1. Our commitment to your privacy
The privacy of individuals, including our staff and our users, is of utmost importance to us. This includes information or opinions about you that we collect and record which reasonably could be used to identify you.Based in Australia, we adhere to the Australian Privacy Principles and the Privacy Act 1988 (Cth) (“Privacy Act”).
This document sets out ourpolicies for managing personal information across our business operations based in Australia connected with the Barni Skin website (“Website”).
The Website is generally not intended for minors under 18 years of age. We do not knowingly solicit data online from, or communicate online to, children under 18 years of age
3. Types of Personal Information We Collect
When you use the Website to purchase items displayed on the Website, so as to be able to process and fill orders made by users we will collect some or all of your name, age, physical address, email a ddress, telephone number and other contact details.
We generally do not collect sensitive information (such as relating to ethnic origin, religious or philosophical beliefs, membership of a political or trade association, sexual preferences or health), and would not do so without your consent.
We do not collect information in a way that is unfair or unlawful. The collection of information will not intrude unreasonably on the personal affairs of the individual concerned.
We may gather Online Information if you:
- use the Website
- receive or reply to electronic communications from us
- view or click on our ads or other online content; and
- interact with us through social media websites and other websites and apps.
4. Why We Collect Personal Information
Generally, we collect, hold, update and use personal information about you related to our functions and activities so we can establish, manage and administer the products and services provided by us, and to comply with legal and regulatory obligations. We also use, store, and process information about you to provide, understand, improve, and develop the Website, and to create and maintain a trusted and safer environment. We may also use and disclose your information for purposes related to those mentioned a bove, including:
- to provide requesteds ervices to you – including the supply of products ordered and purchased by you and to bill you in respect of such purchases
- to enable you to access and use the Website and enable you to utilize the services (primarily to purchase goods and products promoted on the Website) available from the Website
- to operate, protect, improve and optimize the Website and your experience, such as by performing analytics and conducting research
- to personalize or otherwise customize your experience by, among other things, ranking search results or showing ads based on your search, history, and preferences;
- to provide customer service
- to send you service or support messages, such as updates, security alerts, and account notifications
- for our research and development of new products and services
- for training, quality control and verification purposes (including monitoring and recording your telephone conversations with us from time to time)
- to communicate our promotional materials to auser
- for record keeping, data analytics and auditing;
- to detect and prevent fraud, spam, abuse, security incidents, and other harmful activity;
- to conduct investigations and risk assessments;
- to verify or authenticate information or identificationsin respect of you;
- to conduct checks against databases and other information sources;
- to enforce our terms of service, payment terms, and other policies; and
- to meet our legal obligations.
5. How We Collect Information
Generally, we collect personal information directly from users from information that users provide in the course of using the Website and in response to any communications from us.
We may also collect personal information through third parties such as:
- a third-party business that provides commercial financial information;
- market research organisations;
- persons authorised by you (such as lawyers or accountants); and
- publicly available sources of information.
We only collect your information from external sources if it is impractical to collect it directly from you, or when we are permitted to do so.
We (and our Service Providers) also collect information through Cookies and Similar Technologies. Most Cookies and Similar Technologies will only collect De-Identified Information such as how you arrived at our Website or your general location. However, certain Cookies and Similar Technologies do collect Personal Information. For example, if you click “Remember Me” (or similar) when you log in to an App, a cookie will store your username.
We (and our Service Providers) may collect information using Cookies and Similar Technologies about:
- the device you use to access our Website (for example, we may collect information about the operating system or the browser version and the type of computer or mobile device);
- the IP Address and information related to that IP Address (such as domain information, your internet provider and general geographic location);
- browsing history on our Website (such as what you search for, the pages you view, how long you stay, and how often you come back);
- how you search for our Website, and from which website or app you came from;
- which ads or online content from us you view, access, or click on;
- whether you open our electronic communications and which parts you click on (for example, which links you use); and
- the location of your mobile device from which you access the Website (for example, to help prevent fraud or if there is location-based content available on the Website). We (and our Service Providers) may also collect information made publicly available through third-party platforms (such as online social media platforms), through online databases or directories, or that is otherwise legitimately obtained.
6. What happens if a user does not provide information that has been requested?
It is your choice whether you provide personal information or not. However, if you do not provide certain personal information, we might be unable to provide you a full experience of the Website and/or the services available or be able to identify you to protect you against fraud.
7. How We Store Information
We store personal information in a combination of secure computer storage and other record formats. We have taken a number of steps to protect the personal information we hold from misuse, loss and unauthorised access, modification or disclosure. We use generally accepted technology and security so that we are satisfied that your information is transmitted safely to us through the internet or other electronic means.
We will take reasonable steps to securely destroy or permanently de-identify personal information when we no longer need it.
We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorised access, loss, destruction, or alteration. However, the internet and mobile devices are not a 100% secure environment, so we cannot guarantee the security of the transmission or storage of your information.
8. When we may disclose your personal information
By continuing to use the Website, a user agrees and consents to the use, disclosure and storage of your personal information under this policy.
Generally, we may disclose personal information about a user in the following circumstances:
- to comply with our legal obligations (we notify a user any time we are required to produce information in this way unless we are prohibited by court order or law or there is suspicion of fraud and/or criminal activity);
- where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter;
- where we are satisfied on reasonable grounds that disclosure is necessary to lessen or prevent a serious threat to the life, health, safety or welfare of an individual or to public health, safety or welfare;
- the disclosure is necessary for research or the compilation or analysis of statistics in the public interest, but does not involve the publication of the personal information in a form which would identify an individual;
- anyone authorised by a user or to whom a user has provided their consent (either expressly or impliedly).
9. Sharing User Information With Their Consent
We may share your information with other parties at your direction.
10. Service Providers
We use a variety of third-party service providers to help us provide services on or related to the Website. For example, service providers may help us:
(i) maintain and update the Website and store data;
(ii) verify or authenticate your identification;
(iii) check information against public databases;
(iv) assist us with background checks, fraud prevention, and risk assessment; or
(v) provide customer service, advertising, or payments services.
(b) Safety and Compliance with Law
We may disclose your information to courts, law enforcement or governmental authorities, or authorised third parties, if and to the extent we are required to do so by law or if such disclosure is reasonably necessary:
(i) to comply with legal process and to respond to claims asserted against us;
(ii) to respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability,
(iv) for fraud investigation and prevention, risk assessment, customer support, product development and debugging purposes, or
(v) to protect the rights, property or personal safety of us, our employees, our users, or members of the public.
(c) Aggregated Data
We may also share aggregated information (information about our users that we combine together so that it no longer identifies or references an individual user) and non-personally identifiable information for industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
Aggregated Information or De-identified Information does not identify you individually; it helps us to analyse patterns among groups of people. We may share Aggregated Information or De-identified Information in several ways, for example:
- for the same reasons as we might share personal information;
- with other businesses to help develop and market programs, products or services and present targeted content including Targeted Advertising;
- with other businesses to conduct analysis and research about app users; or
- with Third-Party Ad-Servers to place ads on the Website, and to analyse the effectiveness of those ads.
(d) Analysing your Communications
We may review, scan, or analyse your communications on or via the Website for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research, and customer support purposes. For example, as part of our fraud prevention efforts, we scan and analyse messages to mask contact information and references to other websites. In some cases, we may also scan, review, or analyse messages to debug, improve, and expand product offerings. We use automated methods where reasonably possible. However, occasionally we may need to manually review some communications, such as for fraud investigations and customer support, or to assess and improve the functionality of these automated tools. We will not review, scan, or analyse your communications to send third-party marketing messages to you, and we will not sell reviews or analyses of these communications.
11. Third party partners & integrations
The Website may contain links to third party websites or services, such as third-party integrations, co-branded services, or third party-branded services (“Third Party Partners”). We do not own or control these Third-Party Partners and when you interact with them, you may be providing information directly to the Third-Party Partner, us, or both. These Third-Party Partners will have their own rules about the collection, use, and disclosure of information. We encourage you to review the privacy policies of the other websites you visit.
12. Will a user’s personal information be used for direct marketing?
We may use and disclose your personal information to keep you informed about services and offers available from third party businesses.
You may opt out of receiving direct marketing at any time by contacting us on the contact details set out at clause 17 below.
13. Cookies & Similar Technologies
Important – If you do disable or delete Cookies and Similar Technologies, some Website features and/or services may not work. You will need to manage your settings for each computer and browser you use to access the Internet.
14. Keeping Your Details Up-to-Date
We take reasonable steps to make sure that the personal information we collect, use or disclose is accurate, complete and up-to-date. If your personal details change, it may be necessary for your details to be updated for us to continue to provide you with our services.
15. You can access your personal information
Following a request, we will provide you with a copy of personal information which we hold about you in accordance with our obligations under the Privacy Act. We may charge a fee for retrieving this information (we will inform you of the fee before providing the information).
Please note that there are some circumstances set out in the Privacy Act where we may refuse your request.
We will promptly acknowledge and investigate any complaints about the way we manage personal information.
17. Contacting us
If you have any questions about our policies, or if they wish to update or access the information we hold about you, wish to make a related complaint, or opt out of receiving direct marketing material, you may email us at: firstname.lastname@example.org
Aggregated Information - data or information relating to multiple people which has been combined or aggregated. Aggregated Information includes information that we create or compile from various sources, including card transactions or certain data from Cookies and Similar Technologies.
Cookies and Similar Technologies - a cookie is a small data file that an app or website transfers to your computer's hard drive. We may place cookies when you use our websites or apps or where you use another company’s website and apps that our ads appear on. We may also place cookies when you request or personalize information or register for certain services. If you accept these cookies, you may give us access to information about your interests. We may use that information to personalize your experience. Similar technologies such as web beacons, pixels, gifs, and tags also do the same thing. We use the term Cookies and Similar Technologies in this statement to refer to all technologies that collect information in this way.
De-identified Information - data or information used in a way that does not identify you to a third party. We often derive De-Identified Information from Personal Information. It includes information that we may collect from various sources, such as card transactions or certain data from Cookies and Similar Technologies. IP Address - a number assigned to a device when connecting to the Internet.
Online Information - data or information which may include Personal Information, Aggregated Information and De-Identified Information collected on or via the Website as well as on websites and apps of third parties relating to topics about our business.
Other Information – our internal information, information from third parties associated with the information and services we provide, and other online and offline information we collect from or about you.
Personal Information - means information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion (such as name, address or telephone number).
Service Providers - any vendor, third party and/or company that performs business operations on our behalf, such as printing, mailing, and other communications services (email, direct mail, etc.), marketing, data processing, servicing, collections, or ad management.
Targeted Advertising - ads we, or our Service Providers, display on the Website based on the preferences or interests inferred from data collected from a particular computer or device regarding web viewing behaviors over time and across different websites and apps.
Third-Party Ad-Servers - companies that provide the technology to place ads on websites (and apps) and track how ads perform. These companies may also place and access cookies on your device. The information they collect from our Website is in a form that does not identify you personally.