Privacy Policy
This Privacy Policy describes how HPC Holding Co Pty Ltd ACN 678 529 827 and Healthy Pet Co Pty Ltd ACN 678 540 282 (Healthy Pet Co, we, us or our) collect, hold, use and disclose your personal information (you, your) if you:
- visit our website;
- use our ecommerce platform;
- create a user account;
- purchase our product or service;
- join our loyalty program;
- visit, or engage with, us on our social media channels;
- send us a job application; or
- when you call, email, visit us or otherwise interact with us.
Please read this Privacy Policy carefully. If you have any questions or if you do not understand anything explained in this Privacy Policy, please contact us.
If you provide to us any personal information relating to others, please only do so with their consent.
1. What personal information do we collect and hold?
“Personal information” generally means information about you that identifies you.
It does not include any information that does not relate to you, is anonymous, de-identified or pseudonymous, and cannot be linked back to you. Ultimately, the assessment of what constitutes your personal information will depend on the circumstances of your interaction with us and our use of the information.
For ease of reference, we have grouped information into types described in paragraph 9.
2. Data minimisation
We take reasonable steps to only collect personal information that is reasonably necessary for our lawful functions and activities and that is de-identified or anonymised, where possible. For example, for the delivery of some of our online services and content, display advertising, product development, and our security processes, de-identified information will suffice, without the need for your personal information.
We encourage you to use a pseudonym or to remain anonymous, unless this is impractical. For example, it will be necessary for us to know your identity if you place an order, make a complaint, subscribe to marketing, or exercise your data rights. Without your personal information in those circumstances, we will be unable to provide our services or respond to you.
3. Why and how we collect, hold, use or disclose your personal information?
We list below some (but not all) of the purposes, functions and activities why we collect, hold, use and disclose your personal information. Other purposes, functions and activities may become obvious or expected by you when we collect your personal information.
|
Purpose |
Personal information |
How collected and held? |
Consequences if not collected |
|
To provide customers services, assist with your enquiries and complaints handling. For example, so that we can respond to you if you contact us about a product, complaint, request for a refund, etc. Our chatbot can guide you through any frequently asked questions and connect you to a human advisor. The chatbot is provided by Gorgias Inc. and your personal information will be handled in accordance with our privacy policy available as published here. We may record your calls for customer services, legal, development and training purposes. We may use automated tools to identify the main topics, measure your satisfaction, resolve your enquiry or direct your call. When you call us, we will inform you about call recording, and by continuing the call, you will consent to call recording. Please hang up if you do not wish to give consent. |
|
Receipt of your communication and storage on our systems.
|
Unable to respond without receiving relevant information and creating appropriate transaction records. |
|
To provide our online services, content and features. For example, when you visit our website, your browser will provide information to enable us to display our content in a compatible manner. |
|
Automated collection and use by your device and our systems.
|
Disabling these automated processes may result in a reduced service. |
|
Creating your user account. For example, if you wish to create a user account, we will ask for certain mandatory and optional information and we may verify your contact details. |
|
You input your information for storage and use on our systems. |
Unable to create an account without receiving and verifying your information. |
|
To provide our online marketplace including shopping, payment and delivery facilities. For example, you may search for products, place them in your cart, check out and pay on our platform. Third party payment providers, such as PayPal or Google Pay, will facilitate your payment for our products. We will not collect your payment information. Third party delivery companies will receive your address and delivery details. |
|
You create a transaction record which is stored and used on our systems. Your payment and delivery details are used by third party providers. |
Unable to provide our service as expected by you without your information. |
|
To receive and publish your product reviews. For example, we may ask for, and verify, your review about our products. In some cases, you may be able to leave a review on our platform published under your username. |
|
Receipt of your product review for storage and use on our systems. |
Unable to publish review without your information. |
|
To send you service communications about the availability of our products and services, an item left in your shopping cart, product recalls, changes in our terms, surveys, etc. |
|
As above. |
Unable to send service communications without your information. |
|
Respond to your job application. For example, upon receipt, we will consider your application based on its content, public data, your references and other information, using appropriate software tools. |
|
You send your application for storage and use on our systems. |
Unable to consider your application without your information. |
|
To call you or send you interest-based marketing communications (by email, text and other means) to promote us and third-party organisations and relevant products and services based on your past activity and predictive analytics, if you subscribed for our marketing or created an account with us, unless you opt out of our marketing. We will maintain opt-out records. We may create your marketing profile based on information known, observed and inferred and share it with our marketing partners and platforms to enhance our audience lists, personalise content and deliver our marketing communications. |
|
Automated collection and enhancement through cookies, pixels and similar technologies, predictive analytics, and storage in our customer management system and marketing platforms. |
Unable to call you or send you relevant marketing without your information. |
|
Display interest-based online advertising on web properties that you use, for similar purposes and by similar means as described above. |
|
As above. |
Unable to display relevant online advertisements without your information. |
|
To personalise content and features for service delivery. For example, based on your search history, we may display relevant products when you return to our platform. |
|
As above. |
Unable to personalise without your information. |
|
To publish or use market trends and similar reports based on aggregated data. For example, our reports may show which products are popular across locations or demographic groups. |
|
Our internal customer and transaction records. |
Unable to analyse trends without your de-identified information. |
|
To design, develop and improve our products and services by analysing user traffic, market trends and other anonymised or aggregated data. |
|
As above. |
Unable to develop services without your information. |
|
To ensure proper administration of our organisation, which may include keeping appropriate records, planning, accounting, troubleshooting, measuring marketing performance, resource allocation, enforcing our terms, debt collection and similar functions and activities. |
|
As above. |
Unable to administer our organisation without your information. |
|
To engage our third-party service providers who may use your personal information on our behalf for the fulfilment of essential service functions which we cannot fulfil ourselves, such as analytics, cloud storage, payment processing, communications, security, web hosting, and others, as well as our advisors such as lawyers, accountants, insurers and others. Some of these providers will use your personal information for their own compliance and other internal purposes. |
|
Sharing information with our third-party providers for their use on our behalf or for their own purposes. |
Unable to provide our services which necessitate your personal information without engaging third parties. |
|
To ensure the security of our systems and online services. For example, we may monitor our networks and usage data for suspicious activities, test and audit our systems, ensure compliance with our terms and deploy appropriate security measures. |
|
Automated collection and use by our systems. |
Unable to safeguard personal information without data-driven security processes. |
|
To disclose information to our affiliated companies to receive intra-group services for efficient allocation of our group’s resources and for collaborations between our group companies. |
|
Disclosure between our group companies. |
Unable share resources and collaborate without disclosure. |
|
To disclose information to another organisation for the purposes of a joint venture, collaboration, financing, sale, merger, reorganisation or similar event relating to our organisation. |
|
Disclosed to another entity. |
Unable to act in the best interest of our shareholders without disclosure of personal information. |
|
To assist law enforcement and public authorities in detecting, preventing and investigating crime in accordance with good practice or the law. |
|
Disclosed to and received from law enforcement and public authorities. |
Unable to assist law enforcement without disclosing your personal information. |
|
To collect, use, hold, or disclose personal information as is required for compliance with the law, exercising legal rights, defending legal claims. |
|
Collected from you, third party sources, or by automated means, for use on our systems |
Unable to comply with the law, exercise right or defend legal claim without the use and disclosure of your personal information. |
We will update this Privacy Policy to include any new purposes from time to time and we will obtain your prior consent for such new purposes where we are required to do so at law. We may not require your prior consent if the secondary purpose is related to our primary purpose and reasonably anticipated by you or otherwise authorised or required by law (for example, if a so called ‘permitted general situation’ arises).
4. Cookies, pixels and similar technologies
We may use cookies, pixels and similar technologies as described above. A cookie is a small text file that the website may place on your device to read and store information about your online activity. Pixels or tags are tiny graphics files that are downloaded when you interact with our online services and alert us about your activities, such as email opened, or content viewed. Tracking URLs are custom generated links that help us understand which page you come to us from and later go to. Local storage session storage and similar technologies are used to more efficiently manage the storage of information that allows you to access our online services on your device. Digital fingerprint is used to recognise your device based on your device and browser data without relying on cookies.
We may use temporary session trackers or persistent trackers which remain on your device even after you close your browser. Some help speed up your future use of our website or app or help display content in a compatible manner. Others are used to display relevant advertisements to you, develop your marketing profile or measure ad and marketing performance. Some of our trackers deployed by third parties include Google Analytics, Google Tag Manager, and Meta Pixel.
You may refuse to use trackers by selecting the appropriate settings on your browser. Please be aware that if you opt-out of certain trackers, some or all of the functionality of our online services may be reduced or unavailable.
If you clear cookies in the browser on your device, the next time you visit our online services, cookies and similar technologies will be deployed again. However, you can prevent this by permanently blocking them in your browser.
5. Cross-border disclosure of personal information
Generally, we do not disclose your personal information to overseas recipients and your personal information will stay in Australia, except where:
- we engage third party service providers, for example, our call centre in the Philippines, to use and hold your personal information on our behalf. We will require each service provider to only use your personal information as required to provide the relevant services to us;
- where you interact with third party services, such as plug ins (e.g. Instagram like button), on our web properties, you will be sharing your personal information with such third parties abroad (e.g. Meta in the US);
- where we engage third parties outside Australia to provide services to us, such as consultancy, which may include a disclosure of your personal information to them; and
- in other circumstances.
As required by law, before any disclosure to an overseas recipient we endeavour to satisfy ourselves that your information will be protected in a way that, overall, is at least substantially similar to the way it is protected under Australian law. For example, we may enter into an appropriate cross-border data transfer agreements with our recipients.
6. How do we store and protect your personal information?
We will take such steps as are reasonable in the circumstances to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure.
We store most personal information in computer systems and databases operated by either us or our external service providers. Some limited personal information may be recorded in paper files that we store securely.
As mentioned above, we will endeavour to use the least amount of personal information as is required for each purpose. We will employ pseudonymisation and anonymisation techniques, where appropriate. We carry out regular information security risk assessments which inform our security policy. Our staff will have limited access privileges to ensure your personal information is accessed on a “need to know” basis. Our staff are required to comply with our information security policies, attend training and participate in regular audits.
We also seek to ensure our third-party service providers do the same. We only appoint service providers under appropriate contract who provide sufficient guarantees about data security in accordance with applicable law. Where appropriate, we apply security measures such as encryption or hashing when sharing your personal data with third parties.
However, while we take reasonable steps to maintain secure internet connections, the transmission of information on the internet is never completely secure.
7. How long will we keep your personal information?
We will take such steps as are reasonable in the circumstances to destroy or de-identify your personal information if no longer needed for our purposes, unless its continued retention is otherwise required by law.
For example, your user account information may be retained for 7 years after account closure. The details of your enquiry may be retained for the duration of your account but no longer than 7 years after receipt of the enquiry.
8. Your data privacy rights
Subject to certain exemptions and verification of your identity, as appropriate, you may have the following data privacy rights in respect of your personal information:
- Right to information provided by us in this Privacy Policy.
- Right to access your personal information held by us. You may access your personal information in your user account or by contacting us.
- Right to correction of your personal information held by us. We will take reasonable steps in the circumstances to ensure your personal information is accurate, up-to-date, complete, relevant and not misleading in the context of each relevant purpose.
- Right to opt out from marketing by using the unsubscribe facility in our communications or by contacting us.
We will respond within a reasonable time, typically, within one month, following your request. If we need more time, we will let you know why and when you can expect our response.
We may refuse requests on certain grounds, for example, if they are unreasonably repetitive, disproportionately demanding, impracticable or otherwise exempt. If we refuse your request, we will explain our lawful reason for doing so.
Generally, we will handle your requests free of charge. However, in some circumstances, we may recover from you our reasonable costs of supplying you with access to your personal information in accordance with the law.
9. Types of personal information
We use the following types of information which may constitute your personal information depending on the circumstances of your interaction with us and our use of the information.
|
Types of information |
Description |
|
account information |
Username, password, profile information, user account choices and preferences, marketing opt-out and similar information provided by you. |
|
details of your enquiry |
Enquiry, complaint or other communication from you. |
|
device and browser information |
Device ID, IP address, online identifiers, operating system, browser type, language, time zone setting, location, date and time of access and other information automatically provided by your device. |
|
general details |
Your name, date of birth, address, email, telephone number and similar information. |
|
job application information |
Application information, employment history, references from your previous employer, referees and other third parties. |
|
pet information |
Photos of your pet, its health and dietary needs and similar information provided by you including your pet’s birthday. |
|
preferences and interests |
Information about your preferences and interests known, observed or inferred from various sources including form public data, from our advertising and analytics partners or information collected through cookies and other forms of online tracking technologies. |
|
public data |
Publicly available information about you. |
|
security information |
Security logs, activity, behavioural patterns, usage and engagement information, device and browser information and similar information recorded or generated by security systems. |
|
transaction information |
Expression of interest, product enquiry, details of your order, delivery instructions, receipts and other transaction information. |
|
usage and engagement information |
Downloads, log data, scrolling, clicks, mouse-overs, active time spent, clickstream data with URLs visited previously, methods used to browse away, email open rates, content click rates, view rates, ‘likes’ on social media platforms, survey, feedback and product review information, and similar engagement information, typically collected through cookies and other forms of online tracking technologies by us and third parties. |
10. Third party services
Third party applications, features, plugins and other services accessed from our online properties may collect and use your personal information. Please familiarise yourself with the relevant privacy policies before using them, as we are not responsible for third party services.
11. Queries and complaints
For any enquiry or complaint, please contact us at:
Mail: PO Box 371, Keilor Road Niddrie VIC 3042 Australia
Website: https://www.healthypetco.com.au/pages/contact
Email: feedback@healthypetco.com.au or privacy@healthypetco.com.au
Phone: +61(3) 9967 2233
We will endeavour to respond to any queries about data privacy within 14 days of receipt. If we receive a complaint from you about how we have handled your personal information, we will determine what (if any) action we should take to resolve the complaint and endeavour to respond to your complaint within 30 days of receipt.
If we cannot resolve a complaint related to your personal information or you are dissatisfied with the outcome or handling of your complaint, you may wish to contact the Office of the Australian Information Commissioner (OAIC) directly. See www.oaic.gov.au for further information.
12. Changes to our Privacy Policy
If we make any changes to our Privacy Policy, you will be able to see them on our website. You should regularly check for updates, as indicated by the “Last updated” date at the bottom.
If you do not agree with the changes, please do not continue using our online and offline services. Of course, if any such changes significantly affect you, we will ask for your prior consent where we are required to do so by law.
Last updated: 4 September 2024