Privacy Policy

Last updated: 9 March 2025

1. Controller and contact details

The data controller responsible for your personal data in connection with this website is:

Vomrelonchepai
50 Avenue Rd, Mosman NSW 2088, Australia
Email: hello@vomrelonchepai.world
Phone: +61299602972

If you have questions about this Privacy Policy or your personal data, please contact us using the details above.

2. Scope and applicable law

This Privacy Policy applies to the website vomrelonchepai.world and to all personal data we collect when you use our site, place orders, or contact us. We process personal data in accordance with:

• the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth);
• where applicable, the EU General Data Protection Regulation (GDPR) for visitors and customers in the European Economic Area;
• other applicable Australian and international data protection laws.

3. Personal data we collect

We may collect the following categories of personal data:

• Identity and contact data: name, email address, phone number (if provided), and delivery address when you place an order or use the contact form.
• Transaction data: order details, payment-related information (processed by secure third-party payment providers), and order history.
• Technical and usage data: IP address, browser type and version, device type, time zone, pages visited, and how you use our website. This may include data collected via cookies and similar technologies (see our Cookie Policy).
• Communication data: copies of correspondence when you contact us by email or through the website.

4. Purposes and legal basis for processing

We use your personal data for the following purposes:

• Order fulfilment: to process and deliver your orders, communicate about your order, and handle returns or complaints. Legal basis: performance of a contract; legitimate interest (efficient customer service).
• Customer service: to respond to your enquiries and provide support. Legal basis: legitimate interest; consent where applicable.
• Website operation and security: to run and secure our website, prevent fraud, and ensure technical functionality. Legal basis: legitimate interest; legal obligation where applicable.
• Analytics and improvement: to understand how our website is used and to improve our services. Where we use non-essential cookies or analytics, we do so only with your consent. Legal basis: consent; legitimate interest (improving our services) where permitted.
• Marketing: only where you have given consent, we may send you information about our products and offers. You can withdraw consent at any time. Legal basis: consent.
• Legal and regulatory: to comply with legal obligations (e.g. tax, consumer law) and to establish or defend legal claims. Legal basis: legal obligation; legitimate interest.

5. Retention periods

We keep your personal data only for as long as necessary for the purposes set out above:

• Order and transaction data: typically 7 years from the end of the financial year in which the transaction occurred, for tax and legal compliance.
• Contact form and correspondence: for the duration of the enquiry and a reasonable period thereafter (e.g. 3 years) unless we are required to keep it longer.
• Marketing consent and preferences: until you withdraw consent or opt out; we then retain a minimal record that you have opted out to honour your choice.
• Technical and access logs: typically up to 12–24 months, unless a shorter or longer period is required for security or legal reasons.
• Cookie-related data: as described in our Cookie Policy.

After the retention period, we securely delete or anonymise your data so it can no longer identify you.

6. Your rights

Depending on your location, you may have the following rights:

• Access: to request a copy of the personal data we hold about you.
• Rectification: to request correction of inaccurate or incomplete data.
• Erasure: to request deletion of your data in certain circumstances (e.g. where we no longer need it or you withdraw consent).
• Restriction: to request that we limit how we use your data in certain situations.
• Data portability: to receive your data in a structured, machine-readable format where the processing is based on consent or contract.
• Object: to object to processing based on legitimate interests, including profiling where applicable.
• Withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
• Complaint: to lodge a complaint with a supervisory authority. In Australia, you may contact the Office of the Australian Information Commissioner (OAIC). In the EEA, you may contact the data protection authority in your country.

To exercise any of these rights, please contact us using the details in section 1. We will respond within the timeframes required by applicable law (e.g. 30 days under the Privacy Act; one month under the GDPR, extendable where necessary).

7. Sharing and international transfers

We may share your personal data with:

• Service providers who assist us (e.g. hosting, payment processing, shipping, email delivery). We ensure they act only on our instructions and protect your data.
• Professional advisers (e.g. lawyers, accountants) where necessary.
• Public authorities when required by law.

Our business is based in Australia. If we transfer data to countries outside Australia or the EEA, we will ensure appropriate safeguards are in place (e.g. standard contractual clauses, adequacy decisions) as required by applicable law.

8. Security measures

We implement appropriate technical and organisational measures to protect your personal data, including:

• Use of HTTPS and encryption for data in transit.
• Secure storage and access controls for data at rest.
• Restriction of access to personal data to authorised personnel only.
• Regular review of our security practices and, where appropriate, use of trusted third-party services that comply with industry standards.

Despite our efforts, no transmission over the internet or electronic storage is completely secure. We encourage you to use strong passwords and to contact us immediately if you suspect any unauthorised use of your data.

9. Children

Our website and services are not directed at individuals under 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will take steps to delete it.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top will be revised when changes are made. We encourage you to review this page periodically. Where required by law, we will seek your consent or notify you of material changes.

11. Contact

For any questions about this Privacy Policy or your personal data:

Vomrelonchepai, 50 Avenue Rd, Mosman NSW 2088, Australia. Email: hello@vomrelonchepai.world, Phone: +61299602972.