Introduction
This privacy policy (Policy) is issued by Magnamail Pty Ltd ACN: 78 063 154 174
(Magnamail, we, us or our), a company in the Direct Group grouping of companies (DG). In this Policy, "you" and “your” refer to any individual about whom we collect personal information, including but not limited to: our customers and prospective customers; visitors to our website, social media pages and other digital services; readers of our catalogues; and members of the public.
This Policy applies to the personal information (i.e. information that identifies you individually) we collect, store, maintain and use about you.
This Policy sets out the way we manage your personal information, including:
-
the kinds of personal information that we collect, hold, use or disclose ;
-
how we collect, hold, use or disclose that personal information;
-
the purposes for which we collect, hold, use or disclose that personal information;
-
how you can access your personal information and seek correction of such information;
-
how you can complain if we breach the applicable Privacy Principles (or any related code of practice that binds us) and how we will handle such a complaint; and
-
the circumstances under which we may disclose your personal information to overseas recipients.
The Policy also details how we may collect and use non-personally identifiable information about your browsing and or use of our website/s and app/s.
This Policy is made available without charge at (AUS) www.magnamail.com.au or (NZ) www.magnamail.co.nz but you may request a copy in another form by writing to us:
Applicable Law
In relation to the personal information of Australian residents, Magnamail is committed to protecting your privacy and respects and upholds your rights under the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth), applicable related regulations as amended, applicable related codes of practice as amended and successors to any of those (Australian Law). For convenience, ‘(AUS)’ indicates provisions of this Policy applying exclusively to Australian residents.
In relation to the personal information of New Zealand residents, this Policy is issued subject to the Privacy Act 2020 (NZ) as amended, applicable related regulations as amended, applicable related codes of practice as amended and successors to any of those (New Zealand Law). For convenience, ‘(NZ)’ indicates provisions of this Policy applying exclusively to New Zealand residents.
Collection of Personal Information
What kinds of personal information do we collect?
The basic personal information we collect about you is your name, your address, date of birth and your contact information (e.g. email, phone, mobile, fax, etc.). Sometimes, you may voluntarily disclose other information to us in the course of your dealings with us.
If you make payment to us or receive payment from us, we may also collect one or more of your credit card information, debit card information, EFT information, bank account or similar financial information.
To the extent it would be impracticable to obtain it directly from you, we may also collect other personal information about you from time to time from third party sources where it would not prejudice your interests and is relevant to our business functions and activities (e.g. credit scoring information, consumer preference information, etc.).
In addition to personal information, we may also collect information that relates to you but which has been anonymised or otherwise de-identified; this information is statistical in nature.
We may also collect device-specific information (e.g. information relating to a specific phone or tablet), log information, GPS/WiFi location information and other tracking information relating to our apps and software. This information may sometimes also constitute personal information if it identifies you. Your express consent will be sought prior to disclosing this type of information to any third parties such as Google or other advertising affiliates.
Who do we collect the personal information from?
Generally, we collect your personal information directly either from you (e.g. when you provide your contact details to us) or from third parties as described above.
We also collect information about you indirectly through cookies, mobile app reporting and webpage pixel tags when you use our website and apps. Please note that most of this indirect information is not personal information since it cannot identify you individually, but some of it may be (if it is used in combination with other information we hold about you.
In addition to storing communications with you in physical files, we use a number of electronic systems to record and store your personal and other information, including call recording systems, customer notes systems, customer database systems and web database systems (including online forms and/or online ordering).
Why do we collect the personal information? The purposes of collection
Within the general purpose of allowing us to carry out our business activities and functions, we collect your personal information to enable us to organise and carry out:
-
Shipping and supply of our products to you or at your request;
-
Receipt (or making) of payment and associated payment processing;
-
Issuing invoices and account statements;
-
Issuing responses to your queries;
-
Recovering defaulted payment or monies owed (NB in the event that there is defaulted payment or monies owed by you to us, we may share relevant personal information with credit agencies and/or our debt collection agents);
-
Competitions and special promotions;
-
Issue of refunds, credit notes, discount vouchers, reward vouchers and similar benefits;
-
Customer mailhouse operations;
-
Targeted mailing;
-
Drop shipping of products (for bulky or specialist items);
-
Product personalisation (where available);
-
Credit scoring; and
-
Use of internal and external business analytics tools (e.g. Google Ads or Adwords)
If you do not provide us with the personal information we require (or if that information you supply is incorrect) we may not be able to deal with you as set out above. In some cases, supply of incomplete or incorrect information may lead to reduced functionality or restricted access to our facilities.
Collection of non-personally identifiable information
We sometimes make use of advertising and marketing analytics to collect information about how people use our websites and apps. This information does not contain personal information such as phone numbers, email addresses, credit card or other financial information, or any other personal information.
Cookies are small files saved onto user’s computers to store website preferences and other information such as your IP address, ISP details and usage statistics. We will not collect your precise geographical location without first asking your consent. We use cookies to identify patterns or other analytical information which we may share with third party advertisers in order to tailor advertising and marketing. We will not combine your personal information with this non-personally identifiable information without your express consent.
We are currently part of the Google Display Network. Advertising displayed on our websites or apps may include advertising from other Google Display Network affiliates if cookies from those other affiliates’ websites are found on the same computer.
You may opt-out of cookies at any time by visiting Google’s Ads Settings, or by changing the security settings on your browser. NB disabling or blocking cookies may inhibit your use of certain websites and features.
Direct Marketing
We engage in direct marketing to our customers, so you may reasonably expect us to use your personal information for that purpose.
If we collect your personal information from you, we may continue to use that personal information for the purpose of direct marketing to you for so long as we have not received an ‘opt out’ request from you. If we collect your personal information from a third party, we may continue to use that personal information for the purpose of direct marketing to you, subject to your consent to do so unless it is impracticable to obtain such consent, for so long as we have not received an ‘opt out’ request from you.
If you would like to ‘opt out’ from receiving direct marketing communications from us, please contact us at:
We will action your request within a reasonable period.
If you would like to request that (a) we do not use or disclose your personal information for the purpose of facilitating direct marketing by third parties and/or (b) we identify the source of the personal information we hold about you, please contact us as set out above. We will action your request about (a) within a reasonable period and about (b) within a reasonable period unless it is impracticable or unreasonable to so.
Use or Disclosure
Limited use or disclosure
Unless we obtain your further recorded consent, we will:
-
only use or disclose your personal information for the purposes permitted or required by applicable law and otherwise in accordance with this Policy, and
-
not allow third parties to hold, use or disclose personal information we collect from you except for purposes permitted or required by applicable law and otherwise in accordance with this Policy.
Exceptions to this are:
-
where from time to time, we may facilitate mail order offers from reputable companies that have interesting products and services. These companies are not permitted to retain any customer information unless you have specifically expressed interest in their products or services
-
where we are required by law to disclose certain information
-
if you have a product from us that requires personalisation, or delivery to you by an external company
-
disclosure of personal information among our companies, including Our Brands, to carry out our business and marketing activities and functions.
Your email address is private and we will never sell it to third parties. Unless we obtain your further recorded consent, we will only ever use your email address so that we can:
-
Contact you about your order or answer a query or
-
Send you special offers from time to time, if you have opted to receive such information.
Our representatives
We use a number of individuals to carry out business functions and activities on our behalf including employees, contractors, sub-contractors, agents and commercial representatives.
You consent to our disclosure of your personal information to these individuals, and to their use and disclosure of your personal information as necessary to enable them to carry out business functions and activities on our behalf. Our technical service providers are obliged to respect your privacy and confidentiality.
Third-party service providers
Sometimes we use third party platforms and services e.g. to process sales, analyse data and information, provide web support, send marketing messages, deliver products or information or otherwise achieve the purpose for which the information was collected. These services are hosted and managed by organisations other than ourselves, and some are hosted overseas.
To the extent that our third-party service providers hold, use or disclose your personal information in connection with providing their services to us, you consent to such use and disclosure and our disclosure to them of your personal information.
We take all reasonable steps to ensure that these third-party overseas companies are compliant with the APPs. However, we will not be liable for any conduct that is inconsistent with the APPs on the part of these third parties.
Business affiliates
In addition to our representatives and service providers, we have commercial arrangements with a number of industry partners (e.g. Data Bureau and Mail House) and other reputable business affiliates in AUS and NZ.
Our business affiliates are obliged to respect your privacy and confidentiality.
We will not disclose your personal information to our business affiliates except where:
-
the information in question has been anonymised or otherwise de-identified (so that it is no longer personal information); or
-
where because of your dealings with us you may reasonably expect us to disclose your personal information to our business affiliates;
-
you consent to our disclosure of your personal information to our business affiliates.
As set out above, you consent to us disclosing your personal information to our business affiliates and to their holding, using or disclosing your personal information.
Overseas use or disclosure
A number of our service providers and business affiliates are located overseas including the United States, the United Kingdom, the Philippines, New Zealand (AUS) and Australia (NZ).
To the extent that applicable law requires you to consent to your personal information being transferred overseas, you consent to such transfer and to subsequent use and disclosure of your personal information by our overseas service providers and overseas business affiliates as necessary for them to provide their services and honour their commercial arrangements with us.
(NZ) In addition to the business operations of our service providers and business affiliates being overseas, we ourselves are principally located overseas, being based in Australia. Our New Zealand database is held on an Australian server subject to privacy safeguards comparable to those required by New Zealand law.
To the extent that applicable law requires you to consent to overseas transfer of your personal information to us, you consent to such transfer and subsequent use or disclosure by us consistent with this Policy and with applicable law. We may disclose your personal information to other external providers located in Australia, New Zealand and other countries, including our data hosting and Cloud based IT service providers for some of the purposes listed above. We take all reasonable steps to ensure that these service providers are fully compliant with the Australian Privacy Principles (AUS) and Information Privacy Principles (NZ).
Required or authorised collection, use or disclosure
If collection, use or disclosure of your personal information is required or authorised by law or by order of a court or tribunal, we will inform you of that requirement or permission with details (unless the law or order requires otherwise).
Quality and Security of Personal Information
We will take all reasonable measures to make sure that your personal information that we collect, hold, use or disclose is accurate, up-to-date and complete.
We will take all reasonable measures to protect your personal information from misuse, interference and loss, unauthorised access, unauthorised modification and unauthorised disclosure. To the extent we disclose your personal information to our representatives, Our Brands, our service providers and our business affiliates, they are subject to obligations in relation to privacy and confidentiality.
Access to your Personal Information
If you request access to your personal information, we will respond within a reasonable period and provide you with the information in the manner you request if it is reasonable and practicable to do so.
Please note that we are not obliged to give you access in certain circumstances, including where the request is frivolous or vexatious, where the request would have an unreasonable impact on the privacy of others, or where the request is denied in compliance with applicable law (or under a court or tribunal order).
We will not charge you for making a request for access to your personal information.
If the estimated cost to us to provide you with the information exceeds $10 (AUD for Australian residents, NZD for NZ residents), we reserve the right to charge you our costs of doing so.
If we refuse to provide access to your personal information, we will issue a written notice that sets out the reasons for our refusal, how to complain about our refusal, and any other matters required by law. In relevant circumstances, we will consider providing an alternative means of access to your personal information to the refused means of access.
If you wish to seek access to your personal information, please contact us:
Correction of Personal Information
We will take reasonable steps to correct your personal information to ensure that, having regard to the purpose(s) for which it is held, such information is accurate, up-to-date, complete, relevant and not misleading if we are satisfied that that the information does not meet those thresholds.
We may also correct your personal information upon request from you. If you wish to request a correction of your personal information, please advise us of your request:
If you make such a request, we will respond within a reasonable period.
If we correct your personal information and you request us to notify third parties to whom we have disclosed such information, we will take reasonable steps (if any) to give that notification unless it is impracticable or unlawful to do so.
We may refuse your request to correct your personal information if it is not reasonable in the circumstances (e.g. the correction you request us to make is inaccurate).
If we refuse your request to correct your personal information, we will issue a written notice that sets out the reasons for our refusal, how to complain about our refusal and any other matters required by law.
If, we refuse your request to correct your personal information and you request us to associate with your personal information a statement that the information is inaccurate, incomplete, irrelevant or misleading, we will take reasonable steps to associate the statement apparent to users of the information. If you make such a request, we will respond within a reasonable period.
We will not charge you for making a request for correction to your personal information, for correcting your personal information or associating a statement with your personal information that it is inaccurate, irrelevant or misleading.
Removing, Deleting or Destroying Personal Information
We normally seek to remove, delete or destroy personal information from our records as soon it is no longer required. However, there may be circumstances where such removal, deletion or destruction is either delayed or not possible, including because of our backup, archival and general record-keeping processes. If for technical or other reasons, it is not possible to remove, delete or destroy personal information, we will put that information beyond use and we will not access it again unless either we are requested to do so by you or we are required or permitted to access it by applicable law.
Miscellaneous
Your dealings with us
You will not normally be able to deal with us anonymously or under another name (pseudonymously) because this makes it impracticable for us to carry out many of our core business functions and activities such as order receipt, processing and despatch. However, where dealing with us anonymously or pseudonymously is practicable in respect of particular matters such as providing online product reviews or posting to our other online forums, we will make that option available.
Unsolicited personal information
If you provide unsolicited personal information in the course of communications with us, we will review it and, may hold, use or disclose it in accordance with your reason for providing it (e.g. resolving a customer complaint).
Sensitive personal information
(AUS) Please note that we do not seek to collect health information or other sensitive information as defined by Australian Law. However, if unsolicited personal information provided by you also includes health information or other sensitive information as defined by Australian Law, you consent to us holding, using or disclosing such health information or other sensitive personal information in accordance with your reason for disclosing it (e.g. resolving a customer complaint).
Recruitment Policy
A copy of our Recruitment Privacy Policy can be found at http://directgroup.com.au/careers.aspx
Special provisions relating to MyDiscoveries:
If you are using our MyDiscoveries goods or services, we will collect, hold, use and disclose your personal information as needed to facilitate your travel arrangements and bookings and to arrange travel related services and/or products on your behalf. For example, we may collect your name, residential/mailing address, telephone number, email address, credit/debit card details (including card type, card number, security number and expiry date), date of birth, passport details, loyalty program / frequent flyer details, information about your dietary requirements and health issues (if any), and other details relevant to your travel arrangements or required by the relevant travel service provider(s) (e.g. airlines and accommodation or tour providers).
We will only collect sensitive information in compliance with your local data protection laws, with your consent and/or where it is reasonably necessary for or directly related to one or more of our functions or activities, or unless we are otherwise required or authorised to do so by law. To the extent permitted or required under your local data protection laws, you consent to us collecting, holding, using and disclosing your sensitive information for the purpose for which it was collected, unless we subsequently receive your consent to use it for another purpose. For example, if you provide health information to us in connection with a travel insurance application you would like to make, you consent to us using and disclosing that health information in connection with arranging that travel insurance on your behalf. A further example is if you disclose your religious beliefs to us because you are interested in, for example, certain holiday packages, in which case you consent to us using and disclosing that information in connection with facilitating your request. We will not use sensitive information for purposes other than those for which it was collected, unless we subsequently receive your consent to use it for another purpose.
Partial identification in commercial communications
Sometimes in the course of our commercial communications, we may partially identify an individual by reference to part of that individual’s name and an area (e.g. suburb, region or state). To the extent that such information might identify you as an individual, you nevertheless consent to us holding, using or disclosing your personal information in that way.
Making a Complaint
If you wish to make a complaint with regard to a possible breach of this Policy or the Australian Privacy Principles (AUS) or Information Privacy Principles (NZ), or in respect of any other request or enquiry in relation to this Policy, please contact:
Privacy Officer
Magnamail Pty Ltd
431 Warringah Road
FRENCHS FOREST NSW 2086
What happens to my complaint?
-
When we receive your complaint we will let you know as soon as reasonably practicable that we have received it.
-
We will use reasonable endeavours to investigate your complaint and resolve it. We may contact you for further information.
-
We will write to you and let you know the outcome. We will use reasonable endeavours to do this within 30 days, however some complaints are more complex and take longer. We will keep you informed if this is the case.
-
If for some reason we cannot resolve your complaint (for example, the issue is outside our responsibilities), we will write to you and let you know.
If we are unable to resolve your complaint, you may contact the:
Office of the Australian Information Commissioner “OAIC” (AUS)
-
OAIC website: https://www.oaic.gov.au
-
OAIC telephone: 1300 363 992
-
OAIC postal addresses: GPO Box 5218, Sydney NSW 2001, Australia
Office of the New Zealand Information Commissioner “NZIC” (NZ).
-
NZIC website: https://www.privacy.org.nz
-
NZIC telephone: 0800 803 909
-
NZIC postal addresses: PO Box 10 094, The Terrace, Wellington 6143 NEW ZEALAND
Reminder – Helping Us to Help You
While we will do what we can to make sure that your personal information is accurate, up-to-date and complete, we do need your help. If your personal information changes (e.g. because of a change of name, address or credit card provider), please contact us to let us know what those changes are.
Policy Changes
Please note that this Policy may change from time to time to take into account new laws and technology, changes to our operations and practices, and the changing business environment.
We will make available the current version of our Policy, with a date and version notice, via our website(s) and, upon request, in other forms.
If you do not accept this Policy as varied, we will no longer be able to accept or process orders from you or otherwise deal with you.
If you place an order with us at or after any variation to this Policy, you acknowledge and understand that you are giving consent in relation to this Policy as changed, regardless of any alteration to the scope and nature of privacy which you enjoyed or may have enjoyed under any previous version of this Policy.
Updated November 2020