Privacy Policy

1. Privacy Policy

1.1 This Privacy Policy outlines how Thomas Farms Australia Pty Limited ACN 138 042 930 (‘we’, ‘us’ or ‘our‘) uses and manages personal information.
1.2 We are based in Australia and this privacy policy is intended to comply with Australian laws and conventions.1.3 To that end, we are committed to complying with the Privacy Act 1988 (Cth), and the Australian Privacy Principles (‘APPs’).
1.4 We also understand that the website on which this privacy policy is displayed (‘Website‘) might be visited by people outside of Australia. As such we also welcome the General Data Protection Regulations (‘GDPR‘) in streamlining data protection requirements across the European Union (‘EU’) and, to the extent applicable, we will comply with the applicable GDPR regulations.
1.5 This Privacy Policy applies to personal information collected, used or retained by us (and our authorised agents). It applies to all information we collect and hold about you, including information which may be obtained via the Website.
1.6 When we collect personal information from you, we may advise a specific purpose for collecting that personal information, in which case we will handle your personal information in accordance with that stated purpose.
1.7 By providing personal information to us, you consent to our collection, use and disclosure of that information on the terms of this Privacy Policy and any other contractual or other arrangements (if any) that may apply between us.
1.8 If you have any queries about our collection, use or retention of your personal information, you should contact our Privacy Officer for further information (contact details for our Privacy Officer are set out in paragraph 12 of this Privacy Policy).
1.9 The Website may contain links to external websites including e-commerce sites. Those e-commerce sites may be conducted by different legal entities which might have their own privacy policies (in respect of personal information that they collect through those e-commerce websites).

Types of personal information we collect and hold

1.10 The types of personal information that we collect and hold include (but is not limited to) your full name, postal address, email address, telephone number, IP address, unique device identifiers, and payment information.
1.11 We do not collect (or, if it is provided by you to us, retain) any sensitive information about you.

2. How we collect, hold and disclose personal information

2.1 Collecting personal information

2.1.1 We collect or ask you to provide your personal information when you use our Website or communicate with our staff. Where we collect personal information from third parties, we will take reasonable steps to notify you or otherwise ensure you know we are collecting personal information from you, and the circumstances of its collection.
2.1.2 There may be a range of consequences if you fail to provide personal information requested by us. For example, we may be unable to process you request for goods or services or communicate with you. The provision of that information by you is purely voluntary.

2.2 Holding personal information

2.2.1 We take active steps to ensure that your personal information is protected from misuse, loss, unauthorised access, modification or disclosure.
2.2.2 Specific security measures we employ include authorised user-only password protected access to computer records, internal procedures to protect physical documents and monitoring of our practices and systems to ensure the effectiveness of our security policies.
2.2.3 We will endeavour to destroy or de-identify your personal information as soon as it is no longer required by us (as permitted by law).

2.3 Using personal information

2.3.1 From time to time, we will collect, use and disclose your personal information for a particular purpose (‘the primary purpose’). We may use or disclose the personal information we hold about you for other purposes (‘the secondary purpose’) if you consent to the use or disclosure for the secondary purpose.
2.3.2 We may also use or disclose the personal information we hold about you for a secondary purpose without specific consent, if the secondary purpose is something you would reasonably expect and is related to the primary purpose.
2.3.3 The following examples may assist. We generally collect, hold and use your personal information to:

(a) maintain your account and contact details;
(b) process transactions to which you are a party;
(c) to provide customer service (including dealing with complaints);
(d) contact you to ask about your experiences with, or impressions of, our goods or services;
(e) contact you from time to time to advise you of new goods, promotional offers, or services offered by us that we consider may interest you;
(f) contact you about other matters relating to goods or services that you have acquired from us; and
(g) engage in other activities where required or permitted by law.

2.3.4 We may use personal information to contact you for marketing and promotional purposes. You may request not to receive these communications by contacting our Privacy Officer (contact details for our Privacy Officer are set out in paragraph 12 of this Privacy Policy). If you do not opt out, we will assume you have consented to receiving such communication from us.
2.3.5 There are no consequences for opting out of receiving our marketing and promotional communications except that you will no longer receive them. You may elect to re-join our marketing list at a later stage if you wish.
2.3.6 Where we propose to use your personal information for a purpose other than as outlined above, we will seek your express consent prior to using your personal information for that purpose (unless we are required or permitted by law to do so without seeking your consent).

2.4 Disclosing personal information

2.4.1 We may disclose your personal information to:

(a) our authorised agents, contractors or subcontractors that provide administrative or promotional services (for example, mail processing businesses, printers, or market research companies or other service providers) and other third parties. We enter into contractual agreements with these organisations to ensure that information we disclose is used only for the limited purposes for which we have provided it; and
(b) our related bodies corporate.

2.4.2 Where we propose to disclose your personal information for a purpose other than as outlined above, we will seek your express consent prior to disclosing your personal information for that purpose (unless we are required or permitted by law to do so without seeking your consent, for example, when we are compelled to disclose personal information for certain law enforcement purposes).

3. Access and correction of personal information

3.1 You have the right to obtain access to any personal information we hold about you. You have the right to contact our Privacy Officer (contact details for our Privacy Officer are set out in paragraph 12 of this Privacy Policy). We will respond to your request for access or correction within 30 days from receiving your request.
3.2 We may require you to verify your identity before we allow you to access your personal information, for the protection of your privacy and the privacy of other individuals whose personal information we hold.
3.3 We may refuse to allow you to access or to correct your personal information if we are legally required or entitled to do so. If we do so, we will provide you with written reasons for the refusal (unless it is unreasonable to do so) and the options available to complain about our refusal.
3.4 If you lodge a request for access, we may provide you with access to your personal information in any of a number of ways (including, for example, supplying you with a copy or providing you with the opportunity to inspect our records).
3.5 We take reasonable steps to ensure that the personal information that we collect, use and disclose is accurate, up to date and complete. If we are not satisfied that any personal information we hold about you is accurate, current or complete, we will amend our records accordingly.
3.6 We do not impose any fee on you to make a request to access personal information we hold. However, we may require you to pay a reasonable fee to cover the cost of verifying an application for access and locating, retrieving, reviewing and copying any material requested. If acting reasonably we consider that the information sought is excessive, we will advise you of the likely cost in advance.

4. Dealing with us anonymously

4.1 Where reasonable and practicable, you may transact with us anonymously or by using a pseudonym.
4.2 It may not be possible to transact with us anonymously or by using a pseudonym if we are required or authorised by law to transact with customers only once their identity has been verified, or where it is impracticable for us to transact with customers without verifying their identity (for instance, when transacting using a credit account, purchasing prescribed goods of which we are required to maintain records of purchases, or where a customer will contract with a third party).

5. Automatic server logs

5.1 Our servers may automatically collect various items of information when you access the Website. For example, we may collect information about your electronic device’s operating system, Internet Protocol (‘IP‘) address, access times, browser type and language, and, if applicable, the website that referred you to us. We may also collect information about your usage and activity on the Website.
5.2 When you use the Website, ‘cookies‘ may be stored on your electronic device. Cookies are small data files that are placed on your device to identify your device in the future and help us better understand user behaviour, personalise preferences, perform research and analytics, deliver tailored advertising, and improve the delivery of our services. You may adjust the settings on your electronic device’s browser software to prevent cookies being stored on your electronic device. If you delete or choose not to accept cookies from us, you may not be able to use certain features of our services.
5.3 Although, in some circumstances, it may be possible to identify you from the information we collect as described in paragraph 5.1, we do not attempt to do so, and only use this information for statistical analysis, system administration, and similar purposes.

6. Third party advertising

We may allow third parties to use cookies or other tracking technologies to collect non personal information about your use of the Website, including your IP address, pages viewed and conversion information. This information may be used, among other purposes, to deliver advertising targeted to your interests and to better understand the usage and visitation of the Website and other websites tracked by these third parties. Third party vendors, including Google, may show our advertisements on sites across the internet. This Privacy Policy does not apply to, and we are not responsible for, third party cookies or other tracking technologies. We encourage you to check the privacy policies of advertisers and/or advertising services to learn more about their privacy practices.

7. Cross-border data transfer

7.1 Information that we collect from you may from time to time be stored, processed in, or transferred between recipients or websites hosted or located in countries other than Australia.
7.2 From time to time we may use web-based programs in relation to the Website for particular activities, including data processing. Such web-based programs may be hosted in countries other than Australia.
7.3 Internet web traffic information we collect using Google Analytics may be stored in countries other than Australia.
7.4 Before we disclose your personal information to recipient located in a country other than Australia, we will take reasonable steps to ensure that such recipient does not breach the Principles or GDPR (if applicable) in relation to your personal information. In all such cases, we transmit such information only to entities that comply with this Privacy Policy and applicable privacy law.

8. GDPR

8.1 Clauses 8 and 9 of this policy only apply if the GDPR is applicable to you.
8.2 We will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use. We process your personal information as a ‘Processor’ and/or to the extent that we are a ‘Controller’, as defined in the GDPR.
8.3 We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it.
8.4 We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose. We will keep your data safe and secure.
8.5 We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation.
8.6 We will process your personal information if we have a valid legal basis to do so (for example, to deliver goods or services).
8.7 We do not collect or process any personal information from you that is considered ‘Sensitive Personal Information’ under the GDPR, such as personal information relating to your sexual orientation or ethnic origin, unless we have obtained your explicit consent, or if it is being collected subject to, and in accordance with, the GDPR.

9. Your rights under the GDPR

9.1 If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. We will comply with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU.
9.2 Except as otherwise provided in the GDPR, you have the right:

9.2.1 to be informed how your personal information is being used;
9.2.2 to access your personal information (we will provide you with a free copy of it);
9.2.3 to correct your personal information if it is inaccurate or incomplete;
9.2.4 to delete your personal information (also known as ‘the right to be forgotten’);
9.2.5 to restrict processing of your personal information;
9.2.6 to retain and reuse your personal information for your own purposes;
9.2.7 to object to your personal information being used; and
9.2.8 to object against automated decision making and profiling.

9.3 If you wish to exercise your rights under the GDPR, please contact our Privacy Officer (contact details for our Privacy Officer are set out in paragraph 12 of this Privacy Policy). We may ask you to verify your identity before acting on your request.

10. Changes

10.1 We reserve the right, as it may be necessary, to review, revise or make changes to this Privacy Policy, at any time.
10.2 You may request a copy of the current version of our Privacy Policy by contacting our Privacy Officer (contact details for our Privacy Officer are set out in paragraph 12 of this Privacy Policy).

11. Complaints

11.1 If you would like further information about the way we manage personal information, or wish to make a complaint if you believe we may have breached the Principles or GDPR, please contact our Privacy Officer in writing (contact details for our Privacy Officer are set out in paragraph 12 of this Privacy Policy). We will investigate any complaint and will notify you of a decision in relation to your complaint as soon as practicable.
11.2 If you are not satisfied with our decision, you may contact the Office of the Australian Information Commissioner (‘OAIC’) to lodge a complaint. The contact details of the OAIC are:

Post: GPO Box 5288, Sydney, New South Wales 2001
Telephone: 1300 363 992
Email: [email protected]
Fax: (02) 9284 9666

12. Privacy Officer – contact information

You may contact our Privacy Officer by:

Post: Thomas Farms Privacy Officer
C/O Thomas Foods International
PO Box 1074
Kent Town SA 5067
Telephone: 08 8165 5100
Email: [email protected]

This website uses cookies to ensure you get the best experience on our website. More Information

Accept