PRIVACY POLICY
Emu Supply
ABN: 77 472 672 695
Trading Name: Emu Supply
Address: 4/124 Macpherson St, Bronte NSW 2024
Email: [email protected]
Phone: 0432 844 957
Last Updated: January 2026
1. INTRODUCTION
1.1 Our Commitment to Privacy
Emu Supply is committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1.2 About This Policy
This Privacy Policy explains: – What personal information we collect – How we collect your information – Why we collect your information – How we use and disclose your information – How we protect your information – How you can access and correct your information – How to make a privacy complaint
1.3 Who We Are
Emu Supply is a sole trader business operated by Marcio Bianchi (ABN: 77 472 672 695). We supply personal protective equipment (PPE) and MRO supplies to businesses and individuals across Australia.
1.4 Consent
By using our website and services, you consent to the collection, use, and disclosure of your personal information in accordance with this Privacy Policy.
2. WHAT PERSONAL INFORMATION WE COLLECT
2.1 Information You Provide Directly
When you use our website or purchase products, we may collect:
Contact Information: – Full name – Email address – Phone number – Business name (if applicable) – Australian Business Number (ABN) for business accounts
Delivery Information: – Delivery address – Billing address – Delivery instructions
Account Information: – Username and password (if you create an account) – Account preferences – Order history
Payment Information: – Credit/debit card details (processed securely by Stripe – we do not store complete card details) – Bank account details for direct transfers – Transaction history
Communication Information: – Any information you provide when contacting us via email, phone, or contact forms – Feedback, reviews, and survey responses
2.2 Information We Collect Automatically
Technical Information: – IP address – Browser type and version – Operating system – Device type (desktop, mobile, tablet) – Referring website – Pages visited and time spent on pages – Clickstream data
Cookies and Tracking Technologies: – Session cookies for website functionality – Analytics cookies to understand website usage – Marketing cookies for advertising (with your consent)
2.3 Information from Third Parties
We may receive information about you from: – Payment processors (Stripe) – Shipping providers (Shippit) – Analytics providers (Google Analytics, Meta Pixel) – Email service providers (Mailchimp)
3. HOW WE COLLECT YOUR INFORMATION
3.1 Direct Collection
We collect information directly from you when you: – Browse our website – Create an account – Place an order – Subscribe to our newsletter – Contact us via email, phone, or contact form – Provide feedback or reviews – Participate in surveys or promotions
3.2 Automated Collection
We automatically collect technical information through: – Cookies and similar tracking technologies – Server logs – Analytics tools
3.3 Third-Party Collection
Third-party services collect information on our behalf when you: – Make a payment (Stripe) – Receive a delivery (Shippit) – Interact with our marketing emails (Mailchimp)
4. WHY WE COLLECT YOUR INFORMATION
4.1 Primary Purposes
We collect and use your personal information to: – Process and fulfill your orders – Communicate with you about your orders – Process payments and prevent fraud – Arrange delivery of products – Provide customer support – Manage your account (if you create one) – Respond to your inquiries and requests
4.2 Secondary Purposes
With your consent, we may also use your information to: – Send marketing communications about products, services, and promotions – Improve our website and services – Conduct market research and analysis – Personalize your shopping experience – Analyze website usage and trends
4.3 Legal Obligations
We may collect and use your information to: – Comply with legal and regulatory requirements – Enforce our Terms and Conditions – Protect our rights and property – Detect and prevent fraud or illegal activities
5. HOW WE USE COOKIES AND TRACKING TECHNOLOGIES
5.1 What Are Cookies
Cookies are small text files stored on your device when you visit our website. They help us provide you with a better experience.
5.2 Types of Cookies We Use
Essential Cookies (Always Active): – Shopping cart functionality – User authentication – Security features – Session management
Performance Cookies (With Your Consent): – Google Analytics – website usage analysis – Page load performance monitoring
Functionality Cookies (With Your Consent): – Remember your preferences – Language and region settings – Recent searches
Marketing Cookies (With Your Consent): – Meta Pixel – Facebook/Instagram advertising – Google Ads – advertising campaigns – Mailchimp – email marketing tracking
5.3 Managing Cookies
You can control cookies through: – Cookie consent banner on our website – Browser settings (blocking or deleting cookies) – Third-party opt-out tools
Please note that blocking essential cookies may affect website functionality.
5.4 Third-Party Analytics
Google Analytics: – We use Google Analytics to understand how visitors use our website – Google Analytics collects information anonymously – You can opt out using Google’s opt-out browser add-on
Meta Pixel: – We use Meta Pixel to measure advertising effectiveness – Meta Pixel tracks website visits and conversions – You can control Meta’s data use in your Facebook settings
6. HOW WE DISCLOSE YOUR INFORMATION
6.1 Service Providers
We share your information with trusted third-party service providers who help us operate our business:
Payment Processing: – Stripe – processes credit card and payment transactions – Stripe handles payment information securely and in compliance with PCI DSS standards
Shipping and Delivery: – Shippit – manages shipping logistics and delivery tracking – Receives delivery address and contact information
Email Services: – Mailchimp – sends order confirmations, shipping notifications, and marketing emails (if you opt in) – Stores email addresses and communication preferences
Accounting: – Xero – manages invoicing, payments, and financial records – Receives transaction and customer information
Website Infrastructure: – VentraIP – website hosting (Australian servers) – Cloudflare – content delivery network and security
Analytics: – Google Analytics – website usage analysis – Meta Pixel – advertising measurement
6.2 Business Transfers
If we sell, merge, or transfer our business, your information may be transferred to the new owner as part of the transaction.
6.3 Legal Requirements
We may disclose your information when required by law or to: – Comply with legal processes (subpoenas, court orders) – Protect our rights and property – Investigate fraud or illegal activities – Protect the safety of individuals
6.4 With Your Consent
We may share your information with other parties when you give us explicit consent.
6.5 No Selling of Data
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
7. INTERNATIONAL DATA TRANSFERS
7.1 Data Storage Location
Your personal information is primarily stored on servers located in Australia (VentraIP hosting).
7.2 Third-Party Services Outside Australia
Some of our service providers may store or process data outside Australia: – Stripe (payment processing) – USA, Europe – Mailchimp (email marketing) – USA – Google Analytics – USA – Cloudflare – Global network
7.3 Cross-Border Transfer Safeguards
When we transfer data overseas, we ensure: – Service providers comply with privacy laws equivalent to Australian standards – Contractual protections are in place – Data is handled securely
8. HOW WE PROTECT YOUR INFORMATION
8.1 Security Measures
We implement reasonable security measures to protect your information, including: – SSL/TLS encryption for data transmission – Secure server hosting in Australian data centers – Password protection for accounts – Regular security updates and patches – Access controls limiting who can view your information – Secure payment processing via PCI DSS compliant providers
8.2 Your Responsibility
You are responsible for: – Keeping your account password confidential – Logging out after using shared devices – Notifying us of any unauthorized access
8.3 Data Breach Notification
In the event of a data breach that may result in serious harm, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required by law.
8.4 Limitations
While we take reasonable steps to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
9. HOW LONG WE KEEP YOUR INFORMATION
9.1 Retention Periods
We retain your personal information for as long as necessary to: – Fulfill the purposes outlined in this Privacy Policy – Comply with legal obligations (e.g., tax records for 7 years) – Resolve disputes and enforce agreements
9.2 Specific Retention Periods
Order and transaction records: 7 years (tax and accounting requirements)
Account information: Until you request deletion or account inactive for 24 months
Marketing communications: Until you unsubscribe
Website analytics: 26 months (Google Analytics default)
Cookies: Based on cookie type (session cookies deleted when you close browser)
9.3 Deletion
When information is no longer needed, we will: – Securely delete or destroy it – De-identify it so you cannot be identified
10. YOUR PRIVACY RIGHTS
10.1 Access Your Information
You have the right to request access to the personal information we hold about you. We will provide this within 30 days of your request, subject to verification of your identity.
10.2 Correct Your Information
You can request correction of inaccurate or incomplete information. You can: – Update your account information directly through your account settings – Contact us to request corrections
10.3 Request Deletion
You can request deletion of your personal information, subject to: – Legal obligations to retain certain records – Legitimate business purposes (e.g., completing existing orders)
10.4 Withdraw Consent
You can withdraw consent for: – Marketing communications (unsubscribe link in emails) – Optional cookies (browser settings or cookie preferences)
Please note that withdrawing consent may affect our ability to provide certain services.
10.5 Opt-Out of Marketing
You can opt out of marketing communications by: – Clicking the “unsubscribe” link in any marketing email – Contacting us at [email protected] – Updating your account preferences
You will continue to receive transactional emails (order confirmations, shipping notifications) even if you opt out of marketing.
10.6 Request Data Portability
You can request a copy of your personal information in a structured, commonly used format.
11. CHILDREN’S PRIVACY
11.1 Age Restriction
Our website and services are not directed at children under 18. We do not knowingly collect personal information from children under 18.
11.2 Parental Consent
If you are under 18, you must obtain parental or guardian consent before using our website or providing personal information.
11.3 Notification of Underage Collection
If we become aware that we have collected information from a child under 18 without parental consent, we will delete it promptly.
12. THIRD-PARTY WEBSITES
12.1 External Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites.
12.2 Third-Party Responsibility
When you click on third-party links, you are subject to their privacy policies. We encourage you to read their privacy policies before providing personal information.
13. MARKETING COMMUNICATIONS
13.1 What We Send
With your consent, we may send you: – Product promotions and special offers – New product announcements – Industry news and tips – Company updates
13.2 How We Collect Consent
We obtain consent when you: – Create an account and opt in to marketing – Subscribe to our newsletter – Make a purchase and opt in at checkout – Participate in promotions or surveys
13.3 Email Marketing Provider
We use Mailchimp to send marketing emails. Mailchimp’s privacy policy applies to how they handle your email address and engagement data.
13.4 Frequency
We send marketing emails periodically. Frequency may vary based on promotions and business needs.
13.5 Unsubscribe
Every marketing email includes an unsubscribe link. You can opt out at any time without affecting your ability to make purchases.
14. CHANGES TO THIS PRIVACY POLICY
14.1 Updates
We may update this Privacy Policy from time to time to reflect changes in: – Our business practices – Technology – Legal requirements
14.2 Notification
We will notify you of material changes by: – Posting the updated policy on our website – Updating the “Last Updated” date at the top of this policy – Sending email notification for significant changes (if you have an account)
14.3 Your Continued Use
Your continued use of our website and services after changes are posted constitutes acceptance of the updated Privacy Policy.
15. MAKING A PRIVACY COMPLAINT
15.1 How to Complain
If you believe we have breached your privacy rights, please contact us:
Email: [email protected]
Phone: 0432 844 957
Mail: 4/124 Macpherson St, Bronte NSW 2024
15.2 Our Complaint Process
Submit your complaint with details of the alleged breach
We will acknowledge receipt within 7 days
We will investigate and respond within 30 days
If you are not satisfied with our response, you may escalate to the OAIC
15.3 Office of the Australian Information Commissioner (OAIC)
If we cannot resolve your complaint, you can lodge a complaint with the OAIC:
Website: www.oaic.gov.au
Phone: 1300 363 992
Email: [email protected]
Mail: GPO Box 5218, Sydney NSW 2001
16. CONTACT INFORMATION
For questions about this Privacy Policy or how we handle your personal information, please contact us:
Emu Supply
Email: [email protected]
Phone: 0432 844 957
Address: 4/124 Macpherson St, Bronte NSW 2024
ABN: 77 472 672 695
17. GLOSSARY
Australian Privacy Principles (APPs): The 13 principles set out in the Privacy Act 1988 that govern how organizations handle personal information.
Personal Information: Information or an opinion about an identified individual, or an individual who is reasonably identifiable.
Cookies: Small text files stored on your device that help websites remember your preferences and activities.
De-identify: The process of removing identifying information so that a person cannot reasonably be identified.
Data Breach: Unauthorized access, disclosure, or loss of personal information.
PCI DSS: Payment Card Industry Data Security Standard – security requirements for handling credit card information.
OAIC: Office of the Australian Information Commissioner – the regulatory body responsible for privacy protection in Australia.
By using our website and services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your personal information as described.