Healr Privacy & Data Collection Statement
Healr needs to collect personal information from you to operate its business and services effectively. By providing your personal information, you consent to its use and disclosure according to this statement and our Privacy Policy.
If you do not agree, you must refrain from providing your personal information, as we may not be able to supply you with the products and services you require. We may disclose your personal information to our related entities, third-party service providers, or contractors appointed by Healr to perform services on our behalf (such as website and data hosting providers and payment processing services), as outlined in our Privacy Policy.
Healr may use and disclose your personal information for direct marketing purposes unless you opt out. Our Privacy Policy provides further details on how you can access and correct your personal information, how to report a privacy breach, and how we handle your complaints.
Healr Privacy Policy
Our Privacy Obligations
This privacy policy explains how Healr collects and manages your personal information. In this policy, "we," "our," and "us' ' refer to Healr. "Personal information" refers to information or opinions about an identified individual or one who can be reasonably identified.
We take our obligations under the Privacy Act 1988 and the Australian Privacy Principles (APPs) very seriously. Healr has established procedures to comply with these laws and is committed to protecting your personal information's confidentiality, security, and transparency.
Being Anonymous or Using a Pseudonym
You must provide accurate personal details when interacting with Healr to receive our services effectively. You may, however, use a pseudonym in certain cases where it is unnecessary for us to identify you.
If you need clarification on when you must identify yourself, please contact Healr at support@healr.au.
Collection of Personal Information
Healr will collect personal information only when:
It is necessary for our functions and activities, such as completing a transaction.
We are required to by law. When you purchase from our store, we collect your personal information, including your name, delivery address, and email address. When you browse our store, we automatically receive your computer's IP address, helping us understand your browser and operating system.
Sensitive Information
Sensitive personal information (such as race, ethnicity, health information) requires special protection under the Privacy Act. We collect your sensitive information only with your consent and if necessary for our functions or activities.
Exceptions for Needing Consent
We may not need your consent to collect your sensitive information when:
It is required or authorised by law.
A "permitted general situation" exists under the Act.
A "permitted health situation" exists under the Act.
Collection by Lawful and Fair Means
Healr collects your personal information by lawful and fair means, including using browser tracking software like cookies. Cookies help us remember your preferences and improve your experience. You can configure your computer to disable or reject cookies if you choose.
Collection from You
Healr prefers to collect personal information directly from you when possible, as it ensures accuracy and gives you a chance to ask questions about our Privacy Policy.
Dealing with Unsolicited Personal Information
If Healr receives personal information from a third party without requesting it, we will determine if we could have legally collected it. If not, we will destroy or de-identify the information.
Notification of Collection
Before or at the time of collecting personal information, Healr will take reasonable steps to inform you of:
Our identity and contact details.
Circumstances where we collected your personal information without your knowledge or from someone else.
Situations where we are required or authorised by law to collect your personal information.
The reasons for collecting your personal information.
Potential consequences of not collecting all or some of your personal information.
Details of persons or entities to whom we usually disclose personal information.
How you may access and seek correction of your personal information.
How you can lodge a complaint with us.
Whether we might disclose your personal information to overseas recipients and, if so, which countries may receive your personal information.
Use and Disclosure
Healr holds your personal information for the primary purpose for which it was collected. We won't use or disclose your personal information for another purpose unless:
We obtain your consent.
You would reasonably expect us to use or disclose it for a secondary purpose related to the primary purpose.
Required by law.
A permitted general purpose exists.
A permitted health situation exists.
We reasonably believe it is necessary for enforcement-related activities conducted by or on behalf of an enforcement body.
Direct Marketing
Healr may use your personal information for direct marketing, such as emails, SMS, phone calls, and postal mail.
Adoption of Direct Marketing Laws
Under the Act, we may use your personal information for direct marketing if:
We collected your personal information directly from you.
You reasonably expect us to use your personal information for direct marketing.
Circumstances Requiring Consent for Direct Marketing
We need your consent when:
Collecting personal information from a third party for direct marketing.
You would not reasonably expect to receive direct marketing.
If you want to know who provided your personal information to us, please request this information from Healr at support@healr.au. We will provide you with the third-party's details within a reasonable time and without charge.
Sensitive Information
Healr will not use your sensitive information for direct marketing without your written consent.
Opting-Out
Healr provides a simple means for you to opt out of receiving direct marketing, typically involving an "opt-out" link in emails or a "tick-a-box" option during information collection. We will not use or disclose your personal information for direct marketing if you previously opted out. You can opt out of direct marketing by contacting support@healr.au.
Overseas Disclosure
Healr strives to store your personal information on an Australian server. In some circumstances, we may disclose your personal information to an overseas entity. We ensure that they handle your information according to the Act or similar laws or require your informed consent.
Adoption, Use, and Disclosure of Government-Related Identifiers
Healr will not adopt government-related identifiers as your identifier unless:
Required or authorised by law.
Necessary for identity verification.
Necessary to fulfil obligations to an agency or state authority.
Required or authorised by an Australian law, court, or tribunal order.
Permitted general situations exist.
Necessary for enforcement-related activities.
Quality of Personal Information
Healr takes reasonable steps to ensure the personal information we collect, use, or disclose is accurate, up-to-date, complete, and relevant.
Security of Personal Information
Healr takes reasonable precautions and follows industry best practices to protect your personal information from loss, misuse, access, disclosure, alteration, or destruction.
Destruction
When we no longer need your personal information and are not required to keep it to comply with laws, Healr will take reasonable steps to destroy or de-identify the information.
Payment Information
Our online store is hosted on Shopify Inc. Shopify provides us with the e-commerce platform that allows us to sell our items to you. Your personal information is stored through Shopify's data storage, databases, and application, and is kept secure.
If you use a direct payment gateway, Shopify stores your credit card data, encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as necessary to complete your purchase and then deleted. All direct payment gateways adhere to PCI-DSS standards.
For more details, read Shopify's Terms of Service or Privacy Statement.
Access to Personal Information
Upon your written request, Healr will provide you with a copy of your personal information we hold unless:
Access poses a serious threat to the life, health, or safety of any individual or to public health or safety.
Giving access would impact the privacy of other individuals.
Your request for access is frivolous or vexatious.
Information relates to existing or anticipated legal proceedings between us and you and would not be accessible through discovery.
Access would reveal our intentions in negotiations with you.
Access would be unlawful.
Denying access is required or authorised by law or a court/tribunal order.
We suspect unlawful activity or misconduct of a serious nature related to our functions or activities.
Access would prejudice enforcement-related activities conducted by or on behalf of an enforcement body.
Access would reveal evaluative information connected with a commercially sensitive decision-making process.
Correction of Personal Information
Healr will take reasonable steps to correct your personal information for free if we find it inaccurate, outdated, incomplete, irrelevant, or misleading. This includes third parties to whom we've provided your personal information, unless it's impracticable or unlawful.
Circumstances When We Decline to Correct Information
In some cases, Healr may decline to correct your personal information. When this occurs, we will provide you with a written notice explaining:
Reasons for the refusal.
Available complaint mechanisms.
Making a Complaint
If you have a concern or complaint about our handling of your personal information or breaches of the APPs, please contact us at support@healr.au with details of the complaint. Set the subject line to “PRIVACY COMPLAINT”.
Healr aims to respond to your complaint within 30 days. If unresolved, the complaint may be referred to an external complaints resolution entity, and ultimately, if necessary, to the OAIC.