No Products in the Cart
What information does Dermavault collect and when does it collect this information?
Dermavault will collect information from you when you visit our website or when you otherwise transact with us. The types of information that Dermavault collects from you and the situations in which we collect personal information are outlined below.
Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.
We collect Device Information using the following technologies:
If you sign up as a member: we will collect your name, address, country of origin and email address. You will not be put on the mailing lists of any third parties.
If you do not sign up as a member: we may collect general site traffic data.
When you place an order: we collect your name, billing address, delivery address, email address and telephone number. This information must be provided to allow us to effect delivery of the products that you order, and to contact you if necessary. These details are retained in our database for record keeping purposes. Your email address may also be used to contact you in the event that you discontinue a shopping session. We or our service providers may contact you by email to see if there were any problems and if we can help you to complete your transaction.
If you elect to pay online using your credit card: your credit card details are not stored by us. They are encrypted and passed directly to the Bank through our security provider. Any other information you provide at the checkout, such as comments or survey responses is stored by us and is used to better plan future items to add and developments for the website.
When you use our website: general site traffic data is collected for the purpose of site maintenance and improvement and provides information about which and how often certain pages are viewed. This helps us to understand what sorts of products our customers are interested in and alerts us to any areas of the site that may be difficult to navigate. The data we collect may include your IP address, your approximate geographic location, and data sent to us by your web browser, such as your operating system, browser type and version, computer type, MAC address and screen resolution. Cookies and other tracking technologies are used by us and our third-party partners, such as our advertising and analytics partners and our fraud prevention service provides, to provide functionality and to recognise you across different services and devices. You may opt out of sending us cookie data but this may adversely affect your experience using our services.
When you engage in business with us: Dermavault may collect personal information from you when you provide it to us in the ordinary course of business, for example when you contract with us or otherwise engage with our business.
Enquiries: when you make an enquiry with us online or by phone, we may collect your name and contact details in order to respond to your enquiry.
What happens if you do not provide personal information?
The main consequence for you, if some or all of the above personal information is not collected by us is that we may not be able to provide goods, services or information to you, or be able to provide them to the same standard as if we had the information requested.
Why does Dermavault collect personal information?
Dermavault collects personal information to:
We also use personal information for our own internal business purposes including:
Do we engage in direct marketing?
As part of our promotional, educational and marketing campaigns, we may contact you using the email address you have provided. If you prefer not to hear from us, please email us at email@example.com and you will be removed from any future communications.
Who do we disclose your personal information to?
In the course of conducting our business we may provide your personal information to:
Third parties in the course of providing products and services to you including, without limitation, through your use of our website. These third parties may include fraud prevention providers, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers and electronic network administrators
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Shopify to power our online store--you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy. We also use Google Analytics to help us understand how our customers use the Site -- you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
We may disclose your personal information to third parties:
Does Dermavault store personal information outside of Australia?
Some of the third party service provides to whom we send data are located outside of Australia or may store your data outside of Australia.
Generally, we require that our service providers who handle or obtain personal information acknowledge the confidentiality of this information, undertake to respect any individual’s right to privacy and comply with applicable privacy laws. By providing your personal information to us, you consent to the transfer of that information to our third party providers and to the storage of your personal information by us or our third party
How do we hold your information?
All personal information held by us will be handled and stored in accordance with our obligations under the Privacy Act. We will take reasonable steps to:
While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others.
For how long do we keep information?
We will retain your personal information for as long as needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include:
When your information is no longer required it is destroyed in a secure manner.
How can I access my information?
You are entitled to request access to personal information we hold about you and to request any information we hold about you be corrected or deleted. If you would like to request to review, correct, update, suppress, restrict or delete personal information that you have previously provided to us, or if you would like to request to receive an electronic copy of your personal information for purposes of transmitting it to another company (to the extent this right of data portability is provided to you by applicable law), you may contact us by emailing firstname.lastname@example.org and we will provide this information to you consistent with applicable law.
In your request, please make clear what personal information you would like to have changed, whether you would like to have your personal information deleted from our database or otherwise let us know what limitations you would like to put on our use of your personal information. For your protection we may need to verify your identity before implementing your request. We will comply with your request within a reasonable period after you make your request. We reserve the right to charge a fee for providing access to your information when permitted by law. If we delete your information, we may not be able to provide goods, services or information to you, or be able to provide them to the same standard as if we had your information.
What about links to other websites?
Our products and services are not directed to individuals under the age of sixteen, and we do not knowingly collect personal information from individuals under 16. If we become aware that a person under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact us using the details below.
You can contact us by email at email@example.com, or in writing to:
How can I complain?
If you would like to complain about a breach of the Australian Privacy Principles or the GDPR you can contact us using the Contacting Us details above. We will look into your complaint and respond promptly in writing notifying you of what we will do in response. If you are unsatisfied with our response you can contact the Office of the Australian Information Commissioner (‘OAIC’). Contact details are on the OAIC website at https://www.oaic.gov.au.
Changes to this Policy
This policy is subject to change over time without prior notice. We may amend this policy by updating it and posting it on our website.