Privacy Policy
We welcome you to OfficeOzone, our website and shop at www.officeozone.com (“our Services). In accordance with Australia’s Privacy Act 1988 (“Privacy Act”), the General Data Protection Regulation (“GDPR”), the UK`s Data Protection Act 2018 (“DPA”), California`s Consumer Protection Act (“CCPA”) and Canada`s Personal Information Protection and Electronic Documents Act (“PIPEDA”) we inform you about the processing of your data when you use our Services.
We take the protection of your personal data very seriously and this privacy policy informs you about the details of the processing of your data as well as your legal rights in this respect.
General information and mandatory disclosures
What is personal data?
Personal data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not personal data. This includes, for example, the number of users of a website.
Data Controller
The person responsible is:
OfficeOzone
2 Cathay Place
Kellyville, 2155
Australia
Web: www.officeozone.com
E-Mail: contact@officeozone.com
Scope of the processing of personal data
As a matter of principle, we only collect and use personal data from you insofar as this is necessary to provide a functional website and our content and services, e.g., when you register on our website or log in to an existing customer account or when you place an order with us.
Relevant legal basis
In accordance with the above privacy laws, the following legal basis, unless specifically described below apply to the processing of your personal data:
-
consent,
-
to fulfil our services and carry out contractual measures and respond to enquiries,
-
to fulfil our legal obligations, and
-
to protect our legitimate interests.
What are your rights?
The GDPR and DPA grant Passport holders of the European Union or the UK, respectively, the following rights:
-
Right of access
-
Right to rectification
-
Right to restriction of processing
-
Right to erasure
-
Right to information
-
Right to data portability
-
Right to object
-
Right of withdrawal
-
Right to complain to a supervisory authority
The Privacy Act requires adherence to the following Australian Privacy Principles:
-
APP 1: Open and transparent management of personal information. This ensures that App entities manage personal information in an open and transparent way. This includes having a clearly expressed and up to date privacy policy.
-
APP 2: Anonymity and pseudonymity. Requires App entities to give individuals the option of not identifying themselves, or of using a pseudonym. Limited exceptions apply.
-
APP 3: Collection of solicited personal information. Outlines when an App entity can collect personal information that is solicited. It applies higher standards to the collection of sensitive information.
-
APP 4: Dealing with unsolicited personal information. Outlines how App entities must deal with unsolicited personal information.
-
APP 5: Notification of the collection of personal information. Outlines when and in what circumstances an App entity that collects personal information must tell an individual about certain matters.
-
APP 6: Use or disclosure of personal information. Outlines the circumstances in which an App entity may use or disclose personal information that it holds.
-
APP 7: Direct marketing. An organization may only use or disclose personal information for direct marketing purposes if certain conditions are met.
-
APP 8: Cross-border disclosure of personal information. Outlines the steps an App entity must take to protect personal information before it is disclosed overseas.
-
APP 9: Adoption, use or disclosure of government related identifiers. Outlines the limited circumstances when an organization may adopt a government related identifier of an individual as its own identifier or use or disclose a government related identifier of an individual.
-
APP 10: Quality of personal information. An App entity must take reasonable steps to ensure the personal information it collects is accurate, up to date and complete. An entity must also take reasonable steps to ensure the personal information it uses or discloses is accurate, up to date, complete and relevant, having regard to the purpose of the use or disclosure.
-
APP 11: Security of personal information. An App entity must take reasonable steps to protect personal information it holds from misuse, interference, and loss, and from unauthorized access, modification or disclosure. An entity has obligations to destroy or de-identify personal information in certain circumstances.
-
APP 12: Access to personal information. Outlines an App entity’s obligations when an individual requests to be given access to personal information held about them by the entity. This includes a requirement to provide access unless a specific exception applies.
-
APP 13: Correction of personal information. Outlines an App entity’s obligations in relation to correcting the personal information it holds about individuals.
The CCPA grants California residents the following rights:
-
Right to Know
-
Right of Deletion
-
Right of Non-Discrimination
-
Right to Opt-Out of Sale
The PIPEDA grants Canada residents the following rights:
-
Right to withdraw consent
-
Right of access, correction or deletion
-
Right to submit a privacy complaint
You can assert your rights by notifying us using the contact details provided.
You also have the right to complain to a data protection supervisory authority about the processing of your personal data carried out by us. We would, however, appreciate the chance to deal with your concerns before you approach any supervisory authority.
Data collection on our website
Log files
In principle, you can use our website for purely informational purposes without disclosing your identity. However, our website collects a series of general data and information with each visit and this data is temporarily stored in log file. A log file is created in the course of an automatic protocol of the processing computer system. The following can be recorded:
-
browser type/browser version
-
Operating system used
-
language and version of the browser software
-
host name of the accessing end device
-
IP address
-
Website from which the request comes
-
Content of the request (specific page)
-
Date and time of the server request
-
Access status/HTTP status code
-
Referrer URL (the previously visited page)
-
Amount of data transferred
-
Time sone difference to Greenwich Mean Time (GMT)
The temporary processing of the IP address by the system is necessary to technically enable delivery of the website to your computer. Processing your IP address for the duration of the session is necessary for this. The legal basis for this processing is our legitimate interest.
The access data is not used to identify individual users and is not merged with other data sources. The access data are deleted when they are no longer required to achieve the purpose of their processing. In the case of the collection of data for the provision of the website, this is the case when you end your visit to the website. The data is generally deleted after seven days at the latest; processing beyond this is possible in individual cases. In this case, the IP address is deleted or alienated in such a way that it is no longer possible to assign your device to it.
Use of cookies
We use so-called cookies on our web site. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy. The legal basis for the use of cookies is your consent as well as our legitimate interest.
WiX eCommerce
To provide our website and shop, we use the services of Wix.com, Inc who process the above-mentioned data and all data to be processed in connection with the operation of this website (log file when visiting the website) on our behalf. The legal basis for the data processing is our legitimate interest in providing our website. Wix may transfers your personal data into the USA.
Sending information
We use your data for sending information ordered by you about our offer and other promotions from us to the e-mail address provided by you. If you purchase goods on our website or forget something in your shopping cart or sign up for our newsletter, we may send you information on our own similar goods to your specified e-mail address even without your consent. The legal basis for this data processing is our legitimate interest, because advertising related products by way of direct advertising represents a legitimate interest for us as a business and the provider of this website. You may object to the processing of your personal data for the purpose of direct advertising at any time without giving reasons by unsubscribing via the unsubscribe link at the end of each e-mail or by contacting us.
Contacting us, leaving a reply, registration or placing orders
a) Contacting us
When you contact us using via email or social media, the data you provide will be stored by us based on your consent and the preparation or initiation of a contract, insofar as it is necessary to answer your questions. Your inquiry is logged in order to be able to prove the contact in accordance with the legal requirements. We delete the data accruing in this context when the respective conversation with you has ended and your inquiry has been conclusively clarified.
b) Registration
On our website, we offer you the opportunity to register by providing personal data. The data is entered in the registration form is transmitted to us and stored and includes your full name, your e-mail address and your password. We will also send you a verification e-mail to ensure that the account creation is made for the intended person. The processing of the data for this registration thus serves the fulfilment of the contract of use or the implementation of pre-contractual measures. You can delete your account at any time either by using the delete function in your account or by contacting us.
c) Storage of data in your account
For the conclusion and processing of contracts, we require contact details, such as name, delivery and billing address and e-mail address, as well as information on the type of payment method you have chosen. You can store this data in your account. In addition, we use your data to maintain our customer database so that only accurate data is stored by us. In order to avoid typing errors and to ensure that the items you have ordered reach you, we check the completeness and accuracy of your address when you enter it.
Following your order, you will receive a corresponding order confirmation as well as further documents, which we are obliged to provide in order to fulfil our legal information obligations for an effective conclusion of a contract with you.
e) Guest order
You have the option to place your orders as a guest. If you choose this order type, you do not have to register before placing an order. Please note that you will have to enter your data again for each subsequent order.
We collect, process, and use the information you provide in the context of a guest order for the purpose of executing the contract. We store the information you provide for the period of processing and handling your order. Afterwards, your data will be deleted unless you decide to activate your customer account within 14 days after placing your order. Data that we are required to store due to legal, statutory, or contractual retention obligations will be blocked instead of being deleted to prevent it being used for other purposes. The processing of the data serves the fulfilment of the contract with you.
f) Order confirmation/dispatch confirmation
In order to process the contract and provide you with our services, for example the web shop or to send you your order, we use your contact details to send you registration confirmations, customer service information, order confirmations, contract documents or payment processing information. We are obliged to send you these documents in order to comply with our legal information obligations for an effective conclusion of a contract with you. The processing of your data is therefore necessary to fulfil our legal information obligations for an effective conclusion of a contract with you.
g) Other
Based on our legal obligation and our legitimate interest, we use and store your personal data and technical information to the extent necessary to prevent or prosecute misuse or other illegal behaviour on our website, e.g., to maintain data security in the event of attacks on our IT systems. This also takes place insofar as we are legally obliged to do so, for example due to official or court orders, and for the exercise of our rights and claims as well as for legal defence.
Disclosure or transfer of personal data
We do not transfer or disclose your information to third parties unless there is a legal basis for such disclosure. Example of such a basis is typically consent from you or a legal basis that requires us to disclose the data.
For the operation and optimisation of our website and our services and for the processing of contracts, various service companies work for us, e.g., for central IT services or the hosting of our website, for the payment and delivery of products, or order fulfilment or for the dispatch of newsletters, to whom we pass on the data required for the fulfilment of the task (e.g., name, address).
Some of these companies act for us by way of commissioned processing and may therefore use the data provided exclusively in accordance with our instructions. In this case, we are legally responsible for appropriate data protection measures at the companies we commission. We therefore agree on specific data security measures with these companies and monitor them regularly.
In contrast, order processing, in these cases we transmit data to third parties for their own use in order to process the contract:
-
In the case of delivery of goods and the necessary logistics companies and the postal service provider specified when the order was placed.
-
In the case of payment for goods to the payment service provider as specified when the order was placed (currently Stripe [m1] and PayPal[m2] ). Please Note: We do not collect or store any payment transaction information such as credit card numbers or bank details during the payment process. You only provide this information directly to the respective payment service provider.
If we use service providers in third countries, we take additional measures to ensure an adequate level of data protection for the transfer of personal data and thus ensure that the transfer is generally permissible and that the special requirements for a transfer to a third country are met (e.g., by concluding standard contracts and additional guarantees, supplementary technical and organisational measures such as encryption or anonymisation).
We will disclose your data to third parties or government agencies within the framework of existing data protection laws if we are legally obliged to do so, e.g., due to official or court orders, or if we are entitled to do so, e.g., because this is necessary for the prosecution of criminal offenses or for the exercise and enforcement of our rights and claims.
Advertising and Marketing
We use the data you provide to fulfil and process our contract and to respond to your enquiries in or on the basis of your consent. Insofar as you have also given us your separate consent to process your data for consulting, marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.
You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or contractual relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or contractual relationship with us.
Direct Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe (or opt out).
Services for statistical, analytical and marketing purposes
We use third party services for statistical, analytical and marketing purposes. This enables us to provide you with a user-friendly, optimised use of the website. The third-party providers use cookies to control their services (see our Cookie Policy for more information).
a) Google Analytics
We use Google Analytics, a service provided by Google Inc. This means that the data collected can in principle be transmitted to a Google server in the USA, whereby the IP addresses are anonymised by means of IP anonymisation so that an allocation is not possible. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can object to the collection and processing of this data by Google Analytics by setting an opt-out cookie that prevents the future collection of your data when you visit this website: http://tools.google.com/dlpage/gaoptout?hl=en. The legal basis for this processing is our legitimate interest.
b) Google Ads
We use the Google AdWords offer from Google to draw attention to our attractive offers on external web sites with the help of advertising media (so-called Google Ads). We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. In this way, we pursue the interest of showing you advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs. The legal basis for this processing is our legitimate interest.
c) Facebook Custom Audiences
Furthermore, the website uses the "Website Custom Audiences" function via the so-called "Facebook Pixel" of Facebook Inc. (provider is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. This allows users of the website to be shown interest-based advertisements ("Facebook ads") when visiting the Facebook social network or other websites that also use this method. In this way, we pursue the interest of showing you advertisements that are of interest to you in order to make our website more interesting for you.
Due to the marketing tools used, your browser automatically establishes a direct connection with the Facebook server. We have no influence on the scope and further processing of the data collected by Facebook through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of Facebook Custom Audiences, Facebook receives the information that you have accessed the corresponding web site of our website or clicked on an advertisement from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider may obtain and store your IP address and other identifying features. The legal basis for this processing is our legitimate interest.
Miscellaneous and closing
Social Media
Based on our legitimate interest, we are present in various "social media" platforms in order to communicate with our customers, interested parties and users registered there and to be able to inform them about our offers there. We would like to point out that you use these platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating).
Updating your information
If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so within your account or by contacting us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.
Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal data, notably where such requests would not allow us to provide our service to you anymore.
Links to other providers
Our website also contains - clearly recognisable - links to the websites of other companies. Insofar as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.
The linked pages were checked for possible legal violations and recognisable infringements at the time of linking. Illegal contents were not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.
Personal data and children
Our services are aimed at people aged 18 and over. We will not knowingly collect, use or disclose personal data from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact.
Data Breaches/Notification
Databases or data sets that include Personal data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
Changes
We reserve the right to adapt the privacy policy with effect for the future, in particular in the event of further development of the website, the use of new technologies or changes to the legal basis or the relevant case law.
Questions or Comments
If you have any questions or comments about our Privacy Policy or wish to exercise your rights under applicable laws, please contact us using the following contact details:
OfficeOzone
2 Cathay Place
Kellyville, 2155
Australia
Web: www.officeozone.com
E-Mail: contact@officeozone.com
This Privacy Policy was last updated on Friday, 14 October 2022