Leon and Bird Pty Ltd ACN 638 304 453
Leon and Bird Pty Ltd ACN 638 304 453 is committed to upholding your private information, and we recognise the importance in doing so. Your rights to privacy are also protected by the Australian Privacy Principles in force under the Privacy Act 1988 (Cth) and if you are in a country that is a member of the European Economic Area, your rights to privacy are protected under the General Data Protection Regulation (“GDPR”). These privacy laws place strict requirements on us to treat certain information collected as confidential, to store your information securely and to allow you easy access to check and correct your information.
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
We also make use of “cookies” on our website. A cookie is a small software message sent to your web browser by our web server. Your browser stores the message in a file and the message is then sent back to our servers each time your browser requests a page from our servers.
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
We use third parties including Google Analytics Advertising Features to promote our products and services. Google and other third parties collect data about traffic to this site via advertising cookies and identifiers which are used display ads on other sites that are relevant to you, based on your previous visits to this site.
We may collect the following information from you:
We will not collect sensitive information about you unless we have your consent and the information is reasonably necessary for one of our functions or activities (unless we are otherwise required or authorised by law to collect that information). Examples of sensitive information include information about your health, race and ethnic origin.
We collect your personal information for purposes necessary to sell and promote or products and services to you. In addition, we collect your personal information so that we can carry out the following actions:
We may also collect data about you on an aggregate and anonymous basis in order to help us improve the functionality of our website and tailor the way we communicate with you.
If we are unable to collect your personal information, some or all of the following may occur:
We may disclose information we hold to any of the following:
We will not sell or trade your personal information to third parties for marketing purposes.
From time to time we may use your personal information to provide you with information about our products. We want to communicate with you only if you want to hear from us. If you prefer not to receive promotional information from us, please let us know by clicking on the “unsubscribe link”/”update your preferences” at the bottom of any of our communications, or by clicking into your account to manage the level of communication which you want to receive from us. You may also unsubscribe by making a request via email at firstname.lastname@example.org. Once you have told us you no longer wish to receive information about our products and services, we will no longer contact you. We will keep your basic details on our ‘do not contact’ database so that we do not contact you again.
You may access and/or correct your personal information held with us related to your use of our products. Where this information is held in your online account, simply sign into your account. You may also access/correct your personal information held by us by contacting us:
Normally we will provide a record of your personal information to you via your preferred contact method (phone, email or mail).
If your request is unlawful or may interfere with the privacy of others we may reasonably refuse to provide access to your personal information.
We understand the importance of your personal information and have appropriate procedures in place to safeguard and secure the information we collect to prevent unauthorised access or disclosure, maintain data accuracy and ensure the appropriate use of information.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
We also take measures in respect of destroying or de-identifying personal information that is no longer needed for any lawful purpose. Some of the steps we take to protect your information include:
We also have measures in place to detect and prevent online fraud or suspicious activity. In some instances, we may ask you to provide us with information so that we can verify your identity and payment details (for example, if you have never shopped online with us before or if your payment details need to be verified with our payment providers). As part of this process we may ask you to provide redacted (masked) copies of your ID and the credit card used to place your online order.
If information is requested from you in order to verify your identity and payment, there may be a delay with the despatch of your order. You will receive a follow up email once your order has been approved.
There is no obligation for you to provide this information, but if we are unable to verify your identity, we may not be able to finalise your online order.
This information will be used for verification purposes only. Once your details have been verified, the verification information you have provided will be deleted.
We hold your personal information in electronic format. If you provide information to us electronically we retain this information in our computer systems and databases. This includes computer software programs, internet servers, and hosted internet solutions provided by third parties.
If you are in a country that is a member of the European Economic Area (“EEA”), then you have the following rights under the GDPR.
You have in certain circumstances the right to request that the further processing of your information is restricted or to object to its processing and the right to data portability (to receive and have transferred the information you provided).
Individuals over 16 years old can consent to the processing of their personal information, but anyone younger needs the consent of their parent or guardian.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.