This Privacy Policy describes how Charmony (the "Site", "we", "us", or "our") collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from www.charmony.com.au (the "Site") or otherwise communicate with us (collectively, the "Services"). For purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy.

Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access any of the Services.

 

1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on the Site and update the "Last updated" date. If required by law, we will notify you of significant changes via email or other means.

 

2. How We Collect and Use Your Personal Information

2.1 Information Collection and Use

We collect the following types of information:

Transactional Data: Name, shipping address, email address, phone number, and payment details (handled by third-party payment processors).

Membership Data: Birthdate, order history, and account credentials upon registration.

Automated Data: IP address, device type, browser information, page interaction metrics (e.g., clicks, time spent on pages), and other technical data collected via cookies and similar technologies.

2.2 Purposes of Data Processing

We process your personal information for the following purposes:

Purpose

Data Types

Legal Basis

Order Fulfillment

Name, address, payment details

Contractual Necessity

Membership Benefits

Birthdate, loyalty points, tier

Explicit Consent

Targeted Marketing

Browsing behavior, ad engagement

Legitimate Interest + Consent

Fraud Prevention

IP address, device fingerprint

Legal Obligation

Website Analytics

IP address, browser data

Legitimate Interest

 

3. Consent and Withdrawal

3.1 Consent Mechanisms

Implicit Consent: By completing a transaction, you grant consent for us to process your data to fulfill your order.

Explicit Consent: We require separate opt-in consent (e.g., via checkbox or pop-up) for: Email marketing communications. Sharing data with third-party partners within the Charmony network for marketing purposes.

3.2 Withdrawal Options

You may withdraw your consent or exercise your rights by contacting us at Info@charmony.com.au:

Access or Delete Your Data: Requests are processed within 15 business days (or up to 30 calendar days in exceptional cases, such as technical issues or legal requirements).

Unsubscribe from Marketing: Processed within 72 hours.

 

4. Shopify Platform Integration

Our website is built on Shopify and hosted on Shopify. Your data is stored securely on Shopify’s servers, which are protected by industry-standard security measures, including encryption and access controls.

Shopify’s Privacy Policy: For details on how Shopify handles your data, please see their Privacy Policy.

Shopify Data Collection: Features such as comments, user accounts, or e-commerce functionality may collect additional data.

 

4.1 Data Retention

Transactional Data: Retained for 7 years to comply with tax and legal obligations, unless you request deletion.

Membership Data: Retained until your account is deleted.

Automated Data: Retained for 12 months for analytics purposes, unless you opt out.

4.2 Data Disclosure

We may disclose your personal information if required by law or if you violate our Terms of Service. We may also share hashed data (e.g., device IDs, emails) with third-party advertising partners (e.g., Google Ads, Meta) for retargeting purposes, with reverse engineering prohibited.

 

5. Third-Party Services

We use third-party service providers to support our Services, including:

Payment Processing: We use [Stripe/PayPal] for secure payment transactions. Their privacy policies are available at Stripe Privacy Policy or PayPal Privacy Policy.

Analytics: We use Google Analytics to track website usage. Their privacy policy is available at Google Privacy Policy.

Advertising: We use tools like Shopify Analytics SDK and third-party ad platforms (e.g., Google Ads, Meta) for retargeting.

These providers may collect, use, and disclose your information as necessary to perform their services. Some providers may be located in jurisdictions with different data protection laws (e.g., the United States). By using our Services, you consent to the transfer of your data to such jurisdictions, subject to safeguards like Standard Contractual Clauses where applicable.

If you click on links to third-party websites, you will be subject to their privacy policies, not ours. We encourage you to review those policies.

 

6. Security Measures

Protecting your privacy is our priority. We implement robust, industry-standard technical and organizational measures to protect your personal information, including advanced data encryption and strict internal access controls. In the unlikely event of a data breach, we will notify affected users within 72 hours of confirmation. If you suspect any security issues, please contact us immediately.

 

7. Cookie Policy

We use cookies and similar technologies to enhance your experience, provide analytics, and deliver targeted advertising.

Types of Cookies:

Necessary Cookies: Enable core functionality, such as login sessions (e.g., login cookies last 2 days; “Remember Me” cookies last 2 weeks).

Analytics Cookies: Track page navigation and user behavior (e.g., Google Analytics).

Advertising Cookies: Support targeted ads (e.g., Google Ads, Meta).

Cookie Consent: We obtain your consent for non-essential cookies via a consent banner when you first visit our Site. You can manage cookie preferences through your browser settings or by contacting us at Info@charmony.com.au.

Comment Cookies: If you leave a comment, you may opt-in to cookies storing your name, email, and website for convenience. These cookies last for one year.

 

8. Children’s Privacy

Our Site is not directed toward children under the age of 13, and we do not knowingly collect personal information from them in compliance with applicable laws (such as COPPA). If you are a parent or guardian and believe your child has provided us with personal information, please contact us at Info@charmony.com.au to request deletion. 

 

9. Do Not Track

We do not alter our data collection practices in response to “Do Not Track” signals from browsers, as there is no consistent industry standard for interpreting these signals.

 

10. Your Rights

Depending on your jurisdiction, and in accordance with the Australian Privacy Act 1988 (Cth), you have the right to:

  • Request access to the personal data we hold about you.

  • Request correction of inaccurate or incomplete data.

  • Request erasure of your data.

  • Opt-out of marketing communications.

To exercise these rights, please contact us at Info@charmony.com.au. If you are in Australia and are unsatisfied with our response, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

 

11. International Data Transfers

Your data may be stored on servers located in various countries outside your residence (including the United States and Canada via Shopify). We ensure such transfers comply with applicable data protection safeguards.

 

12. Policy Updates

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will post the revised version on the Site and update the “Last updated” date. If required by law, we will notify you of significant changes.

 

13. Contact

For questions about this Privacy Policy, to exercise your rights, or to make a privacy-related complaint, please contact our support team at Info@charmony.com.au.