This section explains how to read this policy and describes its purpose.
Defining specific terms:
In respect of the collection, use and disclosure of privacy information, Growth Gurus is subject to the Australian Privacy Principles. All personal information received on behalf of Growth Gurus is at all times respected, including the protection and security of all personal records.
Growth Gurus collects a range of personal information, such as your name, address, telephone number, email address, your age, date of birth and your banking details, credit information. We need this information to deliver necessary and effective services to all our clients and to understand and forecast our business.
We may also collect information about you from your access to our website for statistical purposes. This information is usually anonymous and we do not use it to identify individuals.
However, due to the nature of internet protocols, such information might contain details that identify you, such as your IP address, internet service provider, the web page directing you and your activity on our website.
We may collect your personal information from a variety of sources, including:
We may also collect information from a friend or someone who refers our services to you, the vendor of any business we acquire, a wholesale service provider who provides services to you, a marketing bureau or third party contractor (including any of our dealers or resellers) and a credit reporting agency (where we undertake a credit check).
We collect personal information directly from you, unless it is unreasonable or impracticable to do so.
We collect data from our website using various technologies, including “cookies”. Put simply, a “cookie” is a text file that our website sends to your browser which is stored on your computer as an anonymous tag identifying your computer (but not you) to us. You can set your browser to disable cookies. However, some parts of our website may not function properly (or at all) if cookies are disabled.
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
From time to time you may be able to deal with us anonymously or by using a pseudonym. For example, without limitation, if you have a general inquiry about us, and/or our goods and services, we may be able to respond to your inquiry on an anonymous or pseudonymous basis.
However, if the personal information we request for the provision of our goods and/or services is not provided to us, or you provide the information anonymously or pseudonymously, then we may be unable to provide the goods and/or services to you.
Further, we may need to verify your identify as part of our response to a request to access and/or correct personal information we hold about you, or as part of our complaints handling procedure. If we are unable to verify your identify, or you continue to engage with us in an anonymous or pseudonymous basis, then we may be unable to complete your request or pursue our complaints handling procedure.
As a general principle, we only use personal information for the primary purpose for which we collect the information or a secondary purpose related to the primary purpose for which you would reasonably expect us to use the collected information or otherwise as permitted or authorised by law (including the APPs).
We will not use your information for an unrelated secondary purpose unless we obtain your written consent or an exception applies, such as it is impracticable to obtain your consent and we believe that collecting, using or disclosing your information is necessary to lessen a serious threat to the life, health or safety of any individual.
We collect, hold and use personal information for the following purposes:
We may disclose your personal information to third parties, such as our dealers and resellers, any marketing agency we engage to facilitate our promotions, banks, professional advisers, courts, tribunals, regulatory authorities, other companies and individuals for the purpose of:
They will have access to your personal information required to perform these services, but we will not authorise them to use your information for any other purpose.
We also disclose your information to third parties that provide services to us, such as auditors, financial services or insurance companies, for them to complete their obligations owed to us under agreements that we have entered into for the purpose of undertaking our business operations and activities. This information may include scrambled credit card details; although these will only be used with your consent for any transactions with them.
We may also disclose personal information to prospective investors in or purchasers of some or all of our business.
In addition, we may provide statistics (with personal identifiers removed) about our customers, readers, sales, traffic patterns and related site functions to reputable third parties primarily for the purpose of assisting us to improve our service offering.
You have the right to tell us that you do not wish us to send information to you other than for the primary purpose for which we collect your personal information. We will always attempt to ensure our disclosure of personal information to other organisations is carried out in a manner which does not personally identify individuals
We may directly market our products and services to you on the basis that you would reasonably expect us to do so, where we have collected your personal information from you already. Where we collect your personal information from a third party, we will not use your personal information to directly market to you without your consent.
Please note that we will also comply with other laws that are relevant to marketing, including the Spam Act 2003 (Cth), the Do Not Call Register Act 2006 (Cth) and the Competition and Consumer Act 2010 (Cth).
All direct marketing communications you receive will include an easy opt-out procedure if at any time you wish us to cease sending you information.
Your withholding of personal information from us might mean we are unable to perform some essential functions related to our products and/or services, including one or all of the purposes listed above in section 5.
We may also disclose your personal information to our affiliates in China, overseas suppliers and our technology infrastructure may make use of cloud infrastructure or servers located in Sydney, Australia.
In the event we disclose your personal information overseas, we will ensure that adequate security mechanisms are in place to protect your information. For example, we will disclose your information for the purpose of our affiliate packing and sending your orders to your nominated address if you buy online or over the telephone.
Wherever reasonably practicable, we will first seek your consent to such cross-border disclosure. Please note that where you consent to such cross-border disclosure, we will be exempt from the requirements of the Act in relation to such disclosed information. Where it is not reasonably practicable for us to obtain your consent we will otherwise comply with the requirements of the Act.
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
This section explains how Growth Gurus holds your personal information, how you can access and update your personal information, complain about an alleged breach of the APPs or make any related enquiry.
Growth Gurus relies on accurate and reliable information to deliver necessary and effective services. If we are satisfied that any of the information we have about you is inaccurate, out-of-date, irrelevant, incomplete or misleading, or you request we correct any information, we will take reasonable steps to ensure the information held by us is accurate, up-to-date, complete, relevant and not misleading.
The practical measures by which Growth Gurus avoids having an incorrect record of an individual’s information include asking you to complete the appropriate forms and requesting that you periodically update this information in writing.
If we disclose your personal information that is later corrected, we will, or else you may ask us to, notify the entity that received the incorrect information about that correction.
Should we refuse to correct the information, we will explain the reasons for refusal. We will also provide you with information about our complaint procedure if you wish to lodge a formal complaint about our refusal.
All personal information is securely stored using appropriate physical and/or electronic security technology, settings and applications, and by ensuring staff dealing with personal information is trained in our privacy policies and procedures.
These policies are designed to protect personal information from unauthorised access, modification or disclosure; and from misuse, interference and loss.
You are entitled at any time, upon request, to access your personal information held by us. We will respond within a reasonable time after the request is made and give access to the information in the manner requested by you, unless it is impracticable to do so. We are entitled to charge you a reasonable administrative fee for giving you access to the information requested.
Should you be refused access to your information, we will explain the reasons for refusal – any exceptions under the Privacy Act or other legal basis relied upon as the basis for such refusal – and, if you wish to lodge a formal complaint about our refusal, we will explain the complaint procedure.
If you wish to complain about an alleged breach of the privacy of your personal information, or an alleged breach of the APP’s, the complaint should be made by emailing our Privacy Officer at firstname.lastname@example.org
We will acknowledge receipt of your complaint and we will endeavour to deal with your complaint and provide you with a response within a reasonable time following our receipt of your complaint (generally 30 days of our receipt of your complaint). Where a complaint requires a more detailed investigation it may take longer to resolve. If this is the case, we will provide you with progress reports.
We will verify your identify and seek, where appropriate, information from you in connection with the complaint.
Where required by law, we will acknowledge your complaint in writing and provide information in writing on how we will deal with your complaint. Further, if required to do so by law, we will provide our determination on your complaint to you in writing.
We may refuse to investigate and deal with a complaint if we consider it to be vexatious or frivolous.
If you are dissatisfied with the outcome of your complaint, you may seek an internal review of our decision, which will be completed by an officer not previously involved in your complaint. If you remain dissatisfied, you may escalate your complaint to the office of the Australian Information Commissioner.