- About us and this policy
In this policy, ‘we’ or ‘us’ refers to Buzz Products Pty Ltd (ABN 32 091 262 172) and our related entities.
The provision of your personal information is voluntary. However, if you do not provide us with certain personal information, we may not be able to undertake certain activities for you, including providing you with information or goods or services that you request us to provide.
- Collection of your personal information
Personal information is information that can be associated with a specific person and could be used to identify that specific person (whether from that date, or from that data and other date and other information that we have).
We collect and hold kinds of personal information that directly relate to, or are reasonably necessary for, us doing business with you (including providing you with goods and services).
The types of personal information that we collect, and how we collect this, depends on the nature of our relationship with you. For example:
- when you register for an account on our website, sign up for our mailing list, order goods or services (including samples) from us, or voluntarily complete a customer survey or provide feedback on any of our message boards or via email: you may be required to provide us with your name and contact details (including address, telephone number and email address);
- when you apply to work with us, in addition to your name and contact details, you may be required to provide us with your date of birth and gender and other personal information;
- when you access or use our website or apps (including create or log into your account or add goods to cart) or interact with any of our digital marketing material, we may collect technical data about your usage of our sites and apps and how you interact with our digital advertisements and promotions, such as content viewed or downloaded, features used, links clicked, promotional emails opened, and dates and times of interactions. We collect this information using cookies and similar technologies;
- if you have given us access to your location, we may also collect location data. We collect this from Wi-Fi access points, GPS signals and cell tower IDs. You can remove our access to your location by using your mobile device settings (however doing so may result in you not being able to fully access our service). We may also derive your approximate location from your IP address; and
- if you connect your account with us to your account on another service (for example, Google or Facebook), we may receive information from the other service (for example, your name, email address, age range, profile picture, language, and friend list). You can stop sharing the information from the other service with us by removing our access to that other service.
Other than in relation to people who directly work with or for us (employees, contractors or consultants), we do not collect sensitive information (including personal information relating to a person’s racial or ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences and criminal record). We will only collect sensitive information with your prior consent. If you provide us with certain services, for example as a contractor or consultant, we may in some circumstances, collect sensitive information (for example where we require you to provide medical certificates, or if we carry out criminal record checks).
We do not consider personal information to include information that has been aggregated or made anonymous such that it can no longer be used to identify a specific person (whether alone or in combination with other information).
- Why we collect, hold, use and disclose personal information
We collect, hold, use and disclose personal information about you when it is reasonably necessary for our business functions and activities. These include:
- processing your order and otherwise providing you with goods or services, including samples, that you request and sending you notifications about your orders;
- communicating with you, including providing you with information (including marketing material) about our business, goods and services (and relevant news and events) that we think may be of interest to you (including about our product catalogue, product technologies we are developing, trade shows that we are exhibiting at, or brands or customers that we have partnered with);
- seeking your opinion on the quality of, or proposed changes to, our goods, services or business;
- using customer details provided to us on behalf of our client to provide goods or services to that client or directly to you (for example encoding RFIDs with details of our client’s customers at the request of our client, or sending out goods or marketing information on behalf of our client to its customers);
- conducting promotional activities and providing special offers;
- assessing and processing any enquiries and requests that you make (including orders, and employment enquiries);
- administering and managing our relationship with you;
- providing you with invoices and reminder notices;
- improving our goods and services and developing new ones;
- complying with legal requirements, and facilitating the safety and security of our website and software applications (including authenticating users, facilitating secure payments, enforcing our terms and policies, responding to a legal request or claim, protecting against fraud and abuse, and conducting audits); and
- resolving any complaints that you may have about us or our goods or services.
If you do not wish to receive marketing communications from us, you can unsubscribe using the link in the marketing email.
- How we collect personal information
The main way in which we collect personal information about you is when you give it to us or someone acting for us (for example, your details when you register for an account on our website, send us a request to provide you with information about us, request us to provide you with goods or services (including samples), participate in a survey, contest or promotion, make an enquiry about our business, sign up to receive information from us (including subscribe to our mailing list), seek advice from us, attend an event provided by us or a trade show where we are exhibiting, or apply for a job with us).
We may also collect your personal information though your use of our website or software applications (for example, when you are access or use our applications or software, we may collect usage data and geo-location data).
We will usually only collect personal information about you from you, however in some situations we may collect personal information about you from a third party. For example, our client may provide us with your information if you are a customer of theirs and they want us to provide you with goods or services (such as a travel bag tag encoded with your information), or we may engage a third party to undertake marketing for us (including conducting a survey or promotion that you partake in). We will only collect personal information about you from a third party if it is unreasonable or impracticable for us to collect this information directly from you, or we are otherwise permitted, required or authorised by law to collect this information from the third party.
In most circumstances it will be necessary for us to identify you in order for us to do business with you, however, where it is lawful and practicable to do so, you have the option of dealing with us anonymously or by using a pseudonym.
- Who we may disclose your personal information to
We may disclose your personal information to our corporate affiliates, contractors, agents, consultants, and professional advisors (including business partners (including manufacturers that we need to provide your information to in order for them to encode a product for you, or mail a product to you), advertising partners, mailing and printing houses, IT providers and other service providers) (collectively, Partners) who assist us in undertaking our business functions and activities, including running our websites. Some of our Partners are located outside of Australia, including in the UK, Europe, USA and China.
When we undertake activities on behalf of a client of ours (for example, deliver and host a client-branding application, or run a survey or competition for a client), and those activities require us to collect your personal information for that client, we may disclose your personal information to that client (including when that client is located outside of Australia).
Before disclosing your personal information in the manner described above we take steps to ensure that any third-party access to personal information complies with the applicable privacy laws.
We will also disclose your personal information where we are required or authorised by law to do so.
- How we hold personal information
We hold personal information by recording and storing it in a variety of forms, including in hardcopy and electronic files and databases. Servers on which we store personal information are located in Australia and the USA.
We maintain reasonable safeguards to protect the confidentiality, security and integrity of your personal information. Although we use security measures to help protect your personal information against unauthorised disclosure, misuse, or alteration, as is the case with all computer networks linked to the Internet, we cannot guarantee the security of information provided over the Internet and will not be responsible for breaches of security beyond our reasonable control.
If you have a security-related concern, please contact us immediately (with details) via email to firstname.lastname@example.org
If we hold personal information about you that we no longer need for any purposes for which it may be used or disclosed under law, we will take reasonable steps to destroy that information or to ensure that it is de-identified.
- How you may access and seek correction of your personal information
If we hold personal information about you, you have the right to request access to that personal information, and to request its correction if you think that it is inaccurate, out-of-date or incomplete. Such request may be made by contacting us in writing in accordance with clause 12.
We will respond to your request for access or correction to your personal information within a reasonable period after the request is received (and we will endeavour to respond within 30 days).
To the extent reasonable and practicable, we will provide you with access to your personal information in the manner requested by you.
Although we will generally grant you access to your personal information upon your request, in certain situations we may legally refuse to grant you access. If we refuse to grant you access to your personal information or refuse to give you access to your personal information in the manner in which you request, we will provide you a written notice that sets out the reasons for our refusal (provided that it is not unreasonable in the circumstances to set out those reasons), and the complaint process that you may use if you disagree with our refusal.
If we consider it appropriate, we may charge you for giving you access to personal information that we hold about you (provided that the charge is not excessive).
- Correction of your personal information
We take reasonable steps to ensure that the personal information we hold is accurate, up to date and complete (having regard to the purpose for which that information is held). To assist us to do this we rely on you to provide us with accurate, up-to-date and complete information in the first instance, and for you to notify us if you believe that any personal information that we hold about you is inaccurate, out-of-date or incomplete.
- California Privacy Rights
If you are a California resident, you have additional rights in relation to your Personal Information provided under the California Consumer Privacy Act of 2018 (CCPA), including:
- Right Against Discrimination: You have the right not to be discriminated against for exercising any of the rights described in this section. We will not discriminate against you for exercising any of your rights under the CCPA.
- Right to Know: You have the right to request us to disclose to you: (i) the categories of personal information we have collected about you; (ii) the specific pieces of personal information we hold about an individual (iii) the categories of sources from which personal information is collected; (vi) the business or commercial purpose for the information collection; (v) the categories of third parties with whom we have shared personal information; (vi) the categories of personal information that we sold about you and the categories of third parties to whom the information was sold; and (vii) the categories of personal information that we have disclosed about you for a business purpose. We are not obligated to provide this to the same person more than twice in a 12-month period.
- Right to Delete: You have the right to request us to delete any Personal Information we have collected from you or maintain about you, subject to certain exceptions, including: we are not required to comply with your request to delete if it is necessary for us to maintain that person information in order to: (i) complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of a business’ ongoing business relationship with you, or otherwise perform a contract between you and Buzz; (ii) detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity; (iii) debug to identify and repair errors that impair existing intended functionality; (iv) exercise free speech, ensure the right of another consumer to exercise that consumer’s right of free speech, or exercise another right provided for by law; (v) comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code; (vi) to enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business; (vii) comply with a legal obligation; or (viii) otherwise use the personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
You can exercise your rights by email request sent to email@example.com. We will process that request in accordance with the CCPA (including time frames permitted under the CCPA).
- UK and EU Privacy Rights
If you are a resident of the UK or EU, you have additional rights in relation to your personal information provided under the UK and EU GDPR data protection law, as described below.
- Right of Access: You have a right to request us for a copy of your personal information that we hold. We will provide a copy to you without undue delay subject to some fee associated with gathering of the information (as permitted by law). We may limit or deny your request if denial of access is required or authorised by law, granting access would have a negative impact on other’s privacy, doing so protects our rights and properties, or where the request is frivolous or vexatious.
- Right to rectification: You have the right to request that we correct any information you believe is inaccurate. Taking into account the purposes of the processing, you may also have the right to have incomplete personal data about you completed, including by providing a supplementary statement to us.
- Right to erasure: You have the right to request that we erase your personal data, under certain conditions. This right not absolute, and we are only required to delete your personal data upon your request if: (i) it’s no longer necessary for the purposes for which we collected or processed it; (ii) if we process your personal data on the basis of consent, you withdraw your consent, and no other legal ground exists for us to continue processing your personal data; (iii) if we process your personal data for our legitimate business interests, you object to the processing, and there are no overriding legitimate grounds for us to continue processing your personal data; (iv) if we have processed your personal data unlawfully; or (v) the personal data must be erased to comply with a legal obligation under European Union or Member State law to which we are subject. We are not required to erase your personal data to the extent that we need it process it to: (A) exercise our right of freedom of expression and information; (B) comply with a legal obligation under European Union or Member State law to which we are subject; or (C) establish, exercise, or defend a legal claim.
- The right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
- If the basis for our data processing is Buzz’s legitimate business interests, you have the right to object to us processing your personal data and we will honour your objection and stop processing the relevant personal data, unless: (A) we have compelling legitimate grounds for the processing that override your interests, rights, and freedoms; or (B) we need to continue processing your personal data to establish, exercise, or defend a legal claim.
- If the basis for our data processing is direct marketing purposes, you have the right to object to this processing. If you exercise this right, we will stop processing your personal data for direct marketing purposes.
- Right to restrict processing: You have the right to request that we restrict the processing of your personal data in the following circumstances: (i) for the period of time that Buzz needs to verify the accuracy of your personal data when you contest its accuracy; (ii) when the processing of your personal data is unlawful and you oppose the erasure of the data, and instead request that we restrict the use of the data; (iii) when we no longer need your personal data for the purposes of processing, but you need the data to establish, exercise, or defend a legal claim; or (iv) for the period of time that Buzz needs to verify if it has compelling legitimate grounds for processing that override your interests, rights, and freedoms when you object to the processing of your personal data for Buzz’s legitimate business interests.
- The right to object to processing: You have the right to object to our processing of your personal data, under certain conditions.
- The right to data portability: You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, when (i) the processing of the data is based on your consent or is necessary for the performance of a contract between you and Buzz; (ii) Buzz’s processing of your personal data is carried out by automated means; and (iii) complying with your request will not adversely affect the rights and freedoms of others. If you have the right to receive such personal data and request that Buzz provide it, we will provide it to you in a structured, commonly used, and machine-readable format.
- Right to lodge a complaint with a supervisory authority: We will use our best efforts to address and settle any requests or complaints brought to our attention. In addition, you have the right to approach the competent data protection authority with requests or complaints. This can be the supervisory authority in the country or federal state where you live.
You can exercise your rights by email request sent to firstname.lastname@example.org. We will process that request in accordance with the relevant privacy legislation applicable to you (including time frames permitted under that legislation).
- Children’s data
We recognise that some Data Protection Laws vary based on the age of consent. Depending on the jurisdiction, the age of consent can be between 13 to 16 years old. We do not knowingly request to collect Personal Information from any person under the age of consent as defined by the jurisdiction in which the person resides. If we are aware of or suspect that a person is under the age of consent, we will require the person to terminate their account. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of consent using our services.
- How you may complain about a breach of privacy laws and how we will deal with such a complaint
If you make such a complaint we will investigate your complaint, and we will endeavour to respond to your complaint (and notify you of the outcome of our investigation) within 30 days of receipt.
If you feel that we have not resolved your complaint to your satisfaction, you may raise your concerns with the appropriate privacy authority in your country of residence, including (as applicable):
- Australia: Office of the Australian Information Commissioner, contactable in writing by email to email@example.com or by mail to GPO Box 5218, Sydney NSW 2001, Australia; and
- UK: Information Commissioner’s Office (ICO), contactable in writing by mail to ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, or phone to their helpline number: 0303 123 1113.
- EU: Commission for the Protection of Privacy, Rue de la Presse 35, 1000 Brussels, Telephone: +32 (0)2 274 4800, E-mail: firstname.lastname@example.org, Website: www.privacycommission.be
- Contacting us
Last updated: 8 November 2022