Privacy Policy and Notice
Effective as of 10th September, 2020.
This is the privacy notice of Cassiopeia Specialty Coffee. In this document, ““we”, “our”, or “us” refers to Cassiopeia Specialty Coffee.
We are company number 66483204202 registered in Australia. Our registered office is at 4/59 Megalong St, Katoomba, NSW, 2780.
Introduction
This privacy notice aims to inform you about how we collect and handle any information that we collect from you, or that you provide to us. It covers both information that could identify you (“personal information”) and information that could not.
We are extremely concerned to protect your privacy and confidentiality. We understand that all users of our web site are quite rightly concerned to know that their data will not be used for any purpose unintended by them, and will not accidentally fall into the hands of a third party. Our policy is both specific and strict. It complies with Australian law and with the laws of all jurisdictions of which we are aware. If you think our policy falls short of your expectations or that we are failing to abide by our policy, do please tell us.
We regret that if there are one or more points below with which you are not happy, your only recourse is to leave our web site immediately.
Except as set out below, we do not share, or sell, or disclose to a third party, any personally identifiable information collected at this site.
Here is a list of the information we collect from you, either through our web site or because you give it to us in some other way, and why it is necessary to collect it:
Business and personal information
This includes basic identification and contact information, such as your name and contact details and also includes all information given to us in the course of your business and ours, such as information you give us in your capacity as our client. We undertake to preserve the confidentiality of the information and of the terms of our relationship. It is not used for any other purpose. We expect you to reciprocate this policy.
This information is used:
to provide you with the services which you request;
for verifying your identity for security purposes;
for marketing our services and products;
information which does not identify any individual may be used in a general way by us or third parties, to provide class information, for example relating to demographics or usage of a particular page or service.
We keep information, which forms part of our business record for a minimum of seven years. That is because we may need it in some way to support a claim or defence in court. That is also the period within which our tax collecting authorities may demand to know it.
Market place information
When we obtain information from you specifically to enable you to buy a service offered on our website by some other person, we assume that in giving us your information, you are also giving us permission to pass it to the relevant person.
Your domain name and e-mail address
This information is recognised by our servers and the pages that you visit are recorded. We shall not under any circumstances, divulge your e-mail address to any person who is not an employee or contractor of ours and who does not need to know, either generally or specifically. This information is used:
to correspond with you or deal with you as you expect;
in a collective way not referable to any particular individual, for the purpose of quality control and improvement of our website;
to send you news about the services to which you have signed up;
to tell you about other of our services or services of sister websites.
Information you post on our website
Information you send to us by posting to a forum or blog or in your advertisement, is stored on our servers. We do not specifically use that information except to allow it to be read, but you will see in our terms and conditions that we reserve a right to use it in any way we decide.
Website usage information
We may use software embedded in our website (such as JavaScript) to collect information about pages you view and how you have reached them, what you do when you visit a page, the length of time you remain on the page, and how we perform in providing content to you. We do not presently associate such information with an identifiable person.
Financial information relating to your credit cards
This information is never taken by us either through our website or otherwise. At the point of payment, you are transferred to a secure page on the website of [Stripe/PayPal/Apple Pay] or some other reputable payment service provider. That page may be dressed in our “livery”, but it is not controlled by us. Our staff and contractors never have access to it.
Note on padlock symbols and other trust marks
Many companies offer certification and an icon or other small graphic to prove to website visitors that the site is safe. Some certify to a high level of safety. Others are more concerned to take our money than to provide a useful service. We do not handle information about your credit card so do not subscribe to any such service.
OR (use the paragraph 8 if you retain credit card information.)
Financial information relating to your credit cards
We [may] keep your financial information to provide you with a better shopping experience next time you visit us and to prevent fraud.
We use Secure Sockets Layer (SSL) certificates to verify your identity, your browser and to encrypt any data you give us when you buy. This includes financial information such as credit or debit card numbers. Our SSL certificate encryption level is 128-bit/256-bit. Whenever we ask for financial information, you can check that SSL is being used by looking for a closed padlock symbol or other trust mark in your browser URL bar or toolbar.
We take the following measures to protect your financial information:
We keep your financial information encrypted on our servers.
We do not keep all your data, so as to prevent the possibility of our duplicating a transaction without a new instruction from you.
Access to your information is restricted to authorised staff only.
We automatically delete your information [after X days OR when the card expires].
If we ask you questions about your financial information, we shall show partial detail, [the first four OR the last four digits of the debit or credit card number], only enough to identify the card(s) to which we refer.
[Other...]
AND/OR
Financial information about your direct debit
When you have agreed to set up a direct debit arrangement, the information you have given to us is passed to our own bank, Westpac Banking Corporation, for processing according to our instructions. We do keep a copy.
Credit reference
To assist in combating fraud, we share information with credit reference agencies, so far as it relates to clients or customers who instruct their credit card issuer to cancel payment to us without having first provided an acceptable reason to us and given us the opportunity to refund their money.
Third party advertising
Third parties may advertise on our website. In doing so, those parties, their agents or other companies working for them may use technology that automatically collects your IP address when they send an advertisement that appears on our website to your browser. They may also use other technology such as cookies or JavaScript to personalise the content of, and to measure the performance of their adverts. We do not have control over these technologies or the data that these parties obtain. Accordingly, this privacy notice does not cover the information practices of these third parties.
Third party content
Our website is a publishing medium in that anyone may register and then publish information about himself or some other person. We do not moderate or control what is posted. If you complain about any of the content on our website, we shall investigate your complaint. If we feel, it may be justified, we shall remove it while we investigate. Free speech is a fundamental right, so we have to make a judgment as to whose right will be obstructed: yours, or that of the person who posted the content which offends you. If we think, your complaint is vexatious or without any basis, we shall not correspond with you about it.
Information we obtain from third parties
Although we do not disclose your personal information to any third party (except as set out in this notice), we do receive data which is indirectly made up from your personal information, from software services such as Google Analytics and others. No such information is identifiable to you.
Content you provide to us with a view to be used by third party
If you provide information to us with a view to it being read, copied, downloaded, or used by other people, we accept no responsibility for what that third party may do with it. It is up to you to satisfy yourself about the privacy level of every person who might see your information. If it is available to the World, neither we nor you have no control whatever as to how it is used.
Cookies
Cookies are small text files that are placed on your computer's hard drive through your web browser when you visit any web site. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the website.
Like all other users of cookies, we may request the return of information from your computer when your browser requests a web page from our server. Cookies enable our web server to identify you to us, and to track your actions and the pages you visit while you use our website. The cookies we use may last for a single visit to our website (they are deleted from your computer when you close your browser), or may remain on your computer until you delete them or until a defined period of time has passed.
Although your browser software enables you to disable cookies, we recommend that you allow the use of cookies in order to take advantage of the features of our website that rely on their use. If you prevent their use, you will not be able to use all the functionality of our website. Here are the ways we use cookies:
to record whether you have accepted the use of cookies on our website. This is solely to comply with the law. If you have chosen not to accept cookies, we will not use cookies for your visit, but unfortunately, our website will not work well for you;
to allow essential parts of our website to operate for you;
to operate our content management system;
to operate the online notification form - the form that you use to contact us for any reason. This cookie is set on your arrival at our website and deleted when you close your browser;
to enhance security on our contact form. It is set for use only through the contact form. This cookie is deleted when you close your browser;
to collect information about how visitors use our website. We use the information to improve your experience of our website and enable us to increase sales. This cookie collects information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from, and the pages they visited;
to record that a user has viewed a webcast. It collects information in an anonymous form. This cookie expires when you close your browser;
to record your activity during a web cast. An example is as to whether you have asked a question or provided an opinion by ticking a box. This information is retained so that we can serve your information to you when you return to the website. This cookie will record an anonymous ID for each user, but it will not use the information for any other purpose. This cookie will last for one months, when it will be deleted automatically;
to store your personal information so that you do not have to provide it afresh when you visit the site next time. This cookie will last for 60 days;
to enable you to watch videos we have placed on YouTube. YouTube will not store personally identifiable cookie information when you use YouTube’s privacy-enhanced mode.
Calling our help line
When you call our helpline, we collect Calling Line Identification (CLI) information. We use this information to help improve the efficiency and effectiveness of our helpline.
Sending a message to our support system
When you send a message, we collect the data you have given to us in that message in order to obtain confirmation that you are entitled to receive the information and to provide to you the information you need. We record your request and our reply in order to increase the efficiency of our business / organisation. We do not keep any personally identifiable information associated with your message, such as your name or email address.
Complaining
When we receive a complaint, we record all the information you have given to us. We use that information to resolve your complaint. If your complaint reasonably requires us to contact some other person, we may decide to give to that other person some of the information contained in your complaint. We do this as infrequently as possible, but it is a matter for our sole discretion as to whether we do give information, and if we do, what that information is.
We may also compile statistics showing information obtained from this source to assess the level of service we provide, but not in a way that could identify you or any other person.
Job application and employment
If you send us information in connection with a job application, we may keep it for up to three years in case we decide to contact you at a later date.
If we employ you, we collect information about you and your work from time to time throughout the period of your employment. This information will be used only for purposes directly relevant to your employment. After your employment has ended, we will keep your file for six years before destroying or deleting it.
Marketing information
With your permission we pass your email address and name to selected associates whom we consider may provide services or products you would find useful. You may opt out of this service at any time by instructing us at: https://cassiopeia.com.au/contact
Re-marketing
We may use re-marketing from time to time. This involves Google or some other supplier placing a tag or marker on your website in order to be able to serve to you an advert for our products / services when you visit some other website.
Affiliate information
This is information given to us by you in your capacity as an affiliate of us or a customer or client of ours. Such information is retained for business use only. We undertake to preserve the confidentiality of the information and of the terms of our relationship. It is not used for any other purpose. We expect any affiliate to agree to reciprocate this policy. As an exception to this, we have the right to disclose your first name and URL of your affiliate connection to other affiliates and to any other person or organisation, on and off site. The reason is solely to enable us to mention winners and others whose performance as an affiliate is in some way outstanding.
Use of site by children
We do not market to children, nor do we sell products or services for purchase by children. We do sell products and services for end use by children, but for purchase by adults. If you are under 18, you may use our website only with consent from a parent or guardian.
OR
Use of site by children
Certain areas of our website are designed for use by children over 15 years of age. These areas include [description or name or areas designed for children]. We collect data about all users of and visitors to these areas regardless of age, and we anticipate that some of those users and visitors will be children.
Such child users and visitors will inevitably visit other parts of the site and will be subject to whatever on-site marketing they find, wherever they visit.
Disclosure to Government and their agencies
We are subject to the law like everyone else. We may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.
Compliance with the law
This privacy policy has been compiled so as to comply with the law of every jurisdiction in which we aim to do business. If you think it fails to satisfy the law of your country, we would like to hear from you, but ultimately it is your choice as to whether you wish to use our website.
Review or update personally identifiable information
At any time you may review or update the personally identifiable information that we hold about you, by contacting us at the address below. To better safeguard your information, we will also take reasonable steps to verify your identity before granting access or making corrections to your information.
Removal of your information
If you wish us to remove personally identifiable information from our website, you may contact us at https://cassiopeia.com.au/contact.
Complaints procedure
If you have a complaint about how we have collected or handled your personal information, please contact us. We will endeavour in the first instance to deal with your complaint and take action to resolve the matter.
If your complaint cannot be resolved at the first instance, we will ask you to lodge a formal complaint in writing, explaining the circumstances of the matter that you are complaining about, how you believe your privacy has been interfered with and how you believe your complaint should be resolved.
We will acknowledge receipt of your formal complaint and indicate the timeframe that you can expect a response. We will endeavour to resolve the complaint as quickly as possible, but if the matter is complex and our investigation may take longer, we will let you know when we expect to provide our response.
If you are unhappy with our response, you may refer your complaint to the Office of the Australian Information Commissioner.
How you can contact us
Emailing zac@cassiopeia.com.au
Sending a letter to us at:
Attn: Privacy Officer
4/59 Megalong St, Katoomba, NSW, 2780
\OAIC contact details:
Officer of the Australian Information Commissioner (OAIC)
Email: enquiries@oaic.gov.au
Change in Privacy Policy
As we plan to ensure our privacy policy remains current, this policy is subject to change. Please return periodically to review our privacy policy.
If you have any question regarding the privacy policy, please contact us through the contact page.
Now take me back where I was before reading this.
Explanatory notes:
Website privacy notice
General notes
This privacy notice is usually referred to as a “privacy policy”. Notice is called first layer and sometimes called the ‘short form’, or ‘privacy notice highlights’.
We have therefore drawn this very comprehensive document for your use. The best we can do is to comply with the law, while recognising that someone somewhere may find it inadequate.
The document we have provided does not magically absolve you from risk of data mismanagement, but it is a giant first step. A good privacy notice is prime evidence to everyone you deal with and to the OAIC, that you take confidentiality seriously.
We have provided a menu of possibilities, use of which depends on the structure of your business and your website. Your privacy policy is a matter for your discretion. We have not tried to use magic words to protect you from spamming and selling data abroad. This model policy is built around:
reminding you how to avoid contravening the Australian laws as amended up to date;
providing re-assurance to your customers or clients;
maintaining a professional but friendly image.
For compliance, it is essential that you specify what data is collected and what you do with it. The image you present to your customers is of course a matter of your choice.
For compliance, do include all that you might do with the data.
The introduction provides a statement that you do not market to children. Of course this may need to be adjusted if it is not true.
This document updated according to new changes in the law on March 2014.
If you were not aware of these changes, Net Lawman recommends you visit the website of the Office of the Australian Information Commissioner.
Paragraph Specific notes
Notes referable to specific numbered paragraphs
1 Business and Personal information
This is information collected by most websites. What you do with it is obvious but including it here completes the picture.
2 Market place information
To use if you take orders on your website for a third party.
3 Your domain name and e-mail address
This is information collected by most websites. Basic and obvious.
4 Information you post on our website
This is an area often omitted from suggested text, but it may be important. The fact that someone posts insensitive or forbidden or stupid information does not give you a licence to use it without care. However, well drawn terms and conditions will make clear that contractually you have a licence to use any such information as you decide.
5 Website usage information
This information is unlikely to be personally identifiable.
6 Financial information relating to your credit cards
In this and the following paragraphs we have given you several alternatives. Select the one that most accurately reflects the way you do business.
7&8 Alternative paragraphs. You can choose that suits you best.
9 Financial information about your direct debits
Provides for direct debit arrangements and explains in plain english how they work.
10 Credit reference
We suggest that you leave this paragraph in place even if you have no immediate intention of liaising with debt collectors. It may be a useful reminder to users of your website.
11 Third party advertising
This is a simple statement of the obvious. In practice, the demons that appear in our systems are usually cookies of some sort, placed by these third parties, often with the connivance of the webmaster of a site based far away.
15 Cookies
You must identify what cookies you use and why so as to give a user of your site notice of what you are planting on his hard disk. It is particularly important to mention any cookie that may prove objectionable to someone. The purpose of this document is to tell those who might use your website what will happen if they do. There are thousands of possible use of cookies. We have mentioned a few of the most obvious. Add your own. (Please tell us of any we have missed which are also obvious!)
16 to 28 We have no comment on these paragraphs. Select which apply to you.
21 “Remarketing” is the process whereby a visitor to your site is tagged and that tag picked up by Google or some other re-marketing service provider when your visitor goes to some other site that you have decided may be relevant to yours. If you are not immediately familiar with re-marketing, you should delete the provision. If you do use re-marketing, you should choose your words carefully in how you describe what may be regarded as an intrusive practice. More information is at: https://www.google.com/ads/innovations/remarketing.html
29 Data may be processed outside Australia
It is important that this information is disclosed to comply with the law.
30 Complaints procedure
A customer can complaint against how personal information has been handled firstly, directly with the organisation, if they do not respond within 30 days, or if the customer is dissatisfied with the response, he can complaint to the Office of the Australian Information Commissioner. An organisation must have a privacy officer who handles privacy complaints, among other things.
31 Change in privacy policy
We have no comments