1. WE RESPECT YOUR PRIVACY
1.1 Noosa Surfing respects your right to privacy and is committed to safeguarding the privacy of our Customers and visitors.
1.2 “Personal information” is information we hold which is identifiable as being about you.
1.3 By using our Website or purchasing our Products from wherever in the world you are located, you consent
to our data practices set forth herein.
2 COLLECTION OF PERSONAL INFORMATION
2.1 We collect personal information and other data from you when you submit it to us or a third party acting on our behalf. The information collected directly from you depends upon how you use the Services.
2.2 When registering or subscribing on the Website you may be asked to enter personal details or specifics to help you with your experience. These details may include things like:
(a) Your name
(b) Email address
(c) Your business name
2.3 Additionally, we may also collect any other information you provide while interacting with us including:
(a) your birthday (day, month and year), physical address, zip code/post code, phone number (home
or mobile), gender and/or user image;
(b) if you make a purchase on our Website we will collect your order-related information, including
your billing and shipping address and payment information (credit card, debit card, or other payment method) at the point of purchase, but Noosa Surfing does not itself collect that information. Instead, that information is passed on to our payment processors;
(c) if you contact our Customer Service agents by e-mail, chat, phone, Social Media or via contact forms we provide for that purpose, we will collect (and you expressly consent to our doing so) any personal details and other content that you provide to us, which may include, without limitation, your name, e-mail address, postal address, IP address, geolocation data, and if you contact us via Social Media, your social media handle, your profile photo and any other publicly available information.
2.4 In addition to information that you or other parties provide us, “cookies” and other tracking technologies (sometimes generically referred to as “Cookies”) enable us and third parties to collect certain information from you passively when you use our Website. What information is collected depends on how you use our Website, and includes:
(a) domain name visited
(b) your browser type and version
(c) your operating system
(d) the web pages and other content you view
(e) the links you click on
(f) your IP address
(g) the length of time you spend interacting with the Website
(h) the referring URL
(i) the device type from where you access our Website
(j) the advertising ID and other unique identifiers associated with your device
(k) the screen resolution of your device
(l) the manufacturer of the device you use to access our Website
(m) the exit page
(n) your language preferences
(o) what devices you use to access the Services
(p) your mobile device ID
(q) your device name and model
(r) your mobile operating system, type, name, and version
(s) the App version
(t) geolocation data, such as inferred and precise location; provided, however, that we will collect precise location information from your mobile device only if you enable that feature; nevertheless, even if you elect not to enable that feature, we may be able to determine location by other means. Turning off device location tracking does not affect the processing of the data that has been collected before the feature has been disabled.
3 HOW WE COLLECT YOUR PERSONAL INFORMATION
4 USE OF PERSONAL INFORMATION
4.1 Noosa Surfing may use personal information collected from you to provide you with information, updates and our services. We will use all information obtained to develop and improve the Service to create a better user experience and better understand your needs. In doing so may make you aware of new and additional services and opportunities available to you.
4.2 Noosa Surfing may contact you by a variety of measures including, but not limited to telephone, email, sms or mail.
5 DISCLOSURE OF YOUR PERSONAL INFORMATION
5.1 We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this Policy. Personal information is only supplied to a third party when it is required for the delivery of our services.
5.2 We may from time to time need to disclose personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.
5.3 If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.
6 SECURITY OF YOUR PERSONAL INFORMATION
6.1 Noosa Surfing is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
7 ACCESS TO YOUR PERSONAL INFORMATION
7.1 You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act 1988 (Cth). A small administrative fee may be payable for the provision of information. If you would like a copy of the information, which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please send us a message through the Contact page (insert link).
7.2 We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.
9 SUPPLEMENT FOR EUROPEAN AND UK USERS
9.1 Data Controller – Nathan Woodcock is the data controller. Our address is 1 Palm Grove Cct, Noosa Heads QLD 4567.
9.2 If you are accessing our Website or Products from the European Economic Area including from the UK (EEA User), the GDPR provides you with certain additional operation protections and rights, which we describe here.
9.3 If you are an EEA User, we only collect, use, share or otherwise process your personal information by obtaining your consent or by using other legal basis for processing your personal information as set out in detail below:
(b) If you order anything on our Website or if you contact us to request any other service, we will use your information to fulfill your order or otherwise provide you the features and functionality of the services you requested.
(c) The use of your personal information may also be necessary for our own legitimate business interests. Our use of your personal information to perform a legitimate interest, takes into consideration your privacy rights, and the relative necessity we have to use your personal information to fulfill that interest. For example, we process your personal information based on the legitimate interests legal basis to analyse and improve the quality of our Services, such as providing you with Customer Service, and to understand you as a customer. This enables us to assess what may interest you, to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising. In addition, based on your use of our Services and Website and the products you purchased, we may target you with ads or other marketing materials that are customised to your personal preferences and experiences, or conduct other direct marketing initiatives (to the extent we are permitted to process such personal information on the basis of legitimate interest; otherwise we will ask for your consent). We may also use your personal information for our other legitimate interests, such as to operate and expand our business activities, to administer our Services, to evaluate and review our business performance, to facilitate social sharing functionality, to generate aggregated statistics about the users of our products and Services, to facilitate our business operations, to operate company policies and procedures, to conduct fraud monitoring and prevention, to identify cyber threats, or for other legitimate business purposes as permitted by applicable law. If necessary, we may also use your personal information to pursue or defend ourselves against legal claims.
(d) We may process your personal information when it is necessary to comply with a relevant legal or regulatory obligation that we have, such as to maintain appropriate business records according to tax and commercial law, to comply with lawful requests by public authorities and to comply with applicable laws and regulations or as otherwise required by law.
9.4 As an EEA User, you have the following GDPR-specific rights with respect to your personal information:
(a) the right to obtain access to your personal information;
(b) the right to obtain rectification of your personal information without undue delay where that
personal information is inaccurate or incomplete;
(c) subject to certain exceptions (such as for example, the need to retain the personal information in
order to comply with a legal obligation or to establish, exercise or defend a legal claim), the right to obtain the erasure of your personal information without undue delay in certain circumstances, such as where the personal information is no longer necessary in relation to the purposes for which it was collected or processed, and where consent is withdrawn and there is no other legal ground for processing;
(d) the right to obtain restriction of the processing undertaken by us on your personal information in certain circumstances, such as where the accuracy of the personal information is contested by you, for a period of time enabling us to verify the accuracy of that personal information;
(e) the right to portability allows you to move or have the personal information moved, copied or transferred easily from one organization to another;
(f) there are a number of ways for you to opt-out of further processing of your personal information: (i) you can withdraw your consent; (ii) you can object to our processing of your personal information based on legitimate interests where there are grounds related to your particular situation; and (iii) you can object to the processing of your personal information for direct marketing purposes for whatever reason whatsoever at any time; and
(g) the right to lodge a complaint with an EU national data protection authority. However, we encourage you to first reach out to us by contacting us at firstname.lastname@example.org so that we first have an opportunity to address your concerns directly and find a mutually agreeable solution together.
9.5 If you wish to exercise any of the above rights, please contact us by emailing email@example.com. Prior to releasing any personal information to you, we may ask you for additional information to verify your identity and for security purposes. The processing of your request will generally be free of charge, unless your request is manifestly unfounded or excessive. In such a case, we reserve the right to charge a reasonable fee in accordance with applicable law. We will decline to process requests that jeopardize the privacy of others, are extremely impractical, or would cause us to take any action that is not permissible under applicable law.
9.6 We may engage service providers to perform certain business-related functions. In this regard, such service providers will act as our processors and will only process your personal information in accordance with applicable law, our written instructions, and as included in any relevant data processing agreement entered into between such processors and us.
10 WEBSITE AND APPLICATION
10.1 When you visit our website or Application
When you access or use our website or Application, we may collect certain information such as browser type, operating system, website visited immediately before coming to our website or Application. This information is used in an aggregated manner to analyse how people use our website and Application, such that we can improve our Service.
10.2 Third party sites
Our website or Application may from time to time have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that Noosa Surfing is not responsible for the privacy practices of other such websites. We encourage our users to be aware, when they leave our website, to read the privacy statements of each and every website that collects personal identifiable information.
11 GOOGLE AND FACEBOOK MARKETING
If you have any complaints about our privacy practices, please feel free to send us an email at firstname.lastname@example.org.