About us and this policy
1. We respect privacy
- We understand that your privacy is important to you and that you care about how your information is used and shared online.
- We respect and value the privacy of everyone who visits our Site and will only collect and use information in ways that are useful to you and in a manner consistent with your rights and our obligations under the law.
For questions or notices, please contact us: [email protected] | Policy last updated: November 2021
Collecting & using your information
3. What kind of personal information do we collect?
**Example* We can’t contact you if we don’t have your contact details. We can’t send notifications about events you’ve been invited to if we don’t know what email address to send the updates to.*
Depending on how we interact with you, we might collect some or all the following information:
- Contact: Name, age, email address, date of birth, address, phone number, identification,
- Social: Gender, social media platform details, associated accounts like Google and info you give us through them; images of you; your preferences and opinions;
- Device: Device type, IP address, browser type, operating system, location, device, and network information
- Actions: How you interact with our Site, browser session & geo-location data, search queries & browsing behaviour & search history, details of enquiries you make about our products or services
- Financial: Purchase history, payment method (through our third-party payment processor), products purchased, bank account details
- Content: Contents of communications, stored documents & media, any sensitive information (as set out below)
- Location: Delivery address, electronic signature geo-tag location, publicly available check in location data on social media
4. Use: Why do we collect, hold, use, and disclose your personal info?
- To communicate with you, to market products and services to you, to tell you important service updates,
- To verify identity or address and delivery information,
- To provide Site functionality,
- To take payment and to give refunds,
- For internal record keeping, invoicing, and billing,
- For analytics, market research and business development, including to operate and improve our Site
- For marketing, to send you promotional info about us and our products and services and information about third parties we think you might be interested in,
- To comply with our legal obligations or to resolve disputes,
- To consider your application to join our team.
GDPR: data processing
We always aim to process personal data lawfully, fairly, and transparently, without adversely affecting your rights. We only process your personal data if we have your consent or it is necessary for a specific reason.
We only process your personal data if: - you give us consent to process your personal data for one or more specific purposes; - processing is necessary: - to act on your instructions or to perform a contract which you are a party to; - for compliance with our legal obligations; - to protect your or another person’s vital interests; - for the public interest or in the exercise of official authority vested in the controller; and/or - for our reasonably legitimate interests pursued by us or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
5. Opting out: Changing your preferences
You can opt out of marketing communications at any time by clicking on the link in our communications to unsubscribe.
How do we store & secure this info?
To help prevent unauthorised access or disclosure, we have general physical, electronic & management processes to securely store personal info & protect it from misuse, loss, unauthorised access, modification & disclosure.
- We do not guarantee the security of any info transmitted to or by us over the Internet.
- We will conduct an annual review to ascertain whether we need to keep data.
- We may store your personal information data outside Australia, see section 6 Disclosure outside Australia for further information.
Who do we disclose your personal info to?
We are in the wedding website business, we will not sell your personal information!
We use your personal information for our legitimate business purposes and this may include the following people and businesses:
- Our service providers, such as design and marketing partners, IT service providers, data storage, web-hosting and server providers, debt collectors, maintenance or problem-solving providers, marketing providers, advisors and payment systems operators
- our employees, contractors, and related entities
- our existing or potential agents or business partners, sponsors, or promoters of competitions we run
- anyone we transfer our business or assets to
- credit reporting agencies, courts, or authorities if you do not pay for our goods or services
- Authorised law enforcement agencies who follow the legally required processes, or in connection with any actual or prospective legal proceedings, or to establish, exercise or defend our legal rights
- third parties, including agents or sub-contractors, who help us in providing information, products, services, or direct marketing to you. This may include parties located, or that store data, outside of Australia
- third parties to collect and process data, such as Google Analytics or other relevant businesses, including those that store data outside Australia.
8. Disclosure outside Australia
Some suppliers we use to provide you services are located outside Australia. We may disclose your personal info outside Australia. Overseas third parties might not be governed by the Privacy Act and might not comply with the Australian Privacy Principles. So if those parties breach the Privacy Principles, you aren’t protected by the Privacy Act.
- By giving us your personal info, you consent to us disclosing it outside Australia and acknowledge we aren’t required to ensure overseas recipients manage your personal info in line with AU Privacy Law.
Transfers to offshore locations
Offshore locations may include Japan, United States, and The Philippines.
Extra data protection information
9. European Union - General Data Protection Regulation (GDPR)
- To the extent it applies to our services and business, we meet the requirements of the General Data Protection Regulation (GDPR) for UK and EU citizens and believe in the principles of fair, transparent, and lawful data collection and use.
- Some additional important data issues are set out below for relevant clients and Site visitors. Processing your data
- We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.
- We must have a lawful basis for processing your personal information. For our operations, our legal basis for collecting personal information depends on the data we collect and how we use it and may include collecting and using your information:
- As necessary for our legitimate business interests, or
- To fulfil a contractual or legal obligation, or
- If needed to protect your life or in a medical situation, or
- to carry out a public function or a task of public interest, or
- if the function has a clear basis in law.
We get your consent
- We only collect personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose.
- We will keep your data reasonably safe and secure.
We do not collect or process any personal information from you that is considered "Sensitive Personal Information" under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or if it is being collected subject to and in accordance with the GDPR.
We do not knowingly collect or process children’s personal information
You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you.
10. Your rights under the GDPR
Individuals residing in the EU
Individuals residing in the EU, you have certain rights as to how your personal information is obtained and used. We aim to comply with your rights under the GDPR, which include the following:
- Being informed how your personal information is being used
- Access your personal information (we will provide you with a free copy of it)
- Correcting your personal information if it is inaccurate or incomplete
- Deleting your personal information (a.k.a the right to be forgotten)
- Restrict processing of your personal information
- Keep and reuse your personal information for your own purposes
- Object to your personal information being used, and automated decision making and profiling.
Contact us if you have GDPR questions
- Please contact us at any time to exercise your rights under the GDPR.
- We may ask you to verify your identity before acting on any of your requests.
Hosting and International Data Transfers
We aim to protect transfers to offshore locations with appropriate safeguards which may include reviewing privacy policies of our selected suppliers, using standard data protection clauses approved by the European Commission, and other measures.
Cookies are small text files placed in your computer's browser to store your preferences. On their own, cookies do not tell us personal info however, they let others like Google and Facebook, push our adverts to appear on your social media and online media as part of our marketing.
- If you give us personal info, we may link this to the data stored in the cookie.
- We may place and access ‘first party’ Cookies on your devices, which are Our Cookies.
- By using our Site you may also receive certain third party Cookies on your computer or device.
- Other Cookies are those placed by websites, services, and/or parties other than us.
13. 🚨Web beacons: Do we use web beacons?
Yes, we may use web beacons on our Site from time to time.
- Web beacons are small pieces of code placed in a web page or email to monitor behaviour of site visitors and email recipients.
- We may also use Google Analytics to collect and process data. For more details on how Google uses data when you use third party websites or apps, please search Google’s site.
14. Links to other websites
Our Sites have links to other websites & applications that we don’t control. We cannot and do not protect personal info you share with those other websites. Check those other websites for details of their privacy policies.
We will change this Policy if we change the way we manage your personal info changes or privacy laws change. When we do, we put the updated policy on our Sites and, if possible, we also notify you via email.
16. Complaints and questions
Let us know if you have questions or concerns about how we use your personal info or the way we try to explain how we manage your info.
- You are responsible for the accuracy of information you decide to give us. If the info we hold about you is incomplete, irrelevant, or otherwise incorrect, please let us know so we can fix it.
- We know we won’t always get things perfect, so we appreciate your feedback to improve.
For more info on Australian privacy law, visit oaic.gov.au or contact OAIC via [email protected]