At By Charlotte we are committed to protecting your personal information and respecting your privacy.

This page describes what personal data we collect, how we will use that data, and how we keep your personal information safe.

This By Charlotte website is owned by By Charlotte Pty Ltd (ABN: 88 605 001 278).

By accessing or using this website and our services (Platform Services), you agree to be bound by this policy (Privacy Policy), which explains how we collect, use and handle any personal information we collect from you in connection with the By Charlotte website.

We understand that collection of personal information is a serious matter. Therefore, the protection and appropriate use of your personal information is important to us. This Privacy Policy is consistent with the Australian Privacy Principles of the Privacy Act 1988 (Cth) (Act). Please read this Privacy Policy so you understand our commitment to protecting the privacy of your information and email us at customercare@bycharlotte.com.au with any questions.

What types of Personal Information do we collect?

Principle

Personal Information we collect from you will depend on how you use the Platform Services, and whether you are a registered user or just a visitor to the website. In general though, the types of Personal Information we may collect from you include your:

  • name;
  • email address;
  • postal address;
  • telephone number(s);
  • your country of residence;
  • your age and gender;
  • the organisation for whom you work; and
  • any other information necessary for us to provide the Platform Services to you.

Our policy

We collect Personal Information you provide directly to us when you contact us, register to use the Platform Services, pay for any Platform Services, participate in surveys and questionnaires, and from other information you upload via the website from time to time.

If you wish to become a registered user of the website, we may collect from you information about you or relating to you when you use the Platform Services, such as when:

  • you sign-up to receive our newsletter or other email notification services;
  • you communicate with us via telephone, SMS, email or via social media (including by submitting a query through our website via our “Contact” webpages);
  • you visit web pages associated with the Platform Services; and
  • you conduct activities connected with your use of the Platform Services.

We may ask you to provide Personal Information including your name, email address, age and gender, questions and answers to security questions and other information that enables us to provide you with an online profile and to verify your identity when using the Platform Services.

To facilitate payment for any of the Platform Services, we may also require Personal Information, including a credit card number and expiry date, debit card number and expiry date, verification number(s) and billing information.

What happens if you wish to be anonymous or use a pseudonym?

You may be able to visit the website and deal with us anonymously or by using a pseudonym. However, we need certain Personal Information to be able to provide you with the services, products or information you seek. If you do not provide us with certain required information, we may not be able to give you access to those services or products or provide you with information you are seeking. For example, we may not be able to respond to your enquiry, enter you in a promotion or send you requested information or products you have purchased.

The term Personal Information has the same meaning in this Privacy Policy as it does in the Act. It includes information or data that you provide us in any form from time to time which relates to a living individual who can be identified from, or whose identity is apparent or can reasonably be ascertained from, that information or data alone or in conjunction with other information already held by the recipient, controller or processor of such information or data. It includes any expression of opinion about the individual and any indication of the intentions of the recipient or any other person in respect of that individual.

This Privacy Policy applies to your Personal Information, in relation to your access and use of this website and the Platform Services, regardless of the way we collect it, for example via the website, when you respond to a survey or questionnaire, or when you contact us.

By submitting information to us and/or accessing and using the website and the Platform Services, you consent to us using and disclosing your Personal Information in the ways described in this Privacy Policy.

Principle

We use your Personal Information to provide you with the Platform Services.

Our policy

We may use your Personal Information:

  • to register you to use the Platform Services,
  • to provide you with any other information or services you request and that we offer or provide,
  • to manage the Platform Services (including your account) and provide you with support, as required,
  • to process and obtain payment for any Platform Services,
  • to understand your needs and usage of the Platform Services both to improve the Platform Services and our marketing, as well as the way we do business with you,
  • to contact you for direct marketing and promotional purposes, and
  • to answer queries or resolve complaints.

We may send you electronic messages updating you about products, services, events and special offers. We will only send electronic messages of this type if you have consented to receive them or it can be inferred from your existing relationship with us that there is a reasonable expectation of receiving those electronic messages. All electronic messages will identify us, and you can opt-out by unsubscribing to any of the emails we send.

Principle

We treat all information we collect from you as strictly confidential, and only share with third parties as required to perform the Platform Services, or where you have given consent.

Our policy

We may engage third parties to undertake some of the Platform Services or related services such as hosting, archiving, data security, payment services and e-mail communications. We may provide those third parties with access to and use of your Personal Information for the sole purpose of them providing their services to us. We will use reasonable endeavours to ensure that those third parties only use your Personal Information for the specific purposes for which it is provided to them and consistently with this Privacy Policy.

We may disclose your Personal Information without notice or your consent:

  • to our related companies,
  • to our professional advisors,
  • to third party service providers, for the reasons as set out above and on an as needed basis. These service providers include:
  • Klavivyo – you can view Klaviyo’s privacy policy at https://www.klaviyo.com/legal/privacy-notice or any other URL used from time to time; and
  • Shopify Plus – you can view Shopify Plus’ privacy policy at https://www.shopify.com/legal/privacy or any other URL used from time to time.
  • if we sell or merge our business (or part of it) with another organization or enter into a joint venture in connection with our business (or any part of it),
  • to law enforcement authorities, if we suspect that an unlawful act is being committed or that such disclosure will prevent that unlawful act, or
  • as otherwise required or authorised by law.
  • Apart from those disclosures, we will not give, sell, rent, loan or otherwise disclose any Personal Information to any third party, unless:
  • you have authorised us to do so,
  • we are legally required to do so, for example, in response to a subpoena, court order or other legal process, and/or
  • it is necessary to do so in order to protect and defend the rights or property of this website. For example, with your consent, we may disclose your Personal Information to a third party vendor that we engage to mail survey results to you.

We may however share aggregated, non-personal information about website usage with unaffiliated third parties. This aggregated information does not contain any Personal Information about users of the website or the Platform Services.

Our relationships with third party service providers are governed by our contracts with them. If any third party service provider to whom we disclose your Personal Information is located outside Australia, we will use our reasonable endeavours to negotiate service contracts with those providers that contain privacy and confidentiality provisions consistent with our obligations under the Act.

Google Analytics

We have enabled Google Analytics Advertising Features including Remarketing Features, Advertising Reporting Features, Demographics and Interest Reports, Store Visits, Google Display Network Impression reporting etc. We use first-party cookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) or other third-party identifiers together.

You can opt-out of Google Analytics Advertising Features including using a Google Analytics Opt-out Browser add-on found here. To opt-out of personalised ad delivery on the Google content network, please visit Google’s Ads Preferences Manager here or if you wish to opt-out permanently even when all cookies are deleted from your browser you can install their plugin here. To opt out of interest-based ads on mobile devices, please follow these instructions for your mobile device: On android open the Google Settings app on your device and select “ads” to control the settings. On iOS devices with iOS 6 and above use Apple’s advertising identifier. To learn more about limiting ad tracking using this identifier, visit the settings menu on your device.

Principle

We will take commercially reasonable and appropriate steps to ensure your Personal Information is protected from risks such as loss, unauthorized access or use, destruction, modification or disclosure.

Our policy

All the information you provide to us is handled through the use of the Secure Socket Layer (“SSL”) protocol. SSL is a leading Web technology that encrypts your account information. If you register online, we use 128-bit encryption when we ask for or you provide Personal Information or other confidential information. Also, some personal data, such as your membership id and/or password, will be stored in encrypted form.

You should never reveal your password to third parties. If you lose control of your password, you may lose control over your Personal Information and may be liable for actions taken in your name by third parties using your password and/or Personal Information. We take no responsibility for loss caused in this way.

You always need to exercise caution when sending information via e-mail or the internet. E-mail messages and the internet do not have the security features that are built into our website.

We cannot accept responsibility for the security of information you send to or receive from us via e-mail or over the internet or for any unauthorized access, use or modification of that information.

We also have procedures that limit our employees and contractors having access to Personal Information. Apart from the disclosure or transfer of Personal Information to our Hosting Service Provider, only those employees and contractors with a business reason to know have access to Personal Information. We educate our employees about the importance of privacy and confidentiality through standard operating procedures, mandatory training programs and internal policies on data privacy and corporate integrity. We take appropriate disciplinary measures to enforce employee privacy responsibilities.

Links to other websites

The website may provide links or references to other third party resources that are not subject to this Privacy Policy. You should review the privacy policy of every third party resource accessed via links from our website and assess whether the policy is satisfactory to you before you use the linked website or resource. We are not responsible for any Personal Information you choose to disclose to a third party website or resource linked to our website.

Payment card information

We engage secure third party payment service providers identified on the website from time to time to process payments for Platform Services offered through the website. Payments may be made by credit or debit cards as permitted by the website from time to time. We will not keep a record of your credit or debit card number for payments for Platform Services made via the secure third party payment service providers used by the website.

Personal Information we collect from you is stored securely on servers in Australia. We also engage a third party data hosting service provider (Hosting Service Provider) to provide data hosting services and store data.

Servers in which your information (including your Personal Information) is stored by our Hosting Service Provider are currently located in Australia, although additional or other locations may be used in the future. In particular, our Hosting Service Provider will also likely store your Personal Information on servers located in the United States or elsewhere. The Hosting Service Provider may be subject to foreign laws in those locations that do not have privacy obligations similar to the Act and/or that compel disclosure of personal information to third parties, such as governmental authorities.

If our Hosting Service Provider stores your Personal Information outside Australia, the Act requires us to ensure that the Hosting Service Provider complies with applicable Australian privacy laws, unless you agree otherwise. By providing us with information (including Personal Information), registering to use the Platform Services, using the Platform Services, uploading any materials or information via the website, obtaining products or services provided via the website or undertaking the HoA Test or other surveys and questionnaires, you:

  • consent to us disclosing and transferring your information (including Personal Information) to our Hosting Service Provider;
  • consent to our Hosting Service Provider storing your information (including Personal Information) on servers located outside Australia, particularly in the United States; and
  • agree that the requirement under the Act for us to ensure that our Hosting Service Provider complies with applicable Australian privacy laws in respect of your information (including Personal Information) does not apply if our Hosting Service Provider stores personal information outside Australia, including in the United States.

We may in the future store your Personal Information in other locations outside Australia or engage other data hosting or storage providers that may store your Personal Information in or outside Australia. We will update this Privacy Policy if either is the case.

Principle

You are entitled to know what Personal Information we hold about you. You are also entitled to update or correct your Personal Information.

Our policy

If you request access to your Personal Information, our Privacy Officer will verify your identity. Your request will then be forwarded to our information systems manager who will acknowledge receipt of your request within 14 days and arrange for access to be provided to you in an appropriate manner within a reasonable time, usually within 30 days of receipt of your request. We may charge a reasonable fee for providing access if a significant amount of time is required to locate your Personal Information or to collate or present it in an appropriate form. We will notify you in advance of any likely charges (or the basis for their calculation) for providing access to your Personal Information.

In rare circumstances, and only where it is permitted under the Act, we may not be able to provide you with access to your Personal Information. If we are unable to provide you with the requested access, we will state why this is so and consider whether the use of an intermediary would be appropriate to provide you with an explanation of our position.

If you would like to contact us in relation to your Personal Information, please do so by emailing: customercare@bycharlotte.com.au

  • We operate statistics gathering software on the website to collect information about the number of visitors coming to the site. Usage data will be collected and correlated between your logged in and logged out sessions. No identifying information is collected by this software. We use this information to improve our own technical structure and performance and to determine which areas of the website are most popular.
  • From time to time, we may sell or disclose information you provide to us that is not Personal Information (and does not disclose your identity) to any person for any purpose at our sole discretion, including to people or companies located outside Australia. For example, we may sell, disclose or use information you provide to us that is not Personal Information to:
  • determine what advertising, promotional materials, products or services are likely to be of most interest to you or other website users and visitors; and
  • assist third parties to monitor general consumer trends in various areas.
  • We may also modify your Personal Information (through encryption or other de-identifying techniques) so that it is in a form from which you cannot be identified and sell or disclose such modified information to any person for any purpose, including to people or companies located outside Australia.

​‘Cookies’

‘Cookies’ are small data files sent by a website and stored on your computer’s hard drive when you visit a website. A cookie can contain certain information that the website uses to track the pages you have visited. The only Personal Information a cookie can contain is information you personally supply. A cookie cannot read data off your hard disk or read cookie files created by other websites.

We may use cookies to identify information about your web browser session and personalisation data each time you use the Platform Services. Cookies can be used to enhance your use of the Platform Services, as we use them to help personalise our delivery of the Platform Services to you, such as information that is most relevant to your location, activities and interests.

Our intention is to use cookies to manage individual sessions relating to the use of the Platform Services and for providing data regarding visitors to our website.

You can set up your browser so that it does not accept our cookies. You can also manually delete our cookies from your browser. However, these actions may stop you from accessing the full benefit of the Platform Services

We use Google’s Application Programming Interface (API) Service. Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements (set out in the Google API Services User Data Policy).

We limit our use of the personal information that we collect to providing or improving our Platform Services. We do not use the personal information for any other purposes.

We only transfer the personal information to others if it is necessary to provide or improve our Platform Services or as necessary to comply with applicable law or as part of a merger, acquisition or sale of assets where we notify you of this.

We do not use or transfer the personal information for serving ads, including retargeting, personalised or interest based advertising.

These restrictions apply to the raw data we obtain from the restricted scopes and data that is aggregated, anonymised or derived from them.

We have policies and procedures in place setting out appropriate safeguards for protecting your personal information obtained with the Google APIs. We will also ensure that our employees, agents, contractors and successors comply with the Google API Services Data Policy.

If you are not satisfied with how we handle your Personal Information, you are entitled to lodge a complaint with the Federal Privacy Commissioner. Information regarding how to lodge a complaint is available from the Commissioner's website at www.privacy.gov.au or by ringing the Commissioner's information line on1300 363992. However, before investigating a complaint, the Commissioner is legally required to be satisfied that you have first expressed your concern to us to afford us an opportunity to resolve the complaint directly, unless it is inappropriate for you to do so.

You can contact us in relation to the Platform Services or this Privacy Policy via:

Email: customercare@bycharlotte.com.au

If you contact us by phone, you will need to answer security questions before any Personal Information is revealed or amended.

We may retain records of your communications with us for the purposes of contacting you and for our internal purposes.

Date: 7th February 2022

This By Charlotte website is owned by By Charlotte Pty Ltd (ABN: 88 605 001 278).

By accessing or using this website and our services (Platform Services), you agree to be bound by this policy (Privacy Policy), which explains how we collect, use and handle any personal information we collect from you in connection with the By Charlotte website.

We understand that collection of personal information is a serious matter. Therefore, the protection and appropriate use of your personal information is important to us. This Privacy Policy is consistent with the Australian Privacy Principles of the Privacy Act 1988 (Cth) (Act). Please read this Privacy Policy so you understand our commitment to protecting the privacy of your information and email us at customercare@bycharlotte.com.au with any questions.