Privacy policy
NorthByOne (ABN 45 652 298 292) ("we", "us", "our") is committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains how we collect, use, disclose and store personal information, and how you may access or correct that information. It applies to all personal information collected by NorthByOne via our website and related services.
If you have any questions about this policy, please reach out to us at hello@northbyone.com.au — we're always happy to help.
1. What is Personal Information?
Under the Privacy Act 1988 (Cth), "personal information" means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not, and whether it is recorded in a material form or not.
Personal information may include your name, email address, postal address, telephone number, payment information (excluding full card numbers), IP address, device identifier, order history, preferences, and other data you provide when using our services. If information does not disclose or enable identification of your identity, it will generally not be classified as personal information and will not be subject to this policy.
2. Children's Privacy
The NorthByOne website is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13 without verifiable parental consent. If we become aware that personal information has been collected from a child under 13 without appropriate consent, we will take immediate steps to delete that information. If you are between 13 and 18, we encourage you to review this policy with a parent or guardian before using the website or providing any personal information.
3. What Information Do We Collect?
The kind of personal information we collect will depend on how you use our website. We may collect:
– Contact information (name, email, phone, address)
– Order information (products purchased, order history, billing details)
– Account information (username and password if you create an account)
– Technical data (IP address, browser type, device information and analytics data collected via cookies or similar technologies)
– Marketing preferences and communication history
– Any other information you provide via forms or communications with us
We will only collect information that is reasonably necessary for our business functions and activities.
4. How We Collect Your Personal Information
We may collect personal information:
– Directly from you when you interact with our checkout, forms or customer service team
– Automatically through cookies, tracking pixels and analytics tools when you browse our website
– From third parties such as payment providers, delivery partners or marketing platforms
You may be able to browse certain parts of the website anonymously or using a pseudonym, unless the services you request require identification.
5. Why We Collect Your Information
We collect and use your personal information to:
– Process and fulfil orders, refunds, exchanges and returns
– Communicate with you about your orders and account activity
– Personalise your experience and improve our services
– Send marketing communications where you have given consent, in accordance with the Spam Act 2003 (Cth)
– Manage customer support requests
– Prevent fraud and ensure the security of our website
– Comply with our legal obligations
We do not use sensitive information for marketing purposes. We will only send marketing material if you have opted in, and every message will include a clear and easy unsubscribe option.
6. Marketing Preferences & Consent
Where you have opted in to receive marketing communications from NorthByOne, you can withdraw your consent or manage your preferences at any time by:
– Clicking the unsubscribe link in any marketing email
– Updating your preferences via your account settings
– Contacting us directly at hello@northbyone.com.au
Withdrawing consent will not affect the lawfulness of any marketing communications sent prior to withdrawal, and will not affect transactional communications related to your orders or account activity.
7. Payment Information
All payment transactions are processed by PCI-DSS compliant third-party payment providers. NorthByOne does not store, process or transmit full credit or debit card numbers. Payment information is handled directly by our payment processors, including Shopify Payments, Afterpay and Zip, each of whom maintain their own security standards and privacy practices. By using these services at checkout you agree to be bound by their respective privacy policies.
8. Third-Party Links & Services
Our website may contain links to third-party websites and services, including social media platforms, payment providers and marketing tools. These third parties operate independently and have their own privacy policies, which we encourage you to review. NorthByOne is not responsible for the privacy practices, content or security of any third-party website or service. The inclusion of a link does not constitute endorsement of that third party's privacy practices.
9. Social Media & User Generated Content
When you interact with NorthByOne on social media platforms including Instagram and TikTok, or tag your content with our brand hashtags such as #GoNorthSheSaid, please be aware that those platforms operate under their own terms of service and privacy policies. Any content you share publicly may be visible to others and may be used by NorthByOne in our marketing materials in accordance with the User Generated Content clause in our Terms of Service. We will always endeavour to credit content where possible.
10. Use and Disclosure of Personal Information
We disclose personal information only to service providers and partners who assist us in operating our business. We may share your information with:
– Payment processors and fraud prevention partners
– Delivery and logistics partners
– Cloud hosting and analytics providers
– Marketing and CRM platforms
– Legal, regulatory or enforcement authorities if required by law
We do not sell your personal information to third parties.
11. Overseas Disclosure
Your personal information may be disclosed to service providers located overseas, including in the United States (Shopify, Meta, Klaviyo), Ireland (Meta), Singapore, Japan, Taiwan, Chile, Belgium and other locations across North America, Europe, Asia, South America, the Middle East and the Pacific region.
We take reasonable steps to ensure that overseas recipients handle your personal information in a manner consistent with the Australian Privacy Principles. By using our services, you consent to this disclosure.
12. Security and Storage
We take reasonable technical, administrative and physical measures to protect your personal information from loss, misuse, unauthorised access, disclosure, alteration or destruction. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
We retain personal information only for as long as necessary to fulfil the purposes for which it was collected and to comply with our legal obligations:
– Order and transaction records are retained for a minimum of seven years in accordance with Australian taxation law
– Marketing data and preferences are deleted or anonymised upon unsubscribe or account closure
– Technical and analytics data is retained in accordance with the settings of the relevant platform provider
You may request deletion of your personal information at any time by contacting us at hello@northbyone.com.au. We will respond within 30 days, subject to any legal obligations that require us to retain certain records.
13. Notifiable Data Breaches
NorthByOne is subject to the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth). In the event of an eligible data breach that is likely to result in serious harm to any individual whose information is involved, we will notify the affected individual(s) and the Office of the Australian Information Commissioner (OAIC) as soon as practicable. We maintain an internal data breach response plan and will take immediate steps to contain any breach and assess the risk of harm.
14. Cookies and Tracking Technologies
We use cookies, pixels and similar technologies to collect usage and behavioural data to improve our website and serve relevant advertising. A cookie consent banner is displayed on your first visit, and you can manage your cookie preferences at any time through your browser settings or via the consent banner.
The primary tracking technologies currently used on the NorthByOne website include:
– Google Analytics — for site usage and behavioural data. You can opt out via the Google Analytics Opt-out Browser Add-on
– Meta Pixel — for advertising measurement and retargeting across Facebook and Instagram. You can manage your preferences via your Facebook account settings
– TikTok Pixel — for campaign measurement where applicable
Each of these services collects data in accordance with their own privacy policies. NorthByOne does not currently respond to Do Not Track browser signals, as no uniform standard exists in Australia at this time.
15. Access and Correction
Under Australian Privacy Principle 12, you have the right to access the personal information we hold about you. Under APP 13, you may request that we correct inaccurate, incomplete or out-of-date information. To make a request, please contact us at hello@northbyone.com.au. We will respond within 30 days and will not charge a fee for reasonable access requests.
16. Complaints Handling
If you have a complaint about the way we handle your personal information, please contact us at hello@northbyone.com.au. We will acknowledge your complaint promptly and aim to resolve it within 30 days. If we agree your complaint is well founded, we will take appropriate steps to rectify the issue in consultation with you.
If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or by calling 1300 363 992.
17. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. The updated version will be published on our website with a revised effective date. Continued use of the website following any changes constitutes acceptance of the updated policy. Where changes are material, we will make reasonable efforts to notify you directly.
How to Contact Us
For any queries, access requests, corrections or privacy complaints, please get in touch:
Email: hello@northbyone.com.au
Post: PO Box 904, Chatswood NSW 2067, Australia
We're a small team and we genuinely care about getting this right, please don't hesitate to reach out.