Updated October 2019
If you do not wish to provide personal information to us, then you do not have to do so, however it may affect your use of this site or any products and services offered on it.
1) Collection of Personal Information
Personal Information: The type of information we collect, maintain, store and use about you as our customer, both online and at our store/s, may include:
- contact details including email address, address and telephone number;
- marital status and anniversary;
- date of birth;
- demographic information such as postcode;
- preferences and opinions; and
- any other information requested on this site or otherwise requested by us or provided by you.
Your Use Of Our Site: As with most online businesses, we may log information about your access and use of our site, including through the use of internet cookies, your communication with our site, the type of browser you are using, the type of operating system you are using and the domain name of your internet service provider.
Your Opinion and Feedback: We may contact you to voluntarily respond to questionnaires, surveys or market research to seek your opinion and feedback. Providing this information is optional to you.
2) Collection and Use of Personal Information
We collect and use the information for purposes as and only when necessary to fulfill your requests, including in the following ways:
- to contact and communicate with you;
- for internal record keeping;
- for market research and business development including website development and gauging website traffic and trends;
- to deliver personalised site content to you;
- for marketing including direct marketing;
- to run competitions or offer additional benefits to you; and
- to send you promotional information about third parties that we think may be of interest to you.
We also collect information from you directly, at the time that you supply information to us via the Site. For instance, if you contact us to subscribe to our membership and other products or services, ask questions, or provide us feedback or comments (whether publicly available or not) about the Site or any of our products or services, we may store your communications, including any personal data you include in them, so we can effectively respond to you.
When you directly register to subscribe to our membership and promotional emails, we will collect your name, email and date of birth, as outlined above. If you do not want us to directly collect your personal data, please do not provide it to us. As a subscriber, you will subsequently receive email confirmation from us of your registration, welcoming you to our email database and allowing you to Update your Preferences and Unsubscribe from our list as outlined below.
3) Disclosure of Personal Information to Third Parties
We may disclose your personal information to;
- credit reporting agencies and courts, tribunals and regulatory authorities where customers fail to pay for goods or services provided by us to them;
- courts, tribunals, regulatory authorities and law enforcement offices as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights, and
- third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing to you. This may include parties located, or that store data, outside of Australia.
If there is a change of control of our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible by law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser. We would seek to only disclose information in good faith.
4) Your Rights and Controlling Your Personal Information
Your Provision of Third Party Information: If you provide us with third party personal information then you warrant to us that you have the third party's consent to provide this.
Restrict: You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information direct marketing purposes, you may change your mind at any time by contact us at the email address listed on our Contact Page.
Access: You may request details of personal information that we hold about you, in certain circumstances set out in the Privacy Act 1988 (Cth). We may refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us by email. We rely in part upon customers advising us when their personal information changes. We will respond to any request within a reasonable time. We will endeavor to promptly correct any information found to be inaccurate, incomplete or our of date.
Complaints: If you believe that we have breached the Australian Privacy Principles and wish to make a complaint about that breach, please contact us by email setting out details of the breach. We will promptly investigate your complaint and respond to you in writing setting out the outcome of our investigation, what steps we propose to take to remedy the breach and any other action we will take to deal with your complaint.
Unsubscribe: To unsubscribe from our email database, or opt out of communications, please use the unsubscribe button at the bottom of our email communications or contact us via email.
5) Storage and Security
We are committed to ensuring that the information you provide is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
6) Cookies & Web Beacons
We may use web beacons on this site from time to time. Web beacons or clear .gifs are small pieces of code placed on a web page to monitor the visitor's behaviour and collect data about the visitors viewing a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.
7) Links to Other Websites
If you have any questions, feedback or complaints please contact us at:
Mail: Spell Designs Pty Ltd, PO Box 102, Byron Bay, NSW 2481, Australia
Phone: +61 2 6685 6595
Updated October 2019
1) Collection of Personal Information
Personal Information: The type of information we collect, maintain, store and use about you as our customer, both online and at our store/s, varies depending on how you use our site and is summarised below:
|If you…||…then the information we will collect is||…which and when we can use as follows|
|Place an order to buy product from us…||name, billing address, shipping address, email address, telephone number, credit card number, expiration date and code…||to provide the products and services that you have ordered or requested, to process and ship orders, to send order and shipping confirmations (or other transactional information) and/or to provide customer service|
|Create an account with us…||name, email address, billing address, shipping address, telephone number…||to help you keep track of your orders, and to facilitate checkout during purchases|
|If you register or subscribe to receive promotional emails…||name, email address, date of birth…||to contact you about special offers, sales, marketing initiatives, newly released products, special offers and new features available through the site|
|If you contact us with a question or request a live chat with us…||your name and email address… so that we can respond to your question or contact you should we disconnect from our live chat||If you participate in a promotion (e.g., contest, trade promotion) that we|
|your name, email address, and other contact information…||to fulfill the terms of the promotion and to contact you regarding promotional||sponsor or conduct… and special offers, sales, marketing initiatives, newly released products, and new features available through the site. It will also be subject to the terms accompanying any such promotion|
|access or browse our site…||browsing data which may identify your terminal device, the IP address of your terminal device, the type of browser you use, and the operating system used, as well as other data that are automatically processed, such as your internet service provider, the website from which you have accessed our site, the number of pages viewed on our site, your use of our Site, the time spent on each page of our site, etc.||used for the functioning of our site, to generate our services and track and analyse visits|
Who is the Data Controller?
The controller of your personal data is: Spell Designs Pty Ltd (“us”, “we”, “our”, “Spell”), whose office is located in Australia at Unit 1/14a Banksia Drive, Byron Bay, NSW, 2481, registered with the Australian Securities and Investments Commission, ACN 605 908 496, whose email address is: firstname.lastname@example.org and whose telephone number is +61 2 6685 6595.
When you provide your personal data to Spell, Spell will comply with the applicable local regulations. The subsequent processing of your personal data for the management of your relationship with us or the contractual relation related to our products and services, or for the implementation of our commercial policy is carried out under the supervision and according to the commercial policy of Spell Designs Pty Ltd, as data controller.
How We Collect Personal Data
We may collect information passively, while you are visiting or interacting with the Site. We call this “passive” collection since you may not know that this information is being collected when you visit or interact with the Site. This information may consist of the following items: website visitors’ IP address, IP address-related information, system Media Access Control address, network configuration information, network device information, browser plug-in type and versions, and operating system.
Cookies and Other Session Identifiers:
Like many Site, we utilize a technology called "cookies". A cookie is a piece of information that is placed on your browser when you access the Site. The law requires us to provide you with certain information regarding cookies. Information about cookies is set out at the end of this policy.
Other Web Sites, Including Mobile Applications and Social Media Platforms:
We also collect information from you directly, at the time that you supply information to us via the Site. For instance, if you contact us to subscribe to our membership and other products or services, ask questions, or provide us feedback or comments (whether publicly available or not) about the Site or any of our products or services, we may store your communications, including any personal data you include in them, so we can effectively respond to you. When you directly register or subscribe to our membership and promotional emails, we will collect your name, email and date of birth, as outlined in the table above. If you do not want us to directly collect your personal data, please do not provide it to us. As a subscriber, you will subsequently receive email confirmation from us of your registration, welcoming you to our email database and allowing you to Update Your Preferences and Unsubscribe from our list.
To the extent permitted by law, we also may obtain, collect and aggregate information (including personal data) provided to us by our marketing service providers and other vendors. That information may include information on current subscribers or customers and is used for commercial purposes including enabling us to send you the most relevant, timely and exciting offers and announcements specifically tailored for you and your interests. Of course, you can update your information or change your preferences regarding receiving announcements and other information from us at any time by accessing your account via the Site. However, should any profiling activity produce a legal effect on you, we offer you the possibility to opt out at any moment to such profiling.
(For more information, see below section entitled How Can I Access, Correct and Update My Personal data?).
How Do We Use the Information Collected?
We may use personal data as and only when necessary and to fulfil your requests, including in the following ways:
Access and Use: If you provide personal data in order to obtain access to or use the Site or any functionality thereof, we will use your personal data to provide you with access to or use of the Site or functionality and to monitor your use of the Site or specific functionalities.
Internal Business Purposes: We may use your personal data for internal business purposes including, without limitation, to help us improve the content and functionality of the Site, to better understand our users, to improve the Site, to protect against, identify or address fraudulent activities, to manage your account and to provide you with customer service and to generally manage the Site and our business. Marketing: We may use your personal data to contact you for certain marketing and advertising purposes, including, without limitation, to inform you about offers, seasonal or other product releases, contests or surveys which may be of interest to you and to display content and advertising on or off the Site which may be of relevance to you. If you wish to change or update your personal data or to change your subscription preferences, you may do so as provided herein.
Specific Reason: If you provide personal data for a specific reason, we may use the personal data for that reason. For instance, if you contact us by email, we will use the personal data you provide to answer your question or to attempt to resolve your issue and will respond to the email address from which the contact came.
Do We Share Your Information?
We seek to receive your consent before sharing your information when required by applicable laws and regulations. However, in some cases your permission will be given as part of a contract you have with us.
Your personal data is intended for Spell Designs Pty Ltd and for their services providers located within or outside the European Union, and, where relevant, to our partners. We won’t sell, rent, or disclose your personal data to other entities without your consent or if you oppose such use.
Examples of instances in which we share your personal data are provided below:
Order Fulfilment and Fraud Protection: If you choose to make a purchase on the Site, we may collect from you your credit or debit card number, billing address, shipping address and other information related to such a purchase, and we may use such collected information in order to fulfil your purchase. We may also provide such information, or other personal data provided by you, to unaffiliated third parties as necessary to complete your purchase (for example, to process your credit card). In addition, we may share your personal data with fraud protection services to assist us in preventing fraud and protecting our customers from credit card fraud.
Agents, Consultants and Related Third Parties: As noted above about our eCommerce service provider, we, like many businesses, sometimes engage other companies to perform certain business-related functions on our behalf so that we can focus on our core business. Examples of these services include, but are not limited to, payment processing and authorization, fraud protection and credit risk reduction, product customization, order fulfilment and shipping, marketing and promotional material distribution, website evaluation, data analysis and, where applicable, data cleansing. In connection with services those partners provide for us, we may provide or otherwise give them access to certain personal data. We employ a vetting process to assess our partners data protection practices.
Legal Requirements: We may disclose your personal data if required to do so by law (including, without limitation responding to a subpoena or request from law enforcement, court or government agency) or in the good faith belief that such action is necessary (i) to comply with a legal obligation or a request from an administrative or judicial authority, (ii) to protect or defend our rights, interests or property or that of other customers or users, (iii) to act in urgent circumstances to protect the personal safety of users of the Site or the public or (iv) to protect against legal liability or potential fraud, as determined in our sole discretion.
Credit Reporting Agencies: We may disclose your personal data to credit reporting agencies and courts, tribunals and regulatory authorities if you fail to pay for goods or services provided by us to you.
Third-Party Marketeers, Partners, and other Third Parties: We do not share your personal data with other marketeers, partners, and other third parties.
How Can I Access, Correct and Update My Personal Data?
You can access, correct and/or update certain personal data that you have provided to us within the "My Account" area of the Site or by using the Update Your Preferences link in any promotional emails we send to you.
What Steps Are Taken To Keep My Information Secure?
Depending on the applicable state of the art, the implementation costs, the nature, context and purposes of the processing as well as the possible corresponding risks, we take appropriate technical and organizational measures to ensure the security and confidentiality of your personal data adapted to the risks, in order to avoid any loss, misuse, alteration or deletion of your personal data. We have implemented information security measures that contain administrative, technical and physical controls that are designed to reasonably safeguard your personal data. Even though we have taken and will continue to take appropriate steps to protect this information in the conditions set out in this Section, no company, including us, can fully eliminate all security risks associated with personal data. Please understand that no data transmission over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us. If we learn of a data security systems breach that is likely to result in a high risk to your rights and freedoms, we shall communicate the security data breach to you without undue delay. By using the Site or providing personal data to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Site. We may post a notice via the Site if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive written notice of a data privacy or security breach. If you have reason to believe that your personal data or our system security has been breached, then please immediately notify us by e-mailing at email@example.com.
We use various security measures, including SSL encryption technology, to protect information collected, transferred and retained. If you elect to set up an account on the Site, you will be asked to provide an email address and password. You must provide a valid email address and password in order to create and maintain an account, as well as to access account information. We recommend you select a complex password. In order to help protect your personal data, you should not divulge your password to others and you should change it periodically. If you wish to update a password, or if you become aware of any loss, theft or unauthorized use of a password, please contact us at firstname.lastname@example.org.
Please be aware that we may store personal data or it may be included in databases owned and maintained by our agents or third-party service providers. As the data controller, we take all appropriate steps to protect the security and confidentiality of all personal data provided via the Site from loss, misuse, unauthorized access, inadvertent disclosure, alteration and/or destruction.
What Choices Do I Have Regarding My Personal data?
You have several choices available when it comes to your personal data. We will honour the choices you make regarding your personal data. If you have created and maintained a user account on the Site, you will be able to sign in and update your account (including contact) information. You may also write to us at the address provided herein and update your contact information or to change your subscription preferences. In addition, you may:
Limit The Personal Data You Provide: You can use the Site and limit the personal data you provide either by disabling cookies or by not registering an account with us. If you choose to limit the personal data you provide and/or to disable cookies, you may not be able to use certain functionalities of the Site. For instance, in order to purchase goods and services on the Site, payment and shipping information must necessarily be provided.
Manage Your Subscription Preferences: We may send your information by email or text message. If you provide your mobile phone number and ask to receive information by text message, we may provide information in that manner. Additionally, we may send automated text messages (if you provide consent where required by the applicable regulations). Where you consent to receive automated text messages from us, please note that your consent includes consent to receive both autodialled and/or pre-recorded telemarketing text messages or non-automated messages from or on behalf of Spell Designs Pty Ltd and its affiliated companies at the telephone number you provided. You further understand that consent is not a condition of purchase and that message and data rates may apply.
Opt-Out of Marketing Emails and Texts: For email marketing, you will have an opportunity to change your subscription preferences by clicking on an "unsubscribe" hyperlink contained in all promotional emails sent by us or on our behalf. To unsubscribe from our email database, or opt out of communications, please use the Unsubscribe link at the bottom of email communications or contact us vial email. Please note that while we honour all subscription requests as timely as possible, it may take a short time to become effective but no later than ten (10) business days pursuant to the CAN-SPAM Act 2003. Please be aware that even if you opt-out of receiving future promotional communications, you may, if you utilize the eCommerce features of the Site, be sent certain transactional communications related to the purchase or shipment of items purchased. Thus, if you order online, we will send you an email confirming your order and may need to contact you by phone, email or regular mail if we have questions about your order. Additionally, an opt-out will not remove you from messages that we are required to send under relevant laws or regulations. You may ask us not to contact you by text message at any time by responding to a text message after it is received. For automated text messages, you will have the opportunity to opt-out by replying “STOP” to any message received. Please note that you hereby consent to receiving a confirmatory message in response to any opt-out request. We will process your unsubscribe request as soon as possible, but please be aware that in some circumstances you may receive a few more messages until the unsubscribe request is processed.
Be Forgotten: In addition to unsubscribing, you also have the right to request us to forget your information. If you request us to do so, then except to the extent applicable law requires us to retain your information, we will delete it from our systems and databases. To be forgotten, please use the “forget me” button at the bottom of our email communications or contact us via email.
Social Media & Other Public Platforms: You may also manage the sharing of certain personal data with us when you connect with us through a social media platform or application, such as through Facebook Connect. Please refer to the privacy settings of the social media website or application to determine how you may adjust your permissions and manage the interactivity between us and your social media platform(s) or application(s). That said, we want you to be aware that when you post information to public forums, including publicly viewable social media platforms, that information will become available to all who access such platform pages. PLEASE BE EXTREMELY CAREFUL WHEN DISCLOSING ANY INFORMATION IN CHAT ROOMS, FORUMS AND OTHER PUBLIC POSTING AREAS. WE ARE NOT RESPONSIBLE FOR THE USE BY OTHERS OF THE INFORMATION THAT YOU DISCLOSE IN CHAT ROOMS, FORUMS AND OTHER PUBLIC POSTING AREAS.
What Happens When I Link To or From Another Website?
The Site may contain links to other websites not operated or controlled by us (the "Third- Party Site"). The policies and procedures set forth herein do not apply to any Third-Party Site. We are not responsible for the privacy practices or content of such Third-Party Site. We are not responsible for the actions of these Third-Party Site; rather, the owners and operators of all Third-Party Site are responsible for all personal data provided, collected, maintained, stored or otherwise disclosed on those Site, if any. The links on the Site do not imply that we endorse or have reviewed the Third-Party Site, including their privacy policies, if any. If you have any questions about how these Third-Party Sites use your personal data, we strongly encourage contacting those Sites directly for information on their privacy policies and practices.
How Do We Respond to Do Not Track Signals?
Please note that our Site does not support “Do Not Track” browser settings and do not currently participate in any “Do Not Track” frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your personal data. Is Information Collected From Minors Under The Age of 13?
Services to Minors under 13
Our services are not intended to be used by minors under the age of 13 years old and are exclusively provided to persons over the age of 13 and enjoying legal capacity. We will not knowingly collect or process personal data from minors under the age of 13. Should we be made aware of data collection from minors through our Services, we will take all appropriate steps to delete these personal data from our servers.
Transfers of Personal Data Outside the European Union?
If you are visiting our Site, please be aware that you may send information (including personal data) outside the European Union and especially to Australia, Canada, the USA or elsewhere where some of our servers may be located. We will hold and process your personal data in accordance with the applicable laws and regulations regarding these transfers. To this end, we will accomplish any appropriate formalities to authorize this transfer. By using our Site, you thereby consent to this Data Transfer.
Your Privacy Rights
You have the right to receive your personal data you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit that personal data to another controller, where technically feasible.
If there is a dispute regarding the processing of your personal data, you may send your claim to us by contacting us using the information set out in the section “Who is the data controller?” of this Policy. We will try to find a satisfactory solution for you to ensure compliance to the applicable regulations and to this Policy. In the absence of a response from us, or should the dispute remain in spite of our remediation proposal, you may submit your claim to the competent data protection authority. For example, in the UK, this data protection authority is the “Information Commissioner’s Office”.
How Long Do We Keep Your Information?
By virtue of the European General Data Protection Regulation n°2016/679, the retention of personal data relating to any user residing within a Member State of the European Union is summarized in the table below, which describes the maximum periods for which personal data of EU residents will be stored by us according to the purpose for which their personal data is collected and processed.
These maximum periods apply unless you have requested your personal data to be deleted or ceased being used before these expiration periods, subject to any mandatory legal requirement applicable to data retention.
|Purpose||Data retention period|
|Measure traffic and personalise web site, mobile apps, managing cookies||13 months|
|Managing requests to access and rectify data||1 year from receipt of the request|
|Managing requests to oppose data processing||3 years from taking into account the opposition request|
|Answering satisfaction surveys||2 years from the last contact|
|Organising online games, lotteries, and other promotional and customer loyalty activities||For clients: 3 years from the end of the business relationship or last client-initiated contact.
For prospects: 3 years from data collection or last prospect-initiated contact
|Sending commercial and sales offers|
|Management and archive of sales||10 years from the last action, unless for data concerning means of payments, which are processed by Spell’s payment service providers only until payment is complete|
|Invoice and collection of goods supplied|
|Managing customer relationships and complaints|
|Warranty, product delivery and after sales service|
What are cookies?
Cookies are small text files that are placed on your computer or other electronic device (“Device”) you may use to access our Site, mobile application(s) or any other online media or electronic communication service that we may operate (“Services”). Cookies can collect information about your access and use of that Service through logging the activity of your Device with such Service.
What types of cookies do we use?
When you access our Services, the following types of cookies may be placed on your Device. They can be categorized according to their source, their technical features and their purpose. These categories are not mutually exclusive, and a cookie may thus belong to several of the following categories.
Cookies from internal/external source:
Cookies from internal source (First-party cookies)
First-party cookies are cookies placed on your Device directly by us and can only be read by our Services. They can be session or persistent cookies (explained below). For example, we use first party cookies to speed up the log in process, enhance your experience of our Services, for internal analytics and audience measurement purposes, as well as to customize our Services or our offers to your centres of interests.
Cookies from external source (Third-party cookies)
Third-party cookies are cookies placed on your Device by third-parties we use for services embedded in our Services. For example, they are used in relation to audience measurement analysis and to improve the relevance of the content of our Services.
Session cookies are cookies that are placed on your Device during a browser session and that become invalid once the browser is closed. We and our partners use session cookies for various reasons, including to manage and measure your access and use of our Services during a single browser session and to help you to use our Services more efficiently. For example, session cookies are used to remind our Services that your Device is logged into our Services.
Persistent cookies are cookies that are placed on your Device during a browser session and that remain stored in your Device during a defined period of time. For example, persistent cookies allow our Services to recognize your Device when it is used to access our Services with a new browser session and to help you quickly sign-in to our Services again. We and our partners may also use persistent cookies for analytical purposes.
Cookies for technical/advertising/social network/targeting/analytics purposes:
The cookies used by our Services may have the following purposes:
Technical cookies are used to help us identify your Device to recognize you as a returning user and to save preferences you have determined in the course of your previous access to the Services. Technical cookies therefore may allow us to deliver content tailored to your interest and save you the time of having to re-enter information when you use our Services.
Advertising cookies are used to help us customize the content and the advertisements you may view when accessing the Services or which are displayed on third parties’ services in order to promote our Services.
Social networks cookies
Social networks cookies are used to verify if you are logged in to such third-parties’ social network services (Facebook, Twitter, Google+, et cetera)/
Targeting cookies are used to enable us to target (emailing, database enrichment) retrospectively or in real time the user Device.
Analytics cookies are used to monitor statistics of our Services’ traffic (either about the use of the Services or in order to improve functionalities offered by the Services) and to help us measure and review the effectiveness of our interactive online content, its characteristics, advertising and other communications.
Depending on the type of cookie we place on your Device, we may need your consent for such cookies to be placed on your Device from time to time. We obtain this consent when you use our Services.
Your Cookie Choices
There are a number of ways to manage cookies. Most internet browsers are initially set up to automatically accept cookies. You can change the settings of your browser to block cookies systematically or based on their origin or to alert you when cookies are being sent to your Device. Typically, you can check the steps for managing cookies in your particular browser's help menu.
You control whether a cookie is stored on your Device. You can set your preferences and modify them free of charge at any time using your browser settings. If you have set your browser to store cookies on your Device, cookies in the pages and content you have viewed may be stored temporarily in a dedicated location in your Device. They can only be read by the sender.
If you refuse permission for cookies to be stored on your Device or if you delete those that are already stored, you will no longer be able to use certain features of our Services. As an example, this will affect content or services that can only be accessed by logging in. Also, we and our service providers will be unable to identify the type of browser your Device is using for technical compatibility purposes, your language and display. We cannot be held liable for the consequences of our Services functioning less efficiently because we are unable to store or read cookies required for it to operate where you have rejected or deleted them.
If you have any questions, feedback or complaints please contact us at:
Mail: Spell Designs Pty Ltd, PO Box 102, Byron Bay, NSW 2481, Australia
Phone: +61 2 6685 6595