Our Privacy Commitment

Retail Oasis Pty Limited A.C.N. 131 828 110 (“Retail Oasis”) is committed to managing personal information openly and transparently and to keeping personal information safe. We will take all necessary measures to fulfil this commitment, including to:

  • comply with the Australian Privacy Principles (“APPs”);
  • ensure that we manage personal information openly and transparently;
  • only collect personal information that we need in order to provide our services and properly undertake our business;
  • be open and honest about how we might use personal information;
  • confirm if we need to disclose personal information to anyone else (including anyone overseas) and if so, in what circumstances this might occur;
  • keep personal information secure;
  • promptly respond to any request not to receive direct marketing material from us;
  • make sure personal information is kept accurate and up to date and to properly dispose of any personal information which is no longer required by us; and
  • ensure that, where appropriate, individuals can access and correct their personal information.

About this Policy

This policy is intended to explain clearly and in plain language some of the key processes and procedures that we have implemented to manage personal information, to protect the privacy of individuals and to comply with the Privacy Act 1988, the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (“Act”) and the Australian Privacy Principles.

References to “our”, “us” and “we” in this policy are references to Retail Oasis.

The website accessible through the domain name www.retailoasis.com (“Website”) is owned and administered by Retail Oasis Pty Limited A.C.N. 131 828 110.

This policy gives a broad overview of our policies in relation to privacy but if you require further information, you are welcome to contact us.

You must read this privacy policy before providing us with any personal information and before using the Website. By providing personal information to us or by using the Website, you are confirming your agreement to the policies and procedures described in this privacy policy.


What sorts of personal information do we collect?

We will only collect information that is necessary and relevant to the proper undertaking of our business.

The types of personal information we collect include name, email address, contact telephone number and company name.

The information we collect will depend on the exact nature of the services that we are providing and what information is reasonably required to provide those services.

The Act places restrictions on us collecting sensitive information (which includes information about religion, political views, ethnicity, criminal records and sexual preferences). Generally we will not collect this type of information , however we may need to collect some sensitive information in circumstances where a person is applying for a job with us, and consent has been provided to us to do so.

Why do we require personal information?

There are various reasons why we might need to collect, hold, use or disclose personal information and this will depend upon the specific service that we are providing. You will be informed as to the main reason for the collection of personal information at the time that the personal information is collected.

Usually, the main reason that we will need to collect your personal information will be relating to a service that we are providing. Our main services relate to connecting retailers with consumers.

We may also use personal information for other reasons, including:

  • preventing fraud and other criminal activities;
  • to assist us to run our business and to improve our services and performance, including staff training, accounting, risk management, record keeping, archiving, systems development, developing new products and services and undertaking planning, research and statistical analysis; and
  • to comply with our legal obligations.

There is no obligation to provide personal information for use by us but if you do not provide us with the personal information that we require, we may not be able to provide the information, goods or services that you require.

How do we collect personal information?

The means by which we collect personal information will depend on the nature of the service being provided.

We may collect personal information:

  • directly from the individual;
  • when you access and interact with the Website;
  • from our clients who have obtained the express consent of the individual to disclose their personal information to us for its relevant use, including for use in our business and to provide our services;
  • from publically available sources, for example, the electoral role, the telephone directory or from other websites; or
  • from other sources.

We will always collect personal information directly from the relevant individual unless it is impracticable to do so.

Personal information will not be collected where a person is only browsing the Website but we do use cookies to better tailor our information and our services to meet the needs of our clients. A cookie is a small piece of text that is placed within the memory of a computer and can be later retrieved by web page servers. Cookies are used to enhance interaction and convenience in using the Website and we do not use cookies to record any personal information. Cookies may record information about a visit, including the type of browser and operating system used, the previous site visited, the server’s IP address, the pages being access and the information downloaded. While this anonymous statistical data may be aggregated and used in broader statistical analysis by us and our web monitoring service provider to improve our services, at no time can we personally identify the source of that data.

Where we are collecting your personal information, we will remind you of the following at the time of collecting your personal information:

  • our details, including our contact details;
  • that we are collecting your information and the reasons why we are collecting your information;
  • if any collection is required or authorised by law, the details of the law, court or tribunal order;
  • what happens if the personal information cannot be collected or obtained;
  • any third parties to whom personal information may be disclosed;
  • how personal information can be accessed and corrected;
  • how a complaint can be made about any breach of the APPs and how such complaints will be handled; and
  • whether personal information is likely to be disclosed to anyone overseas and if practicable, the countries in which those recipients are located.

Collecting and disclosing personal information about others

Wherever possible, we will collect personal information directly from the relevant individual.

You represent and warrant to us that where you provide personal information to us about another person:

  • you are authorised to provide that information to us;
  • you have obtained the express consent of the individual to disclose their personal information to us for its relevant use, including for use in our business and to provide our services;
  • you have complied with the APPs in collecting that personal information, including by making all relevant notifications required under APP 5; and
  • you have informed that person about the contents of this privacy policy including who we are, how we use and disclose personal information, and that they can gain access to, and correct, that information.

Unsolicited personal information

From time to time we may receive personal information that we have not requested or taken steps to come to know. In these circumstances, we will only hold onto such information where the information is necessary for our functions and activities. If we determine that the information received is not necessary for our functions and activities then we will take steps to de-identify or destroy the information as soon as is practicable. Any determination as to whether or not the information is required to be retained by us will be made within a reasonable period after the information is received by us. Any information that has not been requested but is subsequently retained by us will be subject to the procedures and requirements set out in this privacy policy.

How do we use or disclose personal information?

We may use and disclose personal information for the purposes for which it was collected or for a related purpose such as:

  • to consider a request for a product or service;
  • to enable us to provide a product or a service;
  • to carry out or respond to requests;
  • to our third party service providers to assist us in providing and improving our services, and to analyse industry trends and develop, improve and market our products and services;
  • for regulatory reporting and compliance with our legal obligations;
  • to various regulatory bodies and law enforcement officials and agencies to protect against fraud and for related security purposes;
  • to perform administrative and operational tasks (including risk management, systems development and testing, staff training and collecting debts);
  • to our third party service providers to include in a database compiled by us or our third party service providers for use in direct marketing of promotions, products and services;
  • to seek feedback in relation to client satisfaction;
  • to monitor or improve the quality and standard of services that we provide;
  • to consider any concerns or complaints made against us; and
  • to our successors and/or assigns.

By agreeing to accept the terms of this privacy policy and in providing personal information to us, you are taken to have consented or obtained the necessary consent to have personal information used or disclosed for the above purposes.

At the time that we collect personal information, we will make it clear why we are collecting personal information. We will not use personal information for any other purpose without consent or where we do use information for another purpose, it will either be for a purpose which we believe is related to the purpose for which it was first provided to us or for a purpose which would be expected.

We may also provide personal information to third parties as outlined below.

Other than the above, we will not disclose personal information without consent unless disclosure is either necessary to prevent a threat to life or health, authorised or required by law, reasonably necessary to enforce the law or necessary to investigate a suspected unlawful activity.

Do we share personal information with others?

We may share your personal information with other companies that are related to Retail Oasis. By providing personal information to us, you confirm that consent has been obtained to share the personal information with other companies within our group.

We deal with third party service providers who may assist us a variety of functions including with research, mail and delivery, security, insurance, professional advisory (including legal, accounting and auditing advice), banking, payment processing, credit reporting or technology services. Where we engage third party service providers to perform services for us, those third parties may be required to handle personal information. Under these circumstances, those third parties must safeguard this information and must only use it for the purposes for which it was supplied and we will make all reasonable enquiries to try to ensure that this is the case.

Wherever possible, we will limit the information provided to independent third parties to that information required for those third parties to properly perform their functions. Further, our contracts with these third parties will always require the third parties to comply with the APPs (or equivalent standards).


Do we use personal information for marketing purposes?

As part of the services that we provide, we may:

  • use personal information that we have collected to identify a product or service that may benefit a particular person or group of people;
  • contact individuals from time to time to let them know about a product or service that we believe might be of interest to them; and
  • disclose personal information to our related entities or business partners to enable them to contact individuals about a product or service that they might be interested in.

By providing personal information to us, you consent, or confirm that consent has been obtained, to include the personal information in our database to be used for direct marketing purposes, including those described above, however, an individual can opt-out, unsubscribe or make a request not receive direct marketing communications from us by calling Retail Oasis on (02) 9976 6222 or by writing to us by email at enquire@retailoasis.com or by post sent to Level 4, 1A Rialto Lane, Manly NSW 2095 or by logging such a request through the Website at any time. Additionally, each direct marketing communication, including all emails and SMS, will include an opt-out or “unsubscribe” option which will immediately indicate to us that the person opting-out or unsubscribing no longer wishes to receive materials of this kind. If a request is made not to receive direct marketing communications from us, we will stop sending these materials.

A request may be made that an individual does not want us to disclose their personal information to facilitate direct marketing by another organisation, or that we provide the source of any personal information that we use for direct marketing purposes. Any such requests will be actioned within a reasonable period and there will be no charges for making, or for us actioning, such requests.

How do we store personal information?

We have implemented appropriate processes and techniques (including physical security such as locks and security systems and computer and network security, including firewalls and passwords) to protect personal information from loss, misuse and interference and from unauthorised access, modification or disclosure. In addition, access to personal information is limited to those who specifically need it to conduct their responsibilities.

We and our third party service providers take all necessary steps to destroy or permanently de-identify personal information where it is no longer required and to protect personal information from loss, misuse and interference and from unauthorised access, modification or disclosure.

While care is taken to protect personal information on the Website, unfortunately no data transmission over the Internet is guaranteed as 100% secure. Accordingly, we cannot ensure or warrant the security of any information sent to us or received from us online. This is particularly true for information sent to us via email as we have no way of protecting that information until it reaches us. Once we receive personal information, we are required to protect it in accordance with the Act.

Maintaining personal information

We take reasonable steps to ensure that:

  • the personal information that we collect about is accurate, complete and up-to-date at the time of collection;
  • when we use personal information, it is accurate, up-to-date, complete and accurate at the time of use; and
  • if we disclose personal information, it is accurate, up-to-date, complete and accurate at the time of disclosure.

Will we disclose personal information to anyone overseas?

There may be circumstances where we need to disclose your personal information to a third party overseas (“Overseas Recipients”). This may occur, for example, where we have a database or server hosted outside Australia or where you are interacting with an application which is based overseas.

Prior to us disclosing your personal information to an Overseas Recipient, we have an obligation under APP 8.1 to take reasonable steps to ensure that the Overseas Recipient does not breach the APPs (the “Overseas Disclosure Obligations”).

We will take all reasonable steps to satisfy our Overseas Disclosure Obligations.

How can personal information be accessed?

Usually we will be able to provide access to personal information upon receipt of a written request, either by email sent to enquire@retailoasis.com or by post sent to Level 4, 1A Rialto Lane, Manly NSW 2095, and confirmation of the person’s identity. There are some limited circumstances in which we may not be able to provide access to personal information when requested. Such circumstances might include where access would pose a serious threat to the life, health or safety of another person or where such access would unreasonably impact on the privacy of others.

Where a request is made for access to personal information, we will respond to any such request within a reasonable period after the request is made and if possible, we will provide access to the personal information in the manner requested, if specified.   In any event, we will take all reasonable steps to provide access to your information in a way that meets the needs of the individual making the request.

If we deny access to personal information for any reason, or if we are unable to provide access to personal information in the manner requested, then we will provide a written notice confirming:

  • the reason for such refusal; and
  • the procedure to complain about the refusal.

We may recover our reasonable costs of supplying access to personal information but we will not charge for any request to access personal information.

How can you seek to correct personal information?

We do what we can to ensure that the personal information we hold is accurate, complete, up-to-date, relevant and not misleading.  To assist us to do this, please ensure that you provide us with correct information at the time you provide it to us and immediately inform us if any details change at any time. If we are concerned that any personal information is inaccurate, incomplete, out-of-date, irrelevant or misleading, or if a request is made that we correct any personal information, then we will take all reasonable steps to correct the information to ensure that it is accurate, complete, up-to-date, relevant and not misleading in the context of the purpose for which it is held.

If we correct any personal information and that information has previously been disclosed to another entity that is required to comply with the APPs, then, upon receipt of a request to do so, we will take reasonable steps to notify that other entity of the correction unless such notification is impracticable or unlawful.

If we refuse to correct personal information following a request to do so, then we will provide a written notice confirming:

  • the reason for such refusal; and
  • the procedure to complain about the refusal.

If we refuse to correct personal information following a request to do so and a request is made that we associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading then we will take reasonable steps to associate the statement with the information so that the statement is apparent to users of the information.

We will respond to any requests regarding the correction of personal information within a reasonable period after the request is made.

We will not charge for any request to correct personal information, nor will we pass on any costs incurred by us in correcting personal information or for associating a statement with personal information.


What if you want to make a complaint about some aspect of our privacy procedures?

We are committed to maintaining and protecting the privacy of individuals but it is possible that in limited circumstances, mistakes might be made. If you are concerned with the way that personal information has been handled then you are entitled to make a complaint. If you would like to lodge a complaint, please contact us through our Privacy Compliance Officer, whose details are set out below.

Privacy Compliance Officer

Justine Jones

Retail Oasis Pty Limited

Level 4, 1A Rialto Lane

Manly NSW 2095

Telephone: (02) 9976 6222

Email: enquire@retailoasis.com

 

If personal information has not been handled in an appropriate way, we will do our best to remedy your concerns as quickly as possible, including by acknowledging receipt of your complaint within 48 hours and trying to resolve the complaint within 10 working days. Where this is not possible, we will contact you within this period to let you know an anticipated time frame within which your complaint will be resolved.

If your complaint is not satisfactorily resolved, you may approach an external dispute resolution service or apply to the Office of the Australian Information Commissioner (“OAIC”) to have the complaint heard and determined.

Protecting identity

Wherever it is practicable, we will always provide an individual with the option not to identify themselves when dealing with us. Alternatively, an individual may elect to use a pseudonym to protect their identity.

Links to other websites

This Website may contain links to websites which are owned or operated by other parties. You should make your own enquiries as to the privacy policies of these parties. We are not responsible for information on, or the privacy practices of, such websites.

Changes to this policy

From time to time it may be necessary for us to review and revise this privacy policy. We reserve the right to change our privacy policy at any time.

How can you contact us?

Please find below our contact details. Please do not hesitate to contact us in relation to any privacy-related concerns and we will use our best endeavours to address any such concerns thoroughly and in a timely manner.

If it is practical to do so, you can contact us without identifying yourself. However, if you choose not to identify yourself, it may be more difficult for us to assist you with your enquiry. This will depend on the nature of your enquiry.

Retail Oasis Pty Limited

Level 4, 1A Rialto Lane

Manly NSW 2095

Telephone: (02) 9976 6222

Email: enquire@retailoasis.com

 

Please note that the Act contains certain exemptions which may permit us to use personal information in a particular way if specific circumstances arise. Any such exemptions under the Act will take priority over this privacy policy to the extent of any inconsistency.