• flat rate shipping $4.9
  • FREE CALL 1800GOHEMP

Privacy Policy | HEMPERIUM

OPEN AND TRANSPARENT MANAGEMENT OF PERSONAL INFORMATION

We may collect and hold information that is reasonably necessary to one or more of our functions and activities. The information can be collected using mail, email, phone and other means, via our website or otherwise. The information is then held electronically and security measures are taken to protect it. We collect, hold, use and disclose information for performing our primary functions and activities, and if doing otherwise is impracticable. An individual can contact us by phone or email to have the information held by us corrected. Should any individual wish to complain about our breaching Australian Privacy Principles, they are free to do so via phone, mail or email provided to the individual. We will try to resolve issue within reasonable time span. If however the individual is unsatisfied with the resolution of the problem, they are free to complain to the Information Commissioner. It is highly unlikely that we will disclose personal information to overseas recipients.

ANONYMITY AND PSEUDONYMITY

Our retails customers do not need to register an account with us to place orders. Should a retail customer wish to remain anonymous or use a pseudonym, they are more than welcome to do so. The retail customer then holds the responsibility of complying with their financial institution requirements for their payments to be successfully processed. It is then the retail customer's responsibility to satisfy any carrier's recipient identification requirements. If you wish to remain anonymous or use a pseudonym, but are unsure about delivery and payment requirements, feel free to contact us.

We reserve the right to cancel any order for which we cannot guarantee a successful fulfilment due to anonymity or pseudonymity.

Wholesale orders cannot be placed anonymously or under a pseudonym.

COLLECTION OF SOLICITED AND UNSOLICITED PERSONAL INFORMATION

We do not collect any sensitive information. We collect information by lawful and fair means only. If we receive unsolicited personal information, we will assess if condition 4.3 of Schedule 1, Privacy Act 1988 is true. If it is true, the information must be destroyed or de-identified within 2 business days.

At or before the time we collect personal information, we will notify an individual of the following matters:
(a) our identity and contact details;
(b) if:
(i) we collect the personal information from someone other than the individual; or
(ii) the individual may not be aware that we have collected the personal information; the fact that we so collect, or have collected, the information and the circumstances of that collection;
(c) if the collection of the personal information is required or authorised by or under an Australian law or a court/tribunal order—the fact that the collection is so required or authorised (including the name of the Australian law, or details of the court/tribunal order, that requires or authorises the collection);
(d) the purposes for which we collect the personal information;
(e) the main consequences (if any) for the individual if all or some of the personal information is not collected by us;
(f) any other entity, body or person, or the types of any other entities, bodies or persons, to which we usually disclose personal information of the kind collected by the entity;
(g) that our Privacy Policy contains information about how the individual may access the personal information about the individual that is held by us and seek the correction of such information;
(h) that our Privacy Policy contains information about how the individual may complain about a breach of the Australian Privacy Principles, or a registered APP code (if any) that binds us, and how we will deal with such a complaint;
(i) whether we are likely to disclose the personal information to overseas recipients;
(j) if we are likely to disclose the personal information to overseas recipients—the countries in which such recipients are likely to be located if it is practicable to specify those countries in the notification or to otherwise make the individual aware of them.

USE OR DISCLOSURE OF PERSONAL INFORMATION

If we hold personal information that was collected for a particular purpose (the primary purpose), we may use or disclose this information for another purpose (secondary purpose) only if:
(a) the individual has consented to the use or disclosure of the information; or
(b) the individual would reasonably expect us to use or disclose the information for the secondary purpose and the secondary purpose is related to the primary purpose.

If we hold personal information about an individual, we may use or disclose the information for the purpose of direct marketing only if:
(a) we collected the information from the individual; and
(b) the individual would reasonably expect the organisation to use or disclose the information for that purpose; and
(c) we provide a simple means by which the individual may easily request not to receive direct marketing communications from us; and
(d) the individual has not made such a request to the organisation.

We may use or disclose personal information (other than sensitive information) about an individual for the purpose of direct marketing if:
(a) we collected the information from:
(i) the individual and the individual would not reasonably expect the organisation to use or disclose the information for that purpose; or
(ii) someone other than the individual; and
(b) either:
(i) the individual has consented to the use or disclosure of the information for that purpose; or
(ii) it is impracticable to obtain that consent; and
(c) the organisation provides a simple means by which the individual may easily request not to receive direct marketing communications from the organisation; and
(d) in each direct marketing communication with the individual:
(i) the organisation includes a prominent statement that the individual may make such a request; or
(ii) the organisation otherwise draws the individual’s attention to the fact that the individual may make such a request; and
(e) the individual has not made such a request to the organisation.

We are unlikely to disclose information to overseas recipients.
We will not adopt a government related identifier of the individual.

QUALITY, SECURITY, ACCESS TO AND CORRECTION OF PERSONAL INFORMATION

We will take such steps as are reasonable in the circumstances to ensure that the personal information that we collect is accurate, up-to-date and complete.
We will take such steps as are reasonable in the circumstances to ensure that the personal information that we use or disclose is, having regard to the purpose of the use or disclosure, accurate, up-to-date, complete and relevant.
We take such steps as are reasonable in the circumstances to protect the personal information we hold from misuse, interference, loss, unauthorised access, modification or disclosure.

If:
(a) we hold personal information about an individual; and
(b) we no longer need the information for any purpose for which the information may be used or disclosed by us under Schedule 1 of the Privacy Act 1988; and
(c) the information is not contained in a Commonwealth record; and
(d) we are not required by or under an Australian law, or a court/tribunal order, to retain the information;

We take such steps as are reasonable in the circumstances to destroy the information or to ensure that the information is de-identified.
We will give an individual upon their request an access to the personal information about an individual. However, we will not give the individual access to the personal information if:
(b) giving access would have an unreasonable impact on the privacy of other individuals; or
(c) the request for access is frivolous or vexatious; or
(f) giving access would be unlawful.

We will:
(a) respond to the request for access to the personal information within a reasonable period after the request is made; and
(b) give access to the information in the manner requested by the individual, if it is reasonable and practicable to do so.

If we refuse to give access to the personal information because of subclause 12.2 or 12.3 of Schedule 1 of Privacy Act 1988; or to give access in the manner requested by the individual; we will take such steps (if any) as are reasonable in the circumstances to give access in a way that meets the needs of the entity and the individual. We will give the individual a written notice that sets out:
(a) the reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; and
(b) the mechanisms available to complain about the refusal; and
(c) any other matter prescribed by the regulations.

If:
(a) we hold personal information about an individual; and
(b) either:
(i) we are satisfied that, having regard to a purpose for which the information is held, the information is inaccurate, out-of-date, incomplete, irrelevant or misleading; or
(ii) the individual requests the entity to correct the information; we will take such steps (if any) as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading.