We are sensitive to the concerns that you, our customers, may have with the conﬁdentiality and handling of your personal information. We take your privacy very seriously.
Therefore, we ask that you take the time to read this document which sets out how we handle, maintain and secure your personal information.
2. Who to contact
3. Who does this policy apply to
4. Why we collect personal information
4.1 Information we hold
We generally hold personal information about our customers. This information can include their contact details, buying habits and transactional details.
4.2 Why we need personal information
You are always allowed to deal with us on an anonymous basis. However, as a provider of hair care products, we sometimes ﬁnd it necessary to collect certain information from you.
There are a number of ways in which we may collect information from you. These include:
our website (including cookies);
over the phone; and
when you purchase anything from us via your credit card
In addition, there may also be certain laws which may require us to collect personal information from you. Where these apply, we will provide you with information about our legal requirements when we collect your personal information.
4.3 What about ‘sensitive information’?
We will not ask you for information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or details of health, disability or sexual activity or orientation, unless:
you consent to providing that information to us;
the collection of that information is speciﬁcally authorised by law;
the collection is necessary to lessen a serious or imminent threat to your health or safety or the health or safety of another person; or
the collection of the information is necessary for the establishment, exercise or defence of a legal claim.
4.4 What happens if you do not provide personal information
If you do not provide us with accurate or complete information when we request it, we may not be able to provide you with a proper level of service.
5. How we maintain and manage your personal information
5.1 Who may view your personal information
We will only grant access to others to view your personal information where we believe it is necessary, and in your best interests, for those people to view your personal information.
In general, only our employees or subcontractors may view your personal information.
We will only disclose personal information to a third party if:
that disclosure is required to give effect to the purposes for which we collected the information;
we have your consent to that disclosure;
we believe that the disclosure may lessen a risk of harm to your health or safety, or to the health or safety of another person;
we are required by law to disclose the information;
the disclosure is required for the enforcement of a criminal law or a law imposing a pecuniary penalty or for the protection of public revenue; or
the third party is our agent or contractor and is required by us to keep that personal information conﬁdential and will only use that information for the purposes for which it is disclosed.
5.2 International transfers
If we transfer your personal information overseas, we will ﬁrst obtain your written consent before doing so.
If it is not practical to obtain your consent, then the information may still be transferred if, as part of the agreement for the transfer of that information, the other organisation agrees to comply with our privacy obligations to you.
5.3 Where is your personal information stored?
We may store your personal information in both hard copy and on computer.
Hard copy information is kept under lock and key. Information stored on computer is generally password protected.
5.4 Updating your personal information
If at any time you believe that any of your personal information that we store is not accurate or is out of date, please let us know by contacting either of our Privacy Ofﬁcer.
6. Our websites and email
Any personal information collected from you via our websites and via email are governed by this policy.
We may collect information about you from our websites via any forms you ﬁll in, any cookies we install on your computer or any transactions you undertake with us. We may also track your viewing habits to allow us to tailor your web surﬁng experience.
Where we communicate by email with you, we may ask you for personal information which is related to the purpose of that communication.
7. Direct marketing
If we collect personal information for direct marketing purposes (either to market ours or someone else’s products), then we will try to ﬁrst obtain your consent before we market directly to you.
If we cannot practically obtain your consent, then we may still directly market to you, provided that:
we advise you that you can be taken off the mailing list at any time;
you have not previously asked to be taken off the mailing list; and
we display our contact details clearly in each direct marketing publication.
If you wish to be taken off any mailing list, please contact our Privacy Ofﬁcer.
8. How you may access your personal information
You may access your personal information by contacting our Privacy Ofﬁcer.
We will use our best efforts to take less than 30 days to respond to your request.
We may also charge you a reasonable fee for providing access to your personal information.
9. When we may withhold access to your personal information
9.1 When we can withhold your information
We may withhold access to your personal information in a number of circumstances. These include where:
providing access would pose a serious and imminent threat to the life or health of a person;
providing access would have an unreasonable impact on the privacy of others;
the information is subject to confidentiality where the person who provided the information to us did so expressly on the condition that it remains conﬁdential;
the request is vexatious or frivolous;
the information relates to legal proceedings between us and the information would not be required to be discovered to a court;
we are in commercial negotiations with you and the information would reveal our intentions;
providing access would be unlawful or we are required by a law to withhold access; or
providing access could prejudice the investigation or detection by our organisation or by a government body of an unlawful activity or some serious or improper misconduct.
Where we do withhold your personal information, we may instead choose to give you a summary of that information.
9.2 Written reasons
If we do withhold your personal information, we will provide you with written reasons.
9.3 Third party intermediary
If we withhold access to your personal information, we will consider whether the provision of access to an independent third party will meet both of our needs.