Personal Information 

This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from www.christmasworld.com.au (the ’Website’”).

When Ordering or registering on our ‘Website’, whether it be buying a Product, subscribing to our newsletter to receive special offers, entering one of our promotional activities or joining our Valued Customer Club you may be asked to enter your personal information such as (but not limited to): name, telephone number and email address, shipping information. 

Any information we collect from you may be used to personalise your experience to help us better respond to your individual needs, to improve our ’Website’ offerings based on the information we may receive from you,  with your implied consent we may send you periodic emails to inform you of Products, services  and/or promotions. 

Age of Consent: 
By using this ‘Website’, you represent that you are at least 18 years of age. 

 

14.2  Personal Information we collect: 
14.2.1   Device Information 
When you visit the ’Website’, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the ‘Website’, we collect information about the individual web pages or Products that you view, what ’Websites’ or search terms referred you to the ’Website’, and information about how you interact with the ’Website’. We refer to this automatically collected information as ‘Device Information’.
We collect ‘Device Information’ using the following technologies:
    • Cookies: data files that are placed on your device or computer and often  include an anonymous unique identifier.
For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
    • Log Files:  track actions occurring on the ‘Website’, and collect data including your IP address, browser type, Internet service provider,  referring/exit pages, and date/time stamps.
    • Web Beacons, Tags and Pixels: are electronic files used to record information about how you browse the ‘Website’.  
 
14.2.2  Order Information
Additionally, when you make a purchase or attempt to make a purchase through the ‘Website’, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number. We refer to this information as ‘Order Information’. 
 
14.2.3 Promotional Information 
 From time to time on the ‘Website’ promotional activities will be available for you to enter. Conditions of entry into any of our promotional activities on the Website require you to enter your personal information which may include some of, or all of the following: full name, telephone number, address, postcode and email. Your submission of all or parts of the requested entry information to participate in the promotional activities on the ‘Website’ is considered as your implied consent to use your personal information. We refer to this as ‘Promotional Entry Information.’  
 When we talk about ‘Personal Information’ in this Privacy Policy, we are talking about all three collection streams: ‘Device Information’, ‘Order Information’ and ‘Promotional Entry Information.’

 

14.3  How we use your personal information: 

We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our ‘Website’ (for example, by generating analytics about how our Customers browse and interact with the ‘Website’, and to assess the success of our marketing and advertising campaigns).

We use the Order Information that we collect generally to fulfill any Orders placed through the ‘Website’ (including processing your payment information, arranging for shipping, and providing you with invoices and/or Order confirmations). Additionally, we use this Order Information to:

    • Communicate with you
    • Screen our Orders for potential risk or fraud; and
    • Provide you with information or advertising relating to our Products and Services

     

    We use the Promotional Entry Information that we collect from you when you enter the promotions on the Website: 

     

    14.3.1 Spin the Wheel Promotion
    Conditions of entry require you to submit your email address. By submitting your email address, you are agreeing to receive marketing emails from www.christmasworld.com.au, to inform you of our Products, services, newsletters or upcoming events and promotions. 

    14.3.2 Christmas Worlds Valued Customer Club Promotion 
    when you  join the Christmas World  Valued Customer Club Promotion on our Website, you become one of our loyal Customers,  receiving 10% off  all your Orders when you use the discount code emailed to you. Joining our Valued Customer Club from the Website implies your consent to use your personal information to send to you periodic emails or text messages to inform you of our Products and services, newsletters or upcoming events and promotions. 
    If at any time you would like to no longer receive any correspondence from us, you can email info@christmasworld.com.au or simply unsubscribe from our emails by clicking the unsubscribe link at the bottom of our emails.

     

    14.4 Sharing Your Personal Information: 

    In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

     

    14.4.1 Shopify 
    We use Shopify to power our online store.  All stores powered by Shopify are PCI Compliant. Your purchase transaction data is stored only as long as it is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.  Shopify adheres to the standards set by PCI-DSS, which is managed by the PCI Security Standards Council.  This is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers, so your personal information is protected.  For more insight, you may also want to read to read Shopify’s PCI Compliance information: https://www.shopify.com.au/security/pci-compliant

    14.4.2 Google Analytics
    We also use Google Analytics to help us understand how our Cust omers use the ‘Website’' you can read more about how Google uses your Personal Information here:
    https://www.google.com/intl/en/policies/privacy/.
    You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
    14.4.3 Applicable Laws
    We may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

    14.4.4 Behavioural Advertising
    As described above, we may use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

    14.4.5 Targeted Advertising
    You can opt out of targeted advertising by using the links below:
      • Facebook:
        https://www.facebook.com/settings/?tab=ads
      • Google:
        https://www.google.com/settings/ads/anonymous
      • Bing: 
        https://advertise.bingads.microsoft.com/en- us/resources/policies/personalized-ads

    Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/

     

    14.5 We do not track

    Please note that we do not alter our ‘Websites’ data collection and use practices when we see a Do Not Track signal from your browser.

     

    14.6 Data Retention

    When you place an Order through the ‘Website’, we will maintain your Order Information for our records unless and until you ask us to delete this information.

     

    14.7 Security of your Personal Information 

    To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

     

    14.8 Changes to this Privacy Policy

    We may update this privacy policy from time to time in Order to reflect, for example, changes to our practices or for other operational, legal or regulatory reason

     

    14.9 QUESTIONS AND CONTACT INFORMATION

     If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at info@christmasworld.com.au or by telephone on: 1300 00 9627

     

    14.10 Our third party – Shopify is certified level 1 PCI DSS Compliance 

    Shopify is certified Level 1 PCI DSS compliant. This compliance extends by default to all stores powered by Shopify.

    We are very serious about securely hosting your store and have invested significant time and money to certify our solution is PCI compliant. From annual on-site assessments validating compliance to continuous risk management, we work hard to keep our shopping cart and ecommerce hosting secure.

    Out-of-the-box, all Shopify stores are hosted in virtual (cloud-based) environments with industry-standard security certifications including:

      • Level 1 PCI DSS
      • ISO 27001
      • SOC 2

    Shopify has been a Level 1 Service Provider under PCI DSS since 2011 — undergoing annual onsite audits — actively participates in the PCI community, and has been a participating organization in the PCI council since 2012.

     

    The contents on this page form part of and should be read in conjunction with our main terms and conditions. located HERE