Privacy Policy - You Be the Barista
Your use of our website and any of our services constitutes an acknowledgement that you have been made aware of our Privacy and Security Policy outlined below.
As we are an Australian company, we are regulated by Australian laws including the Privacy Act 1988 (Cth), or if you are located in the EU and we offer goods or services to you, we are regulated under the General Data Protection Regulation (GDPR) which applies across the European Union (including in the United Kingdom (UK)) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
How We Manage your personal Information
-
We will only collect information in accordance with the Australian Privacy Principles. The 13 Australian Privacy Principles can be found at http://www.oaic.gov.au/privacy/privacy-resources/privacy-fact-sheets/other/privacy-fact-sheet-17-australian-privacy-principles
-
As we are in the business of selling products online, we need to collect personal information. Personal Information is defined as information that can identify you in some way.
-
This Policy describes how we collect, protect, disclose and use personal information and our compliance with direct marketing and spam laws, offshore disclosure of information and how you can correct the information or complain about our use of your information.
Collecting your Information
-
We only collect personal information with your consent, and which is necessary for our business.
-
The reason we collect this information is so that we may deliver our goods and services to you and carry on our business and provide you with anything else you might require.
-
When you place an order with us, we will collect your name, email contact, phone number, address, and credit card details. We do not store credit card details, only token payments via our secure payment gateway, Stripe. You may also automatically collect information about your computer’s operating system; your computer’s browser type, capability, and your computer’s Internet Protocol (IP) address and geolocation. Pages on our site that you visited, the time you spent on each web page and web page usage statistics.
-
We do not identify visitors to our Website or their browsing activities except where compelled by law or in accordance with the terms and conditions of our Website.
-
Storage of your personal information is on servers protected by Microsoft Office 365.
Use of Personal Information
-
We will only use your personal information in accordance with Australian Privacy Principle 6.
-
We will use your personal information for the purposes of carrying on our business of retailing products online including but not limited to secure payment and delivery of your orders (the Primary Purpose).
-
We will use your personal information where you would reasonably expect us to use it or where we are allowed by Law (Secondary Purpose) or for a related Secondary Purpose where you would reasonably expect us to use the information or where permitted by Law.
-
We use the information collected from your computer to manage our website, improve our business and provide a better ultimately result for our customers.
Disclosure
-
The disclosure of your information will be for a Primary Purpose or Secondary Purpose and will comply with Australian Privacy Principles No. 6.
-
Disclosure of your personal information may be in any way that it is required or authorised by you or the Law. With your consent, we may disclose your personal information for Primary or Secondary Purposes.
-
In certain circumstances, your personal information is disclosed to third parties that provide services such as our payment gateway, marketing, logistic and technology support which are required to fulfil a transaction shall be implied.
Direct Marketing and Spam
-
We shall not use your personal information to send marketing communications directly to you without your consent, express or implied. We shall comply with Australian Privacy Principle No. 7 and the Spam Act 2003 (Cth).
-
If you no longer wish to receive marketing or promotional information from us or our affiliates and partners, you can unsubscribe at any time. Instructions on how to unsubscribe are set out in any marketing communications we send to you or you can contact us through our privacy officer using the contact details below. We will endeavour to respond to your opt-out request within five business days.
Offshore Disclosure
-
Storing of your information with an offshore entity may result in the disclosure of your personal information. We are responsible to ensure your personal information is protected and that the offshore disclosure will always comply with the Australian Privacy Principles in App 1 and App 2.
-
Because of the nature of wireless networks and cloud computing, it is not practical for us to notify you of which country your personal information may be located.
Notifiable Data Breaches
If there has been an unauthorised disclosure or access of personal information or that the information has been lost in a way that it is likely to give rise to unauthorised access or disclosure and is likely to result in serious harm, we will comply with the requirements of the Privacy Act 1988 in relation to an “eligible data breach”. If we notify you of a breach where possible, we will provide recommendations as to steps you should take regarding the breach.
General Data Protection Regulations (GDPR)
Where the GDPR applies we rely on the following lawful reasons to collect and use your personal data and, on occasion, more than one lawful reason (basis) set out below may apply to the processing:
-
our legitimate interests in marketing and providing our goods and services globally for both our benefit and that of our customers and contacts interested in what we provide;
-
to perform or enter into any contract we may have with you;
-
to comply with our legal obligations;
-
to protect your vital interests or that of another person (e.g. in an emergency); or
-
where you consent to the processing where we ask you to (e.g. for certain sorts of marketing or other processing where the law either requires this or where it is our policy from time to time to seek consent for such processing).
Please note that some countries outside the UK or EU (including Australia) do not have the same data protection laws as the UK or EU. However, we do not ordinarily disclose your credit information or credit eligibility information to entities that do not have an Australian link.
We will take reasonable steps to ensure that third parties that have access to your personal information are bound by appropriate privacy and confidentiality obligations in relation to that personal information.
Where the GDPR applies to any transfer of personal information, either by us or by any third party to whom we provide your personal information, such transfer will (unless the European Commission considers their laws adequate) be subject to appropriate or suitable relevant safeguards (such as a legally binding contract containing European Commission-approved model clauses or terms consistent with them or, for transfers to the US, the EU-US Privacy Shield). These safeguards will apply to the extent required under the GDPR and are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. If you have any queries about the basis upon which we may transfer your personal information outside of Australia, please contact us using our contact details below.
If you are an individual or sole trader, you may request that information supplied to third parties for the purposes of verification/authentication can be de-identified.
Your rights under the GDPR (if applicable)
Under the GDPR (where it applies to you), you have a number of important rights free of charge. In summary, those include rights to:
-
fair processing of information and transparency over how we use your use personal information that this Privacy Notice is already designed to address
-
access to your personal information and to certain other supplementary information
-
require us to correct any mistakes in your information which we hold
-
require the erasure of personal information concerning you in certain situations
-
receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
-
object at any time to processing of personal information concerning you for direct marketing
-
object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
-
object in certain other situations to our continued processing of your personal information
-
where the processing is based on your consent you may withdraw your consent at any time
-
otherwise, restrict our processing of your personal information in certain circumstances.
For further information on each of those rights, including the circumstances in which they apply, see for example the Guidance from the UK Information Commissioner's Office (ICO) on individuals’ rights under the General Data Protection Regulation. If you would like to exercise any of those rights, please:
-
email, call or write to us (contact details below) and let us have enough information to identify you (such as name and registration details)
-
let us have proof of your identity and address
-
let us know the information to which your request relates, including any account or reference numbers, if you have them.
Your rights regarding correction complaints
-
We are only allowed to and only want to, keep your personal information if it is correct.
-
You may at any time, contact us and seek access to or correction of personal information we hold about you.
-
You may request access or changes to your personal information held by us by contacting us through our Privacy Officer or sending an email to customerservice@youbethebarista.com or call us on the number below:
-
A change relating to credit eligibility information or credit information must be submitted in writing to finance.au@thecoffeebrewmasters.com.
What do you do if you have a complaint or a question
-
If you would like further information about how we manage your personal information, have any queries or feedback relating to our Privacy Policy, or have a problem or wish to lodge a complaint in relation to an alleged breach of any Privacy Laws, please contact the Privacy Officer by:
(a) Calling +61 3 9314 0394
(b) Sending an email to customerservice@youbethebarista.com; or
(c) Writing to the following address:
The Coffee Brewmasters Limited
Attention: Privacy Officer
197 2B Champion Road
WILLIAMSTOWN NORTH VIC 3016
-
If you wish to complain about a breach of your rights under the Privacy Act 1988 (Cth) please contact us at the email and postal address above and provide details of your complaint in writing. We will respond to any complaint within 30 days. If you are not happy with our response, you can complain directly to the Office of the Australian Information Commissioner.
Changes to this policy
We reserve our right to amend our Privacy Policy at any time and notify you by posting an updated version of the Privacy Policy on our Website.