PRIVACY POLICY

 

 

 

 

WEBSITE PRIVACY POLICY – Updated on May 25th, 2018 – Compliant with GDPR

 

This website is owned and operated by Rachael Attard and it will be referred to as “we”, “our” and “us” in this Privacy Policy.  Since we very much care about the privacy and security of your personal data, we’ve made all reasonable efforts to ensure that we comply with both Australian and international data protection and privacy laws, like the European Union’s General Data Protection Regulation (‘GDPR’). Therefore, all personal data that is collected or processed is kept safely and securely and is used only for the appropriate purpose and held for the appropriate amount of time.

Examples of personal data include:

• Name

• Address

• Email address

• Social media account

• Digital identifiers such as an IP address or a cookie ID.

We recognize the importance of protecting the privacy of information collected about visitors to our website, in particular, information that is capable of identifying an individual (“personal information”). This Privacy Policy governs the manner in which your personal information is obtained through the website and how will it be dealt with.

By using this site, you agree to the Privacy Policy of this website (www.rachaelattard.com), which is set out on this website page.

We reserve the right, at our discretion, to modify or remove portions of this Privacy Policy at any time. This Privacy Policy is in addition to any other terms and conditions applicable to the website. We do not make any representations about third party websites that may be linked to the website.

This Privacy Policy should be reviewed periodically so that you are updated on any changes. We welcome your comments and feedback.

WHO WE ARE

This Privacy Policy relates to the collection and use of personal information you may supply to us through your conduct on the website.

In terms of your use of this website, we act in the capacity of Data Controller which means we are responsible for determining the purpose of personal data collecting and processing.

If you have any questions or concerns about the data we hold about you, you can contact us by using via email: info@rachaelattard.com.

OVERVIEW

In order for us to operate our business and provide our services to you, sometimes it is necessary that we collect and process your personal data. In general terms, this data can be divided into three categories:

• Information that you provide to us directly. For example, where you complete an online form on our website.

• Information that is automatically sent to us by your computer’s internet browser when you visit our website. For example, your computer’s IP address.

• Information about how you use our website or our services. For example, which pages you visit, how frequently you visit the site, for how long, etc.

This Privacy Policy sets out the detail of what information we collect, as well as how we use that data and how we protect it.

WHAT DO WE USE YOUR INFORMATION FOR?

Any of the information we collect from you may be used in one of the following ways:

• To personalize your experience (your information helps us to better respond to your individual needs)

• To improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you)

• To improve customer service (your information helps us to more effectively respond to your customer service requests and support needs)

• To process transactions (Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.)

• To administer a contest, promotion, survey or other site feature

• To send periodic emails (With your permission, we may send you emails about diet info, new products, and other updates.)

• The email address you provide for order processing may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news, updates, related product or service information, etc.

Note: If at any time you would like to unsubscribe from receiving future emails you simply have to click the unsubscribe link at the bottom of any email we send. Then you will be taken through the simple unsubscribe process.

HOW DO YOU GET MY CONSENT?

When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.

If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent or provide you with an opportunity to say no. For example, if you do our body type quiz for which you need to provide your email address, we will need your consent for collecting it.

HOW DO I WITHDRAW MY CONSENT?

If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at info@rachaelattard.com.

PERSONAL INFORMATION YOU PROVIDE TO US DIRECTLY

Personal information that you provides us directly is collected only when knowingly and voluntarily submitted. For example, we may need to collect such information to provide you with further services or to answer or forward any requests or inquiries.

It is our intention that this policy will protect your personal information from being dealt with in any way that is inconsistent with GDPR privacy laws.

Lawful Basis for Processing under the GDPR:

When you communicate with us or sign up for promotional materials, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to provide you with our promotional messages.

Where we are required under applicable local law to obtain your consent for sending you marketing information, the legal basis is your consent, Art. 6(1)(a) GDPR.

Data Minimization:

We will only ask you for the minimum amount of information required to appropriately fulfill your request. This will usually be your email address and any specific information about your request.

Data Retention:

We will retain this data for a maximum of 12 months.

Types of processing:

• After you provide us with your personal data, we will store the information you provide to us in our website database, and/or in our self-managed Customer Relationship Management system. All our CRM systems are GDPR compliant. This way we are enabled to efficiently access your data and respond to your requests;

• For the purpose of maintaining the integrity of our systems, we may also store this data in system backups

• We may use this information to contact you about other of our own services that we believe may be of genuine interest to you

• We will NEVER use this data for any further purpose without you expressing further consent

• We will NEVER sell your information to any 3rd party.

INFORMATION THAT IS AUTOMATICALLY SENT TO US BY YOUR COMPUTER’S INTERNET BROWSER

Before GDPR, when you visited our website, our system was saving a record of your visit in our server logs, and this record included the IP address that is associated with your device.

The storage of IP addresses is a common practice and it allowed us to identify patterns of behavior (such as repeated malicious attempts to access a system).

However, from now on, our hosting provider is working on deleting those data or making them completely anonymous. Also, from now on, as we were informed, those data will no longer be available to us, only to our hosting provider for the amount of time they are legally obliged to keep them for debugging and security reasons.

INFORMATION ABOUT HOW YOU USE OUR WEBSITE OR OUR SERVICES

Cookies

Cookies are data that a website transfers to an individual’s hard drive for record-keeping purposes. Those cookies which are industry standard and are used by most websites, including those operated by us, can facilitate a user’s ongoing access to and use of a site.

We use “cookies” on our website that help us to understand how visitors use our website and other related services. They allow us to tell when you have visited a particular page or performed a particular action (such as clicking a particular button) on our website.

Majority of websites uses them since as they provide useful insight into how the services are being used. Also, they help us improve speed, performance, and security, and thus enable us to improve your user experience.They allow us to customize the website to your needs.

However, if you do not want information collected through the use of cookies, there is a simple procedure in most browsers that lets you deny or accept the cookie feature. But you should note that some cookies may be necessary to provide you with some features of our online services.

Google Analytics

We use Google Analytics in order to better understand what our website visitors are looking for.

When you visit our site, information about your visit (such as which pages you look at, how long you spend on the site, etc.) is sent in an anonymous form to our analytics providers – Google Analytics (which is controlled by Google).

We ensure that no personally identifiable information is ever contained within the data sent to Google Analytics.

Considering analytics information is not personal data, we do not specifically ask for your prior consent.

Lawful Basis for Processing under the GDPR:

The lawful basis is our legitimate interest, Art. 6 (1) (f) GDPR, which is to improve our website performance and your user experience.

USE OF INFORMATION

Personal information that visitors submit to our site is used only for the purpose for which it is submitted or for such other secondary purposes that are related to the primary purpose unless we disclose other uses in this Privacy Policy or at the time of collection.

SURVEYS & CONTESTS

From time-to-time, our website requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user, therefore, has a choice whether or not to disclose this information. Information requested may include contact information (such as name and shipping address), and demographic information (such as zip code, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the usability and user satisfaction of this site.

DO WE DISCLOSE ANY INFORMATION TO OUTSIDE PARTIES?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.

THIRD PARTY LINKS

Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

SECURITY

We strive to ensure the security, integrity, and privacy of personal information submitted to our sites, and we review and update our security measures in light of current technologies. Unfortunately, no data transmission over the Internet can be guaranteed to be totally secure.

However, we will endeavor to take all reasonable steps to protect the personal information you may transmit to us or from our online products and services. Once we do receive your transmission, we will also make our best efforts to ensure its security on our systems.

In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us. However, we will not be held responsible for events arising from unauthorized access to your personal information.

ACCESS TO INFORMATION

We will endeavor to take all reasonable steps to keep secure any information which we hold about you and to keep this information accurate and up to date.

The GDPR provides the following rights for individuals:

• (Art. 15 GDPR): You have the right to ask us for confirmation on whether we are processing your Personal Data, and access to the Personal Data and related information on that processing (e.g., the purposes of the processing, or the categories of Personal Data involved).

• (Art. 16 GDPR): You have the right to have your Personal Data corrected, as permitted by law.

• (Art. 17 GDPR): You have the right to ask us to delete your Personal Data, as permitted by law.

• (Art. 18 GDPR): You have the right to request the limiting of our processing under limited circumstances, including when the accuracy of your Personal Data is contested or when the processing is unlawful.

• (Art. 20 GDPR): You have the right to receive the Personal Data that you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit that information to another controller, including to have it transmitted directly, where technically feasible.

In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.

PROBLEMS OR QUESTIONS

If we become aware of any ongoing concerns or problems with our websites, we will take these issues seriously and work to address these concerns.

If you have any further queries relating to our Privacy Policy, or you have a problem or complaint, please contact us via info@rachaelattard.com.

FURTHER PRIVACY INFORMATION

For more information about privacy issues in Australia and protecting your privacy, visit the Australian Federal Privacy Commissioner’s website.http://www.privacy.gov.au/

We updated our Privacy Policy and as of 25th May 2018, it is GDPR Compliant.

Pin It on Pinterest