At Love To Dream, we respect your privacy and are committed to meeting our privacy obligations including, where applicable, under the General Data Protection Regulation and the Data Protection Act 2018, the Australian Privacy Principles and the Privacy Act 1988 (Cth).
Little Beings Pty Ltd trading as Love To Dream is the data controller and is responsible for data regarding your use of the lovetodream.com.au website.
This website is not intended for use by children and we do not knowingly collect personal data relating to children.
Data Protection Officer
Little Beings PTY LTD, ABN: 1513 7054 641, trading as Love To Dream
Suite 1 Level 1, 20A Danks St
Waterloo 2017, NSW Sydney Australia
This privacy notice was last updated on 24 May 2018.
What information do we collect and why?
We collect personal data to deliver and improve our products and your shopping experience. This includes:
- basic information such as your name, address, email address and phone number when you create an account.
Why? To improve efficiency in the processing of purchases and to allow us to notify you about the status of your order;
- additional information such as billing information, sales history and delivery details when you make a purchase.
Why? To enable you to purchase goods and have them delivered to you.
- consent and volunteered information if you subscribe to our newsletter, agree to participate in our surveys or promotions and/or provide a review for our product(s) and volunteer your personal data (e.g. an email address) for any of those or similar purposes, you also agree to receive marketing messages relating to Love To Dream and/or its products.
Why? To promote our products to you and keep you up to date. If you decide you no longer want to receive marketing information you can request that we stop by writing to the Data Protection Officer at the email or address above;
- customer care information when you contact us, including customer service requests and notes or details explaining what you asked and how we responded.
Why? This helps us to improve our customer service processes and products;
- cookies to collect information about interactions and usage. A cookie is a small text file that our website may place on your browser, computer or smartphone as a tool to remember your preferences or maintain your shopping cart. They do not contain any information such as your address or credit card details, and the information stored in cookies is anonymous to any external third party.
- website analytics – our website uses Google Analytics, a service that transmits website traffic data to Google servers in the USA. Google Analytics does not identify individual users or associate your IP address with any other data held by Google.
- targeted advertisements – targeted ads or interest-based offers may be presented to you based on your activities on our webpages, and other websites, and based on the products you currently own These offers will display as varying product banners presented to you while browsing. We use third parties providers to manage our advertising on our webpages and other websites. Our third party providers may use technologies such as cookies to gather information about such activities in order to provide you with advertising based upon your browsing activities and interests, and to measure advertising effectiveness. If you wish to opt out of interest-based advertising you will need to turn off cookies through your browser. Please note you will continue to receive generic ads.
- Social media interfaces – our website uses interfaces with social media sites such as Facebook, Instagram and YouTube.
Do we share information with third parties?
Apart from data shared with Google Analytics, social media interfaces and cookies as outlined above, we may share data with affiliated companies within our corporate family, or with trusted third party service providers as necessary for them to perform services on our behalf.
Examples of third party service providers include:
- BigCommerce: ecommerce platform;
- IT service providers: who support our website and business systems;
- Stripe: payment processing provider;
- Australia Post: postal delivery service provider;
- Yotpo: user generated content marketing platform;
- Mailchimp: marketing and communication platforms for surveys or electronic marketing messages from us.
We only share the minimum information necessary, and third parties are prohibited from using your information for any other purpose.
We require our suppliers to comply with relevant privacy laws, regulations, principles and codes, to protect personal information (including any sensitive information) that they may collect, hold or disclose while interacting with you.
How long do we keep your information?
If we collect your personal information, the length of time we keep it depends on a number of factors including the purpose for which we use that information and our legal obligations.
As we use a third party payment processor for credit card payments, we do not collect or hold credit card details.
We will always retain your personal information for 7 years after the date it is no longer needed by us for any of the purposes listed under What information do we collect and why? above. This is because we may need your personal information to establish, bring or defend legal claims. The exceptions to this are where:
- the law requires us to hold your personal information for a longer period, or delete it sooner;
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law;
- we bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your personal information until those proceedings have concluded and no further appeals are possible; or
- in limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or shorter period.
Security and storage
We understand that security is vital when purchasing online. Information you give us when setting up an account or purchasing from our store will be stored securely on our systems and we use sophisticated technology to ensure that all your personal and delivery details remain confidential.
We do not store payment card details and we use a trusted third party paymen processor to handle payment card transactions via a secure payment platform. They receive information needed to verify and authorise your payment, and are obliged to keep all of your personal information private.
Our security technologies and procedures are regularly reviewed to ensure that they are up to date and effective.
Unfortunately, the transmission of information over the internet is not completely secure and we cannot guarantee the security of any information transmitted to our website. Any transmission is at your own risk and you should ensure that any payment transactions you make are made in a secure environment. We recommend that you keep confidential any personal security codes and passwords, and take steps to keep such details safe.
We will not use or disclose personal information without consent, unless permitted or required to do so by law or for the purposes of legal advice, audit, or the administration and management of our business (including service-monitoring). We may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent fraud or other crimes.
Trans-border data flows
We work with some suppliers who may make use of cloud and/or hosted technologies, or store data on servers across international borders. For example, our eCommerce platform BigCommerce stores data on its servers in the US.
Therefore, some personal or confidential information may be disclosed or stored in a foreign country. We will only disclose information to an organisation in a country which has a substantially similar privacy regime and that complies with applicable privacy laws.
You have various rights regarding your data:
- Right of access –you can request access to your personal data and ask how we process it;
If you want you want to access your personal information or have a complaint about how we have handled your data, you need to make a request to us in writing. Before we provide a response, you will need to satisfy our identification requirements.
You can contact us by writing to the Data Protection Officer at the address or email above. We will try to respond within 30 days. If the request or complaint will take longer to resolve, we will provide you with a date by which we expect to respond.
Where applicable, you may also have a right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed. However, we encourage you to contact us in the first instance and we will review your complaint and use our best efforts to resolve your concerns.
- Right to rectification –you can have your personal data corrected if it is inaccurate, out of date, or incomplete.
Where applicable, you may also have the following rights:
- Right to be forgotten – if you ask to have your personal information erased.
- Right to restriction of processing – to restrict processing of your personal information.
- Right to data portability - to electronically move, copy or transfer your personal information in a standard form.
- Right to object - to object to processing of your personal information.
- Rights with regards to automated individual decision making, including profiling–rights relating to automated decision making, including profiling.
If you have any general questions about your rights or want to exercise your rights please contact the Data Protection Officer at the address or email above.