At or before the time or, if it is not reasonably practicable, as soon as practicable after, we collect personal information, we must take such steps as are reasonable in the circumstances to either notify you or otherwise ensure that you are made aware of the following:
- The identity and contact details of ELISTIL;
- That we have collected your personal information from someone other than you;
- That collection of personal information is required by Indian law, if it is;
- The purpose for which we collect the personal information;
- The consequences if we do not collect some or all of the personal information;
- Any other third party to which we may disclose the personal information;
- Whether we are likely to disclose personal information to overseas recipients, and the countries in which those recipients are likely to be located.
Unsolicited personal information is personal information that we receive which we did not solicit. Unless we determine that we could have collected the personal information in line with the APPs or the information is contained within a Commonwealth record, we will destroy the information to ensure it is de-identified.
How we store your personal information
Personal information may be stored in various hard copy and computer files or programs used to administer our business. Such software may be stored on the cloud or on our servers. We store customer data in an encrypted format user data hardware-accelerated AES-256 block encryption keys.
PURPOSES OF WHICH WE COLLECT, HOLD USE AND/OR DISCLOSE PERSONAL INFORMATION
The main purposes for which we collect, hold and use your personal information are:
- To provide you with products and services that you have requested from us;
- To communicate with you, including about products and services, competition results, special offers, and events which might interest you;
- To process repairs and returns of goods; and
- To answer your questions, provide you with information or advice or to consider and respond to requests or complaints made by you.
We may also utilize and unveil your personal data:
- To carry out administration, marketing, planning, risk management, fraud and loss prevention activities;
- To breakdown and analyse your data to assist us with generating consumer insights;
- For product and service development, quality control and research to improve the manner we and our service providers provide products and services to us and you;
- To seek your feedback in relation to customer satisfaction and our relationship with you and perform research and statistical analysis using such feedback; and To comply with laws or regulations or to comply with any directions given by regulators or authorities.
We may disclose your personal information for any of the purposes for which it is was collected, as indicated in this policy, or where we are under a legal duty to do so.
If you are a candidate for employment, we may use and disclose your personal information to assess your suitability for a position with us.
We may collect, hold, use and disclose personal information for other purposes explained at the time of collection.
We may also collect, hold, use and disclose personal information if you consent or if we are required or authorised under law to do so.
TO WHOM IS YOUR PERSONAL INFORMATION DISCLOSED
Before we disclose personal information about you to a third party, we will take steps as are reasonable in the circumstances to ensure that the third party does not breach the APPs in relation to the information.
The kinds of service parties to whom we may disclose personal information to includes delivery services providers, manufacturers, suppliers, distributors, marketing and communications agencies, data analysts, IT service providers and our advisors including our professional advisors (including legal and financial advisors).
We may use or disclose personal information (other than sensitive information) to keep you informed about the products and services we provide and other products and services that may be of interest to you. We may communicate with you via email, SMS, or regular mail. If you have indicated a preference for a method of communication, we will endeavour to use that method wherever practical to do so.
We may use or disclose sensitive information about you for the purpose of direct marketing if you have consented to the use or disclosure of the information for that purpose. We acknowledge and respect our customers’ choice to “opt-out” of direct marketing communication activities undertaken by us. You may opt out of direct marketing communications at any time by contacting us on email firstname.lastname@example.org. You can unsubscribe from emails by clicking the unsubscribe link on the footer of the email communication you have received.
ONLINE AND DIGITAL SERVICES
Our communications may also contain links to websites which are owned or operated by other parties. You should make your own enquiries as to the privacy policies of these parties. We are not responsible for information on, or the privacy practices of, any third party websites.
Cookies and Digital Identifiers
Generally, individuals can use our digital services without identifying themselves. We may collect device identification information when you use a computer, mobile phone, smart phone, tablet, or other device to access or interact with us through our online stores or other applications. This information may include session cookies, your device IMEI number, IP address or MAC address. In some cases, these identifiers may only relate to a device or may be of an aggregated or statistical nature, and will not identity you as the user. In other cases we may associate information about your use of the website and other digital services over time with your personal information, e.g. where on any occasion you have logged in, followed a link sent to you by email or we have otherwise been able to identify you.
During online transactions we do not collect your credit card or banking details as online payments are handled by PayPal. Please check the PayPal websites for details of their privacy policies and security measures.
ACCESS TO PERSONAL INFORMATION
If we hold personal information about you, you may request access to that information by putting the request in writing and sending it to the Privacy Officer. We will respond to any request within a reasonable period, and a charge may apply for giving you access to the personal information. There are certain circumstances in which we may refuse to grant you access to the personal information. In such situations we will give you written notice that sets out:
- The reasons for the refusal; and
- The mechanisms available to you to make a complaint.
UPDATING OF PERSONAL INFORMATION
We will endeavour to keep your personal information accurate, up-to-date and complete. You can assist us with this by letting us know if you notice errors or discrepancies in information we hold about you by letting us know if your details change. You may make a request in writing addressed to the Privacy Officer to correct the information, and we will take reasonable steps to correct the information and to respond to any request within a reasonable period.
There are certain circumstances in which we may refuse to correct the personal information. In such situations we will give you written notice that sets out:
- The reasons for the refusal; and
- The mechanisms available to you to make a complaint.
If the personal information was supplied to a third party and you subsequently request us to notify the third party of the correction, we will take such steps as are reasonable to give that third party the notification unless impracticable or unlawful to do so.
INTEGRITY AND SECURITY OF PERSONAL INFORMATION
We will take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that we:
- collect is accurate, up-to-date and complete; and
- use or disclose is, having regard to the purpose of the use or disclose, accurate, up-to-date and complete.
We will take steps as are reasonable in the circumstances to protect the personal information from misuse, interference, loss and form unauthorized access, modification or disclosure. We store customer data in an encrypted format user data hardware-accelerated AES-256 block encryption keys.
DESTRUCTION OF PERSONAL INFORMATION
We take reasonable steps to destroy or permanently de-identify your personal information where it is no longer required and to protect your personal information from unauthorized access, disclosure, loss, misuse and alteration.
If you wish to have your personal information removed from our records, you may request that your personal information be deleted or destroyed. It will not always be possible to comply with your request to delete or destroy your personal information.
ANONYMITY AND PSEUDONYMITY
You have the option of not identifying yourself, or using a pseudonym, when dealing with us (where this is lawful and practicable for example, when making an enquiry ). This does not apply:
- where we are required or authorized by or under an Indian law, or a court/tribunal order, to deal with individuals who have identified themselves; or
- where it is impracticable for us to deal with individuals who have not identified themselves or who have used a pseudonym (for example processing of credit card orders).
However, in certain circumstances, if we do not collect personal information about you, we may be unable to provide you with the services you have asked us to provide.
We will endeavour to consider and respond to your complaint within a reasonable period. If you are not satisfied with our response to your complaint, or you consider that we may have breached the APP or the Privacy Act, you are entitled to make a complaint to the Office of the Indian Information Commissioner.
CHANGES TO THIS POLICY
Address: The Privacy Officer, ELISTIL