Privacy Policy

About this Policy

The Cryptid Store is committed to the protection of the personal information that we collect. We have developed this policy in line with the Australian Privacy Act 1988 (Privacy Act) and the 'Australian Privacy Principles’ (APPs) to provide you with information on how we deal with your personal information including how we collect, hold, use and disclose your personal information and how you may access and correct it.

Please take some time to read through this policy before you provide us with any personal information. We also encourage you to check this policy regularly as it may change from time to time. If you have any questions about matters that are not addressed in this policy, please contact us.

Introduction

As we collect and use personal information in different contexts and for different reasons, this policy is divided into separate parts for:

• our customers
• our suppliers and contractors
• our shareholders and investors
• our job applicants
• general information that applies to all personal information

OUR CUSTOMERS

What kind of personal information do we collect?

Personal Information

We will only collect personal information about you if it is reasonably necessary for our functions and activities. If you are a customer, we may collect information from you that personally identifies you such as your name, email address, home address, work address, delivery address, telephone number, gender, date of birth, age, details of communications with us (written or verbal), personal interests, purchase history, the number of children you have and their ages and gender and, in some instances, government identifiers (such as your driver’s licence). We will only use or disclose government identifiers if it is reasonably necessary for us to verify your identity for the purposes of our activities or functions set out below.

Sensitive information

We generally do not collect sensitive information about you (such as racial or ethnic origin, political opinions, religious or philosophical beliefs or details of health or disabilities). However, in some cases we may ask you to provide information related to your health or disabilities to assist us in providing you with specific services. We may also collect health information about you in order to comply with any applicable laws or public health orders, assist government departments or agencies and/or maintain our own health and safety records. This information may be used to trace and contact individuals who may have been exposed to any infectious disease or other health risk and/or to check compliance with any applicable legal obligations or where it relates to an injury, to pass on to our insurers or where necessary the relevant government regulator. We will only collect and use sensitive information in compliance with the APPs.

Non-personal information

We may collect information that does not personally identify you but will instead track your use of our websites and physical stores so that we can better understand how our websites and physical stores are used by customers and in turn enhance and improve your experience as a customer.

We may obtain this information by the use of 'Cookies' which comprise a small data file transferred to your device that recognises and identifies your device and allows your device to ‘remember’ information from our websites for future use. Your device should allow you to refuse Cookies if you wish by changing the settings. However, if you do, some services may not be available to you, including the ability to place orders on our websites. We also use programs that use Cookies to improve your online experience, including the display of more relevant ads on external websites. You may opt out of these programs by updating the permission settings in your browser or the applicable application.

Pseudonymns

You have the option of not identifying yourself or dealing with us using a pseudonym in relation to particular matters. However you will appreciate that, in some circumstances, it may not be possible for us to deal with you if you do not identify yourself.

How do we collect personal information?

We collect personal information directly from you in the normal course of business, including electronically when you visit our websites. You may be asked to provide us with personal information when you:

• make online shopping purchases, including via third party payment platforms such as Afterpay;
• make in-store shopping purchases including lay-bys;
• return goods without a receipt;
• subscribe to our newsletters or join our mailing lists;
• complete one of our forms, including wholesale account application forms, or forms provided with our goods;
• provide information to us online including through any of our social media channels;
• enter into competitions or trade promotions;
• request goods to be delivered to you or services to be provided to you;
• register a gift card;
• register as a customer, or otherwise use, our websites; and/or
• make an enquiry with us or correspond with us.

We may collect personal information about you from third parties where you have consented to such collection, or where it is reasonably necessary for, or directly relates to, our functions or activities. We will take reasonable steps to notify you that we have collected personal information and other matters about its collection at the time of the collection or as soon as practicable afterwards. You consent to us collecting, holding, using and disclosing such information in accordance with this policy.

If we receive information about you from a third party and it is not information we need in respect of our business activities, we will destroy or de-identify that information (provided it is lawful to do so).

How do we use personal information?

If we hold personal information about you that was collected for a particular purpose, we will not use or disclose it for another purpose unless: (a) you consent; (b) you would reasonably expect us to use or disclose it for that other purpose; or (c) it is required or authorised by law or a court/tribunal order.

We generally use personal information, and you consent to us using your personal information, to:

• deliver or help you manage our products or services;;
• complete transactions with you or on your behalf, including lay-by purchases;
• enable us to undertake a credit assessment;
• conduct promotions or competitions;
• help us manage and improve our services and websites;
• communicate with you;
• where you have consented to receive direct messaging, send you ongoing information, offers and promotional material about opportunities, products and services which we believe may be of interest to you;
• manage and resolve legal, consumer or commercial complaints and issues;
• conduct market research and analysis;
• manage and recruit employees;
• carry out internal functions including training and internal audits.

When returning or exchanging goods, we require you to provide proof of purchase from us. If a return is approved without proof of purchase, we will require suitable personal information from you for the purposes of identification. This personal information may be recorded with the transaction as part of our fraud prevention program. Information collected in these circumstances will only be used for this purpose.

SMS alerts

You may opt in to receive The Cryptid Store SMS alerts which contain promotional content by signing up in-store or online. You will receive approximately 2 SMS alerts per month. You acknowledge that message and data rates may be imposed by your carrier. To stop receiving all The Cryptid Store SMS alerts, reply STOP to an SMS alert from The Cryptid Store. You will receive a confirmation message and then no further SMS alerts will be sent to your number.

Direct Marketing

If you have provided us with your personal information for the express or implied purposes of receiving direct marketing, you hereby consent to us and our business partners using your personal information to advertise or send you information about their products and services which we think may be of interest to you.

You will be given the opportunity to 'opt out' or unsubscribe from receiving direct marketing communications from us. Alternatively, you may contact us at the address below to “opt out” of, or unsubscribe from, any future communications. We will use reasonable endeavours to comply with that request within a reasonable period, and in any event, within five business days.

OUR SUPPLIERS AND CONTRACTORS

If you supply (or work for a company that supplies) goods or services to us or work as an independent contractor with us, we may collect personal information about you in order to manage our relationship with you such as: your name, address, date of birth and contact details; bank account details; insurance details; licences, permits and qualifications that you have; and times and dates of visits to our locations.

We may use this information for activities such as sourcing and acquiring goods and services, communicating with you and our suppliers, investigating complaints and managing our contract with you.

We may also collect health information about you in order to comply with any applicable laws or public health orders, assist government departments or agencies and/or maintain our own health and safety records. This information may include results of health and safety checks, vaccination records, body temperature checks and responses to questionnaires including those relating to any injuries sustained or exposure to infectious diseases or other health risk. We may disclose this information as required by law or to assist in tracing and contacting individuals for health and safety reasons or to our insurers. We will only collect and use sensitive information in compliance with the APPs.

GENERAL

How do we use personal information?

We do not disclose your personal information to anyone else unless:

• you have consented to the disclosure;
• you would reasonably expect, or have been told, that your information is passed to those individuals, businesses or agencies;
• we sell all or part of our business, merge with another company or business, or restructure our business (or contemplate doing any of the foregoing), in which case we may transfer or disclose your personal information to the parties involved in the transaction for the purposes of that transaction;
• if it is reasonably necessary, in our opinion, to protect our rights or property or that of any third party or to avoid injury to any person; or
• it is otherwise required or authorised by law.

You consent to us disclosing your personal information to our authorised personnel and to:

• companies that perform services on our behalf, such as delivery services, mail outs, customer liaison services, data entry services, trade promotion or gift card administration, account management services and debt collection services;
• our professional advisors, including auditors and lawyers;
• government departments or agencies where required by law or to assist in contacting you or others who may have been exposed to any infectious disease of other health risk;
• payment system operators and financial institutions; and
• organisations authorised by us to conduct promotional, research and/or marketing activities.

We take reasonable steps to ensure that third parties that we disclose your personal information protect your privacy to the same standard expected of us.

Overseas

You acknowledge that we may disclose your personal information overseas in situations where:

• entities to whom we are permitted to disclose your personal information under this policy are based overseas; or
• the personal information we collect is stored on servers located overseas.

At present, we work with third party service providers based in countries including those in the European Economic Area (EEA), the Philippines, India, the United Kingdom and the United States. If changes in our business result in your personal information being held in other overseas countries, we will update this policy.

You acknowledge that because of your consent to such disclosure (if any), clause 8.1 of the APPs does not apply.

How do you access and correct your personal information?

Access

Where we hold personal information about you, we will provide you with access to the information on request within a reasonable time if it is reasonable and practicable to do so. Where you make a request for access to your credit reporting information, we are obliged to first obtain sufficient information to allow us to protect the security of the information, and to verify your identity and entitlement to such information. You will therefore need to provide sufficient identifying information to obtain access.

There are some exceptions where we may refuse to give you access and these are set out in clause 12.3 of the APPs. In that case, where required, we will give you written notice setting out the reasons for our refusal and the mechanisms available if you wish to complain about our refusal.

We may impose a reasonable charge for giving you access to your personal information.

If you are a customer, you may also access and update some of the personal information you have provided to us on your ‘profile’ page after you login to your account.

Correction

If we are satisfied that your personal information is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take reasonable steps to correct your personal information. In addition, if you request us to correct your personal information, we will take reasonable steps to do so within a reasonable time. If you request it, we will also take reasonable steps to notify any other entity of the changes if we have previously provided your personal information to that entity. There is no fee for correcting your personal information.