We will publish updated versions of this Policy from time to time on www.sarahwilson.com and store.iquitsugar.com (the “Websites”) and the updated Policy will apply to your use of the Websites on and from the date of publication.
A reference to ‘we’ ‘our’ or ‘us’ in this Policy means Sarah Wilson (SW) and a reference to ‘you’ means an individual person protected by the provisions of the Privacy Act 1988 (as amended).
- Our Privacy Commitments
We are committed to compliance with privacy laws and to the protection of the personal information you provide to us when you use the Websites. The purpose of this policy is to explain to you how we collect, store and handle your personal information. Our goal is to have practices, procedures and systems in place to ensure that we always comply with the Australian Privacy Principles and any other applicable legislation or regulations.
- Why Do We Use Your Personal Information?
We deal with your personal information in several scenarios, such as to assist you with purchasing from our Websites and to handle your enquiries. By doing so, we can continue to improve the level of customer service that we provide.
- What Type of Personal Information do we Use?
Under the Privacy Act, “Personal Information” is generally considered to be information that identifies you or is reasonably linked to you to be able to have you identified. The kinds of personal information we collect include contact details and payment information like your name, email and street address and phone numbers.
- When We Ask For Your Personal Information
4.1 We will not collect your personal information unless it is reasonably necessary for us to provide you with products or to establish and to maintain any account you have with us for ordering products from the Websites.
4.2 We will not collect personal information about you unless you allow us to and we need the information for to properly provide our products or services to you or where we are required or allowed to do so by law.
- Personal Information We Haven’t Asked For
5.1 If we receive your personal information and we haven’t specifically asked you for it, we will determine whether or not we are allowed to collect that or store that information. Sometimes we may have to use or disclose your personal information in order to determine if we are allowed to collect it.
5.2 If we are not allowed to collect the personal information, we will promptly and permanently destroy it or ensure that it is completely de-intentified.
5.3 If we are permitted to collect the personal information, we will treat it in the same way as we treat personal information that we ask for or that you provide to us.
- About Your Personal Information
6.1 In circumstances where we collect personal information about you, we will take reasonable steps (at our cost) to make sure you are aware of:
6.1.1 our identity and contact details;
6.1.2 where your personal information is from someone other than you or we think you may not be aware that we have collected your personal information, then the fact that we have collected the personal information and how we collected it;
6.1.3 where we are required or allowed to collect the personal information, the fact that we are required or allowed to collect it as well as the details of the law that requires or allows us to collect it;
6.1.4 the reason(s) we are collecting personal information;
6.1.5 what it means for you if we don’t collect all or some of your personal information (for example, you may not be able to place or finalise an order on the Websites);
6.1.6 the third parties to whom we usually disclose your personal information;
6.1.9 whether we are likely to disclose the personal information to someone overseas and why;
6.1.10 if we are likely to disclose the personal information to someone overseas, the countries in which they are likely to be located (if it is practicable for us to tell you).
- Secondary Purposes for Dealing with Personal Information
7.1 Where your personal information is collected for a particular purpose (the primary purpose), we won’t use or disclose the information for another purpose (the secondary purpose) unless:
7.1.1 you allow us to; or
7.1.2 we are compelled or allowed to do so by law;
7.1.3 we believe that the use or disclosure of the information is reasonably necessary for law enforcement related reasons conducted by an enforcement body and we will keep records of that use;
7.1.4 you would reasonably expect us to deal with the information for the secondary purpose and the secondary purpose is:
(i) if the information is sensitive information—directly related to the primary purpose; or
(ii) if the information is non-sensitive information—related to the primary purpose; or
(iii) if we are required to by law, we will take reasonable steps to ensure that the information is not capable of identifying you before we disclose it.
7.1.5 If we collect personal information from one of our related companies this clause applies as if our primary purpose for the collection of the information was the primary purpose for which the related company collected the information.
8.1 We will not use or disclose the information for direct marketing without your consent, except as set out below.
8.2 We may use your personal information (but not sensitive information) for the purpose of direct marketing if, and only if:
8.2.1 we collected your personal information from you;
8.2.2 you would reasonably expect us to use your personal information for marketing purposes;
8.2.3 you haven’t opted out of receiving marketing information or promotions from us; and
8.2.4 in each marketing communication, we give you the ability to opt-out of receiving additional marketing communications.
8.2.5 we provide a simple way for you to easily request not to receive direct marketing communications from us;
8.2.6 we include a prominent statement that you may make such a request; or
8.2.7 we otherwise draws your attention to the fact that you may opt-out;
8.2.8 you haven’t made such a request to us.
8.3 If we use or disclose your personal information:
8.3.1 for the purpose of marketing by us, you may request not to receive further marketing communications from us; or
8.3.2 for the purpose of marketing by someone else, you may request us not to use or disclose your personal information for that purpose; and
8.3.3 you may request that we provide the source of the information.
8.4 If you make a request under clause 8.3, we will not charge you for the making the request or meeting it and we will respond to the request in a reasonable time as required by law.
- Security of Personal Information
9.1 We will take reasonable steps to protect your personal information, including from misuse, interference and unauthorised access.
9.2 If we no longer require your personal information and we are allowed to do so by law, then we may destroy or permanently de-identify the information.
- Your Right to Anonymity
Except where it isn’t practical to use the Websites or where the law requires otherwise, you are not obliged to identify yourself and you may elect to use a pseudonym instead of your real name when dealing with us.
- Access to Your Information
11.1 You may make a request to access the information we hold about you. In order to do so, please direct your requests to our Privacy Officer in writing by email to [email protected].
11.2 There are certain circumstances in which we will give you access to your personal information, such as when:
11.2.1 we reasonably believe that providing such access would pose a serious threat to the life, health or the safety and well-being of any person, or to public health or safety;
11.2.2 giving access would have an unreasonable impact on the privacy of another person;
11.2.3 the request for access is frivolous or without a proper purpose;
11.2.4 the information relates to existing or anticipated legal proceedings between us and you, and would not be accessible by the process of discovery;
11.2.5 giving access would reveal our intentions in relation to negotiations with the you in such a way as to prejudice them;
11.2.6 we are allowed or required by law not to give you access;
11.2.7 we reasonably suspect that unlawful activity, or misconduct, that relates to our functions or activities has been, is being or may be committed and that giving access would be likely to prejudice the taking of appropriate action by us;
11.2.8 giving access would be likely to prejudice one or more enforcement related activities conducted by an enforcement body; or
11.2.9 giving access would reveal information we have generated for a commercially sensitive decision-making processes.
11.3 If you request access to your personal information, we will respond within a reasonable time and we will give you access in the way you ask, where it is reasonably practicable for us to do so.
11.4 If we refuse your access request or don’t give access in the way you request, we will try to give you access in a different way that meets both yours and our needs. If we can’t do that, then we will give you a written notice that sets out the reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; any other options available to you to make a complaint about our refusal; and anything else we are required to tell you by law.
11.5 We may charge you a reasonable fee for giving access to your personal information that we hold but we won’t charge you just for making the request.
12. Data Security Incidents
We must immediately notify you in writing, and give you full details, about any actual or suspected accidental or unauthorised access to or data breach involving your Personal Information (a Data Security Incident) and co-operate with any investigation or audit in respect of the Data Security Incident.
- Correction of your Personal Information
13.1 We will take reasonable steps to correct your personal information if we believe it is inaccurate, out of date, incomplete, irrelevant or misleading or if you ask us to update correct it.
13.2 If we correct your personal information that we disclosed to someone else and you ask us to notify them of the correction, we will take reasonable steps to give that notification unless it is not practicable or the law requires us not to.
13.3 If we do not correct your personal information, we will notify you:
13.3.1 why it has not been corrected (unless it would be unreasonable to do so); and
13.3.2 about how you may make a compliant; and
13.3.3 about anything else we are required to tell you by law.
13.4 If you ask us to correct your personal information, we will respond to your request within a reasonable time and we will not charge you a fee for making of request or for correcting your personal information.
- Overseas Disclosure
Before we disclose your personal information to someone overseas we will take reasonable steps to ensure that they don’t breach the Australian Privacy Principles in relation to your personal information.
- If you are not happy with how we deal with your Personal Information
If you have any concerns, comments or enquiries about your personal information, please e-mail us at:
or write to us at:
PO Box 1728, Potts Point, New South Wales, 2011 Australia