PRIVACY POLICY

PUBLICATION DATE: 02/10/2023

Ustyler Pty Ltd ABN 83 602 793 671 (“we”, “our”, “us”, “Ustyler”) is committed to protecting the personal information that we collect and hold about you. This Privacy Policy (“Policy”) sets out how we collect, use and share your personal information and how to contact us with any queries or concerns. We are bound by the Privacy Act 1988 (Cth) (“Privacy Act”) and adhere to the Australian Privacy Principles (“APPs”).

By voluntarily supplying us with your personal information you acknowledge that your personal information will be processed in accordance with this Policy. While we may update our Policy from time to time, the most recent version of this Policy will always be available on our app and website. If we change the Policy in any material way we will post a notice on our app and website along with the updated Policy. We may also contact you via your contact information on file, for example by email, notification or some other equivalent measure.

If you reside in the European Union or United Kingdom, we will handle your data in accordance with the General Data Protection Regulations (EU Regulation 2016/679) (“GDPR”) and Data Protection Act 2018 (UK) (“UK GDPR”), respectively. For the purposes of the GDPR and UK GDPR, Ustyler is a Data Controller. This Policy has been prepared considering both Australian, European and United Kingdom laws. In certain circumstances, users within the European Union and United Kingdom will have additional rights. A reference to ‘personal information’ in this Privacy Policy is to be read as a reference to ‘personal data’ as defined by the GDPR and UK GDPR.

If you have any queries, concerns or complaints about how we handle your personal information, please contact out Privacy Officer in the first instance:

Privacy Officer Contact: Joan Pallaras

Email: support@ustyler.com

Postal address
Attention: Privacy Officer
Ustyler Pty Ltd
PO Box 123
Henley Beach SA 5022
AUSTRALIA

Our app and website may contain links to other websites. When you click on a link to another site you are no longer subject to this Policy.

  1. What types of information do we collect and why?

     

    In the course of providing our goods and services to you, we collect personal and other information about our users, customers and suppliers and how they interact with us, our goods, and our services. We collect personal information through a number of mechanisms, including:

    1. Collection from you:we collect and store information you provide directly to us (either in person, by email, by phone, through our apps or by any other direct means) in order to deliver our goods and services. This includes:

       

      1. Contact information: such as your name, address, email address, telephone number;

      2. Personal information: such as date of birth and driver’s licence details:

      3. Behavioural information: such as app use history, spending history and interactions with content displayed in our app and on our  website;

      4. Financial and credit information: such as your payment information (credit card, bank account, etc);

      5. Business details: such as your Australian Business Number; and/or

      6. Credit information: such as consumer credit liability information, type and amount of credit sought, default information, repayment history information, payment information relating to overdue payments.

        In some circumstances we may receive contact and personal information from third parties if they have referred you to our app or website.

    2. Automatic: we use technical cookies (small text files stored on your devices that provide us with information such as your internet protocol (IP) address, server information, internet service provider, and information on how you interact with our website) and other services that allow us to understand how you use our online media and applications. This information may be attributed to you. Ustyler will request permission prior to nontechnical and non-essential cookies being downloaded to your device.

      We use services including but not limited to Unity Analytics System, Analytics Events, Google Analytics and Facebook Pixel to provide us with insight into how you interact with our products and services. We use this information to improve our product and service offerings.

      If you opt-out of third party tracking technologies or elect to prevent the use of cookies, this may result in the loss of app and website functionality, restrict your use of the app and website or delay or affect the way in which the website and app operates.

    3. Device: if you use our services or interact with us through a mobile device, we receive technical information about your device, numbers that identify the device and your location information. This information is associated with you.

    4. Communications: when you communicate with us, we collect information such as your contact details (such as email address and phone number). We also engage third party services that provide us with information about how you interact with some communications we distribute. You can elect to not receive communications from us by contacting our Privacy Officer or changing your notification settings for your account.

    5. Digital platforms: if you access our goods or services by connecting a social media login or service (such as, but not limited to, Facebook or Google) we collect information derived, associated or connected with that platform where permitted by the platform’s terms of service. Any information we collect from social media, or other online, platforms is collected in accordance with that platform’s terms and conditions.

    6. Through other sources: where necessary, we also collect your information from publicly available records. Where appropriate and necessary to do so we use collect information from public records such as those maintained by the Australian Securities and Investments Commission and Australian Financial Security Authority (PPSR). We may do this where it is unreasonable or impractical to collect this information from you.

      If you have previously applied for a position with us we may have received your personal information from third parties such as recruiters or external websites. We use the information we receive to contact you about any potential opportunities or to evaluate your candidacy.

      Where we have collected personal information from a third party, we will take reasonable steps to ensure that you are made aware of the personal information we have received from that third party.

    7. Sensitive Information

      We collect information considered to be sensitive information in the Privacy Act or sensitive data in the GDPR. We collect (or can infer from information you provide to us) classes of sensitive information in the course of providing our goods and services to you including but not limited to the following:

      1. racial or ethnic origins;

      2. religious beliefs or affiliations;

      3. sexual orientation or practices;

      4. membership of a professional or trade association;

      5. membership of a trade union; and

      6. health information about an individual. 

        We will only collect this information directly from you or where we have consent to collect the information from a third party.

        You have the option of not identifying yourself or interacting with us using a pseudonym. However, this may not be practicable when engaging our services or purchasing our goods.

        Our app includes social or interactive aspects which may allow you to post or otherwise provide us with personal information other than that specified above. You recognise that any information you provide to Ustyler using this functionality will be handled in accordance with this Privacy Policy.



  2. How do we use your information?

    We will only use your information for the purposes for which it was collected (primary purpose) or a purpose related to that primary purpose if it would be reasonably expected by you or where we have separately obtained your consent.

    We use personal information for the primary purpose of providing our app to you.

    How we use the information we collect depends, in part, on which services you use, how you use them and any preferences you have communicated to us. If you would like to restrict how your personal information is handled beyond what is outlined in this Policy, please contact our Privacy Officer.

  3. Disclosure of personal information to third parties

    1. Disclosure to third parties

      We may disclose your information to third parties who assist us in providing, managing and administering our goods and services. We will also disclose your personal information where such disclosure is required by law.

      We disclose your personal information to third parties that:

        1. Deliver products to you including freight and delivery entities (such as Australia Post, DHL and others). We may also need to provide your information to Government entities to allow products to be exported out of Australia and imported into Australia;

        2. Provide us with resources and services that can be used in connection with our products and services; Our product manufacturers in Australia and overseas;

        3. Manage and enhance our customer database;

        4. Process information including e-commerce providers and other technology service providers;

        5. Assess your interest in our products or services;

        6. Conduct customer research or satisfaction surveys;

        7. Send marketing information to you on our behalf, including email direct marketing websites and apps (EDM), and customer relationship management (CRM) providers such as MailChimp; and

        8. Other purposes related to the above.

          We may also disclose your personal information to third parties such as law firms or professional consultants to assist in the resolution of complaints received by you or other parties regarding our dealings with you. In certain circumstances, we may also be required by law to provide your personal information to third parties.

      1. Sale of personal information

        We reserve the right to sell your personal information to third parties.

         

  4. How will we process your personal information?

    We collect,store and process personal data where we have a lawful basis to do so. The lawful basis for which we collect your personal data depends on the data we collect and how we use it. The lawful bases that may apply to our processing activities are:

    1. Consent – you have given clear consent for us to process your personal data for a specific purpose.

    2. Contract – the processing of your personal data is necessary for the performance of an agreement with you to provide our products and/or services.

    3. Legal obligation – the processing of your personal data is necessary for us to comply with the law (not including contractual obligations).

    4. Legitimate interests – the processing of your personal data is necessary for our legitimate interests or the legitimate interests of a third party except where such interests are overridden by your prevailing legitimate interests and rights.

  5. How do we store and secure the information we collect?

    We store your personal and credit information on our electronic data base system and on computers with appropriate back up and security systems.

    1. Security and management of personal information

      We will take reasonable steps to protect the personal information we hold from misuse, loss, and unauthorised access, modification or disclosure. We do this by:

      1. Putting in place physical, electronic and procedural safeguards in line with industry standards;

      2. Using various authentication and user verification technologies to control access to digital information;

      3. Requiring any third party providers to have acceptable security measures to keep personal information secure;

      4. Limiting access to the information we collect about you;

      5. Take steps to confirm the identity of any person requesting personal information;

      6. Imposing confidentiality requirements on our employees; and

      7. Only providing access to personal information once proper identification has been given.

                   

      We will take reasonable steps to protect the personal information we hold from misuse, loss, and unauthorised access, modification or disclosure. We do this by:

      While we take all steps reasonable in the circumstances to protect your information, in the unlikely event a data breach occurs, we will notify you in accordance with our obligations under the Privacy Act, GDPR and UK GDPR (as applicable).

      Where we employ data processors to process personal information on our behalf, we only do so on the basis that such data processors comply with the requirements under the Privacy Act, GDPR and UK GDPR. This includes data processors having appropriate technical and organisational measures in place to protect personal information against unauthorised use, loss or theft.

      If we no longer require your personal information, and are not legally required to retain it, we will take reasonable steps to destroy or de-identify the personal information.

      In accordance with GDPR requirements, we will destroy all personal information 90 days after an account is deactivated. If you have used a third party app store or market place to download and use our service, Ustyler is not able to delete information held by the app store operator.

    2.   Sending information overseas

      Personal information is sent to foreign jurisdictions in limited circumstances. We send personal information to:

      1. Our delivery partners who have access to contact and personal information to enable their role in delivering our products to you; and/ or

      2. External service providers that assist our organisation such as with internal operations (including training, website hosting or cloud storage), market research and the distribution of newsletters, standards and other publications.

        We take all steps reasonable in the circumstances to ensure that those we disclose personal information to overseas protect your information. This includes the use of contractual arrangements to control how third parties use and handle personal information overseas.

        We utilise data centres located overseas on servers located across North and South America, Asia and Europe. While we may store information overseas, this information is not provided or disclosed to other entities overseas except as otherwise provided for in this Policy.



    3. Export of personal information out of the EU and UK

      In certain circumstances, we will transfer or disclose personal information outside the EU and UK, including Australia and those countries listed in section 5.2 of this Policy. Data transfers are made in order for us to provide our products and services to you. If we transfer personal information outside the EU and UK, we will take reasonable steps to ensure that the recipients of such information do not breach the GDPR or UK GDPR, and where appropriate the privacy laws of the relevant jurisdiction, in relation to that information, including by entering into binding contractual arrangements with any such third parties.

       

  6. How to access and control your information?

    1. Accessing the information we hold about you

      Under the APPs, GDPR and UK GDPR you may be able to obtain a copy of the personal information that we hold about you. To make a request to access this information please contact us in writing. We will require you to verify your identify and specify what information you wish to access. If eligible, we will grant you access to the information within 30 days.

      Subject to section 6.3 of this Policy, we may charge a fee to cover the costs of verifying your application, and retrieving, reviewing and copying any material requested.

    2. Updating your personal information

      We endeavour to ensure that the personal information we hold about you is accurate, complete and up-to-date. Please contact us at the details above if you believe that the information we hold about you requires correction or is out of date. We endeavour to process any request within 30 days and will provide written reasons if your request is rejected, as well as providing details for making a complaint about the refusal if necessary.

    3. Additional rights for EU residents

      In addition to the above, residents of the EU and UK have the certain rights with respect to their personal information under the GDPR and UK GDPR. These right include, but are not limited to:

      1. Right of access – you have the right to ask us for copies of your personal data.

      2. Right to rectification – you have the right to ask us to rectify personal information you think it is inaccurate. You also have the right to ask us to complete your personal information if you think it is incomplete.

      3. Right to erasure – you have the right to ask us to erase your personal information.

      4. Right to restriction of processing – you have the right to ask us to restrict the processing of your personal information.

      5. Right to object to processing – you have the the right to object to the processing of your personal information.

      6. Right to data portability – you have the right to ask that we transfer the personal information you gave us to another organisation, or to you. 

        These rights are not absolute, and some only apply in certain circumstances.

        You are not required to pay any charge for exercising your rights.

        If you make a request in relation to any of these rights, we have one month to respond to you. Please contact our Privacy Officer if you wish to make a request.



  7. Complaints

    If you are concerned that we have not complied with your legal rights or the applicable privacy laws, contact our Privacy Officer in the first instance. Please contact our Privacy Officer (contact details above) with a thorough description of your concerns and a response will be provided within a reasonable period. All complaints must be in writing.

    When processing a compliant, we will require you to provide us with information to confirm your identity before processing a request related to information we may hold about you.

    1. Australian Residents

      We expect our procedures will deal fairly and promptly with your complaint. However, if you remain dissatisfied, you can also contact the Office of the Australian Information Commissioner as follows:

      Director of Compliance Office of
      the Australian Information
      Commissioner
      GPO Box 5218
      Sydney NSW 2001

      For more information on privacy see the Australian Information Commissioner’s website.

    2. EU and UK Residents

      Should you have any concerns, or wish to exercise your rights in relation to our collection and/or processing of your personal information, then in addition to the right to make a compliant to our Privacy Officer set out above, you have the right to complain to the supervisory authority.

      For EU residents, the relevant supervisory authority for Ustyler is the Austrian Data Protection Authority (“ADPA”). ADPA can be contacted by visiting their website (https://www.data-protection-authority.gv.at/), by phone +43 1 52 152-0 or mail (Austrian Data Protection Authority, Österreichische Datenschutzbehörde, Barichgasse 40-42, 1030 Vienna, Austria/ Europe).

      For UK residents, the relevant supervisory authority is the Information Commissioner’s Office (“ICO”). ICO can be contacted by visiting their website (https://ico.org.uk/), by phone +44 0303 123 1113 or mail (Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF).

      Ustyler has also appointed a local representative as required by the GDPR and UK GDPR. The representative’s details are as follows:


      United Kingdom
         
      Prighter GDPR – Rep by Maetzler
      Rechtsanwalts GmbH & Co KG
      c/o Ustyler Pty Ltd
      Schellinggasse 3/10
      1010 Vienna
      Austria

      European Union
      Prighter GDPR – Rep by Maetzler
      Rechtsanwalts GmbH & Co KG
      c/o Ustyler Pty Ltd
      Schellinggasse 3/10
      1010 Vienna
      Austria
                               

      You may contact our local representative by going to the following link: https://prighter.com/q/19302620974.


      If you make contact with our UK and EU representatives, please always include the following reference number: ID-19302620974

Contact Ustyler

Any questions, complaints or claims regarding these Terms or the App should be directed to Ustyler at any of the following contacts:

Email: support@ustyler.com
Postal: Ustyler Pty Ltd
PO Box 123,
Henley Beach SA 5022
AUSTRALIA