About this policy
At 3ABN Australia, we take your privacy seriously. This policy explains in plain language what personal information we collect when you use our website, why we collect it, how we keep it safe, and what rights you have.
We handle your information in line with the Australian Privacy Act 1988, the Australian Privacy Principles (APPs), and the Privacy and Other Legislation Amendment Act 2024.
This policy covers any information collected through our website, online store, emails, and social media.
What we collect
When you make a purchase, sign up for our emails, or contact us, we may collect:
- Your name and contact details (email, phone, address)
- Your business name and ABN (if applicable)
- Billing and shipping addresses
- Payment details (processed securely by our payment provider and never stored on our servers)
- Any messages, questions or feedback you send us
- Survey responses
- Social media handles (if you share them with us)
When you visit our website, we automatically collect some technical information:
- Your IP address and approximate location
- Browser type and device information
- Which pages you visit, how long you stay, and where you came from
- Cookie data (see Section 7)
Why we collect your information
We only collect information when we have a good reason to. Here is how we use it:
| How we use it | What that involves |
|---|---|
| To fulfil your order | processing your purchase, arranging delivery, sending receipts and updates |
| To communicate with you | responding to your questions, sending support replies |
| To send you marketing | newsletters and offers, only if you have opted in |
| To improve our website | understanding how people use our site so we can make it better |
| To keep things secure | detecting fraud and protecting our website and customers |
| To meet legal requirements | tax record-keeping and responding to legal requests |
We only send marketing emails to people who have asked for them. You can unsubscribe at any time by clicking the link in any email or contacting us.
Automated tools and AI
We may use automated tools or artificial intelligence to help run our business, for example:
- Recommending products based on what you have browsed or purchased
- Screening orders for potential fraud
- Using chatbots to answer common questions
- Analysing website traffic to spot trends
We do not use automated tools to make important decisions about you without a real person checking first. If you have concerns about how an automated tool has been used, contact us, and we will have someone review it.
Who we share your information with
We never sell or rent your personal information.
We do share it with a small number of trusted service providers who help us run our business. These include our payment processor, email platform, website host, analytics provider, advertising platforms, and shipping provider. Each of these providers is only allowed to use your information for the specific service they provide to us. They are required to keep it secure and confidential.
We may also share your information if we are legally required to do so, for example, in response to a court order or government request. If our business is sold or merged with another, your information may be transferred to the new owner under a confidentiality agreement.
Keeping your information safe
We take reasonable steps to protect your information, including:
- Encrypting data sent between your browser and our website (SSL/TLS)
- Restricting access so only staff who need it can see your information
- Using secure, encrypted storage for sensitive data
- Running regular security checks
No system is completely secure, but we do our best to protect your information.
We only keep your information for as long as we need it. As a guide:
| Type of information | How long we keep it |
|---|---|
| Purchase and payment records | 7 years (required by tax law) |
| Your account details | while your account is active, plus 2 years |
| Marketing preferences | until you unsubscribe, plus 1 year |
| Support messages | 3 years after your issue is resolved |
| Website analytics | 26 months |
| Cookie consent records | 12 months |
When we no longer need your information, we securely delete or anonymise it.
Cookies
A cookie is a small file placed in your web browser that collects information about your web browsing behaviour. Use of cookies allows a website to tailor its configuration to your needs and preferences. Cookies do not access information stored on your computer or any Personal Data (e.g. name, address, email address or telephone number). Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. This may, however, prevent you from taking full advantage of our website.
Our website uses cookies to analyse website traffic, provide social media sharing and linking functionality and help us provide a better website visitor experience.
What happens if there is a data breach
If there is a data breach that is likely to cause you serious harm, we will:
- Notify the Office of the Australian Information Commissioner (OAIC) as soon as possible
- Let you know what happened, what information was involved, and what you can do to protect yourself
- Take steps to contain the breach and reduce any further risk
This is in line with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988.
Children’s privacy
Our online store and contact forms are not aimed at anyone under 18. We do not knowingly collect personal information from children. If we find out a child under 18 has given us their information without parental consent, we will delete it as quickly as possible.
If you are a parent or guardian and think your child has shared their information with us, please contact us straight away. We will comply with the Children’s Online Privacy Code currently being developed by the OAIC, which is expected to come into effect by December 2026.
Your rights and your right to take action
Under Australian privacy law, you have the right to:
- Ask us what personal information we hold about you
- Ask us to correct any information that is wrong or out of date
- Ask us to delete your personal information (where we are not required by law to keep it)
- Make a complaint if you think we have mishandled your information
To exercise any of these rights, contact us using the details listed in the Contact Us section. We will respond within 30 days.
Since June 2025, the Privacy and Other Legislation Amendment Act 2024 gives individuals the right to take legal action for serious invasions of privacy. We encourage you to contact us first so we can try to sort things out directly.
Links to other websites
Our website may link to other websites. We are not responsible for the privacy practices of those sites, so we encourage you to read their privacy policies before giving them any personal information.
Changes to this policy
We may update this policy from time to time. When we make changes, we will update the date at the top and post a notice on our website. If we make a major change that affects how we handle your information, we will do our best to let you know by email.
Our Responsibilities Under General Data Protection Regulation (GDPR)
If you are a resident of the EU or UK you have certain rights and protections under the EU and UK GDPR regarding the processing of your Personal Data.
We collect, use and store your Personal Data to enable us to provide you with our goods or services and information about them. We rely on the following lawful means of processing your Personal Data:
- Where it is necessary to fulfil a contract with you. This includes where we collect your Personal Data to enable us to send you our goods or provide you with our services.
- Where you have given us valid consent to use your Personal Data. We will rely on that consent and only use the Personal Data for the specific purpose for which you have given consent. This includes where we email newsletters or other notifications.
- We may also process your Personal Data where it is to further our legitimate interests which could include usage statistics, analytics and internal analysis so we can improve our services to you.
Your Rights as an EU or UK Resident
If you are a resident of the EU or UK you have various rights including the:
- Right to be informed;
- Right of access;
- Right to rectification;
- Right to object;
- Right to restriction of processing;
- Right to erasure or to be forgotten;
- Right to data portability; and
- Right not to be subject to automated processing.
If you want to access your Personal Data or ask for the information to be corrected, please contact us. In some circumstances, you also have a right to object to or ask that we restrict certain processing activities or delete your Personal Data. If you would like to limit or request deletion of your Personal Data or exercise any other rights you can do so by contacting us.
Withdrawing Your Consent
You can withdraw your consent to our collection or processing of your Personal Data. You can do so by contacting us or by opting out of email newsletter communications by following the instructions in those emails or by clicking unsubscribe. If you withdraw your consent to the use of your Personal Data, you may not have access to our services and we might not be able to provide you with our services. In some circumstances, where we have a legal basis to do so, we may continue to process your information after you have withdrawn consent. For example, if it is necessary to comply with an independent legal obligation or if it is necessary to do so to protect our legitimate interest in keeping our services secure.
International Transfers
As an Australian organisation, we may transfer Personal Data outside the EU or UK. Where we do so, we take reasonable steps to ensure that appropriate safeguards are in place or that the recipient is subject to privacy laws offering comparable protection.
Our Compliance
We comply with the GDPR requirements set out by the EU and UK regarding the collection, use and retention of Personal Data from EU member countries and the UK. All Personal Data stored on our platform is treated as confidential. It is stored securely and is only accessed by authorised personnel. Our collection is limited in relation to what is necessary, for the purpose for which the Personal Data is processed, and kept only for so long as is necessary for the purpose for which the Personal Data was collected. We implement and maintain appropriate technical, security and organisational measures to protect Personal Data against unauthorised or unlawful processing or use, and against accidental loss, destruction, damage, theft or disclosure. We ensure the encryption and pseudonymisation of Personal Data and we have adequate cyber security measures in place.
Your Acknowledgement
By providing us with your Personal Data, you acknowledge that it may be transferred to third parties outside the EU or UK for the purposes described in this Privacy Policy. We ensure that such third parties handle Personal Data in a manner consistent with applicable privacy requirements.
EU/UK residents may contact their local data protection authority if they believe their data has been mishandled. Australian residents may lodge a complaint with the Office of the Australian Information Commissioner (OAIC): https://www.oaic.gov.au/privacy/privacy-complaints/
Contact Us
If you have any questions about this policy, want to exercise your privacy rights, or want to make a complaint, please get in touch. We aim to respond within 48 hours and to resolve any complaints within 30 days.
Call: (02) 4973 3456
Post: Attn: Privacy Policy
3ABN Australia Inc
PO Box 752
MORISSET NSW 2264
AUSTRALIA
E-mail: [email protected]
If you are not happy with our response, you can contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or on 1300 363 992.