PRIVACY POLICY.
About this Policy
This policy sets out how and why Frosty Boy Australia Pty Ltd ABN 61 614 143 654 and our related bodies corporate from time to time (together we, us, our or Frosty Boy) collect, use, hold and disclose personal information or personal data.
In this policy, Personal Information has the meaning given to the terms ‘personal information’ in the Privacy Act 1988 (Cth) (Privacy Act) and/or ‘personal data’ in the EU General Data Protection Regulation (GDPR). Personal Information generally includes information, data or an opinion about an individual who can be identified from such information or data (including other information or data in our possession or likely to come into our possession). Unless specifically stated otherwise, this policy does not apply to any information that is not ‘personal information’ as defined in the Privacy Act or ‘personal data’ as defined in GDPR.
This policy applies to Personal Information we collect via various means, including (but not limited to) via our website and the websites of our related entities (Website), in connection with orders or enquiries placed by your for Products and in communications with you in relation to orders for products. The use of our Website is also subject to our Website Terms of Use, which are available on the Website.
We may modify or amend this policy from time to time and any such modifications or amendments become effective when published on our Website.
Capitalised terms that are used in this policy that are not separately defined have meanings given to them in our standard terms (Standard Terms), which are available via our Website or otherwise on request.
Our commitment to you
We are committed to being transparent about our management of your Personal Information and take all reasonable steps to ensure our practices and procedures relating to our activities comply with any applicable requirements in the Privacy Act (and to the extent applicable the EU General Data Protection Regulation (GDPR)), including complying with this policy.
We do so by striving to adhere to the following principles:
- your Personal Information will be collected, stored, used and disclosed in accordance with all applicable privacy laws;
- your Personal Information will generally only be used where necessary for us to deliver our services or perform other necessary business functions and activities.
We will not use or disclose your Personal Information for purposes unrelated to our business’ services and activities, unless we first obtain your consent or where doing so would not breach applicable privacy laws.
By engaging with our business or by providing your Personal Information to us, you consent to our collection, storage, use and disclosure of your Personal Information, in accordance with this policy.
Why do we collect Personal Information?
Your Personal Information may be required by us in order to conduct our business and provide our products and services to you.
We refer to our business activities (including the supply of our goods/products and our ancillary services such as arranging the delivery of goods to you) as our Products in this policy. Some of the reasons why Personal Information may be required include (but are not limited to) the following:
- to identify you as someone with whom we have a commercial relationship (such as our customers or where you have purchased our Products via our distributors);
- to process your orders for our Products, including accepting your orders, arranging for you to create an account with us (whether via an Account Application or otherwise), providing quotes for potential orders, arranging for delivery of Products (if agreed), preparing invoices and sales records for such purchases, liaising with you in respect of our Products or any defects in our Products and any similar matters;
- to consider any request you have made to trade with us on credit terms (for example, if you would like to become a distributor);
- to make our Website available to customers to facilitate a customer-friendly platform whereby we can showcase our Products, in which case we will collect Personal Information regarding your interaction with our Website so that we can improve it and to handle enquiries, orders and complaints placed via our Website;
- to add value to our services especially when we are dealing with you and to provide assistance with the selection of our Products and the like;
- to continually enhance and improve our Products and product offering and to inform you of any new product offerings or benefits we can provide – in this regard, we strive to continually improve our business and the services we offer and may collect Personal Information from you to achieve that goal;
- to provide refunds and undertake product recalls (if and as required);
- in the case of our suppliers or service provides, to manage the provision of goods and services to us;
- to comply with all applicable laws and regulations in fulfilling our obligations to our customers, other businesses and persons we deal with;
- for internal business processes and operations, such as security, data analytics, record keeping or training; and
- to engage with service providers as needed, from time to time, to allow us to conduct our activities, including those referred to above.
We refer to the above and as our Services, which also include any functions or purposes that we may specify to you at the time of requesting the Personal Information, as well as any other functions or purposes for which you provide us the relevant Personal Information.
We may also need Personal Information to perform functions that are incidental to (or are otherwise reasonably necessary for us) to operate our business, conduct our activities or provide our Services.
In order to achieve the above, we rely on you to provide us with the most accurate Personal Information to enable us to provide you with continually improving Services and to continually improve our Products, services and support.
Collecting your Personal Information
What Personal Information might we collect?
The types of Personal Information we may collect, hold, use or disclose will depend on your dealings with us. Examples of the types of Personal Information we collect are set out below.
Information you provide to us directly: we may collect and hold Personal Information you provide to us directly. For example, such Personal Information may include:
- Contact or demographic information: names (such as a customer’s name who provides their details creating an account via our Website or places an order for Products), delivery or correspondence addresses (such as postal or email addresses), phone numbers, dates of birth, nationality, languages and if you contact us via social media, then we may record your social media account;
- Payment information: bank accounts details, credit or debit card details (such as for customers who provide their credit card details via the Website for making payments), payment history details and associated transaction details; and
- Product information: Personal Information related to customer preferences and interests, information relevant to customer surveys or offers or information in respect of requirements for our Services/Products or similar matters.
- Demographic information: gender, dates of birth, ages, nationality, titles or languages.
Sensitive information you provide: We will generally not collect ‘sensitive information’ (as defined in the Privacy Act) from you, unless you provide that information to us directly.
Information from third parties: We may collect Personal Information about you from third parties, such as where your agent or a person purchasing products on your behalf provides us with your Personal Information, where our insurers are investigating a claim in respect of our Products or where you place an order for Products with our distributors and they pass on your Personal Information (such as your name and delivery address) for the purposes of us assisting the distributor to supply the Products.
Information we create using your Personal Information: We may develop information using your Personal Information. For example, where you make a complaint, we may develop a record relating to the complaint which may contain your Personal Information. We may develop Personal Information in the form of internal quality assurance reports, evaluative reports regarding our sales targets, customer satisfaction data or record of interactions, file notes and/or any recorded phone conversations with you that may be kept for quality assurance purposes.
Information we collect automatically: We may collect Personal Information about you automatically when you visit our Websites (such as your IP address and device type) or interact with emails you receive from us. Some of this Personal Information may be collected using cookies and similar tracking technologies. The Personal Information collected automatically may include including technical data by using cookies, server logs and other similar technologies. We may also receive technical data about you if you visit other websites that employ our cookies.
Public information: We may collect information from publicly available sources such as ASIC records, and credit history details (provided we have your consent to obtain the relevant credit report).
How do we collect Personal Information?
We use different methods to collect your Personal Information as set out below. If we are not provided with all the information we request, we may not be able to provide to you with our full range of Services and the products and services that are of most interest to you. It is therefore important that the information we hold about you is accurate and current. Please keep us informed if your Personal Information changes during your relationship with us.
Information we request
Our general practice is to collect Personal Information directly from you, as and when required, such as when you complete our forms (such as online or physical forms to create an account with our Website or where you submit an Account Application to become a distributor) and when you contact us expressing a desire to access our Services/Products or conduct business with us.
Ordinarily, we collect information from you through our Website and by communications with you in relation to orders for Products. For example, we may collect Personal Information from you during discussions with us, such as via email (e.g. when you email us with your queries), telephone (e.g. when you may call us with your queries), web queries (e.g. when you interact with our Website), through in person discussions, through online forms, contracts, event registration platforms, and social media networking platforms (such as Instagram and Facebook where you interact with our social media accounts).
You have the option not to provide any Personal Information that we request. Depending upon what Personal Information you do not want to provide, we may not be able to deal with you further on a particular matter. For instance, if you make a complaint but refuse to provide your contact information, then we may not be able to process or escalate your complaint. Where you provide us with Personal Information on request, we do so on the understanding that you consent to our collection because you have this option to refuse to provide that Personal Information.
You may have the option not to identify yourself or identify yourself by a pseudonym. However, doing so is generally not practical for us as we need to know who you are in order to contact and liaise with you and to ensure that you are authorised to provide payment information to us and in order to best provide you our Products. For example, if you wish to place an order for our Products, we will need to know who you are so that we can supply you with the Products and ensure you can be notified of any matters or issues in relation to the order or the Products. However, we still need your legal name when you create an Account with us via our Websites or place an order for Products, otherwise we may not know who to contact in the event of a dispute and we will not know who to charge (if applicable) for the Products.
Where we collect Personal Information about you from someone other than you, this is generally because it would be unreasonable or impracticable for us to collect that Personal Information from you.
Personal Information collected from third parties
In order to supply our Products, we may need to collect Personal Information about you from various third parties, including Shopify and Vision 6 and from our distributors who place an order for Products for supply to you.
Personal Information we do not request
Sometimes you may voluntarily provide us with Personal Information that we have not requested. If this happens, we may use and disclose the Personal Information in order to determine whether we could have collected the Personal Information had we requested it. If we consider that we could not have collected the Personal Information, then we may either destroy or de-identify that Personal Information as soon as reasonably practical where required by law.
Holding your Personal Information
Your Personal Information may be stored in hard copy, electronically or both. We do not adopt or use any identifiers that a government agency may have assigned to you.
Electronic Personal Information may be stored on our computer systems and networks and on our customer relationship management platforms, our accounting platforms and our email platforms. Our digital systems are protected by mechanisms which may include passwords, firewalls, antivirus software, scheduled password changes, internal access limitation processes and internal monitoring, depending on the relevant system.
Where we store your Personal Information, we take reasonable steps to ensure it is protected from misuse, interference, loss or unauthorised access, modification or disclosure. However, we cannot guarantee that this will never occur. If a serious data breach occurs, and we believe your Personal Information has been compromised, we will assess the breach as soon as we become aware of it and take all reasonable and necessary steps as prescribed under Australian privacy laws.
We also take reasonable steps to destroy or permanently de-identify Personal Information that we no longer need for any purpose where required by law.
Retention of Personal Information
The amount of time we may keep your Personal Information will depend on the circumstances and whether we have an ongoing business need to retain it (such as whether we have agreed to provide you with Products, whether we need to retain it due to legal requirements). We will retain your Personal Information for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our internal retention policies and practices. Following that period, we will take steps to ensure such Personal Information is deleted or anonymised where required by law.
Using your Personal Information
We may use your Personal Information to provide our Services/Products (outlined above) or any activities that are related (or in the case of sensitive information, directly related) to the performance of our Services and supply of Products. We may do these things without your prior consent where the law allows us to do so, including where it is impracticable for us to obtain your consent.
We may provide your Personal Information to regulatory authorities where required from time to time. We may also provide your Personal Information to third parties such as our professional advisors where they are providing services to us and such Personal Information is necessary for them to provide those services.
Do we use your Personal Information for direct marketing?
We may use your Personal Information to directly market our Products and for events, publications, changes, notices or offers to you. This marketing material may be sent by email SMS, phone or post. We may also use Personal Information collected about you from other individuals for these purposes where it is impracticable to obtain your consent in advance.
You may ‘opt-out’ or raise any concerns you may have regarding these messages by contacting us through our Website.
Disclosing your Personal Information
When may we disclose your Personal Information?
We may disclose your Personal Information in connection with the supply our Products or any activities that are related (or in the case of sensitive information, directly related) to our Services. This may include disclosing Personal Information to:
- our related entities where reasonably required to operate their respective businesses, including to facilitate the collection of debts or enforce their rights under any agreement between our related entities;
- our Distributors for the purposes of fulfilling any order of Products;
- when displaying recent orders for Products on our Website;
- business partners, suppliers and subcontractors for the performance of any contract we enter into with them (or you) that relates to our Services/Products;
- third-party service providers that we engage such as those that provide our cloud-based computing systems, transport and delivery services, our IT contractors, but we will usually only do this where those third parties are accessing our records generally to help us with any issues we are having, or where specifically needed in connection with any supply of our Services/Products; and
- analytics and search engine providers that assist us in improving and optimising your use of our Website, but this is generally done on a deidentified basis.
We will not otherwise disclose Personal Information unless we believe we have reasonable grounds to do so or that we reasonably believe you have provided your authorisation. You should be aware however, that we may be required to disclose Personal Information without your consent in order to comply with any court orders, subpoenas or other legal process or investigation including by tax authorities, if such disclosure is required by law.
Are we likely to disclose Personal Information to overseas recipients?
We may disclose your Personal Information overseas, including in circumstances where you have provided the Personal Information to us for that purpose. However, there are some circumstances where we may disclose Personal Information overseas such as where we use secure cloud storage services that may have servers located overseas, where our service providers or payment card networks have officers in multiple countries or when you communicate with us through a social network service (e.g. Facebook) and the social network provider and its partners may collect and hold your Personal Information overseas.
Further, Frosty Boy is a global brand and we have related entities that are located in outside Australia, including in India and the United States of America. While Frosty Boy’s operations are predominately conducted out of our offices in Australia, your Personal Information may be available to our related entities that are incorporated outside Australia.
Further, when you use our Website, we may need to share your Personal Information with third parties, including merchants, customer service teams and service providers, who may be located outside Australia (including in the United States where our related entities are located).
Aggregated basis
We may aggregate and deidentify Personal Information we hold relating to you and disclose it to third parties on an anonymised and aggregated basis, including for any useful general analytical purpose. Where we do so, this means that the information of many users is combined together to form one measurement or quantity that cannot be used to identify any particular person. We may disclose demographic and profile deidentified information to merchants, program partners and other third party suppliers.
From time to time, we may also anonymise your Personal Information and disclose hashed information to third parties in order to match that data against their records for the purposes of aggregated analytics. In these cases, no Personal Information leaves our own systems, and the third party has no record of either the raw or hashed personal information.
External links
Our Website or communications with you (such as marketing emails) may contain links to other websites that are not under are control. If you follow a link to any of these websites, please note that any information you provided via those websites (whether voluntary or not) is not covered by this policy, as these websites may have their own privacy policies and the websites may use cookies or other features that access your information (whether disclosed or not).
We take no responsibility for linked websites and provide them solely for your information and convenience. We disclaim any responsibility for their content, privacy practices and terms of use and we make no endorsements, representations or warranties regarding their accuracy, content and thoroughness.
Cookies and similar matters
What are cookies?
A cookie is a small file that is stored on your computer or other device created when websites are loaded in a browser. Cookies may help us analyse web traffic or let you know when you visit a particular website. Cookies allow web applications to respond to you and let our Website tailor its operation to your needs, likes and dislikes by gathering and remembering information about you. We use cookies help us to provide you with a better website.
These cookies are not used to grant us access to your information. Non-identifiable information (such as the pages you visit) may be tracked. By directing your browser to delete your cookies, this data will be erased.
We also utilise other tracking technologies such as pixels and server to server tracking. Pixels are small images that provide us with statistics for similar purposes as cookies. Pixels may be used for advertising or for transaction tracking. When you click on a link, server to server tracking creates a unique identifier that is stored server-side, this identifier is later matched if you make a conversion (such as a purchase). Cookies and other tracking technologies help us to track transactions and improve the experience when browsing our Website.
What cookies do we use?
Our Website uses persistent and session cookies. Persistent cookies allows a website to recognise users when they return to a site and keep certain information on user preferences. These cookies may stay on a computer until they are deleted by the user. Session cookies allow a website to carry over information from one page to another so that a user does not have to re-enter information. These cookies deleted themselves at the end of the session or at a certain time.
We also use traffic log cookies including third-party partners such as Google to identify which pages are being used. This helps us analyse data about web page traffic and improve our Website to tailor it to client needs. These cookies also allow us to display promotional material on other sites you visit across the internet. You can manage your preferences in relation to targeted online advertising directly through digital platforms such as Google or Facebook.
Third party cookies
In some circumstances, we may partner with third parties to provide certain services via our Website. We may use analytics services supported by third parties who generate analytics cookies on our behalf. Although we may not have access to these cookies, we may use statistical information arising from the cookies provided by these third parties to customise content and for the other purposes described above. Third parties may also transfer this information to other parties including where they are required to do so by law, or where such other parties process the information on their behalf. Third-party advertisers may also use this information to measure the effectiveness of their advertisements and to track aggregate usage statistics.
We may not control these third-party cookies and their use may be governed by the privacy policies of the third parties employing these cookies. To learn about these cookies and to disable or reject third-party cookies, please refer to relevant third party websites such as Google Ads, Google Analytics and Shopify.
General Data Protection Regulation for the European Economic Area
European Economic Area
EEA refers to the contracting parties of the European Economic Area as established by the Agreement on the European Economic Area (Document 21994A0103(01)). This area covers the European Union (EU), as well as Iceland, Lichtenstein and Norway. This section of this Policy may apply to you if you are in a country that is a member of the EEA and you are protected by the General Data Protection Regulation 2016/679 (GDPR) in relation to your Personal Information that we process or control.
General
If and to the extent that Frosty Boy collects, process and uses your Personal Information subject to the GDPR, we will comply with the principles of data protection as set out in the GDPR. We will process your Personal Information as a ‘Processor’ and/or to the extent that we are a ‘Controller’ (as those terms are defined in the GDPR). Your Personal Information will be processed lawfully, fairly and in a transparent manner by us and only be collected for the purposes we have identified in this policy. We will not collect or process any Personal Information from you that is considered ‘Sensitive Personal Information’ under the GDPR, such as information relating to your sexual orientation or ethnic origin, unless we have obtained your express consent, or if it is being collected subject to, and in accordance with the GDPR. You must not provide us with your Personal Information if you are under the age of 16 without the consent of your parent or someone who has lawful authority for you. We do not knowingly collect or process the Personal Information of children.
Your rights under the GDPR
If you are residing in the EEA, you may have certain rights (in addition to any other rights you may have under this policy) as to how your Personal Information is obtained and used. We will endeavour to comply with your rights under the GDPR as to how your Personal Information is used and controlled if you are an individual residing in the EEA. Except as otherwise provided in the GDPR, you have the following rights:
- To be informed how your Personal Information is being used;
- To access your Personal Information;
- To correct your Personal Information if it is inaccurate or incomplete;
- To delete your Personal Information;
- To restrict processing of your Personal Information;
- To retain and reuse your Personal Information for your own purposes;
- To object to your Personal Information being used; and
- To object against automated decision making and profiling.
If, at any time you need or intend to exercise your rights under the GDPR, please contact us via the contact details below. We reserve our right to verify your identity (and any other lawful actions) before we act on any such request. If we are unable to resolve your complaint you may also contact the relevant independent public authority which is established in the member country of the EEA. This differs from country to country in the EEA. If you do not know which public authority to contact, please let us know and we will endeavour to assist.
Further, if you are residing in the EEA, we will need to process your Personal Information in order to fulfill contracts we might have with you (for example if you place an Order through the Website), or otherwise to pursue our legitimate business interests in accordance with this policy. Additionally, please note that we may transfer your Personal Information to a country outside of the EEA, including to Australia and the United States. We may also transfer your Personal Information outside of the EEA, where you have provided us with your express consent to the transfer, where it is necessary to fulfil a contract we might have with you, or a preliminary step to fulfil a contract or where otherwise permitted under the GDPR.
How can you access and correct your information?
It is your responsibility to ensure that the information you provide to us is accurate, complete and up-to-date. We may periodically, review your information to ensure that it is accurate, up-to-date, complete and relevant. Where we have reason to believe that your information may not be accurate, up-to-date, complete or relevant then we may either attempt to contact you to correct the information or deidentify or destroy the information as required by law.
You may request access to the information we hold about you, or request that we update or correct any information we hold about you or ask us to restrict or cease processing your information or even delete your information, by setting out your request in writing and sending it by contacting us through our Website.
Where you make a request to access your information, we will do our best to respond within a reasonable period. While we may allow access and provide the means by which you can access your information, we may refuse the request where we are entitled to do so under the Privacy Act or at law. In this event, we will tell you about the grounds for this refusal as well as suggested steps which may allow you to access your information in the circumstances of our refusal. You may complain about this refusal by making a complaint as set out below.
Your privacy concerns and making a complaint.
Contacting Us
If you have any concerns or are unhappy about how your information is handled, please contact us at:
Email: info@frostyboy.com.au
Post: PO Box 6036, Yatala QLD 4207 Australia
Phone: +61 7 3806 2888
Upon receipt of your concerns we will designate an individual within our organisation who will liaise with you regarding the complaint and how it can be resolved. We endeavour to provide a response to your complaint within 30 days of receipt. If you are not satisfied with our response to a complaint, you have the right to contact the Office of Australian Information Commissioner (OAIC).
Contacting the Office of the Australian information Commissioner.
If you would like more information regarding Australian privacy law, or to make a complaint, refer to the OAIC who can be contacted at:
Address: GPO Box 5288, Sydney NSW 2001
Phone: 1300 363 992
Website: www.oaic.gov.au/contact-us
If your query relates to one of our related entities incorporated in another country, then the privacy laws of that country may apply. In which case, we recommend contacting the relevant government department governing the privacy laws in that country.
Changes to this policy
This policy will be routinely reviewed to ensure it is accurate, up-to-date and complies with any applicable privacy laws. If you are purchasing Products from us from a location outside of Australia, we will attempt to routinely update this policy in accordance with any changes to the privacy laws of that country. The current policy is published on our Website or can be obtained by contacting us using the information above.