- who we are
- what data we collect and store about you
- analytics information gathered
- what we share with others; payments
- who on our team has access
- data breach procedures we have in place
1. Who we are
For the purposes of data collection law, the “controller” is Quetzy (now on referred to as “Quetzy”, “quetzy.com.au”, “us”, “our” or “we”), a sole trader business operating from Victoria, Australia.
Our website address is: https://quetzy.com.au and we offer this website, it’s services and ecommerce tools to you.
Our contact address is: PO Box 207, Euroa Victoria 3666 Australia
Our contact email is: hello ‘at’ quetzy ‘dot’ com ‘dot’ au
Our ABN is: 297 711 793 47
2. What data we collect and store
We collect information about you (now on referred to as “you”, “your”, “user” or “visitor”), during the checkout process on our store.
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders. No credit card information is ever stored in our database or website servers. All payment processing information is passed directly to the appropriate gateway through it’s API for the express purpose of paying for goods and services, and cannot be accessed by quetzy.com.au.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for a minimum of 5 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses, products purchased and amounts paid.
We will also store comments or reviews, if you choose to leave them.
When visitors leave a comment on this site or rate products we collect the data shown in the comments form. We also log the visitor’s IP address and browser user agent string to help protect us from spam.
If you upload images or pixel based graphics to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data stored within images on the website. We are not resposible for the image data provided by site users.
When you contact us through our web based form all information is served over a secure https connection. We collect and retain your information to assist us in dealing with your inquiry. We do not use this information for marketing or any other purpose. If you checked the option to join our special offers email list, your information will be used according to our email lists terms and conditions in compliance with governing GDPR laws.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
3. Analytics, Comments and Reviews
Who we share data with
quetzy.com.au use Google and Pinterest Analytics to help make better decisions about our business and customers. This analytical metadata is delivered through a secure, encryted API (application program interface) to allow statistical site use data to be collected.
Where we send your data
Data captured and sent to Google and Pinterest Analytics with non recognisable identifiers. This anonymous information does not contain personal identity data, and is unable to recognise individual site visitors.
Visitor comments may be checked through an automated spam detection service when leaving comments or product reviews. Your IP address is captured to help protect the site from automated spam bots and malicious practises.
How long we retain your data
If you leave a comment on quetzy.com.au, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Your contact information
When you create an account on this website your information is stored in a database for the sole purpose of managing your shopping experience within quetzy.com.au. This information is required and enables us to provide a safe, legal commerce transactions and shopiing experience. Any information provided between users and quetzy.com.au is served over a secure, double socket, encrypted https connection. It is the users responsibility to ensure digital devices used to complete such website transactions are safe and free of spyware and viruses which may compromise your ecommerce security. Quetzy.com.au will not be held responsible for issues arrising from faulty or corrupt external or third party systems not provisioned through our service.
How we protect your data
All website traffic and email on quetzy.com.au is delivered over an encryptic https protocol SSL (secure socket layer) connection to ensure a secure information transfer between user and web interface. Although being one of the strongest industry standard security protocols, we cannot be held responsible for systems and infrastructure used to transact which are out of our control. These include but are not limited to ISP’s (internet service providers), multi-route data diversion and connection points, or personal computer hardware which may compromise user security.
4. What we share with others
We share information with third parties who help us provide our orders and store services to you; for example —
We accept payments through PayPal payment gateway. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
We accept payments through the Stripe payment gateway. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information.
Subscriber & Transactional email
If you are an account holder on our website (you can log in), or if you have purchased from our eCommerce website, you will receive transactional emails from us which pertain to the services we provided to you.
If you have subscribed to our newsletter, we will send you emails according to the terms of our email service provider, relating to topics you have signed up to receive.
To send you emails, we use the name and email address you provided to us. Our site also logs the IP address you used when you signed up for the service to prevent abuse of the system.
This website may send emails through the MailPoet sending service to ensure deliverability of purchase transactional emails. This service allows us to track opens and clicks on our emails. We use this information to improve the content of our newsletters.
No identifiable information is otherwise tracked outside this website except for the information you provided to the system at signup.
5. Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
6. What security & data breach measures we have in place
In the unlikely event that a security breach occures through illegal or unlawful access, whether physical, mechanical or via electronic mediums, quetzy.com.au will use the contact information provided in the account you used to register at our site to notify you as soon as possible.
All passwords relating to user accounts are salted and hashed via an encrypted algorithm to ensure they are unreadable by any person or system other than the host system used to create it.
Quetzy.com.au does not store or hold any credit card information on our internal or website database. These are handled by the relevant payment gateway services listed above in section 4. Payments.