Privacy Policy - All types of sheds

Introduction

This Privacy Policy sets forth the data protection and privacy practices for Slay Tail Investments Pty Ltd (ABN 81 671 610 825), herein referred to as “Slay Tail” or “the Company” which owns this website. The policy governs the manner in which Slay Tail collects, uses, maintains, and discloses information collected from users (each, a “User”) of its website and any derivative or affiliated services offered by Slay Tail (collectively, the “Services”).

Slay Tail recognises the importance of protecting the privacy and rights of individuals in relation to their personal information. This document is a formal declaration of our commitment to comply with applicable privacy laws and regulations, including but not limited to those protecting the personal information of Users who interact with our Services.

This Privacy Policy applies to all personal information collected by the Company, whether digitally via the website, electronically through our Services, or through direct interactions with our clients and Users. It outlines the types of personal information that Slay Tail collects, the purposes for which such information is used, and the circumstances under which it may be disclosed.

For Users located within the European Union (EU), additional rights and protections under the General Data Protection Regulation (GDPR) are applicable. The specific rights pertaining to such Users and the manner in which these rights can be exercised are detailed towards the end of this document.

By accessing, using, or interacting with the Services offered by Slay Tail, Users acknowledge and agree to the terms and conditions set out in this Privacy Policy. Users are advised to read this document carefully to understand our practices regarding personal information and how we will treat it.

This introduction forms the basis of our Privacy Policy and underscores our commitment to ensuring the privacy and security of User information in our possession.

2. Collection of Personal Information

2.1 Purpose of Collection

The Company collects personal information primarily to facilitate the efficient and lawful operation of its business activities and to deliver the highest standard of service to its clients. The collection of personal information is fundamental to our ability to provide personalized services and support and comply with legal and regulatory obligations.

2.2 Types of Personal Information Collected

The range of personal information that the Company may collect includes, but is not limited to, the following:

Identifying and contact information such as names, addresses, email addresses, and phone numbers.

Financial information pertinent to the provision of services, including credit card numbers, and transaction history.

2.3 Methods of Collection

The Company employs various methods for collecting personal information, ensuring at all times that such collection is conducted in a lawful and non-intrusive manner. These methods include:

Direct collection from clients through application forms, agreements, and other communication channels such as email and phone conversations.

Indirect collection via third parties, such as publicly available sources, where necessary and with the consent of the individual.

2.4 Legal Basis for Collection

Collection of personal information by the Company is grounded on several legal bases:

Consent: Wherever feasible, the Company seeks explicit consent from individuals before collecting personal information.

Contractual Necessity: In instances where personal information is required to enter into or perform a contract with an individual.

Legal Obligation: When collection is necessary for compliance with legal obligations to which the Company is subject.

Legitimate Interests: Where the collection is necessary for the legitimate interests pursued by the Company, except where such interests are overridden by the rights and freedoms of the individual.

2.5 Sensitive Information

The Company does not generally seek to collect sensitive information (as defined under applicable law) unless required by law or with explicit consent. Where sensitive information is collected, it is treated with the utmost security and confidentiality.

3. Use of Personal Information

3.1 Purpose of Usage

The Company uses personal information solely for purposes that are directly related to its business operations and the services it offers to its clients. These purposes include, but are not limited to:

The administration and management of client accounts.

The processing of transactions and execution of client instructions.

Compliance with legal and regulatory obligations.

Internal record keeping, business processing, and improvement of our services.

3.2 Legal Basis for Use

The use of personal information by the Company is underpinned by the following legal bases:

Consent: Where individuals have provided explicit consent for the use of their personal information for specified purposes.

Contractual Obligation: Where the use of personal information is necessary to fulfill the terms of a contract with the individual.

Legal Obligation: Where the use is necessary for compliance with a legal obligation to which the Company is subject.

Legitimate Interests: Where the use is necessary for the purposes of the legitimate interests pursued by the Company, provided such interests are not overridden by the rights and freedoms of the individual.

3.3 Processing and Analysis

The Company may process and analyze the personal information collected for various purposes, including market analysis, and enhancement of client services. Such processing is done with the utmost regard for the privacy and security of client data.

3.4 Marketing and Communication

Subject to obtaining the necessary consents, the Company may use personal information to inform clients of new products, services, or opportunities that may be of interest. Clients have the right to opt-out of receiving such communications at any time.

3.5 Data Minimization and Limitation

The Company is committed to data minimization principles, ensuring that only the personal information necessary for the specified purposes is used. The use of personal information is limited to the purposes for which it was collected, as informed to the individuals at the time of collection, unless otherwise authorized by law or the individual.

4. Collection Methods of Personal Information

4.1 Overview

The Company employs various methods for the collection of personal information, in compliance with legal and ethical standards. This section outlines the primary means by which the Company collects personal information from its clients and other relevant parties.

4.2 Direct Collection from Individuals

The Company primarily collects personal information directly from individuals through the following means:

Completion of application forms.

Interactions during phone calls, and email communications.

Client responses to surveys or feedback requests initiated by the Company.

Voluntary registration for newsletters, webinars, or other events hosted by the Company.

In each case, the Company takes reasonable steps to ensure that individuals are aware of the purpose of the collection and any potential disclosures of their personal information.

4.3 Indirect Collection from Third Parties

Occasionally, the Company may collect personal information about individuals from third-party sources, including:

Publicly available sources such as public registers or social media platforms.

Referrals from existing clients or professional advisors, subject to obtaining the individual’s consent.

When collecting personal information from third parties, the Company ensures that such information is collected in a fair, lawful, and transparent manner, consistent with the individual’s expectations and consent.

4.4 Collection Through Technology

The Company utilizes technology to enhance user experience and collect data, which includes:

The use of cookies and tracking technologies on the Company’s website to gather data about user interactions and preferences.

Automated systems for logging client interactions with the Company’s online platforms for service improvement and security purposes.

In these instances, the Company ensures that individuals are informed about the use of such technologies and have the ability to control their personal settings and preferences.

4.5 Consent and Voluntary Provision

At all times, the collection of personal information by the Company is predicated on the principle of consent. Individuals are provided with clear, understandable choices regarding the collection of their personal information.

4.6 Compliance with Laws and Regulations

In collecting personal information, the Company adheres to all applicable laws and regulations, ensuring that such collection is justifiable, necessary, and conducted with respect and consideration for the privacy and rights of individuals.

5. Cookies and Digital Identifiers

5.1 Use of Cookies and Digital Identifiers

The Company employs cookies and other digital identifiers on its websites and digital platforms. These tools are used to enhance the user experience, gather analytics, and facilitate effective service delivery.

5.2 Definition and Purpose

A cookie is a small text file placed on a user’s device when visiting a website. Digital identifiers are similar in function and include various forms of data collection technologies. The primary purposes of these tools are to:

Improve website functionality and user navigation.

Collect data regarding website usage and visitor preferences.

Assist in the delivery of targeted advertising and marketing communications.

Enable the efficient operation of online services and features.

5.3 Types of Cookies Used

The Company utilizes several types of cookies, including:

Session cookies: Temporary cookies that remain on the device until the browser is closed.

Persistent cookies: Remain on the user’s device for a pre-defined period and are activated each time the user visits the Company’s website.

Third-party cookies: Placed by service providers or partners of the Company, used for cross-site tracking, retargeting, and ad-serving.

5.4 User Consent and Control

The Company ensures that users are informed of the use of cookies and digital identifiers through a clear and accessible cookie policy. Users are provided with options to consent to the use of certain types of cookies or to reject them. The Company respects user preferences regarding cookies and provides mechanisms to manage and control cookie settings.

5.5 Analytics and Third-Party Cookies

For analytical purposes, the Company may use third-party services that deploy cookies to collect information about website usage. This information helps the Company understand user behavior and improve website and service offerings. These third-party cookies are subject to the respective privacy policies of the third-party providers.

5.6 Data Security and Privacy

Information collected through cookies and digital identifiers is treated with the utmost care and security. The Company employs appropriate technical and organizational measures to protect data from unauthorized access and misuse.

5.7 Amendments to Cookie Use

The Company reserves the right to modify its use of cookies and digital identifiers. Any changes will be communicated through updates to this Privacy Policy or the Company’s Cookie Policy. Users are encouraged to periodically review these policies to stay informed about how the Company uses cookies and related technologies.

6. Disclosure of Personal Information

6.1 General Principles of Disclosure

The Company adheres to strict principles regarding the disclosure of personal information collected from its clients and other relevant parties. The Company is committed to ensuring that such disclosures are conducted in compliance with applicable privacy laws and regulations, and only for legitimate business purposes.

6.2 Purposes of Disclosure

The Company may disclose personal information under the following circumstances:

To third-party service providers who perform operations or work on behalf of the Company, under confidentiality agreements. These services may include, but are not limited to, payment processing, data analysis, email delivery, hosting services, customer service, and marketing efforts.

To comply with legal obligations, such as responding to subpoenas, court orders, or other lawful requests by public authorities.

To protect the rights, property, or safety of the Company, its clients, or the public as required or permitted by law.

In connection with a merger, acquisition, or sale of all or a portion of the Company’s assets, in which case users will be notified via email and/or a prominent notice on the Company’s website of any change in ownership or uses of their personal information, as well as any choices they may have regarding their personal information.

6.3 Consent

Except as provided in this policy, the Company will not disclose personal information without obtaining prior consent from the individual, except where such consent may be inferred from the circumstances.

6.4 Cross-Border Disclosure

In cases where the Company engages in cross-border disclosure of personal information, such activities will be conducted in compliance with the relevant privacy legislation, ensuring adequate protection of the information regardless of geographic location.

6.5 Disclosure to Overseas Recipients

Where the Company discloses personal information to recipients located outside Australia, it will take reasonable steps to ensure that the recipients do not breach privacy obligations relating to the personal information.

6.6 Third-Party Practices

The Company is not responsible for the collection, use, and disclosure practices of third parties that are not directly controlled by the Company. This includes third-party websites, services, or applications that may be linked to or from the Company’s services.

6.7 Review and Amendments

The Company regularly reviews its policies and practices regarding the disclosure of personal information and may amend this policy from time to time. Users are encouraged to review this policy periodically to stay informed about how the Company protects their personal information.

7. International Transfer of Information

7.1 Scope of International Transfers

The Company acknowledges that, in the course of its business operations, it may be necessary to transfer personal information across international borders. Such transfers would primarily be for the purposes of data processing or storage.

7.2 Compliance with Legal Frameworks

The Company is committed to complying with all applicable laws and regulations governing international data transfers. This includes adherence to principles and frameworks such as the General Data Protection Regulation (GDPR) for transfers involving data subjects in the European Union, and other relevant international data protection laws.

7.3 Safeguarding Transferred Data

To ensure the protection of personal information during international transfers, the Company implements the following safeguards:

Ensuring that the countries to which data is transferred have adequate data protection laws, as per the standards set forth by relevant regulatory authorities.

Utilizing standard contractual clauses approved by regulatory authorities for data transfer agreements, which obligate overseas recipients to protect the data to the same standard required in the country of origin.

Implementing robust data security measures, including encryption and secure data handling protocols, to protect the data during transit and storage in foreign jurisdictions.

7.4 Consent and Notification

Where applicable, the Company will seek explicit consent from individuals prior to the international transfer of their personal information. In addition, the Company will inform individuals about the purposes for which their data is being transferred, the destinations of such transfers, and the security measures in place to protect their data.

7.5 Regular Review of Transfer Practices

The Company will regularly review its international data transfer practices to ensure ongoing compliance with changing legal requirements and best practices in data protection. This includes monitoring the data protection standards in countries to which data is transferred and updating transfer mechanisms as necessary.

7.6 Third-Party Transfers

Where third parties are involved in the processing or handling of personal data across borders on behalf of the Company, the Company will ensure that such third parties adhere to similar standards of data protection and confidentiality as prescribed by the Company’s policies and applicable laws.

8. Security Measures for Protection of Personal Information

8.1 Commitment to Data Security

The Company is committed to safeguarding the personal information it holds. Recognizing the importance of data security, the Company has instituted measures to prevent unauthorized access, disclosure, alteration, and destruction of personal information.

8.2 Implementation of Security Measures

The security measures employed by the Company include, but are not limited to, the following:

Technological Security: The Company employs advanced technological solutions to ensure the secure processing of personal information. This includes the use of firewalls, encryption technologies, secure servers, and SSL (Secure Socket Layer) protocols for transactions and data transmission over the Internet.

Organizational Measures: The Company maintains internal policies and procedures designed to protect personal information from unauthorized access. These include limiting access to personal information to only those employees who require it to perform their job duties.

Regular Audits and Reviews: The Company conducts regular audits and reviews of its security measures to ensure their effectiveness and compliance with current best practices and regulatory requirements.

8.3 Data Breach Response Plan

In the event of a data breach, the Company has a response plan to swiftly and effectively manage the situation. This plan includes immediate measures to secure and restore the integrity of our systems, notification to affected individuals and regulatory bodies where applicable, and a thorough investigation to prevent future occurrences.

8.4 Third-Party Service Providers

When engaging third-party service providers, the Company ensures that they are compliant with relevant data protection laws and maintain equivalent security measures. Contracts with such providers include clauses that mandate the protection and confidentiality of any shared personal information.

8.5 User Responsibility

While the Company endeavors to protect personal information, the security of data transmission over the Internet cannot be guaranteed. Users are encouraged to take their own precautions, such as keeping passwords confidential and using secure networks when transmitting personal information to the Company.

8.6 Continuous Improvement

Recognizing that threats to data security are constantly evolving, the Company is committed to the ongoing evaluation and improvement of its security measures. This includes staying abreast of developments in technology and data protection best practices.

9. Retention of Personal Information

9.1 Principles of Data Retention

The Company adheres to principled and lawful data retention practices. The Company retains personal information for as long as necessary to fulfil the purposes for which it was collected, in accordance with its legal obligations, regulatory requirements, and for business purposes.

9.2 Duration of Retention

The specific duration for which the Company retains personal information varies depending on the nature of the information and the reasons for its collection. The criteria used to determine the retention periods include:

Legal and regulatory requirements to retain data for a certain period.

The duration necessary for the Company to carry out its business and contractual obligations.

Statute of limitations under applicable law.

Whether the individual has consented to a longer retention period.

9.3 Data Minimization

Consistent with data minimization principles, the Company ensures that personal information is only retained for as long as it is needed for its intended purpose or as required by law. Data that is no longer necessary or relevant is securely disposed of or anonymized.

9.4 Secure Disposal of Data

Upon the expiry of the retention period, the Company securely disposes of or anonymizes personal information so that it can no longer be associated with an individual. The disposal methods are designed to prevent any unauthorized access to or recovery of the data.

9.5 Review of Retention Policies

The Company regularly reviews its data retention policies and practices to ensure compliance with applicable laws and relevance to its current operations. This includes adjusting retention periods as necessary in response to changes in legal requirements or business practices.

9.6 Access and Correction during Retention Period

Throughout the retention period, individuals have the right to access and request correction of their personal information held by the Company. Requests for access and correction are addressed promptly in accordance with the Company’s data access and correction policies.

9.7 Notification of Changes in Retention Policy

In the event of any changes to the data retention policies, the Company will duly inform the affected individuals through updates to this Privacy Policy.

10. Accuracy and Access to Personal Information

10.1 Commitment to Data Accuracy

The Company is committed to maintaining the accuracy, completeness, and relevance of the personal information it holds. The Company understands that accurate data is essential for providing high-quality services and complying with legal obligations.

10.2 Procedures for Ensuring Accuracy

To ensure data accuracy, the Company:

Regularly reviews and updates personal information.

Provides individuals with the opportunity to review and update their information regularly, especially when there are changes to their personal circumstances.

Utilizes reliable sources and methods for data collection and processing.

10.3 Individual’s Right to Access

In accordance with applicable privacy laws, individuals have the right to request access to the personal information that the Company holds about them. The Company facilitates this right by:

Providing a clear and accessible process for individuals to request access to their personal information.

Responding to access requests in a timely and efficient manner, subject to any limitations imposed by law.

10.4 Correction of Personal Information

Individuals have the right to request the correction of inaccurate or incomplete personal information held by the Company. Upon receiving such a request, the Company will:

Review and investigate the accuracy of the information in question.

Update the information as required, and inform the individual of the corrections made.

If the correction is not made, provide a reason for the decision and record the individual’s request with the information.

10.5 Handling of Access and Correction Requests

The Company ensures that requests for access and correction are handled in accordance with the following principles:

No undue delay in processing requests.

Minimal or no cost to the individual, except where allowed by law.

Verification of the identity of the requesting individual to safeguard against unauthorized access.

10.6 Limitations to Access and Correction

Access and correction of personal information may be subject to certain legal and regulatory limitations. In such cases, the Company will provide the reasons for any refusal to grant access or make corrections.

10.7 Notification of Changes to Personal Information

The Company encourages individuals to inform it of any changes to their personal information to ensure the data remains accurate and up to date.

11. Complaints and Contact Information

11.1 Privacy Complaints Handling

The Company is committed to resolving any complaints regarding its handling of personal information in a fair, efficient, and timely manner. The Company acknowledges the importance of privacy and is dedicated to adhering to privacy laws and regulations.

11.2 Procedure for Making a Complaint

Individuals who believe that the Company has breached its privacy obligations or mishandled their personal information are encouraged to raise their concerns by:

Contacting the Company’s designated Privacy Officer or relevant department using the contact information provided below.

Providing a detailed description of the complaint, including any relevant dates, documentation, and other information to support the claim.

11.3 Complaints Resolution Process

Upon receiving a privacy complaint, the Company will:

Acknowledge receipt of the complaint promptly.

Review the complaint, conduct an investigation, and may seek additional information from the complainant as necessary.

Strive to resolve the complaint within a reasonable timeframe, typically within 30 days of receipt of the complaint.

Inform the complainant of the outcome of the investigation and any actions taken or proposed to be taken by the Company in response to the complaint.

11.4 Escalation of Unresolved Complaints

If the complainant is not satisfied with the Company’s response, they may escalate their complaint to an external dispute resolution scheme or the relevant regulatory authority. The Company will provide information on these avenues upon request.

11.5 Changes to Contact Information

The Company will update this Privacy Policy to reflect any changes in its contact information. Individuals are encouraged to regularly review this policy to stay informed of how to contact the Company regarding privacy concerns.

11.6 Contact Details

Individuals may contact The Company regarding privacy issues or complaints through the following means:

Privacy Officer Contact Information:

Email: neilduncan@1232web.com.au

12. Specific Provisions for EU Residents

12.1 Application of GDPR

The Company acknowledges that the General Data Protection Regulation (GDPR) provides specific rights to individuals located within the European Union (EU). The Company commits to complying with the GDPR in relation to the personal information of EU residents.

12.2 Rights of EU Data Subjects

Under the GDPR, EU residents have the following rights concerning their personal information:

Right of Access: Individuals have the right to access their personal information held by the Company.

Right to Rectification: Individuals have the right to request the correction of inaccurate or incomplete personal information.

Right to Erasure (‘Right to be Forgotten’): Individuals may request the deletion of their personal information under certain circumstances.

Right to Restriction of Processing: Individuals have the right to request a halt on the processing of their personal information.

Right to Data Portability: Individuals have the right to receive their personal data in a structured, commonly used, and machine-readable format.

Right to Object: Individuals have the right to object to certain types of processing of their personal information.

Rights in relation to Automated Decision Making and Profiling: Individuals have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects them.

12.3 Exercising GDPR Rights

To exercise any of the GDPR rights, EU residents should submit a request to the Company’s Privacy Officer using the contact details provided. The Company will respond to such requests in accordance with the GDPR requirements.

12.4 Data Protection Officer

The Company has appointed a Data Protection Officer (DPO) to oversee compliance with the GDPR. The DPO can be contacted for any issues relating to the processing of personal information of EU residents.

Data Protection Officer Contact Information:

Email: neilduncan@1232web.com.au

12.5 Transfers of Personal Information outside the EU

In cases where personal information of EU residents is transferred outside the EU, the Company ensures such transfers are performed in compliance with the GDPR. This includes implementing appropriate safeguards like standard contractual clauses or transferring to countries that provide adequate data protection.

12.6 GDPR Complaints

EU residents who believe their GDPR rights have been infringed can lodge a complaint with a supervisory authority in the EU member state of their residence.

13. Changes to Our Privacy Policy

13.1 Policy Review and Updates

The Company reserves the right to amend this Privacy Policy periodically. The Company recognizes the importance of privacy laws and the dynamic nature of legal and business environments. Consequently, this policy will be reviewed regularly to ensure compliance with legislative changes and to reflect the evolution of the Company’s business practices.

13.2 Notification of Changes

The Company is committed to maintaining transparency in its privacy practices. In the event of any significant changes to this Privacy Policy, the Company will provide notice through various channels, which may include:

Posting a notice on the Company’s website.

Any other method deemed appropriate to ensure that clients and users are informed of the changes.

13.3 Date of Last Revision

Each version of this Privacy Policy will include a revision date. Users are encouraged to review the policy periodically to stay informed about how the Company protects their personal information.

13.4 User’s Acknowledgment of Changes

Continued use of the Company’s services after any changes to this Privacy Policy will constitute acknowledgment and acceptance of the revised terms. Users are advised to cease using the services if they do not agree with any modifications to the Privacy Policy.

13.5 Historical Versions

The Company may archive previous versions of the Privacy Policy for users’ reference. Users can request access to historical versions by contacting the Company’s Privacy Officer.

13.6 Contact Information for Policy Inquiries

For any questions or concerns regarding this Privacy Policy or its updates, users are encouraged to contact the Company using the contact details provided below:

Privacy Officer Contact Information:

Email: neilduncan@1232web.com.au

14.1 Acknowledgment of Privacy Policy

This Privacy Policy represents The Company’s commitment to the protection of personal information and adherence to privacy laws and regulations. By accessing, using, or engaging with the Company’s services, individuals acknowledge that they have read, understood, and agree to the terms and conditions set forth in this Privacy Policy.

14.2 Importance of Privacy

The Company recognizes the importance of privacy and the trust placed in it by clients and users. It is the Company’s ongoing commitment to ensure that personal information is handled in a secure, confidential, and responsible manner.

14.3 Encouragement for Feedback

The Company values feedback on its Privacy Policy and its privacy practices. Clients and users are encouraged to contact the Company’s Privacy Officer with any suggestions, questions, or concerns they may have.

14.4 Commitment to Compliance

The Company is committed to continually improving its privacy practices and complying with applicable privacy laws and regulations. It is dedicated to upholding the highest standards of data protection and ensuring the privacy and security of the personal information it manages.

14.5 Final Acknowledgment

The Company appreciates the opportunity to serve its clients and manage their personal information. It is dedicated to maintaining the trust and confidence of its clients and users through transparent, responsible, and ethical information handling practices.

Last Updated 12/6/2024