Hello. We are Heaps Normal Pty Ltd (ACN 637 419 026) (known by humans as Heaps Normal).
Here’s how we protect your data and respect your privacy.
1. Our role in your privacy
1.1 If you are a Heaps Normal customer, business partner, or just visiting our website, this policy applies to you.
1.2 Under Australian law, we’re required to protect any personal information you give us.
1.3 “Personal information” means information or an opinion about an identified or reasonably identifiable individual – basically, any data that can identify a person. For this policy, let’s call it your Deets.
1.4 We are committed to protecting your Deets and to complying with applicable privacy laws.
1.5 If you give us other people’s Deets, or if others give us your Deets, we will only use that information for the specific reason for which it was provided to us.
2. When and how we collect your Deets
2.1 If you are only visiting our website, please know that we do not collect your Deets without your knowledge or consent. Any information we do collect through cookies and other tagging technologies is fully anonymised.
2.2 Sometimes you provide us with your Deets, sometimes your Deets are collected automatically.
Here’s when and how we do this:
(a) Directly from you when we do our business, from communications via phone, email and text, as well as from our website and other online platforms including by using cookies.
(b) From publicly available sources including via websites, directories, and social media
3. Keeping your Deets safe and sound
We hold your Deets securely and take reasonable steps to keep it secure. We only keep your Deets for as long as it remains relevant to the purpose for which we collected it.
4. Types of Deets we collect and hold
4.1 When we conduct our business, here are the kinds of Deets we might collect and hold:
(a) Contact details. Your name, address, telephone number, email address, organisation details, and other types of information that let us reach out to you.
(b) Preference information. Information about your tastes and preferences, including your purchase history and beverages of ours that you tend to prefer.
(c) Other data that identifies you. This covers the kind of information we gather when you cruise our website, check out our socials, shoot us emails or give us feedback and reviews. Think of it as your digital fingerprint – cookie information, IP address, URLs, your search histories and other kinds of digital traces you leave when you check us out online.
4.2 We don’t keep your payment details or collect your sensitive information. Your payment details may be stored by our third party technology partners to enhance your website experience (i.e. to facilitate pre-filled check outs), but we do not keep this information.
5.1 We won’t share your Deets for any secondary purpose, unless that purpose is related to why we initially collected your Deets in the first place, or if you give us the go ahead. Basically, we don’t do surprises.
5.2 The purposes for which we collect, hold, use and disclose your Deets may include:
(a) conducting our business, which includes undertaking our activities engaging with you in respect of our activities;
(b) to communicate information about our activities; and
(c) to provide you with information or advertising relating to our activities (including targeted advertisements) or marketing communications we believe may be of interest to you;
(d) to improve and optimise our platforms (including our websites) and services;
(e) for our internal administrative, research, planning and marketing purposes; and;
(f) to comply with legal obligations and protect our legal interests and rights (including our intellectual property rights).
5.3 We may also disclose your Deets to:
(a) Our work fam: our affiliates and related bodies corporate;
(b) Our sidekicks: our third party service providers, including services providers who assist us with our activities; and
7. Retention, access and correction
7.1 We will only keep records of your Deets as long as they are still necessary for the purposes we list above in section 5.
7.2 We will take all reasonable steps to ensure any Deets we collect, use or disclose is up to date and accurate. If you believe your Deets are not up to date or accurate, you can ask us to correct them.
7.3 If you're curious about what Deets we have on you, just give us a shout (contact details below). We'll do our best to send you a copy of your Deets within 30 days of getting your request.
7.4 Please direct all requests for access and correction to email@example.com.
8. Overseas disclosure
8.1 As we go about our business, your Deets might take a trip overseas, including if we store your Deets with our third party technology providers which reside overseas. These may be located in the United States, the United Kingdom and India.
8.2 No matter where we disclose your Deets, we will take reasonable steps to ensure that your Deets are protected in accordance with applicable data protection laws.
9. Let’s talk if you’re not happy
9.1 If you think we’ve missed the mark on the Privacy Act 1988 (Cth), please hit up our Privacy
Officer (details below). We’ll do our best to sort things out.
9.2 If you’re still not feeling good about how we’ve handled your Deets, you may contact the Australian Privacy Commissioner. They’re the cool cats at www.oaic.gov.au or you can ring them on 1300 363 992.
10. Contacting us