1. Your privacy
CARVER (we, us or our) are committed to protecting your personal information in accordance with the Australian Privacy Principles (APPs) in the Privacy Act as well as other applicable legislation, such as the Spam Act, and the Do Not Call Register Act.
2. What we collect and how we collect it
The personal information we collect about you depends on the dealings you have with us. Personal Information includes information about an individual who is reasonably identifiable. For example, if you:
- Pre-order goods or services, put goods on hold, use our lay-by service, or leave goods for repair, we may collect your name and contact details
- Provide details to join special mailing lists or databases if you'd like to receive information about, for example, certain products or ranges, we may collect your name, contact details, date of birth and information about your preferences
- Make a purchase online or when you otherwise set up an online account, we will collect your name, contact details, order details, credit card details, delivery address or store pick up details and we may also ask you to provide your date of birth and gender.
- Provide information via social media pages or download any apps which we may develop or post to, such as providing your name or contact details via our Facebook pages, or our Twitter or Instagram accounts or other social media sites or apps
- Attend one of our functions or events, we will collect your name, contact details and any dietary or accessibility requirements
- Create a registry or wishlist with us, we will collect your name, contact and event details
- Enter a competition or complete a survey, in online or printed format, we may collect your name and contact details along with your merchandise or services preferences and feedback
- Send us an enquiry or provide us with feedback through our online form or via our Customer Service Team, we will collect your name, contact details, details of your enquiry or feedback and information about our response
- Submit a sponsorship or partnership application, we will collect the information you include in your proposal
- Apply for a job with us, we will collect the information you include in your job application, including your and your referee's contact details. We may also conduct other relevant history checks, including whether you have any requisite working visa
- Other kinds of interactions involving us or our products, such as when you make a Tourist Refund Scheme (TRS) claim, or other claim in relation to GST or other taxes or duties
- Engage with or purchase products from third parties who deal with us, or if you deal with one of our related bodies.
You can transact with us (eg by paying cash in-store for purchases) and make general enquiries or provide certain feedback anonymously, however in some cases if you don't identify yourself, we may not be able to respond to you or provide you with the product or service you are seeking: eg, you must identify yourself to purchase products online, place items on lay-by or arrange for products to be delivered to you.
We only collect sensitive information where it is reasonably necessary for our functions or activities and either you have consented, or we are required or authorised by law to do so.
2.1 Collection of personal information through websites and apps
3. Why we collect personal information?
3.1 Main purposes
The main purposes for which we collect, hold, use and disclose personal information are:
- Processing transactions, in-store and online, and delivering products and services
- To provide any associated loyalty program
- Promoting us and our products and services, including through direct marketing, events and competitions, public relations and social media
- Performing research and statistical analysis, including for customer satisfaction and product and service improvement purposes. This may include matching information we collect against other information held by third parties. (We may also use and disclose de-identified data for these purposes)
- Helping us tailor existing or develop new products, services or offers, and to help us selectively target promotional offers and opportunities
- Developing or seeking to deliver new ranges of products or service
- Protecting the security of our stores, staff, customers, suppliers and merchandise (including theft and fraud prevention)
- Answering queries, resolving complaints, receiving compliments, responding to feedback or other customer enquiry processing and responding to social media
- Recruiting staff and contractors
- General planning and administration
We may also collect, hold, use and disclose personal information for other purposes explained at the time of collection or which are required or authorised by or under law, and for which you have provided consent.
3.2 Direct marketing and opting out
By providing your address, email address and telephone numbers to us, you consent to us contacting you for the purposes set out above. We may send this information in a variety of ways, including by mail, email, social media, SMS, MMS, telephone and if you download them any apps. You can opt out of being contacted by:
- Emailing us at email@example.com; or
- Using the unsubscribe facility that we include in our electronic messages (eg email, SMS or MMS) to opt out of receiving those messages.
You can opt out of receiving notifications via any apps if you turn off Push Notifications in the settings.
3.3 Email and mobile communication
If you provide us with an email address or phone number, you consent to electronic communication such as notices or reminders being sent to you via that address or number. You may prefer to provide to us with your personal email address or phone number rather than, for example, an email address accessible by your work colleagues.
4. Who we may share your personal information with
We may share your personal information with third parties where appropriate for the purposes set out above, including:
- Financial institutions for payment processing
- Referees whose details are provided to us by job applicants
- Our contracted service providers or partners, including: overseas and local agents, delivery and shipping providers, information technology service providers, venues and event organisers, marketing and communications agencies, research and statistical analysis providers, call centres, hard copy and electronic mail houses, manufacturers and suppliers, external business advisers (such as recruitment advisors, auditors and lawyers), and those third parties who offer sass and bide-branded products
- Regulatory, investigative or government bodies to comply with laws
We may ask one of these third parties to contact you directly for a specific purpose, and provide us with information collected from you in the course of providing the relevant products or services.
5. Cross border disclosure
We may disclose personal information to overseas recipients, who are located in places such as Japan, Singapore, India, Hong Kong, the Philippines, the United Kingdom, New Zealand, the United States of America and other countries or jurisdictions depending on the nature of the services those recipients provide to us (for example storing data via a cloud service, or where our customer relationship management system is hosted on servers located overseas, or where delivery address information for online orders is managed via a third party located overseas).
6. Data quality and security
We hold personal information in a number of ways, including in printed documents, electronic databases and email contact lists. Printed documents may be held at our offices, or archived in boxes and stored in secure offsite facilities. We take reasonable steps to:
- Ensure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant;
- Protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure; and
- Destroy or permanently de-identify personal information that is no longer needed for purposes permitted by the APPs.
You can help us keep your information up to date, by letting us know about changes to your details.
The steps we take to secure personal information include website protection measures, security restrictions on access to our computer systems, controlled access to our corporate premises, policies on document storage and security, personnel security and training and workplace policies. While we endeavour to protect the personal information of users of our website, we cannot guarantee the security of information you disclose online: you disclose that information at your own risk. If you are concerned about sending your information over the Internet, you can contact us as set out in section 8. You can also help protect your personal information by keeping your account details confidential. If you become aware of any security breach, please let us know as soon as possible.
6.3 Third party sites
7. Access and correction
Please contact us at firstname.lastname@example.org if you would like to access or correct the personal information that we hold about you. We may ask you to verify your identity before processing any access or correction requests, to make sure that the personal information we hold is properly protected.
We will generally provide you with access to your personal information within 30 days, subject to some exceptions permitted by law. We will also generally provide access in the manner that you have requested (eg by providing photocopies or allowing a file to be viewed), provided it is reasonable and practicable for us to do so. We may however charge a fee to cover our reasonable costs of locating the information and providing it to you.
If you ask us to correct personal information that we hold about you, or if we are satisfied that the personal information we hold is inaccurate, out of date, incomplete, irrelevant or misleading, we will take reasonable steps to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading. If we correct personal information about you, and we have previously disclosed that information to another agency or organisation that is subject to the Privacy Act, you may ask us to notify that other entity. If so, we will take reasonable steps to do so, unless this would be impracticable or unlawful.
8. Complaints or Questions
All complaints received by us will be dealt with fairly and in a timely manner considering all the circumstances of the complaint. In most cases, we expect that complaints will be investigated and a response provided within 30 days of receipt of the complaint. If the matter is more complex and our investigation may take longer, we will contact you and tell you when we expect to provide our response.
9. Changes to this Policy