This policy should be read together with The Dinner Ladies’ other policies, including the Terms and Conditions (accessible at https://www.dinnerladies.com.au/pages/terms-conditions).
1. WHAT INFORMATION WE COLLECT ABOUT YOU AND WHAT WE DO WITH IT
The Dinner Ladies only collects personal information, including device and order information, that is reasonably necessary for The Dinner Ladies’ functions and activities.
When You visit the Site, we automatically collect certain information about Your device, including information about Your web browser, IP address, time zone, and some of the cookies that are installed on Your device. Additionally, as You browse the Site, we collect information about the individual web pages or products that You view, what websites or search terms referred You to the Site, and information about how You interact with the Site. We refer to this automatically collected information as “Device Information”.
We collect Device Information using the following technologies:
(a) “Cookies” are data files that are placed on Your device or computer and often include an anonymous unique identifier
The cookies are used to identify You for the purposes of monitoring use and aiding security in Your use of the website. The cookies do not allow Us to gather any personal information to identify You or Your email address. You have the option of setting Your web browser to reject cookies, which may impact negatively on Your experience of this website;
(b) “Log files” track actions occurring on the Site, and collect data including Your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps;
(c) “Web beacons”, “tags” and “pixels” are electronic files used to record information about how You browse the Site.
We use the Device Information that we collect to help Us screen for potential risk and fraud (in particular, Your IP address), and more generally to improve and optimise our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
We collect Order information which includes the following:
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing Your payment information, arranging for shipping, and providing You with invoices and/or order confirmations). Additionally, we use this Order Information to:
(a) communicate with You;
(b) screen our orders for potential risk or fraud; and
(c) when in line with the preferences You have shared with us, provide You with information or advertising relating to our products or services.
When You place an order through the Site, we will maintain Your Order Information for our records unless and until You ask Us to delete this information.
The Dinner Ladies does not collect sensitive information about an individual such as information about an individual's racial or ethnic origin, political opinions, professional or political or religious affiliations or memberships, sexual orientation or practices, criminal record, health, genetics and/or biometrics.
2. OPEN AND TRANSPARENT MANAGEMENT OF PERSONAL INFORMATION
The Dinner Ladies will manage personal information in an open and transparent manner. In doing so, The Dinner Ladies will ensure that individuals are notified at the time of collecting their personal information:
(a) what type of personal information is being collected;
(b) the fact and circumstances of collection;
(c) whether the collection is required or authorised by law;
(d) how The Dinner Ladies collects and holds personal information;
(e) the purposes for which The Dinner Ladies collects, holds, uses and discloses personal information;
(f) The Dinner Ladies’ usual disclosures of that kind of person information; and
(g) who that personal information will be disclosed to, including whether the personal information is likely to be disclosed to overseas recipients.
3. COLLECTION OF PERSONAL INFORMATION
The Dinner Ladies only collects personal information that is reasonably necessary for The Dinner Ladies’ functions and activities. The Dinner Ladies collects personal information for the following purposes:
(a) to conduct The Dinner Ladies’ business;
(b) to provide and market The Dinner Ladies’ services;
(c) to communicate with an individual;
(d) to comply with The Dinner Ladies’ legal obligations;
(e) to help Us manage and enhance The Dinner Ladies’ services;
(f) to protect individuals and The Dinner Ladies from error or fraud; or
(g) to provide individuals with the products or services they have requested, including placing an order on the Site.
Where practical, The Dinner Ladies will collect personal information directly from the individual and not from third parties unless otherwise required by the law.
4. UNSOLICITED PERSONAL INFORMATION
If The Dinner Ladies receives unsolicited personal information, The Dinner Ladies will determine whether The Dinner Ladies could have collected that personal information by lawful and fair means, and whether it is related to one of the purposes of collecting personal information above. The Dinner Ladies will do this by looking at its relationship with the individual and whether the personal information relates to its relationship with them.
If The Dinner Ladies determines that it could have collected the personal information by lawful and fair means, The Dinner Ladies will deal with that personal information in accordance with clauses 4 to 15 of this policy.
If The Dinner Ladies could not have collected the personal information by lawful and fair means, or the personal information does not relate to one of The Dinner Ladies’ purposes for collecting the personal information, The Dinner Ladies will destroy the personal information.
5. NOTIFICATION OF THE COLLECTION OF PERSONAL INFORMATION
When The Dinner Ladies first collects personal information from an individual, The Dinner Ladies will notify them that it has collected its personal information and notify them about:
(a) the contact details for The Dinner Ladies;
(b) the purposes of the collection of their personal information;
(c) those entities that The Dinner Ladies usually disclose personal information to;
(d) what happens if the individual chooses not to provide The Dinner Ladies with personal information;
(e) direct marketing that may be undertaken by Us or any related companies;
(f) when The Dinner Ladies is required to collect personal information under an Australian law,
(h) how they may complain about a breach of the APPs or any registered binding APP code;
(i) how they may access their personal information and seek correction of such information; and
(j) any disclosure of personal information that The Dinner Ladies makes to an overseas entity.
If The Dinner Ladies knows that as part of its relationship with the individual The Dinner Ladies will disclose their personal information to another identifiable entity, The Dinner Ladies will notify the individual of the following matters at the time The Dinner Ladies first collects their personal information:
(a) the identity and contact details of that organisation; and
(b) why their information may be disclosed to the organisation.
If the information is collected from another entity, or the individual may not be aware that the entity has collected their personal information, The Dinner Ladies will explain to the individual at the commencement of dialogue either:
(a) the name of the entity that provided their information; or, if this is not practical
(b) the kinds of entities from which it collects this information.
6. USE OR DISCLOSURE OF PERSONAL INFORMATION
If during The Dinner Ladies’ relationship with the individual The Dinner Ladies wishes to use an individual’s personal information for an additional purpose, The Dinner Ladies will obtain their consent unless the purpose is related to the primary purpose, or The Dinner Ladies is permitted under law to do so.
7. DIRECT MARKETING
We may use Your information to provide You with special offers, information about new products and special promotions that We think may interest You.
In all The Dinner Ladies’ direct marketing communications The Dinner Ladies will provide a prominent statement about how You can elect not to receive direct marketing. If the direct marketing communication is an email, The Dinner Ladies will provide an ‘unsubscribe’ function within the email.
The Dinner Ladies will keep appropriate records to ensure those individuals that have made requests not to receive direct marketing communications do not receive them. The Dinner Ladies does not apply a fee to unsubscribe from direct marketing communications. The Dinner Ladies does not sell personal information.
If The Dinner Ladies purchases personal information for the purposes of direct marketing, The Dinner Ladies will conduct appropriate due diligence to ensure appropriate consents from the individuals have been obtained.
8. CROSS-BORDER DISCLOSURE OF PERSONAL INFORMATION
Generally, The Dinner Ladies does not disclose personal information overseas.
The Dinner Ladies may use cloud storage and IT servers that may be located overseas to store the personal information The Dinner Ladies holds.
The Dinner Ladies will notify the individual of any proposed disclosure of personal information that The Dinner Ladies makes to an overseas entity.
9. ADOPTION, USE OR DISCLOSURE OF GOVERNMENT RELATED IDENTIFIERS
The Dinner Ladies does not use government related identifiers to identify individuals.
10. QUALITY OF PERSONAL INFORMATION
The Dinner Ladies relies on individuals to help it to ensure that their personal information is accurate, up-to-date and complete.
If The Dinner Ladies becomes aware that personal information is inaccurate, out-of-date or incomplete, The Dinner Ladies will update its systems accordingly.
11. SECURITY OF PERSONAL INFORMATION
The Dinner Ladies will take reasonable steps to protect personal information that The Dinner Ladies holds from misuse, interference and loss and from unauthorised access, modification or disclosure.
The Dinner Ladies hold personal information on secure IT systems. All IT systems are appropriately updated with passwords, virus scanning software and firewalls when needed.
When reasonable, The Dinner Ladies will usually destroy personal information that is held electronically and in paper form seven years after The Dinner Ladies’ relationship with the individual ends. The Dinner Ladies will do this by shredding paper copies and deleting electronic records containing personal information about the individual or permanently de-identifying the individuals within those records.
12. ACCESS TO PERSONAL INFORMATION
Individuals may request access to any personal information that The Dinner Ladies holds about them. The Dinner Ladies will not charge an individual for requesting access to their personal information. An individual does not need to state that they are making a request under the Privacy Act and the request does not need to be made in writing.
The Dinner Ladies will verify the individual’s identity prior to disclosing any personal information or ensure the person seeking access has appropriate authority from the person to whom the personal information relates.
When an individual requests access to their personal information The Dinner Ladies will conduct a search of our database. This search will also indicate if there are any paper records that contain personal information.
The Dinner Ladies will not give access to the personal information that The Dinner Ladies holds about an individual where it is unreasonable or impracticable to provide access, or in circumstances where the request would likely:
(a) pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
(b) unreasonably access the privacy of other individuals;
(c) be frivolous or vexatious;
(d) relate to anticipated legal proceedings, and the correct method of access to personal information is by the process of discovery in those legal proceedings;
(e) reveal the intentions of the entity in relation to negotiations with the individual in such a way as to prejudice those negotiations;
(f) be unlawful or in breach of an Australian law or court / tribunal order;
(g) prejudice the taking of appropriate action in relation to a matter where unlawful activity or misconduct that relates to our functions or activities;
(h) prejudice enforcement related activities of a regulatory body (such as ASIC); or
(i) reveal commercially sensitive information.
When The Dinner Ladies receives a request for access, The Dinner Ladies will usually respond to the individual within seven days. However, depending on the nature of the request The Dinner Ladies may provide the personal information when the request is made.
If the individual is requesting a large amount of personal information, or the request cannot be dealt with immediately, then after The Dinner Ladies has investigated the request for access, The Dinner Ladies will advise the individual what personal information The Dinner Ladies holds and provide details of that personal information.
The Dinner Ladies will comply with all reasonable requests by an individual to provide details of the personal information that The Dinner Ladies holds in the requested format.
If The Dinner Ladies does not provide access to the information, The Dinner Ladies will provide written reasons setting out why The Dinner Ladies does not believe it need to provide access.
13. CORRECTION OF PERSONAL INFORMATION
If The Dinner Ladies holds personal information about an individual and The Dinner Ladies is reasonably satisfied that the information is inaccurate, out of date, incomplete, irrelevant or misleading, or The Dinner Ladies receives a request to correct the information, The Dinner Ladies will take reasonable steps to correct the information. The Dinner Ladies will not charge an individual for requesting correction of their personal information.
If The Dinner Ladies corrects personal information that The Dinner Ladies has previously disclosed, it will take reasonable steps to notify the entity to which The Dinner Ladies disclosed the information of the correction. The Dinner Ladies may not always make corrections to an individual’s personal information. When The Dinner Ladies does not make requested corrections, it will provide written reasons for our refusal to make the correction.
When The Dinner Ladies receives a request for correction, The Dinner Ladies will usually respond to the individual with seven days. However, depending on the nature of the request The Dinner Ladies may correct the personal information when the request is made.
If, after notifying the individual of The Dinner Ladies’ refusal to correct personal information, the individual requests The Dinner Ladies to issue a statement that the personal information on the record is inaccurate, out of date, incomplete, irrelevant or misleading, The Dinner Ladies will take reasonable steps to do so.
Any complaint that about a breach of this policy or the APPs must be in writing and delivered to The Dinner Ladies at email@example.com.
Any complaint The Dinner Ladies receives will be acknowledged within seven days.
A decision will be reached within 30 days, or a longer period if agreed. Individuals may contact the Office of the Australian Information Commissioner if they are unhappy with the handling of a complaint.
15. OTHER INFORMATION
You may be able to access various other sites by clicking on links that The Dinner Ladies have provided (including Shopify). You should be aware that other sites may not be subject to The Dinner Ladies' privacy standards and procedures.
17. CONTACT US
For more information about our privacy practices, if You have questions, or if You would like to make a complaint, please contact Us by e-mail at firstname.lastname@example.org.