kept for so long as we need it to provide our products and services to you and where applicable, for as long as we are required to keep it to comply with relevant statutory requirements. Where we determine that it is no longer necessary to hold your personal information we will securely destroy, delete or permanently de-identify that information to the extent it is possible to do so.
If we become aware of unauthorised access to or disclosure of your personal information, we will take appropriate steps to rectify the data breach and notify you as soon as practicable and provide you with a description of the breach, the type of information involved and any recommended actions you can take to protect yourself.
USING OUR WEBSITE AND COOKIES
To improve your experience on our website, we may use ‘cookies’: small data files that are served by our platform and stored on your device. These are used by us or third parties for a variety of purposes including to operate and personalise the website. Cookies may be used for recording preferences, conducting internal analytics, conducting research to improve our offering, assisting with marketing and delivering certain website functionality.
You may refuse to accept cookies by selecting the appropriate setting on your internet browser. However, please note that if you do this, you may not be able to use the full functionality of our website.
THIRD PARTY LINKS
ACCESSING OR CORRECTING YOUR PERSONAL INFORMATION
You can access the personal information we hold about you by contacting us at firstname.lastname@example.org. We will need to verify your identity before allowing you to access your personal information.
We may refuse to allow you to access your personal information where:
- access would pose a serious threat to life or health of an individual;
- access would have an unreasonable impact on the privacy of others;
- the request is frivolous or vexatious;
- the information relates to a commercially sensitive decision-making process;
- access would be unlawful;
- access would prejudice enforcement activities relating to criminal activities and other breaches of law;
- access relates to existing or anticipated legal proceedings; or
- denying access is required or authorised by or under law.
If we cannot provide you with access to your information, we will advise you of the reasons in writing.
If you think that any personal information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.
MAKING A COMPLAINT
If you think we have breached any of our privacy obligations, or you wish to make a complaint about the way your personal information has been handled, you can contact us by email at email@example.com. So that we can respond to you, please clearly describe your complaint and include your name, email address and/or telephone number for our reply. Your complaint will be considered by our management team, and an acknowledgement and response to your complaint will be provided to you within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, you may refer the matter to the Office of the Australian Information Commissioner:
Mail: GPO Box 5218, Sydney, NSW 2001
Phone: 1300 363 992