Storage & Security of Your Information
Disclosure of Your Information
We may from time to time need to disclose certain information, which may include your Personal Data, to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request. Also, we may use your Personal Data to protect the rights, property or safety of Winterwares, our customers or third parties. If there is a change of control in one of our businesses (whether by merger, sale, transfer of assets or otherwise) customer information, which may include your Personal Data, could be disclosed to a potential purchaser under a confidentiality agreement. We would only disclose your information in good faith and where required by any of the above circumstances.
We do not and will not sell or deal in personal or customer information. We will never disclose your personal details to a third party except the necessary information required by providers of products or services you have purchased or to protect the rights, property or safety of Winterwares, our customers or third parties or if required by law. We may however use in a general sense without any reference to your name, your information to create marketing statistics, identify user demands and to assist it in meeting customer needs generally. In addition, we may use the information that you provide to improve our website and services but not for any other use.
We strive to ensure the security, integrity and privacy of personal information submitted to our website, and we periodically update our security measures in light of current technologies.
Information we collect from you
In the course of your visits to our website or use of our products and services, we may obtain the following information about you: name, company name, email address, telephone number, credit card details, billing address, geographic location, IP address, survey responses, support queries, blog comments and social media handles (together ‘Personal Data’).Our services are not directed to persons under 18 and we do not knowingly collect Personal Data from anyone under 18. If we become aware that a child under 18 has provided us with Personal Data, we will delete that information as quickly as possible. If you are the parent or guardian of a child and you believe they have provided us with Personal Data without your consent, then please contact us.You can review, correct, update or delete your Personal Data by either logging into your account and making the changes yourself or contacting us directly to do so.
How we use your information
Personally Identifiable Information: We use the information we collect to deliver our services to you, including: communicating with you, providing technical support, notifying you of updates and offers, sharing useful content, measuring customer satisfaction, diagnosing problems and providing you with a personalised website experience.Marketing communications are only sent to you if you have requested or subscribed to them. You can opt out of our marketing communications at any time by unsubscribing or emailing us and your request will be actioned immediately.Non-Personally Identifiable Information: We also use the information we collect in aggregated and anonymised forms to improve our services, including: administering our website, producing reports and analytics, advertising our products and services, identifying user demands and assisting in meeting customer needs generally. Any information you choose to make publicly available, such as blog comments and testimonials on our website, will be available for others to see. If you subsequently remove this information, copies may remain viewable in cached and archived pages on other websites or if others have copied or saved the information.
Storage and security of your information
We will use all reasonable means to protect the confidentiality of your Personal Data while in our possession or control. All information we receive from you is stored and protected on our secure servers from unauthorised use or access. Credit card information is encrypted before transmission and is not stored by us on our servers.
To enable us to deliver our services, we may transfer information that we collect about you, including Personal Data, across borders for storage and processing in countries other than Australia. If your Personal Data is transferred and processed outside Australia, it will only be transferred to countries that have adequate privacy protections.
We retain your personal information for as long as needed to provide services to you and as otherwise necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
In the event there is a breach of our security and your Personal Data is compromised, we will promptly notify you in compliance with the applicable law.
Cookies and pixels
Sharing your information with third parties
We do not and will not sell or deal in Personal Data or any customer information.
Our responsibilities under General Data Protection Regulation (GDPR)
If you are a resident of the EU or UK you have certain rights and protections under the GDPR regarding the processing of your Personal Data.
We collect, use and store your Personal Data to enable us to provide you with our goods or services and information about them. We rely on the following lawful means of processing your Personal Data:
- Where it is necessary to fulfil a contract with you. This includes where we collect your Personal Data to enable us to send you our goods or provide you with our services.
- Where you have given us valid consent to use your Personal Data. We will rely on that consent and only use the Personal Data for the specific purpose for which you have given consent. This includes where we email newsletters or send mobile phone notifications.
- We may also process your Personal Data where it is to further our legitimate interests which could include usage statistics, analytics and internal analysis so we can improve our services to you.
Your rights as an EU or UK resident
If you are a resident of the EU or UK you have various rights including the:
- Right to be informed;
- Right of access;
- Right to rectification;
- Right to object;
- Right to restriction of processing;
- Right to erasure or to be forgotten;
- Right to data portability; and
- Right not to be subject to automated processing.
If you want to access your Personal Data or ask for the information to be corrected, please contact us. In some circumstances, you also have a right to object to or ask that we restrict certain processing activities or delete your Personal Data. If you would like to limit or request deletion of your Personal Data or exercise any other rights you can do so by contacting us.
Withdrawing your consent
You can withdraw your consent to our collection or processing of your Personal Data. You can do so by contacting us or by opting out of email newsletter communications by following the instructions in those emails or by clicking unsubscribe. If you withdraw your consent to the use of your Personal Data, you may not have access to our services and we might not be able to provide you with our services. In some circumstances, where we have a legal basis to do so, we may continue to process your information after you have withdrawn consent. For example, if it is necessary to comply with an independent legal obligation or if it is necessary to do so to protect our legitimate interest in keeping our services secure.
We comply with the GDPR protection directives set out by the EU and UK regarding the collection, use and retention of Personal Data from EU member countries and the UK. All Personal Data stored on our platform is treated as confidential. It is stored securely and is only accessed by authorised personnel. Our collection is limited in relation to what is necessary, for the purpose for which the Personal Data is processed, and kept only for so long as is necessary for the purpose for which the Personal Data was collected. We implement and maintain appropriate technical, security and organisational measures to protect Personal Data against unauthorised or unlawful processing or use, and against accidental loss, destruction, damage, theft or disclosure. We ensure the encryption and pseudonymisation of Personal Data and we have adequate cyber security measures in place.
By providing us with your Personal Data, you consent to us disclosing it to third parties who reside outside the EU or UK. We will ensure that those third parties are GDPR compliant.