Privacy policy

Your privacy is important to us and we do everything we can to protect it at all times. This privacy policy describes how sugarberryshimmy.com.au (the ‘site’ or ‘we’) collects, uses, and discloses your personal information when you visit or make a purchase from the site.

Affiliate program participation

We may engage in affiliate marketing on our website, which is done by embedding tracking links into the website. If you click on a link for an affiliate partnership, a cookie will be placed on your browser to track any sales for purposes of commissions. 

Our owner Jules Moradi is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.au. As an Amazon Associate, Jules earns from qualifying purchases. This program uses cookies to track visits for the purposes of assigning commission on these sales.

Consent

This privacy policy applies to the products and services that we offer, and by using this website and our social media platforms you agree and consent to the collection, use and disclosure of your information in connection with providing our services and products to you. If you don’t agree, please simply leave the site. If you have any concerns, please contact use via the details below.

Our contact details

After reviewing this policy, if you have more questions, want more information about our privacy practices, or would like to make a complaint, please contact us:

 

Collecting information

When you visit our site, we collect certain information about your device, your interaction with the site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this privacy policy, we refer to any information about an identifiable individual (including the information below) as ‘personal information’.

What we collect

We collect:

  • your name, billing and delivery addresses and contact details if you place an order online
  • payment and transaction information including credit card details etc
  • your location details through your smart phone or device
  • website and technical information, ie browser, websites visited, IP address, user and system preferences, device type etc, and
  • details of your purchases, preferences and interactions with us.

How we collect it

We collect information:

  • when you use or visit our website or social media platforms
  • when you place an order on our website
  • when you return faulty products
  • when you send us an enquiry or provide us with feedback
  • when you participate in a promotion, competition, or survey
  • when you sign up to our referral program
  • when you sign up for our e-newsletter, and
  • when you post a review, rating or comment on our website or social media accounts.

How we use it

We use the information we collect to:

  • fulfil the orders that you make on our website
  • better understand how you use our website
  • operate, improve and maintain our website
  • develop new products and website features and functionalities, and
  • communicate with you as part of our customer service, and with your consent, to send you marketing material.

Examples of personal information we collect and why

Here’s a more detailed list of personal information we collect and why.

Device information

  • Purpose of collection: to load the site accurately for you, and to perform analytics on site usage to optimise our site.
  • Source of collection: Collected automatically when you access our site using cookies, log files, web beacons, tags, or pixels.
  • Disclosure for a business purpose: shared with our processor Shopify.
  • Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the site.

Order information

  • Purpose of collection: to provide products to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: shared with our processor Shopify, Stripe payment gateway, Australia Post
  • Personal Information collected: name, billing address, shipping address and payment information, including credit card number, email address and phone number.

Customer support information

  • Purpose of collection: to provide customer support.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: none
  • Personal Information collected: name, email address and/or phone number, and if applicable, order details including billing address and shipping address.
  • Source of collection: collected from you.

Sharing personal information

We share your personal information with service providers to help us provide our service and fulfill our contracts with you, as described above.

For example:

  • We use Shopify to power our online store. You can read more about how Shopify uses your personal information here: https://www.shopify.com/legal/privacy.
  • We use Stripe and Afterpay payment processing platform to process your payments via the website.
  • We use Australia Post to ship your order to you.
  • We use Klaviyo email marketing service to email you our e-newsletter, if you opt in on our website.  
  • We use a BixGrow Shopify app to run our ‘Give $10, get $10’ referral program.
  • We may employ contractors in Australia to process and fulfill your orders.
  • We may use survey, research and data analysis platforms for voluntary market research.
  • We use Microsoft OneDrive and Dropbox cloud storage facilities to store backups of our website and online order data.
  • We may provide access to our cloud-based admin systems to business advisors, lawyers, accountants, insurance providers, auditors or other professional service providers to the extent reasonably required, and
  • We may share your personal information with regulatory, investigative or government bodies to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

Some of our trusted technology or data storage providers may be located outside of Australia.

We will never share your information with a third party entity that is not involved in providing products or services to you on our behalf.

Behavioural advertising

We may use your personal information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

  • We use Google Analytics to help us understand the demographics and interests of people who visit our site, including country, region, city, language, age, gender and interests.
  • We may use Google Analytics to help us understand how our customers use the site.

You can read more about how Google uses your personal information here: https://www.google.com/intl/en/policies/privacy/. You can also opt out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (‘NAI’) educational page at: https://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising via the following links:

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: https://optout.aboutads.info/.

Using personal information

We use your personal information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and if you opt in, sending you our e-newsletter and keeping you up to date on new products and offers.

Lawful basis

Pursuant to the General Data Protection Regulation (‘GDPR’), if you are a resident of the European Economic Area (‘EEA’), we process your personal information under the following lawful bases:

  • Your consent
  • The performance of the contract between you and the site
  • Compliance with our legal obligations
  • To protect your vital interests
  • To perform a task carried out in the public interest
  • For our legitimate interests, which do not override your fundamental rights and freedoms.

Retention

When you place an order through the site, we will retain your personal information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.

Automatic decision-making

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

Services that include elements of automated decision-making include:

  • Temporary blacklist of IP addresses associated with repeated failed transactions. This blacklist persists for a small number of hours.
  • Temporary blacklist of credit cards associated with blacklisted IP addresses. This blacklist persists for a small number of days.

Selling personal information

We will never sell your personal information.

Your rights

Accessing your information

If you would like to access to personal information we hold about you, please email us at hello@sugarberryshimmy.com.au and we will provide you with access.

When making an access request, we may ask you to verify your identity before proceeding with any request you make. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act or will contact you directly to seek your permission.

If you ask us to correct personal information that we hold about you, or if we are satisfied that the personal information we hold is inaccurate, out of date, incomplete, irrelevant or misleading, we will take reasonable steps to correct it.

GDPR (General Data Protection Regulation)

If you’re a resident of the EEA, you have the right to access the personal information we hold about you, to port it to a new service, and to ask that your personal information be corrected, updated, or erased. If you would like to exercise these rights, please email us at hello@sugarberryshimmy.com.au.

Your personal information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.

CCPA (California Consumer Privacy Act)

If you’re a resident of California, you have the right to access the personal information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your personal information be corrected, updated, or erased. If you would like to exercise these rights, please email us at hello@sugarberryshimmy.com.au.

If you would like to designate an authorised agent to submit these requests on your behalf, please email us at hello@sugarberryshimmy.com.au.

Web cookies

Like any other website, we use 'cookies' on our website. Cookies are small data files created by a web server and used to remember user preferences. They are downloaded to your computer or device by your web browser when you visit a website.  

We use a number of different cookies, including functional, performance, advertising, and social media or content cookies.

When you fill in a form online and your personal information appears to auto-populate the fields, that’s the cookies at work. It’s the cookies that store your passwords on your browser for you too, if you give them permission.

Cookies also store data such as which pages you visited in which order on our website, which buttons you clicked and which items you placed in your cart. We may collect this information both anonymously and in relation to your account. We use this information to optimise users’ experiences on our website.

You may disable cookies in your browser if you wish – see below.

Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use our site, for instance whether it’s their first time visiting or if they’re a frequent visitor.

Authentication cookies are used by web servers to authenticate that a user is logged in to a particular website. Without authentication cookies, you would need to log in again to each page on our website.

The security of authentication cookies depends on the security of the website and users’ web browsers, and whether the cookie data is encrypted. Our website contains an SSL (secure socket layer) certificate with 256-bit encryption. An SSL certificate is a digital certificate that authenticates a website’s identity and enables an encrypted connection between a web server and a web browser. When you see a padlock icon in the website’s URL, that means it’s protected by SSL protocol.

In a nutshell, we use cookies to improve your experience on our website, but rest assured that our website is securely encrypted.

We use the following cookies to optimise your experience on our site and to provide our services.

Cookies necessary for the functioning of the store

Name

Function

Duration

_ab

Used in connection with access to admin.

2y

_secure_session_id

Used in connection with navigation through a storefront.

24h

_shopify_country

Used in connection with checkout.

session

_shopify_m

Used for managing customer privacy settings.

1y

_shopify_tm

Used for managing customer privacy settings.

30min

_shopify_tw

Used for managing customer privacy settings.

2w

_storefront_u

Used to facilitate updating customer account information.

1min

_tracking_consent

Tracking preferences.

1y

c

Used in connection with checkout.

1y

cart

Used in connection with shopping cart.

2w

cart_currency

Used in connection with shopping cart.

2w

cart_sig

Used in connection with checkout.

2w

cart_ts

Used in connection with checkout.

2w

cart_ver

Used in connection with shopping cart.

2w

checkout

Used in connection with checkout.

4w

checkout_token

Used in connection with checkout.

1y

dynamic_checkout_shown_on_cart

Used in connection with checkout.

30min

hide_shopify_pay_for_checkout

Used in connection with checkout.

session

keep_alive

Used in connection with buyer localization.

2w

master_device_id

Used in connection with merchant login.

2y

previous_step

Used in connection with checkout.

1y

remember_me

Used in connection with checkout.

1y

secure_customer_sig

Used in connection with customer login.

20y

shopify_pay

Used in connection with checkout.

1y

shopify_pay_redirect

Used in connection with checkout.

30 minutes, 3w or 1y depending on value

storefront_digest

Used in connection with customer login.

2y

tracked_start_checkout

Used in connection with checkout.

1y

checkout_one_experiment

Used in connection with checkout.

session

checkout_session_lookup

Used in connection with checkout.

3w

checkout_session_token_<<token>>

Used in connection with checkout.

3w

identity-state

Used in connection with customer authentication.

24h

identity-state-<<token>>

Used in connection with customer authentication.

24h

identity_customer_account_number

Used in connection with customer authentication.

12w

Reporting and analytics cookies

Name

Function

Duration

_landing_page

Track landing pages.

2w

_orig_referrer

Track landing pages.

2w

_s

Shopify analytics.

30min

_shopify_d

Shopify analytics.

session

_shopify_s

Shopify analytics.

30min

_shopify_sa_p

Shopify analytics relating to marketing & referrals.

30min

_shopify_sa_t

Shopify analytics relating to marketing & referrals.

30min

_shopify_y

Shopify analytics.

1y

_y

Shopify analytics.

1y

_shopify_evids

Shopify analytics.

session

_shopify_ga

Shopify and Google Analytics.

session

customer_auth_provider

Shopify analytics.

session

customer_auth_session_created_at

Shopify analytics.

session

 

The length of time that a cookie remains on your computer or mobile device depends on whether it is a ‘persistent’ or ‘session’ cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Disabling cookies in your browser settings

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s ‘Tools’ or ‘Preferences’ menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as: www.allaboutcookies.org.

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt out of certain uses of your information by these parties, please follow the instructions in the “Behavioural advertising” section above.

Server log files

A website or server log file is a simple text document that lists every user’s interaction with a website for a given timeframe. All hosting companies produce this data and make it available to website owners as part of their hosting service analytics.

The information collected for log files includes internet protocol (IP) addresses, browser types, internet service providers (ISP), date and time stamps, where the user was referred to the website from and which page they landed on. This data is not linked to any information that is personally identifiable. We may use server log files to analyse website traffic trends by time of day, day of the week, and the websites users were referred from so that we can improve the performance and user-friendliness of our website.

Basically, we use server log files to monitor traffic trends on our website, but we can’t identify you with them.

Do not track

Please note that because there is no consistent industry understanding of how to respond to ‘Do not track’ signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

Protecting your information

We hold personal information in electronic form with our trusted service providers. Any trusted service provider must observe and meet our information security requirements to minimise the risk of unauthorised access to, and loss, misuse or unapproved alteration of, personal information.

While we endeavour to protect the personal information of users of our website, we cannot guarantee the security of information you disclose online. You disclose that information at your own risk. You should be aware that no method of transmission over the Internet or method of electronic storage is 100% secure. You can also help protect your personal information by keeping your account details confidential, using a unique and strong password, limiting access to your computer and logging out after use. If you become aware of unauthorised access, please let us know as soon as you can.

Changes

We may update this privacy policy from time to time in order to reflect changes to our practices or for other operational, legal, or regulatory reasons.

Complaints

For more information about privacy protection in Australia, you may visit the Office of the Australian Information Commissioner’s website at https://www.oaic.gov.au.

If you have any complaints or questions about our privacy policy or how we manage your personal information, please contact us by email at hello@sugarberryshimmy.com.au or by phone with the number in the ‘Contact’ section above.

If you are not satisfied with our response to your complaint, you have the right to lodge your complaint with the relevant data protection authority in your jurisdiction. You can contact your own local data protection authority, or the Office of the Australian Information Commissioner here: https://www.oaic.gov.au.

Last updated: 4/10/23