GEM POLICIES
Privacy Policy
Gem-Care Products Pty Ltd (ACN 632 050 812) of Level 16, 644 Chapel Street, South Yarra, VIC 3141 (“we”, “us” or “our”) and our operation of the website athttps://gem-products.co (“Website”) is committed to respecting your privacy. This privacy policy sets outs out how we collect, use, process, store, share and disclose your Personal Information on our Website (“Privacy Policy”). You can view our terms and conditionshttps://gem-products.co/policies/terms-of-service and contact us athello@gem-products.co.
We are committed to protecting your privacy and respecting and upholding your rights under the Australian Privacy Principles (“APPs”) contained in the Privacy Act 1988 (Cth) and the General Data Protection Regulation (EU 2016/679) (the “GDPR”) (collectively, “Privacy Laws”). We are a data controller for the purposes of the GDPR. We ensure that we will take all necessary and reasonable steps to comply with the relevant Privacy Laws and to deal with inquiries or complaints from individuals about compliance with the relevant Privacy Laws.
By accessing and using our Website, Products and Services, you freely and expressly consent to the collection, use, processing, storage and disclosure of Personal Information by us as set out in this Privacy Policy.
Personal information is any information relating to an identified or identifiable natural person (“Personal Information”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
The Personal Information that we may collect from you includes the following:
your name;
your address;
your email address
your telephone number;
your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information;
information collected through any online payment system that is used to process payments on the Website, including but not limited to bank account details or credit or debit card information and information collected through Stripe or Shopify;
any other personal information that may be required to facilitate your dealings with us; and/or
information you voluntarily give us when you communicate with us in any way.
We will collect Personal Information only by lawful and fair means and not in an unreasonably intrusive way. Generally, we will collect Personal Information directly from you, and only to the extent necessary to provide our Products and Services requested or ordered by you and to carry out our administrative functions or as required by a relevant Privacy Law.
We will not collect sensitive personal information (as defined under the relevant Privacy Laws) from you. We ask that you do not send us, or do not disclose, any sensitive personally identifiable information (such as information related to racial or ethnic origin, religion or other beliefs, health, criminal background or trade union membership) on or through the Website or otherwise. If, contrary to this request, you do provide any sensitive personal information, in doing so you consent to us collecting and handling that information in accordance with this Privacy Policy.
We may also collect Personal Information from you when you:
visit our Website;
register for an account on our Website;
when you purchase our Products or use our Services;
subscribe to our newsletter;
participate in competitions we may run from time to time;
fill in an application form or complete an online survey; and/or
provide us with feedback.
We may also collect Personal Information about you that you have provided from third parties and in respect of which you have given the third party permission to share with us.
If you use a pseudonym when dealing with us or you do not provide identifiable information to us, we may not be able to provide you with any or all of our Products and/or Services as requested. If you wish to remain anonymous when you use our Website, do not sign into it or provide any information that might identify you.
We require individuals to provide accurate, up to date and complete Personal Information at the time it is collected.
Under the GDPR, we must have a legal basis to process Personal Information collected from individuals residing in the European Union. We rely on several legal bases to process your Personal Information, including:
where it is necessary to provide you with access to, and use of, Products, Services and websites;
where we need to communicate with you in connection with your order, give you account access and provide you with customer services and support;
for our legitimate interests to provide, operate and improve our Products, Services or Website;
where you have freely and expressly consented to the processing of your Personal Information by us, which you may withdraw at any time;
for security and fraud prevention; and
where we are under a legal obligation to process your Personal Information.
We use, process and disclose your Personal Information or Optional Information for the purposes for which the information is collected, or for a directly related purpose, including (but not limited to):
providing our Website, Products and Services to you;
administering, protecting, improving or optimising our Website, Products and Services (including performing data analytics, conducting research and for advertising and marketing purposes);
billing you via Stripe or Shopify for purchasing one of our Products or use of our Services;
creating industry reports from de-identified data;
verifying your age;
informing you about our Website, products, services, rewards, surveys, contests, or other promotional activities or events sponsored or managed by us;
responding to any inquiries or comments that you submit to us;
verifying your identity;
any other purpose you have consented to; and
any use which is required or authorised by a relevant Privacy Law.
6.1 We may disclose your Personal Information to:
third-parties we ordinarily engage from time to time to perform functions on our behalf for the above purposes;
any person or entity to whom you have expressly consented to us disclosing your Personal Information to;
our external business advisors, auditors, lawyers, insurers and financiers;
our payment processing service provider Stripe or Shopify; and
any person or entity to whom we are required or authorised to disclose your Personal Information to in accordance with the relevant Privacy Laws.
If we no longer need your Personal Information for any of the purposes set out in this Privacy Policy, or as otherwise required by the relevant Privacy Laws, we will take such steps as are reasonable in the circumstances to destroy your Personal Information or to de-identify it.
Where we:
have your express consent (which you may withdraw at any time by contacting us in writing at hello@gem-products.co;
have a legal basis; or
are otherwise permitted by relevant Privacy Laws,
we may use and process your Personal Information to send you information about products and services we believe are suited to you and your interests or we may invite you to attend special events.
At any time, you may opt out of receiving direct marketing communications from us. You can opt out by following the unsubscribe instructions included in the relevant marketing communication, or by contacting us in accordance with Section 15 of this Privacy Policy. Unless you opt out, your consent to receive direct marketing communications from us and to the handling of your Personal Information as detailed above will continue.
Where you have registered for an account from the United Kingdom, European Union, Australia, New Zealand or Canada, we will rely on your consent to contact you. Where you have registered for an account from the United States, we will rely on our legitimate interest as a business to contact you and we will always ensure that your rights are protected.
When transmitting Personal Information from your computer to our Website, you must keep in mind that the transmission of information over the internet is not always completely secure or error-free. Other than liability that cannot lawfully be excluded, we will not be liable in any way in relation to any breach of security or any unintended loss or disclosure of that information.
We use cookies, web beacons and similar technologies (collectively “Cookies”) on our Website. By accessing or using this Website, you agree that we can store and access Cookies in accordance with this Privacy Policy.
Cookies are small files that can be stored on and accessed from a user’s device when the user accesses a website. They enable authorised web servers to recognise you across different websites, services, devices and browsing sessions.
We may use Cookies to enable users to access and use our Website and Services, including to:
identify users of our Website and Services;
process user requests;
improve your user experience;
remember user preferences on our Website;
monitor the use of our Website and for analysis of our user base;
facilitate communication with you;
control access to certain content on our Website; and
protect our Website.
The data collected through Cookies will not be kept for longer than is necessary to fulfil the purposes mentioned above. We will handle any Personal Information collected by Cookies in the same way that we handle all other Personal Information.
At any time, you can delete and refuse to accept browser Cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of the Website.
Unless you have adjusted your browser setting so that it will refuse Cookies, our system will issue Cookies when you direct your browser to our Website.
We will only retain your Personal Information for as long as it is necessary for the purposes that we have described in this Privacy Policy.
If we no longer need your Personal Information for any of the purposes set out in this Privacy Policy, or as otherwise required by the relevant Privacy Laws, we will take such steps as are reasonable in the circumstances to destroy your Personal Information or to de-identify it.
You may also request us to either permanently delete or temporarily stop using your Personal Information.
We may hold your Personal Information in either electronic or hard copy. We take reasonable steps to protect your Personal Information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your Personal Information.
However, we cannot guarantee the security of any Personal Information transmitted over the internet and therefore you disclose information and Personal Information to us at your own risk. We will not be liable for any unauthorised access, modification or disclosure, or misuse of your Personal Information.
We may disclose your Personal Information to third party recipients such as our payment processing provider Stripe or Shopify, who may be located in or outside of the European Economic Area and Australia, in order to provide our Services and Products to you. Some third party recipients (“Recipients”) may be located in countries that are not recognised by the EU Commission as providing an adequate level of protection to Personal Information.
When entering into a transaction with us you expressly and freely consent to your Personal Information being disclosed or transferred to such Recipients. We will take steps reasonably necessary to ensure your Personal Information is treated securely and in accordance with this Privacy Policy. We use reasonable endeavours to ensure that each Recipient receiving your Personal Information is bound by the relevant Privacy Laws (including the standard contractual clauses approved by the European Commission). The standard contractual clauses are available on the European Commission’s Website at https://ec.europa.eu/info/law/law-topic/data-protection_en.
The Website may contain links to other third-party websites including advertisers or social media networks. This Privacy Policy applies solely to information collected by us on our Website.
If you follow a link to any of these third-party websites, please note that these websites have their own privacy policies that you should check before you submit any Personal Information to these websites.
We may combine the Personal Information we collect from third parties with your Personal Information provided to us for the purpose of improving the relevance of our products and services, and to make suggestions and recommendations to you about our products and services that we think you might be interested in.
Under the GDPR, an individual residing in the European Union has enhanced privacy rights, including the right to:
require us to correct any Personal Information held about you that is inaccurate or incomplete;
require the deletion of Personal Information concerning you in certain situations;
data portability for Personal Information you provide to us;
object or withdraw your consent at any time to the processing of your Personal Information;
object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you; or
otherwise restrict our processing of your Personal Information in certain circumstances.
Subject to some exceptions provided by the relevant Privacy Laws, you may request access to your Personal Information in our customer account database, or seek correction of it, by contacting us. See section 16: Contact information of this Privacy Policy. Should we decline you access to your Personal Information, we will provide a written explanation setting out our reasons for doing so.
We may charge a reasonable fee that is not excessive to cover the charges of retrieving your Personal Information from our customer account database. We will not charge you for making the request.
If you believe that we hold Personal Information about you that is not accurate, complete or up-to-date then you may request that your Personal Information be amended. We will respond to your request to correct your Personal Information within a reasonable timeframe and you will not be charged a fee for correcting your Personal Information.
If you require further information regarding our Privacy Policy or wish to make a privacy complaint, please contact us at hello@gem-products.co.
If you are dissatisfied with the outcome of our handling of your complaint, you can lodge a privacy complaint with the Office of the Australian Information Commissioner (“OIAC”) or the European Data Protection Supervisor (“EDPS”). For further information about the EDPS or OAIC’s privacy complaint handling process, please see: http://www.oaic.gov.au/privacy/making-a-privacy-complaint or https://edps.europa.eu/node/75_en.
We reserve the right to modify this Privacy Policy in whole or in part from time to time without notice. Non-material changes and clarifications will take immediate effect, and material changes will take effect 30 days after the posting of the amended Privacy Policy on the Website.
We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personally identifiable information that cannot be resolved between us and the individual.
LAST UPDATE: 12.12.21