Gizelle Hamilton Pty Ltd t/as Sacred Horse on behalf of The Trustee for Gizelle Hamilton Enterprise Trust (ABN: 56 904 376 686) (Sacred Horse, we, us) is committed to protecting the information about you that we collect, store and use when you provide it to us on our website: https://www.sacredhorse.com.au (Site).
We respect your rights to privacy under the Privacy Act 1988 (Cth) (Privacy Act) and so in accordance with this Act, we are compliant with its requirements in respect of the collection, management and disclosure of your personal information.
We also uphold your rights to privacy if you are based in the European Union, in accordance with the General Data Protection Regulation (GDPR) (EU). Your rights under the GDPR are listed below.
If you do not wish to provide personal information to us, then you do not have to do so. However, this may affect your use of this Site or any products and services offered on it.
What is your personal information?
We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how users use our website.
What information may we collect from you?
Sacred Horse may collect the following personal information from you:
- current mailing or residential address;
- current billing address
- email address;
- telephone number;
- age or birth date.
We collect personal information about you so that we can perform our business activities and functions and to provide best possible quality of customer service. We collect, hold, use and disclose your personal information for the following purposes:
- to provide our services to you;
- to send communications requested by you;
- to answer enquiries and provide information or advice about existing and new services;
- to provide you with access to protected areas of our website; and
- to comply with any Law, rule, regulation, Lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority.
How do we collect your personal information?
We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including:
- when you make an enquiry about our services;
- through your access and use of our website, including when you register as a member of our website;
- during conversations between you and our representatives;
- when you ask to be placed on one of our subscription/mailing lists; or
- when you become a client or customer of ours or otherwise use our products or services.
What happens if we can’t collect your personal information?
If you do not provide us with the personal information described above, some or all of the following may happen:
- we may not be able to provide our products or services to you, either to the same standard or at all;
- we may not be able to provide you with information about services that you may want, including information about special promotions; or
- we may be unable to tailor the content of our website to your preferences and your experience of our website may not be as enjoyable or useful.
Site User Tracking Experience
We may use tracking software to review and improve your experience of our Site. In particular, we may use Facebook, MailChimp and Google Analytics. Google Analytics collects data about our Site traffic via Google Advertising cookies and anonymous identifiers. Data collected via these Google products is not linked with any personally identifiable information you submit while on our Site. If you wish to opt out of the Google Analytics data collection, you may do so on Google’s Site at https://tools.google.com/dlpage/gaoptout/.
We use this to research our users’ habits so that we can improve our online services. Our cookies do not collect personal information. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them. We may log IP addresses (that is, the electronic addresses of computers connected to the Internet) to analyse trends, administer the website, track users’ movements, and gather broad demographic information.
As our website is linked to the Internet, and the Internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the Internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.
Groups and Forums
If you participate in a discussion forum, chat room or webinar, you should be aware that the information you provide there will be made broadly available to others, potentially inside or outside Sacred Horse, who have access to that discussion forum or chat room. Also, please recognise that individual forums and chat rooms may have additional rules and conditions. Each participant’s opinion on a forum or chat room is his or her own and should not be considered as reflecting the opinion of Sacred Horse.
Please be advised that for any forums or Webinars you attend, recordings can be enabled by a meeting or webinar host. By signing up for any of Sacred Horse’s, or any other host authorised by Sacred Horse’s, webinar services or otherwise using them in any way, including without limitation by attending any Sacred Horse meeting or webinar, you expressly acknowledge that we may make and store Recordings for meetings or webinars, and may make such recordings available to hosts and other Attendees at the direction of Sacred Horse. If you do not want to be recorded, you can choose to leave the meeting or webinar.
To whom will Sacred Horse disclose my personal information?
We may disclose your personal information to:
- our employees, contractors or service providers for the purposes of operating our website or our business, fulfilling requests by you, and to otherwise provide services to you including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
- suppliers and other third parties with whom we have commercial relationships, for business, marketing, and related purposes; and
- any other organisation for any authorised purpose with your express consent.
If there is a change of control of our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at Law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser. We would seek to only disclose information in good faith and where we have sought to maintain confidentiality.
Direct marketing materials
We may send you direct marketing communications and information about our services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS and email, in accordance with applicable marketing Laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our subscription/mailing list.
We do not provide your personal information to other organisations for the purposes of direct marketing.
Security and data quality
We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure.
We strive to ensure the security, integrity and privacy of personal information that you submit to us through our website. Unfortunately, no data transmission over the Internet can be guaranteed to be totally secure. We endeavour to take all reasonable steps to protect the personal information you may transmit to us or from our online products and services. Once we do receive your transmission, we will also make our best efforts to ensure its security on our systems.
In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.
We may hold your information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer needed or when we are no longer required by Law to retain it (whichever is the later).
For how long do you retain my personal data?
We will only keep your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By Law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for five years for Australian tax Law purposes. In addition, Section 286 of the Corporations Act requires financial records to be kept for at least seven years after the transactions covered by the records are complete. This may include invoices, statements and other financial records containing your personal information.
In some circumstances you can ask us to delete your data; see your legal rights below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
I am based in the EU; what are my legal rights under the GDPR?
If the General Data Protection Regulation applies to you because you are in the European Union, you have rights under data protection Laws in relation to your personal data:
- The right to be informed – We are obligated to inform you how we use your personal data;
- The right of access – You have the right to make a ‘data subject access request’ to obtain a copy of the personal data we hold about you;
- The right to rectification – You have the right to request that we correct personal data about you that may be incomplete or inaccurate;
- The right to erasure – In certain circumstances you can ask us to delete the personal data that we have about you (unless there’s an overriding legal reason why we need to keep it);
- The right to restrict processing – In certain circumstances, you may ask us to suspend processing personal data;
- The right to data portability – You may ask us for a copy of your personal data in a common format (for example, a .csv file);
- The right to object – You may object to us processing your personal data (for example, if you object to us processing your data for direct marketing); and
- Rights in relation to automated decision making and profiling – We must be transparent about any profiling we do or any automated decision making.
These rights are subject to certain rules around when you can exercise them.
If you wish to exercise any of the rights set out above, please contact us at firstname.lastname@example.org.
How can you access and correct your personal information?
You may request access to any personal information we hold about you at any time by contacting us (see the details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We may charge you a reasonable fee to cover our administrative and other reasonable costs in providing the information to you. We will not charge for simply making the request and will not charge for making any corrections to your personal information.
There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires correction. If we do not agree that there are grounds for correction, then we will add a note to the personal information stating that you disagree with it.
What is the process for complaining about a breach of privacy?
If you believe that your privacy has been breached, please contact us using the contact information below and provide details of the incident so that we can investigate it. We will treat your complaint confidentially, investigate your complaint and aim to ensure that we contact you and your complaint is resolved within a reasonable time (and in any event within the time required by the Privacy Act and/or GDPR, if applicable).
You may contact us regarding your data privacy by email on email@example.com.