Privacy Policy

Straand Pty Ltd. and its affiliates and subsidiaries (“we”, “us”, “our”) are committed to safeguarding your privacy rights and ensuring that your personal data is protected. This Privacy Policy explains our use of your personal data when you use our websites (the “Sites”) and/or interact with us through social media or adverts and content on third party websites.

The relevant Straand entity that is responsible for your personal data will be the Straand entity that you provided your personal data to; however as we may share your personal data within our group, other Straand entities may also use your personal data in accordance with this Privacy Policy.

For further information about the Straand entities who act as controllers of your personal data, please see the Controller List section below.

COLLECTION OF INFORMATION

We collect information from you via the Sites in several different ways including, for example, when you provide us with your information to register as a customer for our Sites, subscribe to our newsletter, receive information or mailings, buy a product or service from us, make a comment or enquiry or contact our Customer Services Team.

Site Visitors: when you visit one of our Sites, we collect various types of information, such as browser type, IP address, date and time of visit, average time spent on the Site, cookie ID, hyperlinks that you have clicked, and websites you visited before arriving at our Site. We also collect information such as, your name and email address when you contact our Customer Services Team.

Guest Checkout: when you place an order for goods via one of our Sites as a guest, we collect your name, contact details, order details, and tokenized payment details.

Account Holders: when you open an account with us and place an order for goods via one of our Sites as an account holder, we collect your name, contact details, passwords, transactional history, and tokenized payment details.

You may also provide us with personal data in other ways, such as if you communicate with us through social media or participate in our promotions.

USE OF INFORMATION

Depending on how you interact with the Sites (i.e., depending on the services, products or functionalities you choose to use), we will process your personal data for the following purposes:

Purpose Legal Basis
When you visit our Site:
To provide support and to respond to your requests and enquiries We have a legitimate interest to respond to your requests and enquiries for ongoing business administration
To personalize your visit to our Sites and to assist you while you use the Sites We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are effective and efficient as we can be
To improve the Sites by helping us understand who uses the Sites
For fraud prevention and detection and to comply with applicable laws, regulations or codes of practice To comply with our legal or regulatory obligations
To contact you to tell you about products and services offered by us as well as other promotions and competitions, which we believe may interest you unless you advise us that you do not wish to receive marketing or market research communications from us If applicable law requires that we receive your consent before we send you certain types of marketing communications, we will only send you those types of communications after receiving your consent.

If you wish to stop receiving marketing or market research communications from us you can unsubscribe via the link at the bottom of the relevant marketing e-mail or contact us using the contact details below.

We have a legitimate interest to carry out direct marketing
For tailored advertising on third party sites either because of the website you are viewing, or based on your interests which we have inferred from your information. With your consent, if required by applicable law.

If you no longer wish to see tailored advertising, you can amend your cookie preferences (see section: COOKIES / TRACKING TECHNOLOGY / LOGFILES).
When you open an account with us and/or purchase goods online:
To provide goods or services to you To manage and perform our contract with you

We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are effective and efficient as we can be
To manage and maintain our relationships with you and for ongoing customer service
To enforce or defend our rights, ourselves or through third parties to whom we delegate such responsibilities
To share data with police, law enforcement, tax authorities or other government and fraud prevention agencies where we have a legal obligation, including screening transactions, reporting suspicious activity and complying with production and court orders To comply with our legal or regulatory obligations
To report tax related information to tax authorities
To investigate and resolve complaints and manage regulatory matters, investigations and litigation
To monitor electronic communications for investigation and fraud prevention purposes, crime detection, prevention and investigation
To comply with any of our applicable legal, or regulatory obligations. For example, if you are a business customer we need to process your information to verify your identity and undertake necessary due diligence checks.
The day to day running and management of the business including to:

• monitor, maintain and improve the processes, information and data, technology and communications solutions and services we use;

• perform general, financial and regulatory accounting and reporting;

• compile or aggregate personal data in certain data analyses, or reports;

• monitor and record calls for quality, business analysis, training and related purposes in order to pursue our legitimate interests to improve our service delivery;

• protect our legal rights and interests; or

• share such personal data with third parties that acquire or are interested in acquiring all or part of our assets or shares, or that succeeds us in carrying on our business; 		We have a legitimate interest to manage our business including for legal, personnel, administrative and management purposes and for the prevention and detection of crime provided our interests are not overridden by your interests

To comply with our legal or regulatory obligations

Your Right to Object - If you are located in the European Economic Area (“EEA”) or the UK and/or you are a customer of Straand Pty Ltd, you have a right to object to the processing of your personal information where that processing is carried out for our legitimate interest or for direct marketing purposes.

Where we require your personal data to comply with legal requirements, failure to provide this information means we may not be able to accept you as a customer and/or may be unable to process your purchases. We will tell you when we ask for your information whether it is a statutory or contractual requirement to give us the information and the consequences of not providing the information.

SMS MARKETING

If you are located in the USA and/or you are a customer of Straand Pty Ltd.:

By entering your phone number in the checkout and initializing a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. Text marketing messages will not exceed 30 a month. You acknowledge that consent is not a condition for any purchase.

If you wish to unsubscribe from receiving text marketing messages and notifications, reply with STOP to any mobile message sent from us or use the unsubscribe link we provide you within any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply.

For any questions, please text HELP to the number you receive the messages from. You can also contact us for more information. If you wish to opt-out, please follow the procedures above.

If you are located in the EEA or the UK and/or you are a customer of Straand Pty Ltd:

We are using a text messaging platform, which is subject to the following terms and conditions. By opting-in for our text marketing and notifications, you agree to these terms and conditions. By entering your phone number in the checkout and initializing a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. You acknowledge that consent is not a condition for any purchase.

Your phone number, name and purchase information will be shared with our SMS platform "SMSBump Inc”, a European Union company with an office in Sofia, Bulgaria, EU. This data will be used for sending you targeted marketing messages and notifications. Upon sending the text messages, your phone number will be passed to a text messages operator to fulfill their delivery.

If you wish to unsubscribe from receiving text marketing messages and notifications, reply with STOP to any mobile message sent from us or use the unsubscribe link we provide you within any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply.

For any questions, please text HELP to the number you receive the messages from. You can also contact us for more information. If you wish to opt-out, please follow the procedures above.

COOKIES / TRACKING TECHNOLOGY / LOGFILES

Like many websites, the Site employs cookies and web beacons (also known as clear GIF technology or “action tags”) to speed up your navigation of the Site, recognize you and your access privileges, and track your Site usage.

Cookies are small pieces of information that are stored as text files by your Internet browser on your computer’s hard drive. Most Internet browsers are initially set to accept cookies. You can set your browser to refuse cookies from web sites or to remove cookies from your hard drive, but if you do, you will not be able to access or use portions of the Site. We have to use cookies to enable you to select products, place them in an online shopping cart, and to purchase those products. If you do this, we keep a record of your browsing activity and purchases. THE SITE’S COOKIES DO NOT AND CANNOT INFILTRATE A USER’S HARD DRIVE TO GATHER A USER’S CONFIDENTIAL INFORMATION. Our cookies are not “spyware.”

Web beacons assist in delivering cookies and help us determine whether a web page on the Site has been viewed and, if so, how many times. For example, any electronic image on the Site, such as an ad banner, can function as a web beacon.

We may use third-party advertising companies to help tailor site content to users or to serve ads on our behalf. These companies may employ cookies and web beacons to measure advertising effectiveness (such as the web pages visited or products purchased and in what amount). Any information that these third parties collect via cookies and web beacons is not linked to any personal data collected by us.

As an example, Facebook collects certain information via cookies and web beacons to determine which web pages are visited or what products are purchased. Please note that any information collected by Facebook via cookies and web beacons is not linked to any customer's personal data collected by us.

SHARING OF INFORMATION

We may share your personal data within Straand Pty Ltd to allow us to provide our goods and services to you and to market products sold by other Straand entities, including to the entities on the Controller List.

We may use trusted third parties to provide us with services (e.g., technical support for the Sites, fulfilment of your order, payment processing, marketing, data analyses firms, web-hosting companies, and support services) who may have access to your personal data. All service providers are permitted to use data only for the purpose of performing services on our behalf.

We may share your personal data with competent authorities, courts and bodies in response to a court order, summons or subpoena, regulatory requests, or as permitted or required by law when we reasonably believe it is necessary or appropriate to investigate, prevent or take action against illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person.

We may also disclose your personal data to any third party that acquires, or is interested in acquiring, all or part of our assets or shares, or that succeeds us in carrying on all or part of our business.

INTERNATIONAL TRANSFER OF INFORMATION

If you are located in the EEA or the UK and/or you are a customer of Straand Pty Ltd, please note that some of the recipients above to which we transfer your personal data are located in countries outside of the UK or EEA including in Singapore and the U.S., and which are not considered by the United Kingdom or the European Commission to provide an adequate level of data protection.

Where we transfer your personal data to such recipients, we will enter into an EU-style data transfer agreement with the recipient or seek assurances from the recipient that they are EU-U.S. Privacy Shield certified or have Binding Corporate Rules in place.

More details on the transfer mechanisms can be obtained using the contact details at the end of this Privacy Policy.

COMMITMENT TO DATA SECURITY

To protect your personal data, we take reasonable precautions and follow the industry’s best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. Your personally identifiable information is kept secure and encrypted during the type of transmission.

For payments we are using a certified payment gateway provider. All credit card details are encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). All payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. We therefore do not see or keep your credit card information.

While we use industry-standard precautions to safeguard your personal data, we cannot guarantee complete security. 100% complete security does not presently exist anywhere online or offline.

RETENTION OF INFORMATION

We will retain your personal data as necessary for the provision of the goods/services, internal analytical purposes, or to comply with our legal obligations, resolve disputes and enforce agreements (e.g. settlement). The criteria used to determine the retention periods include:

• how long the personal data is needed to provide the goods/services and operate the business;

• the type of personal data collected; and

• whether we are subject to a legal, contractual or similar obligation to retain the data (e.g., mandatory data retention laws, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation or disputes).

YOUR RIGHTS

If you are located in the EEA or the UK and/or you are a customer of Straand Pty Ltd, and certain requirements are fulfilled, you have the right to:

• request access to personal data we hold about you;

• the correction of your personal data when incorrect, out of date or incomplete;

• request that we erase your personal data;

• opt-out of any marketing communications that we may send you and to object to us using / holding your personal data if we have no legitimate reason to do so;

• request that we restrict the processing of your personal data – i.e., we would need to secure and retain the data for your benefit but not otherwise use it;

• withdraw your consent at any time; and

• the portability of personal data – i.e., ask for a copy of your personal data to be provided to you, or a third party, in a digital format.

All such requests should be made using the contact details set out below. Please be advised that if you request that your personal data be deleted, you may no longer be able to access or use certain parts of the Sites. You may also, at any time, request for the modification or deletion of your account or personal details such as name, surname, address, country of residence, and payment card details.

We will respond to your request in writing, or orally if requested, as soon as practicable and in any event not more than within one month after receipt of your request. In exceptional cases, we may extend this period by two months and we will tell you why. We may request proof of identification to verify your request. For more details in relation to your rights, including how to exercise them, please contact us using the contact details below.

You also have the right to lodge a complaint about the processing of your personal data with the relevant data protection authority.

YOUR CALIFORNIA PRIVACY RIGHTS

This section provides additional details about the personal information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act (“CCPA”).

For more details about the personal information we have collected over the last 12 months, including the categories of sources, please see the Collection of Information section above. We collect this information for the business and commercial purposes described in the Use of Information section above. We share this information with the categories of third parties described in the Sharing of Information section above. We do not sell (as such term is defined in the CCPA) the personal information we collect (and will not sell it without providing a right to opt out). Please note that we do use third-party cookies for our advertising purposes as further described in the Cookies/ Tracking Technology/ Logfiles section above.

If you are a California consumer, subject to certain limitations you have the right under the CCPA to:

• request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information);

• delete your personal information;

• opt out of any “sales” that may be occurring, and

• not be discriminated against for exercising these rights.

California consumers may make a request pursuant to their rights under the CCPA by contacting us at hello@straand.com.au We will verify your request using the information associated with your account, including email address. Government identification may be required. Consumers can also designate an authorised agent to exercise these rights on their behalf.

LINKS TO OTHER WEBSITES

Our Sites may contain links to other websites that are not operated or controlled by us. We do not control such third-party websites or their privacy practices. Any personal data you choose to give to third-party websites is not covered by this Privacy Policy.

CHANGES TO THIS PRIVACY POLICY

We may change this Privacy Policy from time to time. We will notify you of any material changes via e-mail or through a notification on our Sites. Any changes to this Privacy Policy will become effective immediately after being posted. We encourage you to periodically review this Privacy Policy to stay informed of changes and on how we are protecting your personal data.

MINORS

You must be aged 16 or over to use the Sites and our other digital offerings. We do not solicit or knowingly collect personal data from children aged 16 and under. If we are made aware that we have received such information, or any information in violation of our policy, we will use reasonable efforts to locate and remove that information from our records.

CONTACT US

If you have questions in relation to this Privacy Policy or our use of your personal data, or you would like to exercise your data subject rights please send your request to hello@straand.com.au

CONTROLLER LIST

Straand Pty Ltd, Floor 1, 101 Moray Street, South Melbourne, 3205, Australia

Last updated July 2022