As used in this Policy:
“customer” means an individual who (a) has contacted us through any means to find out more about any goods or services we provide, or (b) may, or has, entered into a contract with us for the supply of any goods or services by us; and
“personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not.
“sensitive information” has the meaning given to it under the Privacy Act 1988 (Cth) (“Act”).
Personal information collected and held
OWNDAYS may collect the following kinds of personal information and health information via our online purchase system, online customer registration system or in person at our stores located in Australia including but not limited to by using the web form which customers are required to fill up before purchasing:
- your full name;
- your gender;
- your street address;
- your date of birth;
- your health insurance information and any information contained in your prescriptions, etc. issued by eye doctors;
- your medicare information;
- your mobile number;
- your email address; and
- prescriptions regarding your eye sights and other eye related health information
How we collect, hold and disclose your personal information
Recognising personal information to be an important asset of the individual, all employees engaged in OWNDAYS’ activities handle personal information accurately and safely to prove worthy of customers’ trust.
OWNDAYS collects, uses, and provides appropriate personal information taking into account the scope and scale of our business. We do not use personal information for purposes other than those intended, and set forth and observe internal rules for ensuring this.
We do not collect any sensitive information without obtaining your consent.
We implement preventive measures against illegal access of personal information, loss, damage, falsification, and leakage of personal information, and implement corrective measures promptly in the event any of this occurs.
OWNDAYS CO., LTD (“OWNDAYS CO”) is our Japanese holding company and OWNDAYS Tech & Media (Thailand) Co., LTD (OWNDAY TM) is a subsidiary of OWNDAYS CO and we delegate the function of management of personal information and health information to the IT departments of OWNDAYS CO and OWNDAYS TM. Accordingly, personal information collected in Australia may be disclosed and stored in Japan and accessed by the IT department specialists.
We observe laws, including the Act, and regulations related to personal information, guidelines set down by the government, and other standards.
We manage an appropriate management system for preventing illegal access, loss, damage, falsification, leakage, etc. of personal information managed by OWNDAYS, and periodically review the management system so that it can deal with new illegal access methods. We also reinforce our internal management system and implement through training of all employees engaged in the use of personal information.
We may retain a customer’s personal information for as long as it is necessary to fulfill the purpose for which it was collected, or as required or permitted by applicable laws.
We will cease to retain a customer’s personal information, or remove the means by which such personal information can be associated with a customer, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal information was collected, and is no longer necessary for legal or business purposes.
The purpose of collection and use of personal information
OWNDAYS only collects and uses personal information for purposes necessary to provide customers with our products and services, and only within the required scope, including but not limited to:
- performing obligations in the course of or in connection with our provision of the goods and/or services requested by a customer
- verifying a customer’s identity;
- responding to, handling, and processing queries, requests, applications, complaints and feedback from customers;
- managing customers’ relationship with us;
- processing payment or credit transactions;
- sending customers marketing information about our goods or services including notifying customers of our marketing events, initiatives and promotions, lucky draws, membership and reward schemes and other promotions via text messages, emails and other digital media;
- complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
- any other purposes for which a customer has provided his/her personal information;
- transmitting to any unaffiliated third parties including our third-party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Australia or abroad, for the aforementioned purposes; and
- any other incidental business purposes related to or in connection with the above,
(collectively, the “Purposes”).
If you elect not to provide your personal information to us, we may not be able to provide our products or services as requested by you.
We may disclose a customer’s personal data:
- where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods or services requested by a customer; or
- to third-party service providers, agents and other organisations we have engaged to perform any of the functions relating to the Purposes listed above,
(collectively, the “Additional Purposes”).
The Purposes and Additional Purposes listed above may continue to apply even in situations where a customer’s relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with a customer).
We may entrust some of our activities and information processing such as the management and storage of information, delivery of postal matter, verification of registration of products and services, distribution of promotional mail or emails etc. to other companies under our supervision.
How you may access your personal information and seek correction
We generally rely on personal information provided by a customer (or a customer’s authorised representative).
In the event a customer wishes to make (a) an access request (“Access Request”) for access to a copy of their personal information which we hold about such customer or information about the ways in which we use or disclose such customer’s personal information, or (b) a correction request (“Correction Request”) to correct or update any of such customer’s personal information which we hold about such customer, such customer may submit a request in writing or via email to our Data Protection Officer at the contact details provided below (an Access Request and Correction Request hereinafter collectively referred to as the “Requests” and each, a “Request”).
Please note that a reasonable fee may be charged for an Access Request. If so, we will inform the customer making the Access Request of the fee before processing such customer’s request.
We will respond to a Request as soon as reasonably possible. Should we not be able to respond to a Request within thirty (30) days after receiving a Request, we will inform the customer making the Request (the “Requestor”) in writing within thirty (30) days of the time by which we will be able to respond to the Request. If we are unable to provide a Requestor with any personal data or to make a correction requested by a Requestor, we shall generally inform the Requestor of the reasons why we are unable to do so (except where we are not required to do so under the Act).
How you may request deletion of your personal information
In the event a customer wishes to delete his/her personal information from our database, there are two options:
1. My page
You can login to “My Page” (www.owndays.com/au/en/login) and proceed with the deletion within the page. Your personal information including the purchase history will be deleted immediately from our system.
2. Email us
You send us an email to "email@example.com” and request the deletion. We will then manually delete your personal information from our system. We will respond to the request as soon as reasonably possible. Should we not be able to respond to the request within thirty (30) days after receiving the request, we will inform the customer in writing about when we will be able to carry out the request.
How you may complain and how your complaint is handled
You may submit a complaint to us about how we handle your personal information using the contact details set out under “Enquiries on Personal Information” below. We will make every endeavour to respond to your request promptly. If you are not satisfied with our handling of your complaint or we have not responded within 30 days, you may contact the Office of the Australian Information Commissioner at firstname.lastname@example.org or on 1300 363 992.
Overseas transfer of personal information
If personal information is transferred out of Australia, we will comply with applicable laws, including but not limited to the Act, in doing so. This includes taking reasonable steps to ascertain whether the foreign recipient of the personal information is bound to comply with standards of protection that are at least comparable to applicable laws, including but not limited to the Act.
Customers can choose to change cookie settings from “Enable all cookies”, “Block all cookies”, “Notify user when receiving cookies”, etc. Setting methods differ according to the browser. Check the method at the “Help” menu of the browser used. If cookies are set to block, customers may not be able to use the functions of the website completely. Access the Google ads page to change the settings of Google ads display.
- Access logs
OWNDAYS records the information of those who access it using access logs (access history). Access logs contain the domain name, IP address of the person who accessed our website, the browser used, date and time of access, etc. These access logs are used for the maintenance and management of OWNDAYS and statistical analysis of its usage. They are not used for other purposes. In the statistical analysis of access logs, OWNDAYS may provide the access logs to external service providers.
OWNDAYS manages an appropriate management system for preventing illegal access, loss, damage, falsification, leakage, etc. of personal information managed by OWNDAYS, and periodically reviews the management system so that it can deal with new illegal access methods. OWNDAYS also reinforces the internal management system and implements thorough training of all employees engaged in the use of personal information. We make efforts to maintain the accuracy of data.
Enquiries on Personal Information
Customers wishing to access, correct or file a complaint, please contact the personal information enquiry desk or our Data Protection Officer by email:
- Email Address: email@example.com
For enquiries regarding user registration of our products and services, please contact the following product and service enquiry desk.
- Email Address: firstname.lastname@example.org
Operating hours: Daily 10:00 - 18:00 (Sydney time)
Effect of Policy and Changes to Policy
This Policy applies in conjunction with any other notices, policies, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of customers’ personal information by us.
We may revise this Policy from time to time without any prior notice. Customers may determine if any such revision has taken place by referring to the date on which this Policy was last updated. A customer’s continued use of our services constitutes such customer’s acknowledgment and acceptance of such changes.
Last updated: 30.06.2022