• English
  • 中文(简体)
  • Australia
  • United States
English
  • English
  • 中文(简体)
  • English
  • 中文(简体)

CLOSE

Privacy Policy

1.GENERAL PROVISIONS

This privacy policy (“Privacy Policy”) applies to all Personal Data processed by AULUNA ( “we”, “us”, or “Data Controller”). AULUNA complies with:

 

the Australian Privacy Principles in the Privacy Act 1988 (Cth) (Privacy Act); and

the General Data Protection Regulation (“GDPR”).

This privacy policy explains how we collect, hold, use, disclose and otherwise manage:

 

personal information in Australia (that is, information or an opinion about you, whether true or not, which identifies you or from which your identity is reasonably identifiable); and

personal data in Europe (that is, personal data is defined as any information relating to an identified or identifiable natural person under Art 4 no 1 of the GDPR).

         (together, “Personal Data”)

 

2.“YOUR PRIVACY: OVERVIEW

At AULUNA, we take our responsibilities under current data protection regulations and laws seriously. We recognise the importance of the Personal Data you have entrusted to us and are committed to properly managing, protecting, and processing Personal Data.

 

3.REVISIONS TO THIS PRIVACY POLICY

AULUNA reserves the right to change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date of this Privacy Policy. If we make material changes to this Privacy Policy, we will provide you with additional notice (such as adding a statement to our websites’ homepage).

 

4.COLLECTION, PURPOSE AND USE OF PERSONAL DATA

AULUNA only collects Personal Data where it is reasonably necessary for our business activities.  Unless it is not reasonable or practicable to do so, and in other cases allowed by law, we will collect Personal Data about you directly from you. The kinds of Personal Data that AULUNA collects will vary depending on our particular interaction or dealing with you. However, generally speaking, the kinds of Personal Data AULUNA collects and the purposes for which AULUNA uses Personal Data are set out in this clause

 

4.1. SENSITIVE INFORMATION

 

AULUNA may collect sensitive information for the primary purpose of enabling you to buy and receive a piercing in the respective body part (for example, the ear lobe, ear helix or nose) and to analyse and respond to any of your queries, claims or complaints. The kinds of sensitive information that AULUNA may collect includes certain health information such as: history of medication; andhistory of infection.

AULUNA may also collect and hold other kinds of sensitive information as permitted or required by law or other kinds of personal information that we notify you of at or about the time of collection.

 

4.2. WEBSITE DATA COLLECTION

 

When accessing our website, your device automatically transmits data for technical reasons. The following data is stored separately from other data that you may transmit to us:

 

browser type and browser version

operating system used

referrer URL

host name of the accessing computer

time of the server request

IP address

We save this data for the following purposes:

 

Load balancing, i.e., to distribute the access to our website across several devices and to be able to offer you the fastest possible loading times.

Ensuring the security of our IT systems in accordance with Art 32 GDPR and based on our legitimate interest in protecting us from misuse of our service, for example, to prevent specific attacks on our systems and to identify attack patterns.

Ensuring the proper operation of our IT systems, for example if errors occur that we can only remedy by storing the IP address.

To enable criminal prosecution, security, or legal prosecution if there are specific indications of criminal offenses.

 

5.PIERCING CONSENT

In order to carry out piercing procedures in our store, we require that you fill out our piercing consent form. You can access this consent form via QR codes accessible in our stores. After you complete the consent form on your personal device and have digitally signed it, this information is sent to the local store email address.

 

6.COOKIES

We may use cookies and similar technologies (we will refer to all of these as “Cookies”) to enable you to use certain features on our website, store your preferences, recognise you when you return to our website and maintain information about your use of our website. Cookies are small files that are saved on your device with the help of your internet browser.

 

7.RECIPIENTS / CATEGORIES OF RECIPIENTS / DISCLOSURE

Disclosure of your Personal Data will generally be for the primary purpose of providing products or services to you in accordance with this Privacy Policy.  In addition, AULUNA may disclose your Personal Data  for purposes related to the above purpose, other purposes which we notify you of when we collect the information and for purposes otherwise permitted or required by law.  This may include AULUNA disclosing Personal Data to related companies of AULUNA or other entities with which AULUNA has a commercial relationship, including to third parties in the following cases:

 

7.1 LEGAL ENQUIRIES

 

If it is necessary to clarify an illegal use of our services or for legal prosecution, Personal Data will be forwarded to the law enforcement authorities and, if necessary, to injured third parties. However, this only happens if there are concrete indications of unlawful or abusive behaviour. Data may also be passed on if this serves to enforce contracts or other agreements. We are also legally obliged to provide information to certain public authorities upon request. These are law enforcement agencies, authorities that prosecute administrative offences subject to fines and the tax authorities. This data is disclosed on the basis of our legitimate interest in combating abuse, prosecuting criminal offences, and securing, asserting, and enforcing claims, Art 6 para 1 lit f) GDPR or on the basis of a legal obligation pursuant to Art 6 para 1 lit c GDPR.

 

7.2 PASSING ON DATA

 

We rely on contractually affiliated third-party companies and external service providers ("processors") to provide the services. In such cases, we pass on Personal Data to these processors in order to enable them to continue processing. These processors are carefully selected and regularly reviewed by us to ensure that your rights and freedoms are protected. The processors may only use the data for the purposes specified by us and we also contractually oblige these processors to process your Personal Data in accordance with applicable data protection laws.

 

The transfer of data to processors takes place on the basis of Art 28 para 1 GDPR. In addition to the processors already mentioned in this Privacy Policy, we also use the following categories of processors:

 

IT service providers

Cloud service providers

Hosting service providers

Software service providers

 

7.3 TRANSMISSION TO AUTHORITIES

In the context of administrative processes and the organisation of our operations, financial accounting, and compliance with legal obligations, such as archiving, we disclose or transmit the same data that we have received in the context of the provision of our contractual services to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices and payment service providers.

 

This data is passed on based upon our legitimate interest in maintaining our business activities, performing our tasks, and providing our services, Art 6 para 1 lit f) GDPR or on the basis of a legal obligation pursuant to Art 6 para 1 lit c) GDPR.

 

7.4 COMPLIANCE

 

In the course of the further development of our business, the structure of may change by changing its legal form or by founding, buying, or selling subsidiaries, parts of companies or components. In such transactions, data of our customers and contact persons in particular will be passed on together with the part of the company to be transferred. Whenever personal data is passed on to third parties to the extent described above, we ensure that this is done in accordance with this Privacy Policy and the relevant data protection laws.

 

Any disclosure of personal data is justified by the fact that we have a legitimate interest in adapting our corporate form to the economic and legal circumstances as required, Art 6 para 1 lit f) GDPR.

 

8.PROTECTING YOUR PERSONAL DATA

Any Personal Data collected by AULUNA will be processed fairly, lawfully, and in a transparent manner. “Processing” includes, but is not limited to, collection, storage, transfer, dissemination, or erasure of Personal Data. AULUNA takes appropriate technical and organisational measures against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to Personal Data.

 

However, to the extent that the Internet is not completely secure, we cannot guarantee that any of your personal information stored or sent to us will be completely safe. We encourage you to use caution when using internet to access our web sites, applications, or social media.

 

9.HOW WE SECURE YOUR PERSONAL DATA

We have an obligation to ensure that your Personal Data is protected from unauthorised processing, accidental disclosure, access, loss, destruction, or alteration. Accordingly, we have a range of technical security measures and procedures in place to ensure that your personal information is protected appropriately. These include but are not limited to:

 

Restricting access to information systems through access control measures and authentication techniques;

Encrypting sensitive data while at rest and in transmission;

Providing information security training to internal employees; and

Binding employees and contractors to information security policies

Your Personal Data will be kept on databases held on servers kept in a physically and technologically secured environment, accessed only by authorised personnel or contractors. Where personal information is held in hard copy, it will be held in controlled, access restricted premises which only authorised personnel or contractors will be permitted to access.

 

10.REQUIREMENT TO PROVIDE DATA

You are neither legally nor contractually obliged to provide your Personal Data (including any sensitive information).

 

However, the provision of your Personal Data is necessary to a certain extent so that we can provide you with the functions on our website and our services. In particular, the provision of your Personal Data is necessary to enable us to receive and process your enquiries, to enable us to initiate or execute contracts, and to enable you to use the community functions in connection with our social media presences.

 

If it is necessary to provide your data, we will indicate this by marking the relevant field as mandatory. The provision of further Personal Data is voluntary. In the case of required Personal Data, failure to provide this Personal Data will result in AULUNA not being able to provide the corresponding functions and services, in particular we will not be able to receive and process your enquiries and/or enable the initiation or execution of a contract. Furthermore, you will not be able to use the community functions of our social media sites. If you do not provide us with the required Personal Data in connection with your application, we will not be able to consider your application. Insofar as voluntary information is concerned, the failure to provide it means that we cannot provide the corresponding functions and services or cannot provide them to the usual extent.

 

11.PROCESSING FOR OTHER PURPOSES

Your data will only be processed for purposes other than those described in this Privacy Policy if this is permitted by law or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with all other relevant information.