Privacy Policy

 

Who we are

Our website address is: https://decorearth.com.au/

What personal data do we collect, and why do we collect it

Comments

When visitors leave comments on the site, we collect the data shown in the comments form and the visitor’s IP address and browser user agent string to help with spam detection.

After approval of your comment, your profile picture is visible to the public in the context of your comment. An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/.

 

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors can download and extract any location data from images on the website.

 

Contact forms

The contact form we utilise is by Gravity Forms. Please review their privacy policy for further information.

We only use contact form submissions for customer service purposes. And do not use the information submitted through the contact form for marketing purposes unless otherwise stated on the form.

 

Cookies

If you leave a comment on our site, you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will set up several cookies to save your login information and screen display choices. Login cookies last two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. The login cookies will be removed if you log out of your account.

An additional cookie will be saved in your browser if you edit or publish an article. This cookie includes no personal data and indicates the post ID of the article you edited. It expires after 1 day.

 

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves exactly as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

 

Analytics

We use Google Analytics to better understand our website visitor’s behaviour while on our site. You can view Google Analytics’ privacy policy for more details.

 

Who do we share your data with

The information we collect is used to improve the content of this site and the quality of our service and is not shared with or sold to other organisations for commercial purposes. That being said, your information could be shared under the following circumstances:

We use third parties to facilitate our business, including, but not limited to, sending emails and processing payments. In connection with these offerings and business operations, these third parties may access your personal information for use in connection with those business activities.

We may buy or sell assets or business offerings as we develop our business. Customer, email, and visitor information are generally one of the transferred business assets in these types of transactions.

We may also transfer such information during corporate divestitures, mergers, or any dissolution.

If it becomes necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.

 

Notice of New Services and Changes

Occasionally, we may also use the information we collect to notify you about significant changes to this website, new services, and special offers we think you will find valuable. As our customer, you will be allowed to notify us of your desire not to receive these offers by clicking the unsubscribe link in each email.

 

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfil orders, process refunds and support you.

 

How Do We Secure Information Transmissions?

Email is not recognised as a secure medium of communication. For this reason, we request that you do not send private information to us by email. Some of the information you may enter on this site may be transmitted securely via Secure Sockets Layer SSL, 128 bit encryption services. Pages utilising this technology will have URLs that start with HTTPS instead of HTTP.

 

Certain disclosures

We may disclose your personal information if required to do so by law or subpoena or if we believe that such action is necessary to:

(a) conform to the law or comply with legal process served on affiliated parties or us;

(b) protect and defend our rights and property, our site, the users of our site, and/or our affiliated parties;

(c) act under the circumstances to protect the safety of users of our site, us, or third parties.

 

How long we retain your data

The comment and its metadata are retained indefinitely if you leave a comment. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

 

What rights do you have over your data

If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

 

Where do we send your data

Visitor comments may be checked through an automated spam detection service.

 

What data breach procedures do we have in place

We have procedures in place to deal with any potential or real data breaches and will notify you and any applicable regulator/s if a breach occurs if we are legally required to.

 

Your contact information

Our full contact details are:

DecorEarth

151 Mornington Road, Mornington, Tasmania

Contact

 

Our responsibilities as a “controller” under the General Data Protection Regulations (GDPR)

If you are a resident of the European Economic Area (“EEA”), you have certain rights and protections under the GDPR regarding processing your personal information. We are a controller under the GDPR as we collect, use, and store your personal information to enable us to provide you with our goods and/or services and information about them.

We rely on the following lawful means of processing your personal information:

Where it is necessary to fulfil a contract with you, this includes where we collect your personal information to enable us to send you to work we have been contracted for.

Where you have given us valid consent to use your personal information, we will rely on that consent and only use the personal information for the specific purpose for which you have given consent. This includes where we email newsletters or send mobile notifications.

We may also process your personal information to further our legitimate interests where your rights or interests override them. This could include usage statistics, analytics and internal analysis to improve our services.

 

Your rights

If you are an EEA resident, you have various rights, including the:

  • Right to be informed;
  • Right of access;
  • Right to rectification;
  • Right to object;
  • Right to restriction of processing;
  • Right to erasure or to be forgotten;
  • Right to data portability; and
  • Right not to be subject to automated processing.

If you want to access the personal information we hold about you or ask if the information is correct, please get in touch with us.

In some circumstances, you also have a right to object to or ask that we restrict certain processing activities or delete your personal information. You can contact us if you would like to limit or request the deletion of your personal information or exercise any other rights.

 

Withdrawing your consent

You can withdraw your consent to our collection or processing of your personal information. You can do so by contacting us or opting out of email newsletters by following the instructions in those emails or by clicking unsubscribe. If you withdraw your consent to using your personal information, you may not have access to our services, and we might not be able to provide you with our services.

In some circumstances where we have a legal basis to do so, we may continue to process your information after you have withdrawn consent, for example, if it is necessary to comply with an independent legal obligation or if it is necessary to do so to protect our legitimate interest in keeping our services secure.

 

Our compliance

All personal information stored on our platform is treated as confidential. It is stored securely and is accessed by authorised personnel only. Our collection is limited in relation to what is necessary for the purpose for which the personal information is processed and kept only for so long as is necessary for the purpose for which the personal information was collected. We implement and maintain appropriate technical, security and organisational measures to protect personal information against unauthorised or unlawful processing and use and against accidental loss, destruction, damage, theft, or disclosure. We ensure the encryption and pseudonymisation of personal information, and we have adequate cybersecurity measures in place.

 

Your acknowledgement

By providing us with your personal information, you consent to us disclosing it to third parties who reside outside the EU. We will ensure that those third parties are GDPR compliant.

 

Your Consent

Using this site, you consent to our collection and use of your personal information as described in this Privacy Policy. If we change our privacy policies and procedures, we will post those changes on this site to inform you of what information we collect, how we use it and under what circumstances we may disclose it.

 

Updated 9 May 2024