Privacy policy

PRIVACY POLICY

This Privacy Policy sets out how we, Illūstrāns trading as RITA PALMA (“we”, “us”, “ourthe “Platform” the “Site” and other similar expressions), collect, use, store and disclose personal information about you. Information is your ‘personal information’ if it is about you as an identified or identifiable individual.

We are committed to ensuring that your privacy is protected. We encourage you to read this Privacy Policy carefully so that you understand how we deal with that information.  

Privacy Principles

This Privacy Policy, which is subject to the Privacy Act and by the Australian Privacy Principles (APPs), regulates how we collect, use and disclose personal information.  We have adopted internal policies and procedures to ensure that personal information that we collect, store, use and disclose is dealt with in accordance with the APPs. You can see the full text of the APPs online at www.privacy.gov.au.

Amendment

We may change, vary or modify all or part of this Privacy Policy at any time in our sole discretion. It is your responsibility to check this Privacy Policy periodically for changes. If we adopt a new Privacy Policy:

  • we will post the new Privacy Policy on the Platform; and
  • it will then apply through your acceptance of it by subsequent or continued use of the Platform and/or our Services.

PURPOSE FOR COLLECTING PERSONAL INFORMATION

When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why.

 In addition, we may use the personal information we collect and you consent to us using your personal information to: 

  • provide you with information about the Services you requested and any other services and events you may be interested in;
  • personalise and customise your experiences with us;
  • help us review, manage and enhance our Services and develop insights used in reports or other content developed by us;
  • communicate with you, including by email, mobile and in-application notifications;
  • conduct surveys or promotions;
  • process payments and administer your account, including to send you account related reminders; to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services. 
  • investigate any complaints about or made by you, or if we have reason to suspect you have breached any relevant terms; or as required or permitted by any law
  • to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.

Disclosure for a business purpose: shared with our processor Shopify.

INFORMATION WE COLLECT

In order to provide our customers with our products and services, we may collect and use personal information about them. If we are not provided with all the personal information we request, we may not be able to supply our products and services to you, and you or your organisation may not be able to participate in future offers of goods or services which we supply. 

Personal information we collect about you may include identification information such as

  • name;
  • business name;
  • residential or business address;
  • username;
  • password;
  • email address;
  • post code;
  • gender;
  • age and date of birth;
  • signature;
  • telephone number;
  • mobile number;
  • proof of identity, such as your driver’s licence or passport number
  • location and usage data from our Services. 

All of your financial and payment information will be managed by a third party provider.  We will not collect any of your financial or payment information apart from information regarding how much credit is available in your account available for you to access our Services.  

We will only collect, hold, use or disclose your sensitive information with your consent.

DEVICE INFORMATION COLLECTED

Examples of Personal Information collected are:  version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.

The Purpose of collection is to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site and:

  • to provide products or services to you to fulfill our contract,
  • to process your payment information,
  • arrange for shipping, and provide you with invoices and/or order confirmations,
  • communicate with you,
  • screen our orders for potential risk or fraud,
  • and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.

How we collect your personal information

Normally we collect information from you directly, unless it is unreasonable or impracticable to do so. The source of collection is collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.

Your personal information may also be collected through the following interactions:

  • when you access the Platform, complete an application, consent, purchase, account sign-up or similar form via our Platform or otherwise; 
  • when you communicate with us directly (by email, telephone, direct mail or any other means);
  • when you complete purchase orders, registrations, requests or applications for our products or services (by phone, in person or electronically);
  • when you interact with us during promotions, competitions or special events.
  • when you post information or otherwise interact with the Platform;
  • when you participate in one of our Services, competitions or surveys; 
  • from those who request our Services on your behalf; 
  • from publicly available sources of information; 
  • from government regulators, law enforcement agencies and other government entities;
  • from business contacts, external service providers and suppliers; or
  • by other means reasonably necessary.

Minors
It is our policy to not collect personal information from persons who are under the age of 18 years or offer to send any promotional material to such persons. If you are under the age of 18 you will need the consent of your parent / guardian in order to provide your personal information to us.

Sharing Personal Information

We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you. For example:

  • We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
  • We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

Behavioural Advertising

We use your personal information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

  • We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en.You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
  • We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by:

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

Third party collection

If we collect any personal information about you from someone other than you, to the extent not already set out in this Privacy Policy, we will inform you of the fact that we will collect, or have collected, such information and the circumstances of that collection before, at or as soon as reasonably practicable after we collect such personal information.

Authority

If you provide us with the personal information of another individual, without limiting any other provision of this Privacy Policy, you acknowledge and agree that the other individual: 

  • has authorised you to provide theirpersonal information to us; and
  • consents to us using theirpersonal information in order for us to provide our Services.

Unsolicited information

If we receive unsolicited personal information about you that we could not have collected in accordance with this Privacy Policy and the Privacy Act, we will, within a reasonable period, destroy or de-identify such information received.

Anonymity

If you would like to access any of our Services on an anonymous basis we will take reasonable steps to comply with your request, however: 

  • you may be precluded from taking advantage of some of our Services; and
  • we will require you to identify yourself if:
  1. we are required by law to deal with individuals who have identified themselves; or
  2. it is impracticable for us to deal with you if you do not identify yourself or elect to use a pseudonym.

Retention

When you place an order through the Site, we will retain your personal information for our records unless and until you ask us to erase this information.

Destruction

Subject to a legal requirement to the contrary, we will destroy or de-identify your personal information if: the purpose for which we collected the personal information from you no longer exists or applies, which includes if your account remains inactive for a sufficient period of time for us to determine it is no longer in use; 

  1. you delete your account; or 
  2. you request us to destroy yourpersonal information.

Cookies 
We use cookies and web beacons on our Platform to improve the functionality of the Platform.  

A ‘cookie’ is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

When you access the Site, we may send you a cookie request. Use of ‘cookies’ allows us to tailor the Platform configuration to your needs and preferences.  

We use the following cookies to optimize your experience on our Site and to provide our services.

Cookies Necessary for the Functioning of the Store

Name

Function

_ab

Used in connection with access to admin.

_secure_session_id

Used in connection with navigation through a storefront.

cart

Used in connection with shopping cart.

cart_sig

Used in connection with checkout.

cart_ts

Used in connection with checkout.

checkout_token

Used in connection with checkout.

secret

Used in connection with checkout.

secure_customer_sig

Used in connection with customer login.

storefront_digest

Used in connection with customer login.

_shopify_u

Used to facilitate updating customer account information.

Reporting and Analytics

Name

Function

_tracking_consent

Tracking preferences.

_landing_page

Track landing pages

_orig_referrer

Track landing pages

_s

Shopify analytics.

_shopify_fs

Shopify analytics.

_shopify_s

Shopify analytics.

_shopify_sa_p

Shopify analytics relating to marketing & referrals.

_shopify_sa_t

Shopify analytics relating to marketing & referrals.

_shopify_y

Shopify analytics.

_y

Shopify analytics.

 

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

Cookies let us keep track of how many times customers are doing specific things, like visiting our site each month. We use cookies to keep track of your shopping cart and to deliver content specific to your interests.  

We also use cookies to measure traffic patterns, to determine which areas of our websites have been visited, and to measure transaction patterns. We use this to research our users’ habits so that we can improve our online products and services.   

We may also log IP addresses (the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track user movements, and gather broad demographic information.  

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

 
USE
 

Primary use

We will only use and disclose your personal information:

  • for purposes which are related to the Primary Purpose; or
  • if we otherwise get your consent to do so, in accordance with this Privacy Policy and the Privacy Act. 

We will not use your personal information for any purpose for which you would not reasonably expect us to use your personal information

We will not sell, trade, rent or licence your personal information to third parties.

Direct marketing

We will offer you a choice as to whether you want to receive direct marketing communications about services. If you choose not to receive these communications, we will not use your personal information for this purpose. 

We will otherwise only use or disclose your personal information for the purposes of direct marketing if:

  • we collected the information from you; 
  • it is reasonable in the circumstances to expect that we would use or disclose the information for direct marketing purposes;
  • we provide you with a simple means to ‘opt-out’ of direct marketing communications from us; and
  • you have not elected to ‘opt-out’ from receiving such direct marketing communications from us.

You may opt out of receiving such communications by:

  • checking the relevant box on the form used to collect yourpersonal information;
  • clicking a link on the email communication sent to you; or
  • contacting us using our contact details below.

We may offer you the opportunity to receive information from third parties regarding goods or services that may be of interest to you. If you choose to receive such information, we may forward messages from such third parties to you.  If we do so, we will not provide such third parties with any of your personal information.

DISCLOSURE

How we disclose

We may disclose personal information and you consent to us disclosing such personal information to: 

  1. third parties engaged by us to perform functions or provide Services on our behalf;
  2. to your employer or sponsoring organisation (as relevant);
  3. our professional advisors, including our accountants, auditors and lawyers; 
  4. our related bodies corporate;
  5. persons authorised by you to receive information held by us, including to those individuals that you authorise us to provide information to via the Platform; 
  6. a government authority, law enforcement agency, pursuant to a court order or as otherwise required by law; or
  7. a party to a transaction involving the sale of our business or its assets.

Do Not Track

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

Overseas disclosure

We currently disclose personal information overseas, specifically to the United States of America (USA), as a result of the Platform servers being located in the USA. If you do not wish for this to occur, you must make purchases of our Goods and Services either by phone or in person at a retail store that sells our Goods and Services. Please contact us for further information. In some circumstances or in the future we may send your personal information to other overseas recipients to enable us provide you our Services. We will inform you of the locations of such recipients if applicable. 

Our third party payment gateway provider may disclose your personal information overseas.  Please refer to the privacy policies of the third party payment gateway provider for information regarding how they will use, disclose and manage your personal information

If we send your personal information to overseas recipients, we will take reasonable measures to protect your personal information such as ensuring all information is de-identified where appropriate before being transmitted.  However, you acknowledge and agree that if we disclose your personal information to overseas recipients, we are not obliged to take reasonable steps to ensure overseas recipients of your personal information comply with the Privacy Act and the APPs.   

ACCESS + CORRECTION

Access

If you require access to your personal information, please contact us using our contact details below.   You are required to put your request in writing and provide proof of identity.

We are not obliged to allow access to your personal information if: 

  • it would pose a serious threat to the life, health or safety of any individual or to the public;
  • it would have an unreasonable impact on the privacy of other individuals; 
  • the request for access is frivolous or vexatious; 
  • it relates to existing or anticipated legal proceedings between you and us and would not ordinarily be accessible by the discovery process in such proceedings;
  • it would reveal our intentions in relation to negotiations with you in a way that would prejudice those negotiations; 
  • it would be unlawful; 
  • denying access is required or authorised by or under an Australian law or a court/tribunal order; 
  • we have reason to suspect that unlawful activity, or misconduct of a serious nature relating to our functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter; 
  • it would likely prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
  • it would reveal commercially sensitive information.

If you make a request for access to personal information, we will:

  • respond to your request within 24 hours or otherwise within a reasonable period; and 
  • if reasonable and practicable, give access to thepersonal information as requested.

If we refuse to give access to the personal information, we will give you a written notice that sets out at a minimum:

  • our reasons for the refusal (to the extent it is reasonable to do so); and
  • the mechanisms available to complain about the refusal.

Correction

We request that you keep your personal information as current as possible.  If you feel that information about you is not accurate or your details have or are about to change, you can: 

  • contact us using our contact details below and we will correct or update yourpersonal information; or
  • change your details via the Platform.

 If you otherwise make a request for us to correct your personal information, we will:

  • respond to your request within 14 days or otherwise within a reasonable period; and 
  • if reasonable and practicable, correct the information as requested.

If we refuse a request to correct personal information, we will: 

  • give you a written notice setting out the reasons for the refusal and how you may make a complaint; and
  • take reasonable steps to include a note with yourpersonal information of the fact that we refused to correct it.

SECURITY + PROTECTION

In relation to all personal information, we will take all reasonable steps to:
  • ensure that thepersonal information we collect is accurate, up to date and complete;
  • ensure that thepersonal information we hold, use or disclose is, with regard to the relevant purpose, accurate, up to date, complete and relevant; and
  • protectpersonal information from misuse, loss or unauthorised access and disclosure.

Please contact us immediately if you become aware of or suspect any misuse or loss of your personal information

COMPLAINTS

If you have a complaint about how we collect, use, disclose, manage or protect your personal information, or consider that we have breached the Privacy Act or APPs, please contact us using our contact details below.  We will respond to your complaint within 24 hours of receiving the complaint or within a reasonable period.

Once the complaint has been received, we may resolve the matter in a number of ways:

  1. Request for further information:We may request further information from you.  Please provide us with as much information as possible, including details of any relevant dates and documentation.  This will enable us to investigate the complaint and determine an appropriate solution.  
  2. Discuss options:We will discuss options for resolution with you and if you have suggestions about how the matter might be resolved you should raise these with our Privacy Officer.
  3. Investigation:Where necessary, the complaint will be investigated.  We will try to do so within a reasonable time frame.  It may be necessary to contact others in order to proceed with the investigation.  This may be necessary in order to progress your complaint.
  4. Conduct of our employees:If your complaint involves the conduct of our employees we will raise the matter with the employees concerned and seek their comment and input in the resolution of the complaint.

After investigating the complaint, we will give you a written notice about our decision.

You are free to lodge a complaint directly with the Office of the Australian Information Commissioner (OAIC) online, by mail, fax or email.  For more information please visit the OAIC website at oaic.gov.au.

CONTACT

Please forward all correspondence in respect of this Privacy Policy via the Site.

 

CHANGES

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

INDEMNITY

You agree to indemnify and hold us, our officers, directors, employees and agents harmless from and against all losses (including, without limitation, loss of profits, lawyer fees), costs, damages, expenses or injury, whether special or consequential, arising directly or indirectly from, or in connection with, your access to, use or misuse of, this Website, any violation of these Terms or the Privacy Policy (including infringement of third parties' intellectual property rights anywhere in the world or negligent or wrongful conduct) by you or any other person accessing the Website using your account.

LIABILITY

We are not liable to you or any third party for any loss including any special, indirect, consequential, punitive, exemplary or unforeseeable loss such as loss of profits or business interruption or any similar loss arising in connection with these Terms, Privacy Policy or use of the Website.

Subject to the above, our liability to you or any third party for breach of these Terms, negligence or other tort, breach of statutory duty, or under any indemnity or otherwise, is limited to, at our option:

  • for services: to the re-supply of the relevant services, a refund of the fees paid for the services or the cost of the re-supply of the relevant services;
  • for products: to the re-supply of the relevant products, a refund of the fees paid for the products or the payment of the value of the products supplied.

INTERPRETATION + DEFINITIONS

Personal pronouns:  Except where the context otherwise provides or requires:

  1. the terms we, us or our refers toIllūstrāns t/as Rita Palma (ABN 75593991010);
  2. the terms you or your refers to a user of the Platform/Site and/or a customer to whom we provide the Services.

Terms italicised and defined in the Privacy Act have the meaning given to them in the Privacy Act.

Defined terms
In this Privacy Policy unless otherwise provided, the following terms shall have their meaning as specified:

APPs means any of the Australian Privacy Principles set out in Schedule 3 of the Privacy Act.

Platform/Platforms/Site means all or any of the relevant platforms, electronic interfaces and websites that are owned, provided and/or operated from time to time by us, regardless of how those websites are accessed by users (including via the internet, mobile phone, mobile applications or any other device or other means).

Privacy Act means the Privacy Act 1988 (Cth) as amended from time to time.

Privacy Policy means this privacy policy as amended from time to time.

Services means the supply or sale of our goods, including candles, home fragrance, homeware, holy cards/prayer cards, stationary, and body care goods to you, and other services that we provide from time to time.