Sienna Byron Bay (ABN 59 923 238 371) and its associated entities (we, us or our) are committed to protecting the privacy of your personal information.
Personal information is information that identifies you or information by which your identity can reasonably be ascertained and may include an opinion about you (Personal Information).
As part of offering our products and services to you, it is likely that we will collect Personal Information about you. This may include:
- your first and last names;
- your phone number;
- your mailing address, billing address, residential address and email address;
- PayPal, AfterPay, Google Pay, Apple Pay and credit or debit card details;
- any further information, instructions or comments given by you;
- details of the products and services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those products and services and to respond to your enquiries;
- any additional information relating to you that you provide to us directly or indirectly through our representatives or our website or social media sites, including via transactions, customer surveys or customer feedback; and
- any other Personal Information you provide to us from time to time.
We do not generally collect “sensitive information” as defined by the Privacy Act (such as information about ethnic origin, religious or political views, health information, tax file numbers etc) from you.
If you voluntarily submit sensitive information to us, you consent to our collection of such sensitive information and we will only use or disclose such information:
- for the purpose for which it was provided or another directly related purpose; or
- as allowed by law.
We may collect Personal Information via a variety of avenues, including when you:
- speak to one of our representatives, either by telephone, email or online communication;
- create a customer account with us as a registered customer on our website;
- purchase products and/or services from us;
- request a refund, repair or return of our products;
- access or use our website or social media sites;
- participate in surveys;
- enter a promotion with us;
- subscribe to our mailing lists; or
- submit a job application or accept employment with us.
We may also utilise the services of third parties for the collection of your Personal Information.
You have the option of not disclosing Personal Information to us or to use a pseudonym when dealing with us in relation to a particular matter. If you choose to withhold any Personal Information, we may not be able to provide you with part or all of our products or services or resolve a particular matter raised by you.
When you only browse our website, our internet service provider or we may make a record of your visit and records your email address (if provided by you) and other information such as your server address; your internet protocol address; the pages you accessed and documents downloaded; the previous site you visited; and the type of browser being used. This information assists us to analyse web traffic and improve your site navigation experience.
We do not identify you or your browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant or other such power to inspect the internet service provider’s logs.
We may also obtain anonymous information from our website or social media sites using technologies such as “cookies” and “tracking pixels”. Cookies are small text files which are transferred to the hard drive of your computer to provide additional functionality to our website and to help us analyse usage of our website or social media sites. Cookies can identify your web browser but not you. If you wish, you can disable your web browser from accepting cookies. If you disable cookies, you will still be able to access our website and social media sites but may not be able to access all of our services. Tracking pixels are used to track user behaviour, site conversions, web traffic, and other metrics similar to a cookie.
There may also be occasions when we collect Personal Information (to the extent it is available) from publicly available sources, including other social media platforms such as Facebook, Twitter, LinkedIn or Instagram.
If you engage or contact us on one of our social media platforms or otherwise direct us to communicate or engage with you via social media, you agree to allow us to receive information (which may include Personal Information) from our social media platforms. You also allow us to receive information about your visits and interaction with the sites and services of any of our third-party partners that include our cookies and similar technologies unless you opt out.
We are committed to protecting the privacy needs of children and we encourage parents and guardians to take an active role in their children’s online activities and interests. If we discover that we have inadvertently collected any Personal Information from a child under the age of 15 we will delete that Personal Information as soon as possible. A parent or legal guardian can notify us of an inadvertent collection of Personal Information from a child under the age of 15 and request that we remove such information by sending an email to or by contacting us at the contact information below. Any such request must contain the child’s name and email address so we can locate such child’s Personal Information.
We may use the Personal Information you provide to us for the purposes for which it was initially collected or purposes related to such initial purpose (if such purpose would be within your reasonable expectations). For example, to:
- create orders and complete sales transactions;
- provide you with products and services you have requested from us;
- deliver or manage any of our loyalty programs or customer relationship management systems;
- respond to your queries and requests, to resolve complaints and to respond to social media;
- keep a record of our dealings with you and enable us to contact you when necessary;
- help us tailor existing, or develop new, products, services or offers;
- send you information about areas of specific interest if you have subscribed to our mailing lists, or provided your contact details;
- protect the security of our staff, customers, suppliers and merchandisers;
- recruit new staff (where applicable); and
- achieve other purposes explained at the time of collection or submission.
We may also use your Personal Information for purposes authorised by laws or regulations, such as to prevent or investigate alleged crime or fraud.
If you submit a review, rating, photograph or comments in relation to our products and services, you agree that we may publish part or all of your review, rating, photograph or comments together with your first name and surname initial.
We may disclose your Personal Information to organisations that carry out functions on our behalf, or assist us to deliver our services, such as our business associates, contractors, agents or service providers. These third parties may change from time to time. Some examples include:
- carefully selected suppliers and other third parties with whom we have commercial relationships, for business, marketing and related purposes;
- couriers and freight suppliers for delivering relevant products to you;
- financial services providers, such as our banks or third-party suppliers for securing payment of the products or services we provided to you, such as PayPal, AfterPay and, where applicable, debt collectors;
- technology service providers, such as internet service providers, database management services, data storage providers, website hosting companies, website developers and digital mail providers who send communications on our behalf;
- sponsors or organisations that partner with us; and
- our professional advisers, accountants, lawyers and auditors.
You agree that third parties which receive Personal Information from us may use and disclose the Personal Information subject to their respective privacy policies. We endeavour to take reasonable steps to enter into agreements with third parties that collect, store, disclose and retain Personal Information in accordance with the Australian Privacy Principles, except as otherwise required by law.
From time to time, we may provide third parties with information in the form of statistical representations about our customers collectively and for the purpose of statistical analysis. Where we provide such information to third parties for this limited statistical purpose, we will not provide Personal Information in such a way that your identity may be obtained.
We may also release your Personal Information under the following circumstances:
- when required to do so by a court or under applicable laws or regulation (for example, a subpoena) or where requested by a government agency;
- where we consider a company or an individual may be engaged in fraudulent activity or other deceptive practices that a governmental agency should be made aware of; or
- to appropriate persons, where your communication suggests possible harm to others.
Personal Information, including Personal Information obtained from our website, may be stored, disclosed, processed in or transferred outside of Australia from time to time, for example where we use third-party cloud storage providers that have servers located outside Australia (including in USA, Ireland and Netherlands) for storage of your Personal Information. The countries in which the Personal Information is received may not have data protection laws equivalent to those in force in Australia.
You acknowledge and agree to such international data and information transfers with respect to Personal Information. Clause 8.1 of the Australian Privacy Principles contained in Schedule 1 of the Privacy Act provides that if we disclose Personal Information about an individual to an overseas recipient, then we must take such steps as are reasonable in the circumstances to ensure the overseas recipient does not breach the Australian Privacy Principles in relation to such information. An exception to this is if we obtain your consent. We intend to rely on this exception in the following way. Unless you notify us in writing to the contrary, you will be taken to have consented to the disclosure by us of Personal Information to overseas recipients on the basis that:
- clause 8.1 of the Australian Privacy Principles will not apply to such disclosure;
- if the overseas recipient engages in any act that contravenes the Australian Privacy Principles, you will not be able to seek redress under the Privacy Act;
- the overseas recipient may not be subject to any privacy obligations or to any principles similar to the Australian Privacy Principles;
- you may not be able to seek redress in the overseas jurisdiction; and
- the overseas recipient is subject to a foreign law that could compel the disclosure of personal information to a third party, such as an overseas authority.
We may provide links to third party websites within our website and social media sites. These linked sites are not under our control, and we do not accept responsibility for the conduct of companies the websites of which are linked to our website. Before disclosing your Personal Information to any third parties on such websites, we advise you to examine the terms and conditions of using that website and its privacy statement.
We consider confidentiality of Personal Information collected from you to be of utmost importance.
To prevent unauthorised access to, disclosure, misuse or loss of, or interference with, your Personal Information, we have implemented a number of procedures to safeguard the security and confidentiality of your information including:
- instructing our staff and advisers who handle personal information to respect the confidentiality of customer information and the privacy of individuals;
- implementing procedures and installing equipment to safeguard your information; and
- continually reviewing privacy procedures and arrangements to ensure we are doing all that we can reasonably and technically feasible at the time.
We store the Personal Information in either electronic or hard copy form or other formats. Unfortunately, since no system is 100% secure or error-free, we cannot guarantee that your Personal Information is totally protected, for example, from hackers or misuse. Except to the extent that liability cannot be excluded or limited due to applicable law, we assume no liability or responsibility for disclosure of your Personal Information due to unauthorised third-party access, errors in transmission or other causes beyond our control.
If you enter or upload Personal Information on our website, you should exercise due care to safeguard any passwords and usernames created by you.
We strive to keep your Personal Information accurate, up to date and complete. Our policy enables you to find out what information we hold about you and correct that information if it is wrong.
If you become aware that any Personal Information we hold about you is incorrect or out of date, please let us know immediately. We will be happy to accept updated Personal Information in writing from the owner of that information at any time. However, in order to protect your privacy and security, we will take reasonable steps to verify your identity before granting you access or enabling you to make corrections of your Personal Information. Except where the Privacy Act provides otherwise, we reserve the right to recover any reasonable costs involved in providing extensive access to Personal Information, for example the cost of supplying information held in archives.
Our objective is to respond to any request to access personal information within a reasonable timeframe and no later than thirty (30) days. We will endeavour to inform you if this timeframe is not achievable.
In some circumstances, we may not be in a position to grant access to your Personal Information, such circumstances include where:
- providing access is likely to pose a serious threat to the safety of an individual or the public;
- providing access is likely to unreasonably impact on the privacy of others;
- the request for access is frivolous or vexatious;
- providing access would reveal information which relates to existing or anticipated legal proceedings or otherwise impact on any negotiations;
- providing access is unlawful (including being unlawful as directed by a court or tribunal order) or is likely to impact on actions being taken in relation to alleged unlawful activities relating to our functions and activities; or
- granting access would impact on a commercially sensitive decision-making process.
Our contact details are:
Sienna Byron Bay
Address: PO Box 387 Byron Bay NSW 2481 Australia
Phone: +61 2 6680 2743
E-mail: [email protected]
If you believe we have not adequately dealt with your complaint, you may complain to the Privacy Commissioner, whose contact details are found on their website http://www.oaic.gov.au/.