Privacy Policy
We know that you care about how information about you is used and shared, and we appreciate your trust that we will do so carefully and sensibly. This policy describes what information we collect, why we collect it, how we use it, and how you can manage your privacy as you use www.nicolecody.com (Site). By visiting the Site, you are agreeing to our Site Terms of Use and accepting the practices described in this privacy policy.
1. What information do we collect?
The personal information we collect, and how that information is used, depends on how you use the Site and also how you manage your privacy controls. You are not required to provide any personally identifiable information to merely access or visit the Site. This information generally falls within two broad categories:
Information you create or provide to us
Aggregated and anonymized information about your use of the Site and our products and/or services
prior to any registration process, including if you join any special mailing list:
- name
- email address
- IP address of your device(s) or other method of communication you use to interact with the services (including third party social networking sites)
- browser type, version and settings
- browser plugin types and versions
- operating system and platform
- internet service provider
- geographic location
- metadata about your use of the Site
- issues you encounter requiring our support or assistance
during or after any registration process or when you purchase our products and/or services:
- name
- username and password
- company name
- email address
- phone number
- billing address
- residential address
- order details
- credit card and other financial information
- information about your shopping or product/service preferences
- purchase history
- age, birthday or date of birth - geographic location - industry
when you purchase our products and/or services, payment information, including credit card data, you provide to us directly or through a payment processing service like PayPal or Stripe
when you call or email us (for support or otherwise, and which we may record or monitor):
- name
- contact details
- details of your enquiry or feedback
- information about our response
when you participate in surveys / contests / games / quizzes:
- name
- contact details
- answers
when you consent to us receiving information from third parties, including social media sites:
- name
- contact information
- other information you consent to us receiving
By using the Site, you agree that we can use your personal information for the purposes outlined in this policy and that, if we do so, we will not be breaching any of your rights under applicable privacy laws.
You can choose not to provide certain information, but then you might not be able to take advantage of some of the Site’s features, and some of the information, products and/or services we provide.
1. Cookies
Some information about your use of the Site, and/or our affiliates’ websites (if any), is collected automatically, through cookies. Our Cookie Policy describes how we use cookies on the Site.
How do you turn cookies off?
If you do not wish the Site to install cookies or you don’t agree with how we use cookies in any way, you can change the settings on your internet browser to delete or do not accept cookies. If you delete or do not accept the Site’s cookies, some areas of the Site may take more time to work, or may not function properly.
2. How we use your personal information
Main purposes
The main purposes that we may, from time to time, collect, hold, use and disclose (we call this “processing”
your information in this policy for convenience) your personal information are:
- to facilitate account creation and the logon process;
- processing payments, and delivering products and services;
- to facilitate your movement through the Site;
- to provide personalized services to you, including content, events and competitions, public relations, and social media;
- to send administrative information to you related to your account, including where we are legally required to provide you with notices and other information;
- answering queries, resolving complaints and providing technical support;
- helping us tailor existing products and services, or develop new products, services or offers;
- to enable user-to-user communications;
- to request feedback;
- to post testimonials, with your permission; and
- general planning, administration and regulatory
We also use the information we receive in aggregated and anonymized formats to perform research and statistical analysis, including to understand how the Site and our products and/or services are used; and to produce reports on statistics, such as email open rates, campaign best practices or the number of users that have been exposed to, or clicked on, the Site or evaluated or purchased our products and/or services.
Payment information that you provide to us, including credit card data, will only be used to facilitate payment for products and services.
3. Who we may share your personal information with
We will not share your personal information without your consent, except:
- with companies and individuals, we use to perform functions related to the purposes described in Section 3 above:
- the Site is currently hosted on ECWID. They provide us with the online e-commerce platform that allows us to sell our products and services to you;
- credit and debit payment processing is currently provided through PayPal or Stripe, third-party processing services that allow us to accept your payment online;
- your data may be stored on ECWID and/or PayPal or Stripe’s data storage, database, and the general ECWID and/or PayPal/Stripe application;
- if you choose a direct payment gateway to complete your purchase, then PayPal or Stripe stores your credit card data. According to our best information, your data is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data should be stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information should be deleted.
All direct payment gateways are required to adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover.
PCI-DSS requirements help ensure the security handling of credit card information by the Site and its service providers; and
- other examples include fulfilling and delivering orders, sending postal mail and email, hosting and organizing events, removing repetitive information from customer lists, providing
information technology and storage services, providing us with analytic services and information and search engine optimization services, providing marketing and communications assistance, providing search results and links, and providing customer service.
These companies and individuals have access to parts of your personal information necessary to perform their functions, and they may not use it for other purposes.
- for other purposes explained at the time of collection and not covered by this policy, and for which you give us your permission;
- with external business advisers (such as accountants and lawyers) who have a duty of confidentiality to us;
- if Starship 7 Pty Ltd is involved in a merger, acquisition, or sale of assets, or other similar sale transaction. Your information may be transferred as part of that transaction, however, we will continue to ensure the confidentiality of your personal information and will notify you by email and/or a prominent notice on the Site of any such transfer and any choices you have regarding your information; and;
- as is necessary to: (a) comply with a subpoena, court order or enforceable government request; (b) cooperate with law enforcement or other government agency; (c) establish or exercise our legal rights;
(d) protect our property or safety and that of our employees, contractors, vendors, and suppliers; (e) defend against legal claims; (f) help with external investigations; or (g) as otherwise required, or permitted, by law.
4. Data quality and security
General
We hold personal information in a number of ways, including in printed documents, electronic databases and email contact lists. Printed documents may be held at our office, or archived in boxes and stored in secure offsite facilities. We take reasonable steps to:
- ensure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant;
- protect the personal information that we hold from misuse, interference and loss and from unauthorized access, modification or disclosure; and
- destroy or permanently de-identify personal information that is no longer needed or that you have requested that we delete.
The steps we take to secure personal information include website protection measures, security restrictions on access to our computer systems and controlled access to our business premises.
You can help us keep your information up-to-date, by letting us know about changes to your details.
Security
The transmission of information via the internet, email or text message is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted on the Site or over email, and any transmission is at your own risk.
You can also help protect your personal information by keeping your account details confidential. If you become aware of any security breach, please let us know as soon as possible.
The Site may make chat rooms, forums, commenting and message boards available to you and other users. We call these areas “public spaces” in this policy. You aren’t required to provide any personal information when using these areas but you are free to do so. If you post personal information in a public space, it will be publicly available and you may receive unsolicited messages from others.
We can’t ensure the security of any information you choose to post in public spaces on the Site, nor can we ensure that others who access public spaces on the Site will respect your privacy. Please exercise caution when deciding to disclose personal information in these areas. To request removal of your personal information from public spaces on the Site, contact us at: [insert contact email]. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
It is important for you to protect against unauthorized access to your password and your computer. Be sure to sign off when finished using a shared computer.
Third party sites
Links to third party sites that are not operated or controlled by us are provided for your convenience only and should be used with your discretion and prudent judgment. Some of these third-party marketing channels may be “co-branded” with our logo; even so, we don’t operate, control or maintain these third- party channels and we are not responsible for the privacy or security practices of those sites, which are not covered by this policy. Third party websites should have their own privacy and security policies, which we encourage you to read before supplying any personal information to them. Any links from our Site to third- party sites are not sponsorship, endorsement, or approval of the content, policies or practices of those sites.
5. Your Rights
Managing Your Privacy
If you do not want us to hold your personal information or you do not want to receive information from us then there are a number of ways you can manage your privacy:
- by noting your preferences at the time you register on the Site;
- logging in to your account settings and updating your preferences (if applicable);
- advising us, if you receive a marketing call, that you no longer wish to receive these calls (if applicable); or
- by opting out of our marketing communications or changing your preferences by following the unsubscribe link in the footer of all non-transactional email messages from us or by emailing us at [email protected]. Please note that each "unsubscribe" link might only relate to that specific type of communication (for example, marketing communications or survey communications). This means that unsubscribing from marketing communications will not automatically unsubscribe you from our survey communications (or vice versa).
Some communications from us are considered transactional or service communications that are necessary for the administration and use of your account (for example, important account
notifications and billing information), and your account is provided on the condition that you receive these communications from us. You must cancel your account if you do not want to receive any transactional or service communications.
To manage any information, we receive about you from a social networking site or other third parties (if applicable), you will need to follow the instructions from that party for updating your information and changing your privacy settings, where available. The information we collect is covered by this privacy policy, and the information others collect is subject to their separate privacy practices.
Your Rights
You have a number of rights in relation to the personal information we hold about you. An outline of those rights and how to exercise them is set out below. Please note that (a) for your protection, (i) we may require that a request to exercise your rights be sent through the email address associated with your account, and
(ii) we may ask to verify your identity before responding to any such request by asking that you provide details only known to the account holder; and (b) for each of the rights below we may have valid legal reasons to refuse your request. We will let you know if that is the case.
Access: You have the right to know whether we process personal information about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with. We will generally provide you with access to your personal information within 30 days, subject to some exceptions permitted by law. We will also generally provide access in the manner you have requested (e.g., by providing photocopies), provided it is reasonable and practical for us to do so.
Correction: You have the right to require us to correct any personal information held about you that is inaccurate, and have incomplete data completed. Where you request correction, please explain in detail why you believe the personal information we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required. Please note that while we assess whether the personal information we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below.
Erasure: You may request that we erase the personal information we hold about you in the following circumstances:
- where you believe it is no longer necessary for us to hold the personal information;
- where we are processing it on the basis of your consent and you wish to withdraw your consent;
- where we are processing your data on the basis of our legitimate interest and you object to such processing;
- where you no longer wish us to use your data to send you marketing;
- where you believe we are unlawfully processing your data; or
- where you have to do it to comply with a legal
Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.
Restriction of processing to storage only: You have a right to request that we limit the processing of the personal information we hold about you (except to store it) in the following circumstances:
- you believe the personal information is not accurate, for the period it takes for us to verify whether the data is accurate;
- we wish to erase the personal information as the processing we are doing is unlawful, but you want us to simply restrict the use of that data;
- we no longer need the personal information for the purposes of the processing but you require us to retain the data for the establishment, exercise or defense of legal claims; or
- you have objected to us processing personal information we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal information, while we determine whether there is an overriding interest in us retaining such personal information.
Portability: You have the right to receive a copy of the personal information you have provided to us in a structured, commonly used and machine-readable format. You also have the right to request that we transfer such personal information to another party. If you wish for us to transfer the personal information to another party, please ensure you detail that party and note that we can only do so where it is technically feasible (for example, we cannot put your information into formats used by different information systems). We are not responsible for the security of the personal information, or its processing once received by the third party.
Objection: You have the right to object to our processing of data about you and we will consider your request. Please provide us with the specific reasons for your objection so that we can assess whether there are legitimate grounds for us to continue to process such data, including in relation to a legal claim.
You also have the right, at any time, to object to our processing of data about you in order to send you marketing.
Withdrawal of Consent: Where you have provided your consent to us processing your personal data, you can withdraw your consent at any time by contacting us in any of the ways described in Section 10 below.
6. Cross Border Disclosure Access and Consent to Transfer
The Site is operated in the United States. If you are located outside the United States, please be aware that any information will be transferred to the United States.
Some of the service providers we use to provide the Site and its functionality, or our products and services, may be located outside the country where you live (for example, servers storing data via a cloud service). Data protection laws vary among countries, with some providing more protection than others. Regardless of where your information is stored or processed, we apply the same protections described in this policy.
By providing us with your personal information, you consent to our use of it in accordance with this policy, including the transfer of your information across international boundaries.
California Do Not Track Disclosures:
California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals.
Some browsers have “do not track” features that let you tell websites that you do not want to have your
activities tracked.
We do not track you over time and across third party websites to provide targeted advertising and the Site does not respond to Do Not Track (DNT) signals. However, some third-party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your computer operating system (e.g. Safari) allows you to set the DNT signal on your browser so that third parties (particularly advertisers) know you do not want to be tracked. Third parties that have content embedded on our website, such as a social media link, may set cookies on a user’s browser and/or obtain information about the fact that the web browser visited this website from a certain IP address. Third parties cannot collect any other personal information from our website unless you provide it to them directly.
7. Data Retention Periods
We generally retain personally identifiable information only for as long as necessary to provide you with access to the Site and, if applicable, our products and services. Some data you can delete whenever you like. In some cases, rather than provide a way to delete data, we store it for a predetermined period of time. This is because business and legal requirements require us to retain certain information, for specific purposes, for an extended period of time. Reasons we might retain some data for longer periods of time include:
- security, fraud and abuse prevention;
- financial record keeping;
- complying with legal or regulatory requirements; and
- establishing or exercising our legal rights and/or defending against legal
8. General Audience Website Not Directed Toward Children
The Site is a general audience site. Our content is not directed toward minors (people under 18) and we do not knowingly collect personal information from minors. If you are under 18, you may use www.nicolecody.com only with the involvement of a parent or guardian. If we become aware that a minor has provided us with personal information without parental consent, that information will be deleted from our systems. Parents who have questions about personal information that may have been submitted by a minor should email us at: [email protected].
9. Complaints or Questions
If you:
- would like further information about how we manage your personal information
- have any queries relating to this policy
- wish to exercise any of your rights described in Section 6 above
- wish to lodge a complaint in relation to an alleged breach of applicable privacy laws please contact us with a thorough description by:
Mail: Starship 7 Pty Ltd PO Box 1656 BUDERIM, QLD, 4556 Australia
Email: [email protected]
Online: www.nicolecody.com/contact
Telephone: +61 438 438 775
When we receive formal written complaints, we respond by contacting the person who made the complaint. We investigate and respond to all complaints fairly and in a timely manner. In most cases, complaints are investigated and responded to within 30 days.
10. About this Policy
This policy applies to the Site and to all products and services offered by us. If you choose to visit www.nicolecody.com, your visit and any dispute over privacy is subject to this policy and our terms of use, including limitations on damages, resolution of disputes and application of the law of the State of Queensland.
We regularly review this policy and may change it from time to time. If changes are significant, we will provide a more prominent notice, including email notification, of the changes. We always indicate the date the last changes were published. You can request copies of prior policies.
This Privacy Policy was published November 2019.