Thank you for your interest in Australian Botanical Products. This Privacy Policy applies to Australian Botanical Products Pty Ltd (referred to as "ABP", "us" or "we") and each of its brands, including Auroma, Essential Therapeutics, Roonka and Sydney Essential Oil Co.

We take the protection of your personal information and our compliance with privacy laws seriously. In the course of our business, we may collect, hold, use or disclose your "personal information", which is information about you from which you can be identified or are reasonably identifiable, such as your name and contact details. This Privacy Policy is designed to describe how we collect and handle personal information, the measures and processes we have put in place to ensure its adequate protection, and your privacy rights.

We are subject to a range of laws which protect your privacy including Australia’s Privacy Act 1988 (Cth) (the "Privacy Act"). In some cases, exemptions under these laws may apply, in which case we may rely on those exemptions. For example, the Privacy Act includes an exemption for the handling of employee records in some circumstances.

1.              COLLECTION OF PERSONAL INFORMATION

We only collect personal information to the extent that this is reasonably necessary for one or more of our functions or activities.  We collect personal information about our customers, clients (and their staff), suppliers (and their staff), job applicants, consultants, representatives of regulatory bodies and other individuals who interact with us. For example, we may collect personal information about you when you contact us, place an order with us or apply for a position with us.

The types of personal information we collect include current and historical information about your name, contact details (including address, email address and phone details), identification, organisation, employment, positions held, forms submitted, order history, payment and bank account details, insurance details, interests, preferences, opinions and enquiry/complaint details.

We also collect personal information about your dealings and interactions with us, including any contact you have with us or our service providers by telephone, email or online. We may monitor and record your communications with us (including email and telephone) and operate video and audio surveillance devices in our premises for purposes including security, training and record-keeping.

Job applicants and employees

The personal information we collect about you in connection with our recruitment processes may include your name, contact details, identification details, forms submitted, employment and education history, skills, achievements, character, extra-curricular activities, screening checks (including reference, background, health, cognitive ability, directorship, identity, eligibility to work, criminal record, financial probity, psychometric testing results, drugs/alcohol and vocational suitability checks) and enquiry/complaint details.

In accordance with the Privacy Act, this policy does not apply to our acts and practices directly related to a current or former employment relationship between us and an employee, and an employee record held by us relating to the employee.

Customers

For our customers, the personal information we collect about you in connection with our purchase order processes may include your name, contact details, shipping/delivery address, order history, payment details, information about financial standing, your IP address, device identifiers and information about how you use our website (including your setting preferences, browser type, operating system, website visited immediately before coming to our site, and other information). 

Collection of information from third parties

We may also collect personal information about you from third parties including, to the extent permitted by law, public sources and information (including the internet), our related companies, information service providers, your social media profiles that are connected to ours, recruiters, credit agencies, our credit card payment providers (PayPal and Eway), our website platform (Shopify), your representatives and the parties with whom we exchange information as described in this Privacy Policy.

If you provide us with someone else’s personal information you must ensure they have consented to their personal information being provided to us based on this Privacy Policy.

Sensitive information

We do not typically collect sensitive information about individuals in the course of performing our services.  If we do need to collect sensitive information about you, we will seek your consent where required under the Privacy Act. "Sensitive information" includes information about a person's racial or ethnic origin, political or philosophical beliefs or affiliations, trade or professional affiliations, sexual preferences or practices or criminal record and health information.

2.              WHY WE COLLECT PERSONAL INFORMATION

We collect, hold, use and disclose personal information to provide you with products and services, operate our global business and to comply with applicable laws. Other purposes for which we may collect, use or disclose your personal information include (but not limited to):

·         providing our products and services

·         maintaining and updating our records

·         verifying information

·         communicating information about our business, products and services (including for direct marketing in accordance with legal requirements)

·         managing our relationships with stakeholders including our staff and business contacts representing clients, suppliers and others

·         recruiting, vetting, training and managing staff and job applicants

·         performing our legal obligations (e.g. under contracts or in relation to statutory reporting)

·         protecting our lawful interests

·         facilitating acquisitions or divestments of businesses.

We may not be able to do these things without your personal information. For example, we may not be able to fulfil an order or consider your application for employment. In relation to staff, we may in some cases take appropriate disciplinary action if you refuse to provide certain information.

We may use and disclose your personal information for the primary purpose for which we collected that information, for related (or directly related, for sensitive information) secondary purposes within your reasonable expectations, where permitted under the Privacy Act and where otherwise required or authorised by law.

3.              HOW WE DISCLOSE PERSONAL INFORMATION

We may exchange your personal information with our related bodies corporate, your representatives, your current and previous employers, and with our service providers that assist us with archival, data storage, auditing, accounting, contact centre, legal, business consulting, banking, payment, debt collection, delivery, data processing, data analysis, document management, information broking, research, investigation, insurance, website, technology, marketing, sales, recruitment, vetting, payroll, superannuation, staff benefits, surveillance and training services.  We may exchange your information with a law enforcement body to the extent that information is requested from us.

For job applicants including applicants who commence an employment relationship with ABP or one of its related bodies corporate, we may also exchange your personal information with academic institutions, health service providers, professional and trade associations and referees.

ABP is owned by Ixom, and is a part of the Ixom group of companies. Ixom operates globally. Ixom and ABP's related companies and other third parties or service providers described above may be located in Australia/Pacific, North America, Asia and Europe, among others. It is not practicable for us to specify in advance the location of each party with whom we deal. See www.ixom.com for further details of Ixom's global locations.

4.              DIRECT MARKETING

We may use and disclose your personal information in order to communicate information about our business, products and services and offers in accordance with legal requirements. These communications may be sent in various forms, including mail, SMS, various Social Media platforms and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). When you sign up to one of our mailing lists or other communication channels, you may consent to us sending you those direct marketing communications by any of those methods. If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. 

If you want to opt-out of receiving this direct marketing information, you can contact us using the contact information listed at the bottom of this Privacy Policy, or in the case of emails, by clicking the unsubscribe link in the relevant email.

Please note that even if you request not to receive further direct marketing communications, we may continue to provide information to you about certain information, such as changes to our terms and conditions as permitted under applicable laws.

We do not use sensitive information for direct marketing and, except for our service providers, we do not provide your personal information to other organisations for the purposes of direct marketing.  

5.              SECURITY AND STORAGE OF PERSONAL INFORMATION

We may retain your personal information for such period as is reasonably necessary having regard to the purposes for which we are permitted to handle that personal information and any legal, regulatory or internal policy requirements. We may retain de-personalised statistical information for longer periods where no individuals are reasonably identifiable from that data. We will take such steps as are reasonable in the circumstances to destroy or de-identify personal information once we no longer need it for the purposes described in this Privacy Policy.

We are committed to safeguarding and protecting personal information and will take such steps as are reasonable in the circumstances to protect the personal information we hold from misuse or loss and from unauthorised access, modification or disclosure. We implement a range of measures to protect the security of personal information. Depending on the circumstances, these may include firewalls, encryption, passwords and locked areas. We note that no data transmission over the Internet can be guaranteed as totally secure. While we strive to protect such information, we cannot warrant the security of any information that is provided to us over the Internet, and you provide such information to us at your own risk. We hold personal information electronically and in hard copy form, both at our own premises and with the assistance of our service providers.

6.              OUR WEBSITES

If you visit abp.com.au or any other ABP brand website, on which this Privacy Policy is posted with our authority (the Websites) to read, browse or download information, our system may record information such as your server address, top level domain (e.g. .com, .au, etc), date and time of your visit to the Website, pages accessed, information downloaded, previous site visited and browser type. This information is used for statistical, reporting and website administration and maintenance purposes.

Like many other websites, our Websites may use ‘cookies’ from time to time. A cookie is a piece of information that allows our system to identify and interact more effectively with your browser. The cookie helps us to maintain the continuity of your browsing session and remember your details and preferences when you return. You can configure your web browser software to reject cookies however some parts of our Websites may not have full functionality in that case. If you do not agree to the use of cookies, please disable them by following the instructions for your browser or use the automated disabling tool where available.  However, you may experience a drop in the performance of our Websites if certain cookies are disabled.

Our Websites may use Google services such as Google Analytics from time to time. For more about how Google collects and processes data, please see Google’s privacy policy and their information at www.google.com/policies/privacy/partners/.  This policy does not apply to, and we are not responsible for, any third party websites or services which may be accessible through our Websites. 

7.              YOUR RIGHTS

We will take such steps as are reasonable in the circumstances to ensure that the personal information which we collect remains accurate, up to date and complete. 

In some jurisdictions, subject to certain exceptions, you have the rights to: (a) seek access to the personal information we hold about you, (b) correct any mistakes in personal information we hold about you, and (c) ask us not to process your personal information. You can exercise these rights where applicable by contacting us using the details at the end of this Privacy Policy. We may need to verify your identity. We will provide our reasons if we deny your request.

Access

There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others, or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal. There is no charge for requesting access to your personal information but we may require you to meet our reasonable costs in actually providing you with access.

Correction

If you consider that the information which we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, we will take reasonable steps, consistent with our obligations under the Privacy Act and other applicable laws, to correct that information if you so request. 

8.              COMPLAINTS

We are bound by the Australian Privacy Principles set out in the Privacy Act.

You can contact us using the details at the end of this Privacy Policy if you wish to make a complaint about how we have handled your personal information. Please provide as many details as you can. We may need to engage or consult with other parties in order to investigate and deal with your complaint. We will keep records of your complaint and any resolution.

If you remain unsatisfied with the way in which we have handled a privacy issue, we suggest you approach an independent advisor or contact the Office of the Australian Information Commissioner for guidance on alternative courses of action which may be available.  We will provide our full cooperation in the event that you elect to pursue this course of action.

 

9.              CHANGES TO OUR PRIVACY POLICY

We may change or update parts of this Privacy Policy in order to maintain our compliance with applicable law and regulation or following an update to our internal practices.  We will do this by updating this Privacy Policy on www.abp.com.au. You may obtain a copy of our current policy from our website or by contacting us via the details in below.

You may not be directly notified of such a change so please ensure that you regularly check this Privacy Policy so you are fully aware of any changes or updates.

10.           CONTACT US

You can contact our Privacy Officer Nik Andersen via one of the means below:

Telephone:       1300 559 262

Post     Ixom Operations, Att: Privacy Officer, Level 8, 1 Nicholson St., East Melbourne, Victoria, 3002, Australia 

Email    nik.andersen@ixom.com

Web form         www.ixom.com/contact-us

Issued by Australian Botanical Products Pty Ltd ACN 006 782 529 (ABP) ABP is a subsidiary of Ixom Holdings Pty Ltd ACN 131 367 112 (Ixom).

Last updated: 27 October 2021.