Privacy Policy
Effective date: 16 June 2025
This Privacy Policy explains how Carinya Parc ("we", "us" or "our") collects, uses, discloses and manages your Personal Information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1. Scope
This policy applies to all Personal Information we collect through:
- Our website at carinyaparc.com.au and any related subdomains.
- Any mobile or other digital applications we operate.
- In-person interactions (e.g. events, workshops).
It does not apply to:
- Information in the public domain.
- De-identified or aggregated data.
2. What Information We Collect
2.1 Personal Information
We collect Personal Information that identifies you or by which you can be identified, including but not limited to:
- Contact details: name, email address, postal address, phone number.
- Account credentials: username, password (securely stored).
- Payment information: credit/debit card details or bank account details (collected via secure third-party payment processors).
- Communications: records of your correspondence with us (email, phone, chat transcripts).
2.2 Usage and Technical Data
Automatically collected when you visit our site:
- Device and browser data: IP address, browser type/version, operating system.
- Usage data: pages visited, time and date, click-through paths, referral source.
- Cookies and similar technologies: see Section 6 below.
3. How We Use Your Information
We will only use your Personal Information for the purposes for which it was collected, including:
- Provision of services: to register and manage your account; process orders and payments; deliver products and services; provide customer support.
- Communications: to respond to your enquiries; send transactional messages (e.g. order confirmations, appointment reminders).
- Marketing (where consented): to send newsletters, promotional offers, surveys and event invitations. You can opt out at any time (see Section 9).
- Improvement and analytics: to analyse website performance, usage patterns, and to develop new features.
- Compliance and security: to detect, prevent and address technical issues, fraud, unlawful activity or breaches.
4. Disclosure of Personal Information
We may disclose Personal Information to:
- Service providers: third-party vendors who perform services on our behalf (e.g. hosting, payment processing, email delivery).
- Professional advisers: lawyers, accountants, contractors, auditors.
- Government and regulatory bodies: where required by law, regulation, subpoena or court order.
- Business transfers: in the event of a merger, acquisition or sale of assets, your Personal Information may be transferred, subject to confidentiality obligations.
We do not sell, rent or trade your Personal Information for marketing purposes.
5. Cross-border Data Transfers
Some of our service providers are located overseas (e.g. cloud hosting in the U.S. and Europe). We take reasonable steps to ensure your Personal Information remains protected in accordance with the APPs, including executing standard contractual clauses where required.
6. Cookies and Tracking Technologies
We use cookies, web beacons, and similar technologies to:
- Enable core site functionality.
- Analyse visitor behaviour and enhance user experience.
- Serve relevant advertising (when consented).
Managing cookies:
You can set your browser to refuse cookies or alert you when cookies are being sent. If you disable cookies, some features of this website may not function properly.
7. Data Security
We implement technical and organisational measures to safeguard your Personal Information against:
- Unauthorised access or disclosure (e.g. firewalls, access controls).
- Loss or misuse (e.g. regular backups, encryption in transit and at rest).
- Alteration or destruction (e.g. audit trails, change-management processes).
While we strive to protect your data, no internet transmission or storage can be guaranteed 100% secure. You acknowledge that you provide information at your own risk.
8. Data Retention
We retain your Personal Information only as long as is necessary to fulfil the purposes outlined in this policy, or as required by law. Typical retention periods:
| Type of Information | Retention Period | | ------------------------------ | ------------------------ | | Account and billing records | 7 years (ATO compliance) | | Marketing consents and history | Until you unsubscribe | | Support and transactional logs | 2 years | | Analytics data (aggregated) | 3 years |
9. Access, Correction & Complaints
- Access and correction: You have the right to request access to or correction of your Personal Information. To do so, please contact us (see Section 11).
- Complaints: If you believe we have breached the APPs, you may lodge a complaint with us. We will acknowledge your complaint within 7 days and endeavour to resolve it within 30 days. If unresolved, you may refer the matter to the Office of the Australian Information Commissioner (OAIC).
10. Children's Privacy
Our services are not intended for use by children under the age of 16. We do not knowingly collect Personal Information from children. If you believe we have inadvertently collected such information, please contact us to have it deleted.
11. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact:
Carinya Parc
Privacy Officer
Email: privacy@carinyaparc.com.au
Postal address: The Branch NSW, Australia
Phone: +61 2 XXXX XXXX
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, where appropriate, notify you by e-mail or prominent notice on our website.
By using our website, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.