1. Chocolate Gems’ Privacy Commitment
We take our obligations under the Privacy Act 1988 (the Act) and the Australian Privacy Principles (APPs) very seriously and have implemented practices, procedures and systems to ensure we comply with those laws. We are committed to maintaining the confidentiality and security of your personal information and managing it in an open and transparent way.
3. What is personal information?
Personal information is any information or an opinion about an identified individual, or an individual who is reasonably identifiable.
4. Types of personal information collected
We may collect and hold personal information about you such as:
- your full name and contact details (including your address, phone numbers and emails, whether personal or for work);
- your gender;
- your date of birth;
- your purchase history;
- your company name (if applicable);
- the domain from which you access the internet;
- the date and time you access our Website;
- the internet address of the website from which you linked to our Website;
- information about your shopping preferences/selections;
- other information you may make publicly available online (including but not limited to information on social media platforms); and
- any other information you may provide to us from time to time.
We do not collect your financial information or credit card details used to purchase products.
5. When and how do we collect your personal information?
5.1. Collection from you
We collect personal information directly from you in the normal course of providing services instore and online such as when you:
- purchase products or services from us;
- request information about us or our products or services;
- use our Website;
- request a refund, return or make a claim;
- provide feedback, respond to a survey, change your email preferences;
- participate in a promotion or competition;
- register to become a member;
- apply to or become an employee of Chocolate Gems, or
- otherwise supply personal information to us by telephone, facsimile, email, post or in person.
5.2. Collection by other lawful and fair means
We also use Google analytics to track your use of our Website. Google Analytics is a website analytics service provided by Google Inc that places cookies on your computer’s browser. The information generated by the cookies about your use of our website is transmitted to Google. This information is then used for the purpose of compiling statistical reports enabling us to analyse the number of visits to our website, the average time spent on our website and the pages viewed. You can configure your browser to disable Google Analytics.
5.3. Unsolicited personal information
In some circumstances we may receive personal information that we have not requested. If this occurs, we will comply with our obligations under the Act. You acknowledge that we may de-identify and/or destroy this information unless we are required to keep it by law.
6. Why we collect your personal information
We collect personal information to allow us to:
- conduct our business functions;
- to meet any regulatory requirements which apply to our business;
- to market and sell our products and services, including using third party providers to process sales and deliver our products;
- to improve our products and our marketing.
7. Direct marketing
We may use your personal information to provide you with direct marketing materials if you would reasonably expect us to or if you consent to receive direct marketing materials. We will seek your consent to provide you with direct marketing materials if we have obtained your personal information from a third party. Direct marketing material may include promotional material about us or the products or services we offer. You may opt out of receiving direct marketing material by contacting us in any of the ways specified in the direct marketing materials or by contacting our Privacy Officer (email@example.com)
8. Disclosure of personal information
We may disclose your personal information to our shareholders, officers and employees, other businesses within our group of companies, service providers who assist us in our business operations and recruitment activities (including third party service providers based overseas), government agencies, parties involved in the purchase or sale of any of our businesses, other third parties, (including parties that we engage to process orders for our products, provide you with goods or services on our behalf or who are connected with or involved in our relationship with you), or otherwise as required by law.
We will not sell your personal information to third parties for marketing purposes.
9. Cross-border disclosure of personal information
We may transfer personal information to countries outside of Australia, but we will only do so in compliance with the Act. The third-party service providers may be located in New Zealand, the United States and EU. Where we transfer your personal information outside of Australia, we will take reasonable steps to ensure that your information is treated securely, and the means of transfer provides adequate safeguards. We will take reasonable steps to protect personal information no matter what country it is stored in or transferred to.
We will take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure. When conducting online transactions from our Website, we use an industry standard 128-bit SSL (secure sockets layer) which encrypts sensitive information as it is transferred over the internet. This encryption scrambles details such as credit card numbers, billing details and delivery addresses so that computers are unable to decipher the information.
We will keep your personal information only for as long as required for our business purposes and otherwise as required by Australian law. Where we no longer need to keep your personal information for a permitted purpose, we will take reasonable steps to destroy your personal information or to ensure that the information is de-identified.
11. Access to personal information we hold about you
Upon your written request we will provide you with a copy of your personal information that we hold about you unless providing you with access would unreasonably impact upon the privacy of others or is not otherwise permitted under the APPs or at law. If you wish to have your personal information destroyed or de-identified, please let us know and we will take reasonable steps to do so (unless we need to keep it for legal, auditing or internal risk management reasons, or as otherwise required by law).
A request can be made by contacting our Privacy Officer (firstname.lastname@example.org).
12. Updating and correcting your personal information
We will take reasonable steps to ensure that the personal information that we hold is accurate, up-to-date and complete. You can update your personal information at any time by contacting our Privacy Officer (email@example.com).
Wherever it is lawful and practical, you have the option of using a pseudonym or not identifying yourself when dealing with us. However, by doing so you acknowledge that it may affect our ability to provide our products and services to you. If you apply to or become an employee, you must provide personal information that is true and accurate and not misleading or deceptive.
14. Privacy Enquiries and Complaints
Telephone: +61 7 3216 8433
Post: Customer Service, Chocolate Gems, PO Box 2108 Mansfield BC Qld 4122
We will endeavour to respond to all enquiries and complaints within 30 days and deal with the matter expeditiously and in a manner which is consistent with our obligations at law. If unresolved, complaints may be referred to an external complaint’s resolution entity and, if necessary, taken to the Office of the Australian Information Commissioner. The Information Commissioner may be contacted at www.oaic.gov.au or by email at:
Telephone: 1300 363 992
Post: Office of the Australian Information Commissioner GPO Box 5218, Sydney NSW 2001
This Policy was last updated on 01 May 2020