Who we are

Our website address is: https://gagapapercrafts.com.au. We are located in Australia.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. Please see the Gravatar service privacy policy for more information. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Contact forms

If you submit a Contact Form on our site, we will ask you for your name and email address, which are transmitted to our email platform (Gmail by Google) so that we may reply to your query. These emails are deleted on a regular basis and once your query is finalised. Please see the Google privacy policy for more information.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Our site uses WordPress (a site builder and administration application) and WP Statistics to analyse anonymous information related to site interactions. All data is saved locally in WordPress. By default WordPress does not collect any analytics data. The WordPress privacy policy can be found here and information on the type of data collected by WP Statistics can be found here.

Online Shop

We collect information about you during the checkout process on our store.

What we collect and store

While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of cart contents while you’re browsing our site.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for four years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We will also store comments or reviews, if you choose to leave them.

Who has access

Only the Site Administrator can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our Site Administrator has access to this information to help fulfill orders, process refunds and support you.

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.

We share information with Australia Post who help us provide our orders and store services to you by calculating your order shipping costs. The information passed to Australia Post includes your postcode / location, as well as the weight and dimensions of your order.

Payments

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information. Our site does not collect personal financial data from our customers.

Please see the PayPal Privacy Policy for more details.

Who we share your data with

The personal information we collect about you is used only as outlined in other sections of this Privacy Policy, i.e., for the purposes of spam detection, site analytics, and processing your queries and customer orders. We will never share your personal information with third parties for marketing or other purposes.

By default WordPress does not share any personal data with anyone.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). The website administrator can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

By default WordPress does not share any personal data with anyone.

Your contact information

We understand that your privacy is important. If you have concerns about the way in which we treat your personal information, you may contact us on 0435 782 009.

Additional information

How we protect your data

Our site uses SSL encryption to protect your data, preventing your personal information from being intercepted during transmission.  We also use two factor authentication for our account holders, adding an extra security layer when you log into our site. The website administrator, who has received training in information privacy principles and practices, is the only person who can access your personal information.

What data breach procedures we have in place

In addition to the data protection measures outlined above, our site maintains a security audit log which records all user activity on the site.

WordPress and its affiliate developer Automattic have also recently implemented a bug bounty program which allows them to identify and resolve software vulnerabilities and potential exploitation by hackers faster, making the personal information we hold about you safer and more secure.

In the unlikely event of a data breach, we will advise you immediately.