Privacy Policy

At SKINBASECO PTY LTD, we are dedicated to preserving your privacy and ensuring the security of your personal information. This Privacy Policy describes how SKINBASECO PTY LTD (the "Site", "we", "us", or "our") collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from skinbaseco.com.au (the "Site") or otherwise communicate with us (collectively, the "Services"). In this Privacy Policy we, us or our means SKINBASECO PTY LTD.

Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on the Site, update the "Last updated" date and take any other steps required by applicable law.

Personal information

The types of personal information we obtain about you depends on how you interact with our Site and use our Services. When we use the term "personal information", we are referring to information that identifies, relates to, describes or can be associated with you. The types of personal information we may collect about you include:

  • your basic contact details, including name, email address, phone number; 
  • Order information including your name, billing address, shipping address, payment confirmation, email address, phone number;
  • data necessary to process your payment if you make a purchase;
  • your demographic information, such as postcode;
  • information you provide to us through customer surveys;
  • details of products and services we have provided to you and/or that you have enquired about, and our response to you;
  • your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour;
  • information about your access and use of our Site, including through the use of Internet cookies, your communications with our Site, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider;
  • additional personal information that you provide to us, directly or indirectly, through your use of our Site, associated applications, associated social media platforms and/or accounts from which you permit us to collect information; and
  • any other personal information requested by us and/or provided by you or a third party.

We may collect these types of personal information directly from you or from third parties. We may also automatically collect certain information about your interaction with the Services ("Usage Data"). To do this, we may use cookies, pixels and similar technologies ("Cookies"). Usage Data may include information about how you access and use our Site and your account, including device information, browser information, information about your network connection, your IP address and other information regarding your interaction with the Services.

Collection and use of personal information

We may collect, hold, use and disclose personal information for the following purposes:

  • to enable you to access and use our Site, associated applications and associated social media platforms;
  • to contact and communicate with you;
  • for internal record keeping and administrative purposes;
  • for analytics, market research and business development, including to operate and improve our Site, associated applications and associated social media platforms;
  • to run competitions and/or offer additional benefits to you; 
  • for advertising and marketing, including to send you promotional information about our products and services and information about third parties that we consider may be of interest to you;
  • to comply with our legal obligations and resolve any disputes that we may have.

Disclosure of personal information to third parties

In certain circumstances, we may disclose personal information for legitimate business purposes subject to this Privacy Policy to:

  • third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, web-hosting and server providers, debt collectors, maintenance or problem-solving providers, marketing or advertising providers, professional advisors and payment systems operators;
  • our employees, contractors and/or related entities;
  • our existing or potential agents or business partners;
  • sponsors or promoters of any competition we run;
  • anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;
  • courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
  • courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights; and
  • third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing to you. This may include parties located, or that store data, outside of Australia; and
  • third parties to collect and process data, such as Google Analytics and Shopify or other relevant businesses. This may include parties that store data outside of Australia.

We may store personal information overseas. Where we disclose your personal information to the third parties listed above, these third parties may also store, transfer or access personal information outside of Australia. Unless we seek and receive your consent to an overseas disclosure of your personal information, we will only disclose your personal information to countries with laws which protect your personal information in a way which is substantially similar to the Australian Privacy Principles and/or we will take such steps as are reasonable in the circumstances to require that overseas recipients protect your personal information in accordance with the Australian Privacy Principles.

How we treat personal information that is also sensitive information

Sensitive information is a subset of personal information that is given a higher level of protection under the Australian Privacy Principles. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.

We do not generally collect sensitive information about individuals.

If you provide sensitive information to us for any reason (for example if you provide us sensitive information in feedback to a product) you consent to us collecting, using and disclosing that information for the purpose for which you disclosed it and as permitted by the Privacy Act.

In such circumstances, we only collect, hold, use and disclose sensitive information for the following purposes:

  • any purposes you consent to;
  • the primary purpose for which it is collected;
  • secondary purposes that are directly related to the primary purpose for which it was collected, including disclosure to the above listed third parties as reasonably necessary to provide our services to you;
  • to contact emergency services, or to speak with your family, partner or support person where we reasonably believe there is a serious risk to the life, health or safety of you or another person and it is impracticable for us to obtain your consent; and
  • if otherwise required or authorised by law.

Security of Your Information

We are committed to protecting your personal data and employ reasonable precautions and industry best practices to ensure its security. We take measures to prevent inappropriate loss, misuse, unauthorised access, disclosure, alteration, or destruction of your information. When transmitting your personally identifiable information, we use secure encryption methods to maintain its confidentiality and integrity.

For payment transactions, we utilise a certified payment gateway provider. All credit card details are encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Our payment gateways strictly adhere to the standards set by PCI-DSS, which is managed by the PCI Security Standards Council—a collaborative effort of renowned brands including Visa, MasterCard, American Express, and Discover. As a result, we neither view nor retain your credit card information.

While we employ industry-standard precautions to safeguard your personal data, it is important to note that no online or offline platform can guarantee absolute security. Please be aware that no security measures are perfect or impenetrable, and we cannot guarantee "perfect security".

Retention of Your Information

We will retain your personal information for the necessary duration to provide the Services, for internal analytical purposes, and to comply with our legal obligations. This includes resolving disputes and enforcing agreements (e.g., settlements). The retention periods are determined based on various factors, including the duration required to provide goods/services and operate our business, the type of personal data collected, and any legal, contractual, or similar obligations that mandate data retention. These obligations may arise from mandatory data retention laws, government orders related to investigations, or data that must be retained for litigation or dispute resolution purposes.

Your rights and controlling your Personal Information

Choice and consent: By providing personal information to us, you acknowledge and agree that we will collect, store, use, and disclose your personal information in accordance with this Privacy Policy. While providing personal information is optional, please note that not providing certain information may impact your ability to fully utilize the features, services, or products offered on our Site.

Information from third parties: If we receive personal information about you from a third party, we will handle it in accordance with this Privacy Policy. If you are providing personal information about someone else, you represent and warrant that you have obtained their consent to disclose that information to us.

Restrict: You may choose to restrict the collection or use of your personal information.  If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below.

Access: You may request details of the personal information that we hold about you. Please note that we may require you to verify your identity before providing such information, and in certain circumstances, we may be unable to fulfill your request in accordance with the Privacy Act 1988 (Cth).

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading or out of date.

Complaints: If you believe that we have breached the Australian Privacy Principles and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint.

Unsubscribe: To unsubscribe from our e-mail database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.

Cookies

Like many websites, we use cookies on our Site to help improve website functionality and personalise user experience. Cookies are text files placed in your computer's browser to store your preferences. Cookies, by themselves, do not tell us your email address or other personally identifiable information. However, they enable third parties, such as Google and Facebook, to display our advertisements to appear on your social media and online media feeds as part of our retargeting campaigns. When you voluntarily provide our Site with personal information, this information may be linked to the data stored in the cookie.

In addition to cookies, we may also employ web beacons on our Site from time to time. Web beacons (also known as Clear GIFs) are small pieces of code embedded on web pages to monitor visitor behaviour and collect data about their interactions with specific web pages. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.

Links to other websites

Our Site may contain links to other websites or platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these.

Age Restrictions

To use our Sites and other digital offerings, you must be at least 16 years old. We do not actively seek or knowingly collect personal data from individuals under the age of 16. If we become aware that we have inadvertently obtained such information or any data that violates our policy, we will make reasonable efforts to identify and promptly remove that information from our records.

For any questions or notices, please contact us at:

SKINBASECO PTY LTD ABN 87658123105

Email: contact@skinbaseco.com

Last Updated: June 2023