Information we collect from you
In the course of your visits to our Website or use of our products and services, we may obtain the following information about you: name, email address, telephone number, credit card details, billing address, geographic location, IP address, survey responses, support queries, blog comments and social media handles (together ‘Personal Data’).
Our services are not directed to persons under 18 and we do not knowingly collect Personal Data from anyone under 18. If we become aware that a child under 18 has provided us with Personal Data, we will delete that information as quickly as possible. If you are the parent or guardian of a child and you believe they have provided us with Personal Data without your consent, then please contact us.
You can review, correct, update or delete your Personal Data by either logging into your account and making the changes yourself or contacting us directly to do so.
How we use your information
Personally Identifiable Information: We use the information we collect to deliver our services to you, including: communicating with you, providing technical support, notifying you of updates and offers, sharing useful content, measuring customer satisfaction, diagnosing problems and providing you with a personalised website experience.
Marketing communications are only sent to you if you have requested or subscribed to them. You can opt out of our marketing communications at any time by unsubscribing or emailing us and your request will be actioned immediately.
Comments (blog posts)
Should you choose to add a comment on any posts that we have published on our blog, the name and email address you enter with your comment will be saved to this website's database, along with your computer's IP address and the time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section of the respective blog post and is not passed on to any of the third party data processors.
Newsletter and email notifications
If you choose to join our email newsletter, the email address that you submit will be manually transfer the email address to MailChimp who provide us with email marketing services. WE consider MailChimp to be a third party data processor. Your email address will remain within MailChimp's database for as long as we continue to use MailChimp's services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unscribe links contained in the footer of any email newsletters that we send you or by requesting removal via our Contact Form.
If you are under 16 years of age you mys obtain parental consent before joining our email newsletter. While your email address remains witin MainChimp database, you will receive occassional newsletter-style emails from us outlining upcoming events and giveaways.
Should you choose to contact us using the contact form on our Contact page none of the data that you supply will be stored by this website or passed to be processed by any of the third party data processors defined below. Instead the data will be collated into an email and sent to us via our website servers.
Site visitation tracking/analytics
This site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website. Although GA records data such as your geographical location, device, internet browser and operating systems, none of this information personally identifies you to us.
Google – analytics
Paypal – payment processor
Wix – shopping cart
Mailchimp – newsletter subscription
Contact form – contact us page
Third party data processors
We use a number of third parties to process personal data on our behalf
Non-Personally Identifiable Information
We also use the information we collect in aggregated and anonymized forms to improve our services, including: administering our website, producing reports and analytics, advertising our products and services, identifying user demands and assisting in meeting customer needs generally.
Any information you choose to make publicly available, such as blog comments and testimonials on our website, will be available for others to see. If you subsequently remove this information, copies may remain viewable in cached and archived pages on other websites or if others have copied or saved the information.
Storage and security of your information
We will use all reasonable means to protect the confidentiality of your Personal Data while in our possession or control. All information we receive from you is stored and protected on our secure servers from unauthorized use or access. Credit card information is encrypted before transmission and is not stored by us on our servers.
To enable us to deliver our services, we may transfer information that we collect about you, including Personal Data, across borders for storage and processing in countries other than Australia. If your Personal Data is transferred and processed outside Australia, it will only be transferred to countries that have adequate privacy protections.
We retain your personal information for as long as needed to provide services to you and as otherwise necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
In the event there is a breach of our security and your Personal Data is compromised, we will promptly notify you in compliance with the applicable law.
Cookies and pixels
Sharing your information with third parties
We do not and will not sell or deal in Personal Data or any customer information.
Disclosure of your information
We may from time to time need to disclose certain information, which may include your Personal Data, to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request. Also, we may use your Personal Data to protect the rights, property or safety of daniellecastano.com, our customers or third parties.
If there is a change of control in one of our businesses (whether by merger, sale, transfer of assets or otherwise) customer information, which may include your Personal Data, could be transferred to a purchaser under a confidentiality agreement. We would only disclose your Personal Data in good faith and where required by any of the above circumstances.
Our responsibilities as a 'controller' under the GDPR
Controllers are defined by the GDPR as natural or legal persons, a public authority, agency or other body to which personal information or personal data has been disclosed, whether via a third party or not, and who determines the purposes and means of processing personal information. We are a controller under the GDPR as we collect, use and store your personal information to enable us to provide you with our goods and/or services.
As a controller, we have certain obligations under the GDPR when collecting, storing and using the personal information of EU citizens. Whether you are an EU citizen or any user of this site, your personal data will:
be processed lawfully, fairly and in a transparent manner by us;
only be collected for the specific purposes we have identified in the ‘collection and use of personal information’ clause above and personal information will not be further processed in a manner that is incompatible with the purposes we have identified;
be collected in a way that is adequate, relevant and limited to what is necessary in relation to the purpose for which the personal information is processed;
be kept up to date, where it is possible and within our control to do so (please let us know if you would like us to correct any of your personal information);
be kept in a form which permits us to identify you, but only for so long as necessary for the purposes for which the personal data was collected;
be processed securely and in a way that protects against unauthorised or unlawful processing and against accidental loss, destruction or damage.
Specifically, we have the following measures in place, in accordance with the GDPR:
Data protection policies: We have internal policies in place which set out where and how we collect personal information, how it is stored and where it goes after we get it, in order to protect your personal information.
Right to ask us to erase your personal information: You may request us to erase personal information we hold about you.
Right to ask us to restrict data processing: You may ask us to limit the processing of your personal information where you believe that the personal information we hold about you is wrong (to give us enough time to verify if the information needs to be changed), or where processing data is unlawful and you request us to restrict the processing of personal information rather than it being erased.
Notification of data breaches: We will comply with the GDPR in respect of any data breach.
Your rights and controlling your personal information
Restrict: You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information as a registered user of this site, you may change your mind at any time by contacting us. If you ask us to restrict how we process your personal information, we will let you know how the restriction affects your use of our Site or products and services.
Access and data portability: You may request details of the personal information that we hold about you. You may request a copy of the personal information we hold about you. You may request that we erase the personal information we hold about you at any time.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below.
Complaints: If you believe that we have breached the Australian Privacy Principles or an article of the GDPR and wish to make a complaint, please contact us and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact the Office of the Australian Information Commissioner if you wish to make a complaint.