Privacy Policy

Privacy Policy

 

Updated September 2023

 

1) Privacy Commitment

Spell Designs Pty Ltd (ABN 68 605 908 496) and our associated entities (“we”, “our”, “us”) are committed to protecting your privacy rights in accordance with the Australian Privacy Principles (APP) in force under The Privacy Act 1988 (Cth), or in the United States of America (USA) under the U.S Privacy Act 1974 and within the State of California in the United States of America (USA), under the California Consumer Privacy Act 2018 (“CCPA”) and California Privacy Rights Act 2021 (“CPRA”) and if you are in a country that is a member of the European Economic Area (“EEA”), your rights to privacy are protected under the General Data Protection Regulations (“GDPR”) and ePrivacy Directive (2009/136/EC).

 

This privacy policy sets out our commitment to protecting the privacy of your personal information that we collection through this website, http://aus.spell.co or http://aus.spell.co (site) or directly from you. In accordance with the privacy laws which place strict requirements on us to provide transparency on how we collect and use your personal information, how we store your information securely and allow you to easily access your personal information to check and update your personal information.

 

2) Privacy Consent

 

Please read this Privacy Policy carefully. Please contact us if you have any questions - our contact details can be found on our Contact Page or at:

 

Mail: Spell Designs Pty Ltd, PO Box 102, Byron Bay, NSW 2481, Australia

Phone: +61 2 6685 6595

Email: enquiries@spell.co

 

You providing us with personal information indicates that you have had sufficient opportunity to access this Privacy Policy and that you have read and accepted it. By using our products and services, you agree to this Privacy Policy and consent to the collection and use of your personal information in accordance with our Privacy Policy. We reserve our rights to amend, remove or vary this Privacy Policy at any time without notice, so check this page regularly to take notice of any changes we have made. 

 

If you do not wish to provide personal information to us, then you do not have to do so, however it may affect your use of this site or any products and services offered on it.

 

3) Collection of Personal Information

 

The type of information we collect, maintain, store and use about you as our customer, both online and at our store/s, may include:

  • name;
  • contact details including email address, physical address and mobile phone / SMS number;
  • marital status and anniversary;
  • gender and date of birth;
  • demographic information such as postcode;
  • shopping preferences/selections, activity details, interactions, transaction details and opinions;
  • payment information and purchase history;
  • information required to verify your identity;
  • statistics about site visits, domain name and time and date our website was accessed (such a cookies) and
  • any other information requested on this site or otherwise requested by us or provided by you from time to time.

We do not collect sensitive personal information, such as health, race, and ethic origin, unless we have your consent and the information is reasonably necessary for one of our functions or activities (such as if you are involved in a health or medical incident at one of our stores and unless we are required or authorised by law to collect that information). 

 

4) Cookies, Analytics and Remarketin

As with most online businesses, we may log information about your access and use of our site, including through the use of internet “cookies”, your communication with our site, the type of browser you are using, the type of operating system you are using and the domain name of your internet service provider. A “cookie” is a small software message sent to your web browser by our web server. Cookies enables us to track and save information about your use of our websites, online products and services.

a. We use cookies to gain statistics on which areas of our sites attract traffic and to also improve and customise your experience and also the performance of our websites, online products and services. We use cookies to support you to serve ads based on past visits on our Website and alert us to the products and services we think you might be interested in viewing. We may do this in relation to your online account, as well as anonymously. The Spell website also uses cookies to help keep track of items you put into your shopping cart including when you have abandoned your cart and this information is used to determine when to send cart reminder messages via SMS.

b. If you do not wish to accept cookies, please decline the pop-up and adjust your settings in your browsers, however please note that some of our features of our website, products and services may not function if your browser does not accept cookies. Your consent to the use of Cookies if you use of our websites.


5) Your Opinion and Feedback

Your Opinion and Feedback: We may contact you to voluntarily respond to questionnaires, surveys or market research to seek your opinion and feedback. Providing this information is optional to you.

 If we receive your personal information from third parties, we will protect it as set out in this Privacy Policy. 


6) Collection of Personal Information

We collect your personal information for purposes as and only when necessary to fulfill your requests, including in the following ways:

  • To contact and communicate with you, about our products and services, competition results, special offers, and events which may interest you (including becoming a member of our Curators Club);
  • for internal record keeping;
  • for market research, quality control and business development including website development and gauging website traffic and trends;
  • to tailor and deliver personalised site content to you;
  • for marketing, value-added services including direct marketing and remarketing - including via electronic direct mail and SMS / text messages;
  • to run competitions or offer additional benefits to you; and
  • to send you promotional information about third parties that we think may be of interest to you;
  • to operate our loyalty program, the Curator’s Club;
  • to answer your questions and provide you with information and feedback;
  • To interact with you via social media and digital marketing;
  • To create orders, transaction records, accounts, tax invoices, receipts, delivery information from our providers;
  • To carry our administration, marketing, fraud and loss prevention activities.
  • To respond to complaints made by you; and
  • To comply with laws and regulations or to comply with directions given by regulators or authorities.

7) Use of Personal Information


We also collect personal information from you directly, at the time that you supply information to us via the Site for purposes as and only when necessary to fulfill your requests, including in the following ways:

  • if you contact us to subscribe to our membership, loyalty program such as our Curators Club, newsletter or SMS subscription and other products or services;
  • when you visit one of our stores;
  • when you make a purchase, submit an order, registration, requests, or application for our products or services (by phone, in person or electronically);
  • when you use any of our services including when you access our websites, or interact with us on social media groups
  • when you register with us by creating an online account;
  • when you interact with us during promotions, competition or special events;
  • if you are involved in an incident in one of our stores;
  • ask questions, or provide us feedback or comments (whether publicly available or not) about the Site or any of our products or services,
  • when you post a review or leave a rating or complete one of our surveys;
  • if you attend one of our functions or events;
  • any other time where you may supply personal information from us from time to time,

we may store your communications, including any personal data you include in them, so we can effectively respond to you.

If you do not want us to directly collect your personal data, please do not provide it to us. As a subscriber, you will subsequently receive email confirmation from us of your registration, welcoming you to our email database and allowing you to Update your Preferences and Unsubscribe from our list as outlined below.

 

8) If we are unable to collection your Personal Information


If we are unable to collect your personal information or you disable your “cookies” or privacy settings, some or all of the following may occur:

 

  • We may be unable to provide products or services to you, to the standard requested or at all
  • We may be unable to communicate or contact you to provide information about products and services that you have purchased or intend to purchase in the future;
  • We may be unable to tailor the marketing, promotions or special offers, events and benefits to you.

7) Disclosure of Personal Information to Third Parties

We may disclose your personal information to;

  • credit reporting agencies and courts, tribunals and regulatory authorities where customers fail to pay for goods or services provided by us to them;
  • courts, tribunals, regulatory authorities and law enforcement offices as required by law and our business advisors, such as accountants, lawyers or other professional service providers, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights or to the extent that is reasonably necessary, and
  • third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing to you, including Google, Internet Service Providers (ISPs), IT system administrators, mailing houses, couriers, payment processors, data entry service providers and other third parties who collect data about traffic to the site. This may include parties located, or that store data, outside of Australia, including to our related entities overseas in the United States of America, Canada, the UK and the European Union.

Where we disclose your personal information to third parties for these purposes, we will request that the third party follow this Privacy Policy regarding handling of your personal information. We will not sell or trade your personal information to third parties for marketing purposes. The above excludes SMS / text messaging originator opt-in data and consent – this Personal Information will not be shared with any third parties. We do not share any of your personal information with Klaviyo SMS.

Our site may contain links to other websites of interest. We do not have any control over those websites. We are not responsible for or liable for the protection and privacy of any information which you provide whilst visiting such websites, and such websites are not governed by this Privacy Policy.

If there is a change of control of our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible by law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser. We would seek to only disclose information in good faith.


10) Access to your Personal Information

You may access your personal information related to your use of our products and services by making a request to our Customer Care and Digital Teams at any time or clicking on the link at the end of our communications to access your profile online:

 

Phone: +61 2 6685 6595

Email: enquiries@spell.co

Mail: Privacy Manager, Spell Designs Pty Ltd,

PO Box 102, Byron Bay, NSW 2481, Australia

Choice and Consent: Providing us with your personal information is optional to you. You can choose not to provide personal information. When you provide us with your personal information, you consent to the terms in this Privacy Policy, and to us disclosing or receiving your personal information for these purposes.

 

Your Provision of Third Party Information: If you provide us with third party personal information then you warrant to us that you have the third party's consent to provide this. If your request is unlawful or may interfere with the privacy of others, we may reasonable refuse to provide access to your personal information.

 

Restrict: You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information direct marketing purposes, you may change your mind at any time by contact us at the email address listed on our Contact Page.

 

Access: You may request details of personal information that we hold about you, in certain circumstances set out in the Privacy Act 1988 (Cth). We may refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.

 

Correction: We try to ensure that personal information we collect, use or disclose about you is accurate, complete and up-to-date.  If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us by email above or links provided on our communications to your Profile. We rely in part upon customers advising us when their personal information changes. We will respond to any request within a reasonable time. We will endeavor to promptly correct any information found to be inaccurate, incomplete or out of date. We may ask you to verify your identity to ensure that personal information we hold is not improperly accessed.

 

Pseudonyms and Anonymity: You have the option of using a pseudonym or remain anonymous when dealing with u so as not to identify yourself fully to us. We may be unable to provided services to you unless you disclose your correct identity.  If you are a candidate for employment, you must provide personal information that is true, accurate and is not misleading or deceptive.

 

Complaints: If you believe that we have breached the Australian Privacy Principles or your privacy in any way and wish to make a complaint about that breach, please contact us by email setting out details of the breach to:.

 

Email: enquiries@spell.co

Phone: +61 2 6685 6595

 

 We will promptly acknowledge your email within 7 days and investigate your complaint and respond to you in writing within 21 days setting out the outcome of our investigation, what steps we propose to take to remedy the breach and any other action we will take to deal with your complaint. If you are not satisfied with the result of your complaint, you can refer your complaint the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or on 1300 363 992.

 

Unsubscribe: To unsubscribe and opt out from our email database, or opt out of communications, please use the unsubscribe button at the bottom of our email communications, SMS or contact us via email.

 

11) Storage and Security

We may hold your personal information in either electronic or hard copy form. If you provide your personal information to us electronically, we retain this information in our computer systems and databases. This includes via computer software programs, internet servers, and hosted internet solutions provided by third parties.

 

We are committed to ensuring that the information you provide is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure. We act to destroy or de-identify personal information that is no longer needed for any lawful purpose. Some of the steps we take to protect your personal information include: 

  • Utilising security restrictions on access to our systems such as two-step authentication, passwords, firewalls and anti-virus software;
  • External and internal security, alarm and other security systems to protect your personal information on our systems.

No information transmitted over the internet can be guaranteed to be secure. We cannot guarantee the security of any information that you transmit to us, or receive from us. The transmission and exchange of information is carried out at your own risk. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.

 

12) Amendments

This Privacy Policy may be amended, including with changes, additions and deletions, from time to time in our sole discretion at any time and without notice. Your continued use of our site following any amendments indicates that you accept the amendments. We recommend that you check this Privacy Policy regularly, prior to providing personal information, to ensure you are aware of any changes, and only proceed to provide personal information if you accept the new Privacy Policy.

 

 13) Contact Us 

If you have any questions, feedback or complaints regarding your Privacy or our Privacy Policy, please contact us at:

Mail: Spell Designs Pty Ltd, PO Box 102, Byron Bay, NSW 2481, Australia

Phone: +61 2 6685 6595

 

Privacy Policy - Europe

Updated October 2019


This privacy policy sets out our commitment to protecting the privacy of your personal information that we collect through this website, http://aus.spell.co or http://usa.spell.co (Site), or directly from you, if you are located in Europe.


Please read this Privacy Policy carefully. By using our site, or by creating an account with us, you accept this privacy policy and consent to us collecting, using, disclosing, transferring and storing your personal information in accordance with this policy. If you do not agree with this privacy policy, then please do not use our site.


1) Collection of Personal Information

Personal Information: The type of information we collect, maintain, store and use about you as our customer, both online and at our store/s, varies depending on how you use our site and is summarised below:

If you… …then the information we will collect is …which and when we can use as follows
Place an order to buy product from us… name, billing address, shipping address, email address, telephone number, credit card number, expiration date and code… to provide the products and services that you have ordered or requested, to process and ship orders, to send order and shipping confirmations (or other transactional information) and/or to provide customer service
Create an account with us… name, email address, billing address, shipping address, telephone number… to help you keep track of your orders, and to facilitate checkout during purchases
If you register or subscribe to receive promotional emails… name, email address, date of birth… to contact you about special offers, sales, marketing initiatives, newly released products, special offers and new features available through the site
If you contact us with a question or request a live chat with us… your name and email address… so that we can respond to your question or contact you should we disconnect from our live chat If you participate in a promotion (e.g., contest, trade promotion) that we
your name, email address, and other contact information… to fulfill the terms of the promotion and to contact you regarding promotional sponsor or conduct… and special offers, sales, marketing initiatives, newly released products, and new features available through the site. It will also be subject to the terms accompanying any such promotion
access or browse our site… browsing data which may identify your terminal device, the IP address of your terminal device, the type of browser you use, and the operating system used, as well as other data that are automatically processed, such as your internet service provider, the website from which you have accessed our site, the number of pages viewed on our site, your use of our Site, the time spent on each page of our site, etc. used for the functioning of our site, to generate our services and track and analyse visits

If we receive your personal information from third parties, we will protect it as set out in this Privacy Policy.


Who is the Data Controller?


The controller of your personal data is: Spell Designs Pty Ltd (“us”, “we”, “our”, “Spell”), whose office is located in Australia at Unit 1/14a Banksia Drive, Byron Bay, NSW, 2481, registered with the Australian Securities and Investments Commission, ACN 605 908 496, whose email address is: privacy@spell.co and whose telephone number is +61 2 6685 6595.


When you provide your personal data to Spell, Spell will comply with the applicable local regulations. The subsequent processing of your personal data for the management of your relationship with us or the contractual relation related to our products and services, or for the implementation of our commercial policy is carried out under the supervision and according to the commercial policy of Spell Designs Pty Ltd, as data controller.


How We Collect Personal Data


Passive Collection:

We may collect information passively, while you are visiting or interacting with the Site. We call this “passive” collection since you may not know that this information is being collected when you visit or interact with the Site. This information may consist of the following items: website visitors’ IP address, IP address-related information, system Media Access Control address, network configuration information, network device information, browser plug-in type and versions, and operating system.


Cookies and Other Session Identifiers:

Like many Site, we utilize a technology called "cookies". A cookie is a piece of information that is placed on your browser when you access the Site. The law requires us to provide you with certain information regarding cookies. Information about cookies is set out at the end of this policy.


Other Web Sites, Including Mobile Applications and Social Media Platforms:

If you use a social media platform or your mobile device (or other method of communication) to interact with the Site, that platform or application may have a specific privacy policy that governs the use of personal data related to it. For example, if you use a mobile application and your mobile device's settings allow it, we may collect mobile location information from your device. Our application may be designed to collect information even if you are not logged into the application or the Site. If you have questions about the security and privacy settings of your mobile device, please refer to instructions from your mobile service provider or the manufacturer of your device to learn how to adjust your settings. We do not control the data collection or privacy practices of the application stores from which you download our mobile application, or of any third-party platform through which you access our Site or contact us. You should review the privacy policy and terms of use of any third-party site or mobile application store before using or downloading any app and review and use available controls and settings on your device to reflect your preferences.


Direct Collection:

We also collect information from you directly, at the time that you supply information to us via the Site. For instance, if you contact us to subscribe to our membership and other products or services, ask questions, or provide us feedback or comments (whether publicly available or not) about the Site or any of our products or services, we may store your communications, including any personal data you include in them, so we can effectively respond to you. When you directly register or subscribe to our membership and promotional emails, we will collect your name, email and date of birth, as outlined in the table above. If you do not want us to directly collect your personal data, please do not provide it to us. As a subscriber, you will subsequently receive email confirmation from us of your registration, welcoming you to our email database and allowing you to Update Your Preferences and Unsubscribe from our list.


Other Sources:

To the extent permitted by law, we also may obtain, collect and aggregate information (including personal data) provided to us by our marketing service providers and other vendors. That information may include information on current subscribers or customers and is used for commercial purposes including enabling us to send you the most relevant, timely and exciting offers and announcements specifically tailored for you and your interests. Of course, you can update your information or change your preferences regarding receiving announcements and other information from us at any time by accessing your account via the Site. However, should any profiling activity produce a legal effect on you, we offer you the possibility to opt out at any moment to such profiling.


(For more information, see below section entitled How Can I Access, Correct and Update My Personal data?).


How Do We Use the Information Collected?


We may use personal data as and only when necessary and to fulfil your requests, including in the following ways:


Access and Use: If you provide personal data in order to obtain access to or use the Site or any functionality thereof, we will use your personal data to provide you with access to or use of the Site or functionality and to monitor your use of the Site or specific functionalities.


Internal Business Purposes: We may use your personal data for internal business purposes including, without limitation, to help us improve the content and functionality of the Site, to better understand our users, to improve the Site, to protect against, identify or address fraudulent activities, to manage your account and to provide you with customer service and to generally manage the Site and our business. Marketing: We may use your personal data to contact you for certain marketing and advertising purposes, including, without limitation, to inform you about offers, seasonal or other product releases, contests or surveys which may be of interest to you and to display content and advertising on or off the Site which may be of relevance to you. If you wish to change or update your personal data or to change your subscription preferences, you may do so as provided herein.


Specific Reason: If you provide personal data for a specific reason, we may use the personal data for that reason. For instance, if you contact us by email, we will use the personal data you provide to answer your question or to attempt to resolve your issue and will respond to the email address from which the contact came.


Aggregated Information: In an ongoing effort to better understand and to serve the users of the Site, we (either directly or working in concert with our marketing services providers) may conduct research on our customer demographics, interests and behaviour based on personal data and other information that has been provided or received by us. For example, we may combine information about visitors to the Site to determine how best to target our marketing and the products that we offer in certain areas, regions or countries. This research may be compiled and analysed on an aggregate basis and if this aggregated information does not identify you personally then is not classified or treated as personal data under this Privacy Policy.


Do We Share Your Information?


We seek to receive your consent before sharing your information when required by applicable laws and regulations. However, in some cases your permission will be given as part of a contract you have with us.


Your personal data is intended for Spell Designs Pty Ltd and for their services providers located within or outside the European Union, and, where relevant, to our partners. We won’t sell, rent, or disclose your personal data to other entities without your consent or if you oppose such use.


Examples of instances in which we share your personal data are provided below:


Order Fulfilment and Fraud Protection: If you choose to make a purchase on the Site, we may collect from you your credit or debit card number, billing address, shipping address and other information related to such a purchase, and we may use such collected information in order to fulfil your purchase. We may also provide such information, or other personal data provided by you, to unaffiliated third parties as necessary to complete your purchase (for example, to process your credit card). In addition, we may share your personal data with fraud protection services to assist us in preventing fraud and protecting our customers from credit card fraud.


Business Transfers: As with any business, it is possible that as our business develops, we might sell, assign, buy, transfer or otherwise acquire or dispose of certain businesses or corporate assets. In the event of such or similar event, personal data may be part of the transferred assets. If all or part of our assets are sold or acquired by another party, or if we merger with another entity, then you grant us the right to assign your personal data collected via the Site, and you acknowledge and agree that any successor to or acquirer of us and/or our eCommerce service provider will continue to have the right to use your personal data and other information in accordance with the terms of this Privacy Policy.


Agents, Consultants and Related Third Parties: As noted above about our eCommerce service provider, we, like many businesses, sometimes engage other companies to perform certain business-related functions on our behalf so that we can focus on our core business. Examples of these services include, but are not limited to, payment processing and authorization, fraud protection and credit risk reduction, product customization, order fulfilment and shipping, marketing and promotional material distribution, website evaluation, data analysis and, where applicable, data cleansing. In connection with services those partners provide for us, we may provide or otherwise give them access to certain personal data. We employ a vetting process to assess our partners data protection practices.


Legal Requirements: We may disclose your personal data if required to do so by law (including, without limitation responding to a subpoena or request from law enforcement, court or government agency) or in the good faith belief that such action is necessary (i) to comply with a legal obligation or a request from an administrative or judicial authority, (ii) to protect or defend our rights, interests or property or that of other customers or users, (iii) to act in urgent circumstances to protect the personal safety of users of the Site or the public or (iv) to protect against legal liability or potential fraud, as determined in our sole discretion.


Credit Reporting Agencies: We may disclose your personal data to credit reporting agencies and courts, tribunals and regulatory authorities if you fail to pay for goods or services provided by us to you.


Other uses: We may also use and share your personal data for other legitimate business reasons not specified herein. We will periodically update this Privacy Policy to inform you of any changes to our data use and sharing practices.


Third-Party Marketeers, Partners, and other Third Parties: We do not share your personal data with other marketeers, partners, and other third parties.


How Can I Access, Correct and Update My Personal Data?


You can access, correct and/or update certain personal data that you have provided to us within the "My Account" area of the Site or by using the Update Your Preferences link in any promotional emails we send to you.


What Steps Are Taken To Keep My Information Secure?


Depending on the applicable state of the art, the implementation costs, the nature, context and purposes of the processing as well as the possible corresponding risks, we take appropriate technical and organizational measures to ensure the security and confidentiality of your personal data adapted to the risks, in order to avoid any loss, misuse, alteration or deletion of your personal data. We have implemented information security measures that contain administrative, technical and physical controls that are designed to reasonably safeguard your personal data. Even though we have taken and will continue to take appropriate steps to protect this information in the conditions set out in this Section, no company, including us, can fully eliminate all security risks associated with personal data. Please understand that no data transmission over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us. If we learn of a data security systems breach that is likely to result in a high risk to your rights and freedoms, we shall communicate the security data breach to you without undue delay. By using the Site or providing personal data to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Site. We may post a notice via the Site if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive written notice of a data privacy or security breach. If you have reason to believe that your personal data or our system security has been breached, then please immediately notify us by e-mailing at privacy@spell.co.


We use various security measures, including SSL encryption technology, to protect information collected, transferred and retained. If you elect to set up an account on the Site, you will be asked to provide an email address and password. You must provide a valid email address and password in order to create and maintain an account, as well as to access account information. We recommend you select a complex password. In order to help protect your personal data, you should not divulge your password to others and you should change it periodically. If you wish to update a password, or if you become aware of any loss, theft or unauthorized use of a password, please contact us at privacy@spell.co.


Please be aware that we may store personal data or it may be included in databases owned and maintained by our agents or third-party service providers. As the data controller, we take all appropriate steps to protect the security and confidentiality of all personal data provided via the Site from loss, misuse, unauthorized access, inadvertent disclosure, alteration and/or destruction.


What Choices Do I Have Regarding My Personal data?


You have several choices available when it comes to your personal data. We will honour the choices you make regarding your personal data. If you have created and maintained a user account on the Site, you will be able to sign in and update your account (including contact) information. You may also write to us at the address provided herein and update your contact information or to change your subscription preferences. In addition, you may:

 

Limit The Personal Data You Provide: You can use the Site and limit the personal data you provide either by disabling cookies or by not registering an account with us. If you choose to limit the personal data you provide and/or to disable cookies, you may not be able to use certain functionalities of the Site. For instance, in order to purchase goods and services on the Site, payment and shipping information must necessarily be provided.


Manage Your Subscription Preferences: We may send your information by email or text message. If you provide your mobile phone number and ask to receive information by text message, we may provide information in that manner. Additionally, we may send automated text messages (if you provide consent where required by the applicable regulations). Where you consent to receive automated text messages from us, please note that your consent includes consent to receive both autodialled and/or pre-recorded telemarketing text messages or non-automated messages from or on behalf of Spell Designs Pty Ltd and its affiliated companies at the telephone number you provided. You further understand that consent is not a condition of purchase and that message and data rates may apply.


Opt-Out of Marketing Emails and Texts: For email marketing, you will have an opportunity to change your subscription preferences by clicking on an "unsubscribe" hyperlink contained in all promotional emails sent by us or on our behalf. To unsubscribe from our email database, or opt out of communications, please use the Unsubscribe link at the bottom of email communications or contact us vial email. Please note that while we honour all subscription requests as timely as possible, it may take a short time to become effective but no later than ten (10) business days pursuant to the CAN-SPAM Act 2003. Please be aware that even if you opt-out of receiving future promotional communications, you may, if you utilize the eCommerce features of the Site, be sent certain transactional communications related to the purchase or shipment of items purchased. Thus, if you order online, we will send you an email confirming your order and may need to contact you by phone, email or regular mail if we have questions about your order. Additionally, an opt-out will not remove you from messages that we are required to send under relevant laws or regulations. You may ask us not to contact you by text message at any time by responding to a text message after it is received. For automated text messages, you will have the opportunity to opt-out by replying “STOP” to any message received. Please note that you hereby consent to receiving a confirmatory message in response to any opt-out request. We will process your unsubscribe request as soon as possible, but please be aware that in some circumstances you may receive a few more messages until the unsubscribe request is processed.


Be Forgotten: In addition to unsubscribing, you also have the right to request us to forget your information. If you request us to do so, then except to the extent applicable law requires us to retain your information, we will delete it from our systems and databases. To be forgotten, please use the “forget me” button at the bottom of our email communications or contact us via email.


Social Media & Other Public Platforms: You may also manage the sharing of certain personal data with us when you connect with us through a social media platform or application, such as through Facebook Connect. Please refer to the privacy settings of the social media website or application to determine how you may adjust your permissions and manage the interactivity between us and your social media platform(s) or application(s). That said, we want you to be aware that when you post information to public forums, including publicly viewable social media platforms, that information will become available to all who access such platform pages. PLEASE BE EXTREMELY CAREFUL WHEN DISCLOSING ANY INFORMATION IN CHAT ROOMS, FORUMS AND OTHER PUBLIC POSTING AREAS. WE ARE NOT RESPONSIBLE FOR THE USE BY OTHERS OF THE INFORMATION THAT YOU DISCLOSE IN CHAT ROOMS, FORUMS AND OTHER PUBLIC POSTING AREAS.


What Happens When I Link To or From Another Website?


The Site may contain links to other websites not operated or controlled by us (the "Third- Party Site"). The policies and procedures set forth herein do not apply to any Third-Party Site. We are not responsible for the privacy practices or content of such Third-Party Site. We are not responsible for the actions of these Third-Party Site; rather, the owners and operators of all Third-Party Site are responsible for all personal data provided, collected, maintained, stored or otherwise disclosed on those Site, if any. The links on the Site do not imply that we endorse or have reviewed the Third-Party Site, including their privacy policies, if any. If you have any questions about how these Third-Party Sites use your personal data, we strongly encourage contacting those Sites directly for information on their privacy policies and practices.


If you have accessed the Site through a link from certain of our advertising or marketing partners, the Site may include a frame of the applicable advertising or marketing partner. Nevertheless, the information you provide to us through these framed Web pages is collected by us, and our use of such information is governed by this Privacy Policy.


How Do We Respond to Do Not Track Signals?


Please note that our Site does not support “Do Not Track” browser settings and do not currently participate in any “Do Not Track” frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your personal data. Is Information Collected From Minors Under The Age of 13?


Protecting the privacy of children is extremely important to us. The Site is directed toward a general audience and is not directed at nor intended for use by children. We do have our Little Spell range of children’s clothing, but our expectation and experience is that parents or guardians shop for this for their children. We do not knowingly collect or intend to collect personal data from anyone who is under the age of 13 unless consent is given or authorized by the holder of parental responsibility over the minor. In the absence of such a consent or authorization, if you are under the age of 13, you should not provide any personal data to us and you should use the Site only with the knowledge, permission and involvement of a parent or the holder of parental responsibility. We encourage parents and holder of the parental responsibility to monitor their children's Internet usage and to help enforce our Privacy Policy by instructing their children never to provide personal data through the Site. If you have reason to believe that a child under the age of 13 has provided personal data to us, please contact us and we will endeavour to delete that information from our databases.


Services to Minors under 13


Our services are not intended to be used by minors under the age of 13 years old and are exclusively provided to persons over the age of 13 and enjoying legal capacity. We will not knowingly collect or process personal data from minors under the age of 13. Should we be made aware of data collection from minors through our Services, we will take all appropriate steps to delete these personal data from our servers.


Transfers of Personal Data Outside the European Union?


If you are visiting our Site, please be aware that you may send information (including personal data) outside the European Union and especially to Australia, Canada, the USA or elsewhere where some of our servers may be located. We will hold and process your personal data in accordance with the applicable laws and regulations regarding these transfers. To this end, we will accomplish any appropriate formalities to authorize this transfer. By using our Site, you thereby consent to this Data Transfer.


How Will I Be Informed About Changes Regarding This Privacy Policy?


The Site and our business may change from time to time. As a result (and for other business and/or technological reasons), it may be necessary for us to make changes to this Privacy Policy. We reserve the right to update, change, amend or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any personal data.


If we make any material changes to this Privacy Policy (as determined by us), we will post a notice on the Site notifying users of the changes and providing an opportunity for you to take action relative to those changes prior to their implementation. In some cases, we also may send an email notifying registered user of any upcoming changes.


This Privacy Policy was last updated on the date indicated above. Your continued use of the Site after any changes or revisions to this Privacy Policy become effective indicates your agreement with the terms of such revised and then current Privacy Policy.


Your Privacy Rights


It is vitally important for you to keep your personal data accurate, current and complete at all times, as well as for you to be able to reach us should you have any questions or concerns regarding this privacy policy. If we are unable to address your issue immediately, we will respond as soon as possible.


By virtue of the European General Data Protection Regulation n°2016/679 (“GDPR”), any user residing within a Member State of the European Union has the right to access, rectify and oppose, to the processing of his/her personal data and a right to erasure, in the conditions set out in the GDPR. Such EU residents may exercise their rights at any time by writing to privacy@spell.co or to the address at the end of this Privacy Policy (Section “Contacting Us” below).


You have the right to receive your personal data you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit that personal data to another controller, where technically feasible.


If there is a dispute regarding the processing of your personal data, you may send your claim to us by contacting us using the information set out in the section “Who is the data controller?” of this Policy. We will try to find a satisfactory solution for you to ensure compliance to the applicable regulations and to this Policy. In the absence of a response from us, or should the dispute remain in spite of our remediation proposal, you may submit your claim to the competent data protection authority. For example, in the UK, this data protection authority is the “Information Commissioner’s Office”.


How Long Do We Keep Your Information?


We will retain your personal data for the period necessary to fulfil the purposes described in this Privacy Policy and in accordance with our legal and regulatory obligations. We undertake to archive and delete your personal data as soon as the purpose of the collection is fulfilled, and the data retention period has expired.


By virtue of the European General Data Protection Regulation n°2016/679, the retention of personal data relating to any user residing within a Member State of the European Union is summarized in the table below, which describes the maximum periods for which personal data of EU residents will be stored by us according to the purpose for which their personal data is collected and processed.


These maximum periods apply unless you have requested your personal data to be deleted or ceased being used before these expiration periods, subject to any mandatory legal requirement applicable to data retention.


Purpose Data retention period
Measure traffic and personalise web site, mobile apps, managing cookies 13 months
Managing requests to access and rectify data 1 year from receipt of the request
Managing requests to oppose data processing 3 years from taking into account the opposition request
Answering satisfaction surveys 2 years from the last contact
Organising online games, lotteries, and other promotional and customer loyalty activities For clients: 3 years from the end of the business relationship or last client-initiated contact.
For prospects: 3 years from data collection or last prospect-initiated contact
Sending commercial and sales offers
Management and archive of sales 10 years from the last action, unless for data concerning means of payments, which are processed by Spell’s payment service providers only until payment is complete
Invoice and collection of goods supplied
Managing customer relationships and complaints
Warranty, product delivery and after sales service

Cookies


What are cookies?


Cookies are small text files that are placed on your computer or other electronic device (“Device”) you may use to access our Site, mobile application(s) or any other online media or electronic communication service that we may operate (“Services”). Cookies can collect information about your access and use of that Service through logging the activity of your Device with such Service.


We use cookies to improve the use and functionality of our Services and to enhance your experience when using our Services. Your web browser stores cookies on your Device’s hard drive for record keeping purposes (e.g. logging in) and sometimes to track information. You may choose to set your web browser to refuse cookies. We do not use cookies to collect personal information such as your name; however, we may link information contained in a cookie to personal information you may provide us with other means (e.g. general website registration).


What types of cookies do we use?


When you access our Services, the following types of cookies may be placed on your Device. They can be categorized according to their source, their technical features and their purpose. These categories are not mutually exclusive, and a cookie may thus belong to several of the following categories.


Cookies from internal/external source:


Cookies from internal source (First-party cookies)

 

First-party cookies are cookies placed on your Device directly by us and can only be read by our Services. They can be session or persistent cookies (explained below). For example, we use first party cookies to speed up the log in process, enhance your experience of our Services, for internal analytics and audience measurement purposes, as well as to customize our Services or our offers to your centres of interests.


Cookies from external source (Third-party cookies)

 

Third-party cookies are cookies placed on your Device by third-parties we use for services embedded in our Services. For example, they are used in relation to audience measurement analysis and to improve the relevance of the content of our Services.


Session/persistent cookies:


Session cookies

 

Session cookies are cookies that are placed on your Device during a browser session and that become invalid once the browser is closed. We and our partners use session cookies for various reasons, including to manage and measure your access and use of our Services during a single browser session and to help you to use our Services more efficiently. For example, session cookies are used to remind our Services that your Device is logged into our Services.


Persistent cookies

 

Persistent cookies are cookies that are placed on your Device during a browser session and that remain stored in your Device during a defined period of time. For example, persistent cookies allow our Services to recognize your Device when it is used to access our Services with a new browser session and to help you quickly sign-in to our Services again. We and our partners may also use persistent cookies for analytical purposes.


Cookies for technical/advertising/social network/targeting/analytics purposes:


The cookies used by our Services may have the following purposes:


Technical cookies

 

Technical cookies are used to help us identify your Device to recognize you as a returning user and to save preferences you have determined in the course of your previous access to the Services. Technical cookies therefore may allow us to deliver content tailored to your interest and save you the time of having to re-enter information when you use our Services.


Advertising cookies

 

Advertising cookies are used to help us customize the content and the advertisements you may view when accessing the Services or which are displayed on third parties’ services in order to promote our Services.


Social networks cookies

 

Social networks cookies are used to verify if you are logged in to such third-parties’ social network services (Facebook, Twitter, Google+, et cetera)/


Targeting cookies

 

Targeting cookies are used to enable us to target (emailing, database enrichment) retrospectively or in real time the user Device.


Analytics cookies

 

Analytics cookies are used to monitor statistics of our Services’ traffic (either about the use of the Services or in order to improve functionalities offered by the Services) and to help us measure and review the effectiveness of our interactive online content, its characteristics, advertising and other communications.


Your Rights


Depending on the type of cookie we place on your Device, we may need your consent for such cookies to be placed on your Device from time to time. We obtain this consent when you use our Services.


Your Cookie Choices


There are a number of ways to manage cookies. Most internet browsers are initially set up to automatically accept cookies. You can change the settings of your browser to block cookies systematically or based on their origin or to alert you when cookies are being sent to your Device. Typically, you can check the steps for managing cookies in your particular browser's help menu.


Cookie Permission


You control whether a cookie is stored on your Device. You can set your preferences and modify them free of charge at any time using your browser settings. If you have set your browser to store cookies on your Device, cookies in the pages and content you have viewed may be stored temporarily in a dedicated location in your Device. They can only be read by the sender.


Cookie Refusal


If you refuse permission for cookies to be stored on your Device or if you delete those that are already stored, you will no longer be able to use certain features of our Services. As an example, this will affect content or services that can only be accessed by logging in. Also, we and our service providers will be unable to identify the type of browser your Device is using for technical compatibility purposes, your language and display. We cannot be held liable for the consequences of our Services functioning less efficiently because we are unable to store or read cookies required for it to operate where you have rejected or deleted them.


Contact Us:


If you have any questions, feedback or complaints please contact us at:


Mail: Spell Designs Pty Ltd, PO Box 102, Byron Bay, NSW 2481, Australia


Phone: +61 2 6685 6595


Email: privacy@spell.co