Bouddi Body is committed to providing quality services to you and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information.
We are bound by the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act). The NPPs govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information.
A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at www.aoic.gov.au
What is Personal Information and why do we collect it?
Personal Information is information or an opinion that identifies an individual. Examples of Personal Information we collect include:
- email addresses,
- phone numbers.
- financial or payment information such as your card details if a purchase has been made.
- order details
We may also collect the following information about you automatically, through technical means such as Cookies, when you browse our store:
- Internet protocol (IP) address
- Country geolocation using IP address
- Browsing data linked to Google Analytics.
This Personal Information is obtained in many ways including interviews, social media, correspondence, by telephone, by email, by posted mail, via our website www.bouddibody.com, from media and publications, from other publicly available sources, from cookies and from third parties. We don’t guarantee website links or policy of authorised third parties.
When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.
Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Sensitive information will be used by us only:
- For the primary purpose for which it was obtained
- To fulfil our obligations to you such as order fulfilment
- For a secondary purpose that is directly related to the primary purpose
- With your consent; or where required or authorised by law.
Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
Instances of third parties collecting your information on our behalf are Shopify, Paypal, Afterpay, Google, Facebook and Instagram. Please note there may be other third parties not listed.
Sharing your information with Shopify:
Shopify provides us with the online e-commerce platform that allows us to sell our products and services to you In providing this service Shopify hosts the secure storage of your data for the primary purpose of fulfilling our commitments to you.
Third Party Payment Gateways who process your payments on our behalf such as Shopify, Paypal and Afterpay
All direct payment gateways adhere to the standards set by Payment Card Industry Data Security Standard (PCI-DSS). PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Sharing your information with other third parties such as Marketing and Social Media:
Google AdWords & Analytics: Google AdWords is an online advertising service developed by Google, where advertisers pay to display brief advertising copy, product listings, and video content within the Google ad network to web users. Google AdWords’ system is based partly on cookies and partly on keywords determined by advertisers. Google uses these characteristics to place advertising copy on pages where they think it might be relevant. Advertisers pay when users divert their browsing to click on the advertising copy. Partner websites receive a portion of the generated income.
Google Analytics, is a web analytics service provided by Google Inc. ("Google"). Reports obtained from Google Analytics are used to help improve the efficiency and usability of this website.
Instagram: is an American social media and networking app service focused on the sharing of photos and video content
Facebook: Facebook is an American online social media and social networking service company.
SnapChat: is a multimedia messaging app popular around the world. It is a social media platform that allows customers to share stories
Bouddi Body takes steps to ensure that the third parties we engage to provide services to us on our behalf use your data in accordance with this Statement.
Such third parties may be located outside the European Economic Area (“EEA”) and to the extent that this is the case, the following Section titled ‘International Transfer’ will apply.
This policy applies to the Bouddi Body store website. There may be links on this site that direct you away from our store where this policy does not apply. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Bouddi Body may transfer your information outside the EEA, to locations in which data protection standards are less strict. When doing this, we will take steps to ensure that your information remains protected in line with this Statement.
The internet is a global environment and in practice it is not at all unusual for information to be transferred internationally – for example if the servers used to host your information are located abroad. If we transfer personal information outside the EEA (for example to our parent company in Australia) we will adhere to certain safeguards approved under data protection laws. If you wish to find out more or to obtain a copy of the safeguards put in place to protect your privacy, please contact us using the details set out below.
Our site is not directed at those under the age of 16 and customers must have credit or debit cards to make purchases.
Disclosure of Personal Information
Your Personal Information may be disclosed in a number of circumstances including the following:
- Third parties where you consent to the use or disclosure; and
- Where required or authorised by law.
- In circumstances where you would reasonably expect such use or disclosure.
- You may unsubscribe from our mailing/marketing lists at any time by contacting us in writing.
Security of Personal Information
Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure.
When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.
Access to your Personal Information
You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing.
Bouddi Body will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.
In order to protect your Personal Information we may require identification from you before releasing the requested information.
Subject to certain conditions, you will, by law, be able to exercise certain rights in respect of your information. Further information about your rights can be obtained from your national data protection authority. In almost all circumstances these rights will be free to exercise, although if requests are made on a repeated or manifestly unfounded basis we may charge a reasonable administrative fee.
The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Statement.
The right of access. You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Statement).
The right to rectification. You are entitled to have your information corrected if it is inaccurate or incomplete. You can request that we rectify any errors in information that we hold by getting in contact with us.
The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information that we hold.
The right to object to processing. You have the right to object to certain types of processing, and you can exercise this right by contacting us using the details set out below.
The right to restrict processing. You have right to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but will not use it further.
The right to data portability. You have rights to obtain and reuse your information for your own purposes across different services. If this right is applicable, we will provide you with an accessible copy of your information so that you can use a similar service elsewhere.
The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your information with your national data protection regulator.
The right to withdraw consent. If we rely on your consent as our lawful basis for processing your information, you may withdraw your consent at any time. However, doing so will not make unlawful the actions we have taken with your personal data while we had your active consent. You can withdraw your consent to the processing of your information at any time by contacting us using the contact details set out below.
Maintaining the Quality of your Personal Information
It is an important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.
This Policy may change from time to time and is available on our website.
This policy was last updated on 29/07/2018
Or you can get in contact via mail at: Bouddi Body, U690 / 83-93 Dalmeny Avenue, Rosebery 2018, Australia.