We recognise the importance of protecting the privacy of information collected about visitors to our web site.
When you look at this website, our Internet Service Provider makes a record of your visit and logs the following information for statistical purposes only:
- your server address
- your top level domain name (for example .com, .gov, .au, .uk, etc)
- the date and time of your visit to the site
- the pages you accessed and documents downloaded
- the previous site you have visited
- the type of browser you are using
Personal information about visitors to our site is collected only when knowingly and voluntarily submitted.
For example, we may need to collect contact information to provide you with further services (such as downloading the Starter Guide to Recovery) or to answer or forward any requests or inquiries. It is our intention that this policy will protect your personal information from being dealt with in any way that is inconsistent with applicable privacy laws in Australia.
Currently, (last update September 5th 2018) the information you can submit through the website are for educational purposes in the form of First Name (optional), Last Name (optional), Email Address to receive a Guide to Recovery. This information is stored on www.mailchimp.com for the purposes of sending the guide with three follow-up emails to ensure the Guide was helpful.
How do I withdraw my consent after giving you my email? If after you opt-in you change your mind, you may withdraw your consent for us to contact you unsubscribing from the email exchange (button provided in email content) or by contacting us at firstname.lastname@example.org.
Victoria uses the business version of Googlemail for email communication. If you email Victoria your email address and email content will be stored only within this Googlemail account. This account has double-password encryption. This is the highest level of security Gmail provides.
USE OF INFORMATION
Personal information that visitors submit to our site is used only for the purpose for which it is submitted or for such other secondary purposes that are related to the primary purpose, unless we disclose other uses at the time of collection. Copies of correspondence sent from the website, that may contain personal information, are stored as archives for record-keeping and back-up purposes only.
We only collect personal information for purposes which are directly related to our functions or activities under the Privacy Act 1988 (Privacy Act), Freedom of Information Act 1982 (FOI Act) or the Australian Information Commissioner Act 2010 (AIC Act), and only when it is necessary for or directly related to such purposes.
Apart from where you have consented or disclosure is necessary to achieve the purpose for which it was submitted, personal information may be disclosed in special situations where we have reason to believe that doing so is necessary to identify, contact or bring legal action against anyone damaging, injuring, or interfering (intentionally or unintentionally) with our rights or property, users, or anyone else who could be harmed by such activities. Also, we may disclose personal information when we believe in good faith that the law requires disclosure.
We strive to ensure the security, integrity and privacy of personal information submitted to our sites, and we review and update our security measures in light of current technologies. Unfortunately, no data transmission over the Internet can be guaranteed to be totally secure.
However, we will endeavour to take all reasonable steps to protect the personal information you may transmit to us or from our online products and services. Once we do receive your transmission, we will also make our best efforts to ensure its security on our systems.
In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us. However, we will not be held responsible for events arising from unauthorised access to your personal information.
COLLECTING INFORMATION FROM USERS
IP Addresses: Our web servers gather your IP address to assist with the diagnosis of problems or support issues with our services. Again, information is gathered in aggregate only and cannot be traced to an individual user.
Access to Information : We will endeavour to take all reasonable steps to keep secure any information we hold about you, and to keep this information accurate and up to date. If, at any time, you discover that information held about you is incorrect, you may contact us to have the information corrected. In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.
Personal Information : To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption (see 'Stripe' below for more details). Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Squarespace : A Touchy Subject is hosted on Squarespace Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Squarespace's data storage, databases and the general Squarespace application. They store your data on a secure server behind a firewall.
Stripe Payments : If you choose a direct payment gateway to complete your purchase, then Stripe stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Squarespace's & Stripe's Terms of Service or Privacy Statement.
Google Analytics : Our store uses Google Analytics to help us learn about who visits our site and what pages are being looked at.
LINKS TO OTHER SITES
We provide links to Web sites outside of our web sites, as well as to third party Web sites. These linked sites are not under our control, and we cannot accept responsibility for the conduct of companies linked to our website. Before disclosing your personal information on any other website, we advise you to examine the terms and conditions of using that Web site and its privacy statement.
PROBLEMS OR QUESTIONS
For more information about privacy issues in Australia and protecting your privacy, visit the Australian Federal Privacy Commissioner’s web site; www.privacy.gov.au.
Last Edited on 05-09-2018.