1. About this Privacy Policy

This is the Privacy Policy for I AREPA COLLINS PTY ABN 36 650 478 176 (I Arepa). This
Privacy Policy sets out I Arepa obligations in line with the Australian Privacy Principles in
the Privacy Act 1988 (Cth) (Privacy Act) and the General Data Protection Regulation
(GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council) - as it applies
to persons in the European Union who interact with us. A reference to ‘Personal Information’ in
this policy is a reference to both ‘Personal Information’ as defined in the Privacy Act and to
‘Personal Data’ for the purposes of the GDPR (if it applies to you).
This Privacy Policy sets out the different types of Personal Information we collect, why we collect
it and what you can do if you would like to remove yourself from our mailing list, correct any
details we may hold about you, or exercise other rights you have.
We will update this Privacy Policy from time to time at our discretion, and we will notify you of
updates. You can visit our website to see the latest copy of the Privacy Policy. This Privacy
Policy was last reviewed on 1 March 2020.
By using our site, you consent to this Privacy Policy and to our Website Terms of Use.

 

2. What Personal Information Do We Collect?

We collect the following Personal Information:
• personal identification information including: name, email, shipping and billing
addresses, and optionally, date of birth and gender; and
• information about the products that you purchase or consider purchasing from us.

 

3. How Do We Collect and Store Your Personal Information?

We collect Personal Information in a number of ways, including:
• information submitted through our website;
• in some cases, through web analytics
• through communications with you, including emails, voice calls, and via social media
applications; and
• when you order products from us.
We hold Personal Information:
• in systems that we use in connection with our business, some of which may be owned
and operated by our suppliers; and
• in our hard copy files; and
• in the databases associated with our website.
Credit card payment information is held by our third-party payment provider, which has its own
privacy policy. If you wish to view this policy, please contact us and we can direct you to it. Our
credit card processing contractor will collect payer and credit card information and details of other
payment methods used on our website and to purchase our products. 
Providing it is lawful and practical, we will give you the option of not identifying yourself, using a
pseudonym, or not providing Personal Information when you enter into a transaction or deal with
us. If you elect not to provide us with Personal Information then we may not be able to provide
you with the information, products, services or support that you may want. For example, we need
a name, address and payment details to send products to you.
We may receive other unsolicited Personal Information in the course of our business. We will
deal with this unsolicited Personal Information in accordance with this policy.
We will retain your Personal Information for as long as needed or permitted in light of the
purpose(s) for which it was obtained. The criteria used to determine our retention periods
include:
• the length of time we have an ongoing relationship with you and provide services to you;
• legal obligations we may have to keep (or destroy) your data; or
• legal advice we receive (such as in regard to litigation, regulatory investigations or
applicable statutes of limitation).
When your Personal Information is no longer required it is destroyed in a secure manner.

 

4. What Do We Use Your Personal Information For?

We collect, hold, use and disclose Personal Information for the following purposes:
• processing orders that you have made through our website;
• delivering to you the goods that you have ordered and provide you with customer service
following these orders;
• sending subscription emails;
• conducting marketing and sales promotions;
• promoting our goods and services;
• improving the website experience of our visitors; and
• if you choose to provide us with your date of birth and/or gender, we may use it to send
you birthday offers or other promotions.
We also use Personal Information for our own internal business purposes including:
• data analysis to improve our products and services;
• auditing our internal processes to ensure they function as intended and that we comply
with regulatory requirements;
• fraud and security monitoring;
• developing new products and services;
• identifying usage trends so we can understand which of our goods and services are of
most interest to our customers;
• determining the effectiveness of marketing campaigns so that we can adapt to the needs
and interests of our customers; and
• operating and expanding our business activities such as understanding which of our
services are of most interest to our customers, so we can focus on our customers’
needs.

 

5. Do we share your information?

We may send Personal Information outside Australia in the following circumstances:
where our website, or any hosting service we use to support our managed services, software or
software as a service, is hosted by us or a third party, and the hosting facilities and/or the backup/disaster recovery sites are located overseas. We have no control over where these thirdparty providers host the website and it is impractical for us to be able to advise you of the
countries where the Personal Information may be held or processed;
where a third-party application is being used in connection with our interactions with you, e.g.
when we use email, help desk or VoIP providers, the third-party providers of the relevant
application may have their applications hosted overseas. We have no control over where these
third-party providers host their applications and it is impractical for us to be able to advise you of
the countries where the Personal Information may be held or processed.
When we send Personal Information outside Australia for processing we will enter into formal
contracts with those processors, which will contact privacy terms and conditions that allow us to
meet our privacy obligations to you.

 

6. Use of Social Media

Our website includes links to social media, including blogs, Twitter feeds, Facebook,
Instagram, and similar services. The nature of social media is that these applications actively
enable exchange and disclosure of any information, whether personal or otherwise, that is
included within those applications. All information, including Personal Information that you enter
in those applications may be used, stored, handled and disclosed in any way that is consistent
with the privacy policies of the relevant applications, if any. We have no control over those
interactions.

 

7. Cookies

Cookies are text files placed on your computer to collect standard internet log information and
visitor behaviour information. When you visit our website, we may collect information from you
automatically through cookies or similar technology.
We use cookies to operate and improve your experience on our site, including:
allowing you to sign in faster, and keeping you signed in;
saving items in your cart; and,
to track how the site is used.
If you do not want us to use cookies then you may stop them, or be notified when they are being
used, by adopting the appropriate settings on your browser. If you do not allow cookies to be
used some or all of the website or other applications or tools on it might not be accessible to
you and you may not be able to purchase goods from us.

 

8. Links to other Websites and Applications

Our website includes links to other websites, applications and tools that are not owned or
operated by us. We not responsible for the content of those websites, applications or tools, nor
for any products, services or information contained in them or offered through them. You should 
review the privacy policies and terms and conditions of use of those websites, applications and
tools when you visit them.

 

9. Your Rights Regarding Your Personal Information

You have the right to access your Personal Information that we hold, and request that it be
rectified or erased. If you want to access your Personal Information we hold or you believe any of
your Personal Information that is held by us is inaccurate, out of date, incomplete, irrelevant or
misleading or it is not necessary for us to continue to hold it, you can contact us, and we will
either provide you with access to the Personal Information (in so far as we are required to do so
by law,) or we will correct it, as applicable, within a reasonable period. We may make a
reasonable charge for giving you access to your Personal Information, but we will not charge for
you making the request, correcting Personal Information or making a statement as to why we are
not correcting your Personal Information.
In certain circumstances if you raise a complaint on how we have handled your Personal
Information, you may also request that we ‘restrict processing’ meaning that the data will be
preserved from further processing ‘as evidence’ either while we investigate your complaint or
to support your complaint to the Australian Information Commissioner.
Where you have provided your personal data directly to us that is processed by automated
means and is done so solely on the basis of your consent, then you will have the right to obtain
and reuse your personal data in an electronic format for your own purposes across different
services.
You have the right to object any aspect of our processing of your personal data
under certain circumstances under the GDPR. ‘Processing’ is the term under that law that
describes all uses of your personal data. This will include the collection, sharing, storage,
retention and destruction of your data.
You may unsubscribe from our direct marketing at any time. We will not send you direct
marketing without your consent and you can withdraw your consent at any time by selecting the
‘unsubscribe’ link within each email.

 

10. Complaints

If you wish to complain about a breach of any Australian Privacy Principle that binds us, a
registered privacy code that binds us, the GDPR or this Privacy Policy, then you should contact
us using the information in the Contact Us section of this Privacy Policy.
We will use our best efforts to respond to any complaint within 5 business days of the date of
receipt. We will attempt to resolve your complaint to your satisfaction. If you are not satisfied
with how we deal with your complaint you may contact the Australian Information Commissioner,
whose contact details can be found at http://www.oaic.gov.au/.

 

11. Contacting Us

If you have any questions regarding this privacy policy or your information, we invite you to
contact us by: email at the following email hola@iarepa.com.au; using the contact web
form on our website; or writing to 50 Market st, Melbourne CBD Vic 3000