(as at 30 August 2021)
Goods International Pty Ltd (Goods, we, our or us) is committed to protecting and respecting your privacy having regard to the Privacy Act 1988 (Cth) and other privacy legislation such as the General Data Protection Regulation (EU) 2016/679 (the GDPR).
As a result, we have implemented practices, procedures and systems in relation to privacy, to maintain the confidentiality and security of personal information and personal data we collect and hold; and manage our privacy systems, practices and procedures in an open and transparent way.
By “personal information”, we mean information or an opinion, whether true or not, about an identified individual, or about an individual who is reasonably identifiable (including by reference to identifiers such as a name, an ID number, location data, or an online identifier), as well as “personal data” as defined under the GDPR.
This policy (as amended from time to time) sets out how we handle the personal information we collect and hold. It should be read together with any terms and conditions on our websites, which include goodsinternational.com.au, childreninthepictures.org and good.film. This policy should also be read in conjunction with our Acceptable Use Policy.
What personal information do we collect and hold?
The kind of personal information we may collect and hold depends on how you interact with us, but will primarily include:
We may also collect and hold:
We may also collect and hold information about your computer, including (where available) your IP address, operating system and browser type.
We do not keep files containing all of the above information on all people who contact us, or with whom we deal. In many cases, we may have only one or two pieces of information relating to any particular person. Please also note that we do not intentionally hold personal information about anyone aged under 13, and will delete and such information if we become aware that a person about whom we hold personal information is under that age.
Why do we collect, hold and disclose personal information?
We collect and hold personal information for a variety of purposes – and different kinds of personal information are used for different purposes.
In each case, however, the personal information we collect and hold is reasonably necessary for our functions and activities, including in order to provide you with services you would expect from us. These purposes are:
Providing services and managing our relationship with you and others
Marketing and advertising
Improving our services and conducting research
Under the GDPR, we only process personal information as described above to the extent it is permitted (including to perform contractual obligations under a contract to which you are a party). However, we may also process your personal information for the purposes of our legitimate interests, including running our business securely, lawfully, efficiently and safely; driving sales with effective marketing and advertising (including the use of promotions); and continuously improving our business using business analytics (including but not limited to Google Analytics, Firebase, Fathom Analytics, Piwik / Matomo, Clicky, Cloudflare Analytics, segment.io, Statcounter, Flurry Analytics, Mixpanel, Unity Analytics, Ackee and Simple Analytics).
From time to time, when collecting information from you, we may also ask you to “opt-in” to consent to us using or disclosing your personal information other than in accordance with this policy or any applicable law. As part of our commitment to protecting your privacy, however, you will also be given the opportunity to withdraw your consent to our use of your personal information other than in accordance with this policy at any time (without affecting the lawfulness of processing based on consent before its withdrawal).
You may also “opt-out” from receiving communications from us or from third parties that send communications to you in accordance with this policy or in accordance with any additional consent you give, and we will comply with your decision. (You will be able to “opt out”, for example, by clicking on an “unsubscribe” link at the end of an email, or by contacting our Privacy / Data Protection Officer.)
How do we get the personal information we collect and hold?
We only collect personal information by fair and lawful means, including when people:
We prefer to obtain any personal information we collect directly from you. In some cases, however – it may be unreasonable or impracticable to obtain information directly, and we may obtain that information from someone else. We may also collect information from external service providers to whom we have contracted services as well as from third parties who offer products and services to you.
If you are concerned about what information we may hold about you, please see below for information on how you can access and (if necessary) correct that information.
Cookies and modern websites
When you visit our website we may send your browser a cookie. A cookie is a small file placed on your computer or mobile phone’s browser that helps us recognise you when you return to our website or to the app and can tell us whether or not you’ve visited the site before. Your browser will tell us if you have these cookies, and if you don’t, we may generate new ones.
We do, however, honour “Do Not Track” signals and do not track, plant cookies or use advertising if you have such a browser mechanism in place.
You can disable cookies (and enable or disable “Do Not Track” signals) from our site at any time by changing your browser settings (typically found in the “options” or “preferences” menu of your browser). Please note, however, that changing these settings may prevent areas of our website from working as intended.
We may also use third-party cookies, including Google Analytics features, Facebook Remarketing tags and tracking pixels, Bing Ads and Bing Ads Remarketing, Twitter remarketing services, Pinterest, AdMob by Google, AdButler, Unity Ads and DoubleClick remarketing pixels. Based on your past visits to our websites and uses of our apps, these enable third-party vendors such as these to provide you with information about products and services that may be of interest to you as you browse the internet more generally or use our apps (including information about products and services from third-parties).
You can choose to opt out of the above by visiting the Network Advertising Initiative opt out page (available at http://optout.networkadvertising.org/?c=1#!/) or, for Google Analytics, by visiting http://optout.aboutads.info/?c=2#!/ .
For more information about cookies, including to see what cookies have been placed, how to manage and delete them, and how to opt-out of being tracked by social networks and third-party advertisers, visit these services:
We may use or disclose your personal information to promote both our products or services and those of third parties through direct marketing.
You may ask us to identify how we acquired the personal information that we use or disclose for direct marketing purposes by contacting us via the details set out at the end of this Policy.
If at any time you do not wish to receive any direct marketing communications whether from us or from third parties, you can ask us not to send you any further direct marketing communications and not to disclose your personal information to third parties for that purpose by using the “unsubscribe” facility included in a prominent statement in the direct marketing communications or by contacting us via the details set out below.
Can you interact with us anonymously or under a pseudonym?
In many cases, you will need to provide your real name when interacting with us. You may however – wherever lawful and practicable – use a pseudonym (or simply not identify yourself) when dealing with us. For example, if you have a complaint or concern about our site, or a general question about any of our resources or services, you are welcome to contact us without identifying yourself. In some cases, however, if you do not provide us with information, we may not be able to provide you with our resources or services, or we may not otherwise be able to respond adequately to you.
For clarification on when you must identify yourself, please contact our Privacy / Data Protection Officer. (You may use a pseudonym – or simply not identify yourself – when making such an enquiry.)
Who has access to my personal information?
Generally, only our officers and staff will access your personal information, and then only on a “need to know” basis.
We may also disclose your personal information:
Note also that we do not sell personal information, though we may transfer personal information from one of our family of companies to another (which may be considered a “sale” for the purposes of some laws).
How long we keep your personal information
We only keep your personal information for as long as is necessary to provide you with the goods or services you have requested from us or for as long as we reasonably need to retain the information for our legitimate interests.
We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time we need to keep it.
At this stage, we do not use automated decision-making which produces legal effects which significantly affect data subjects.
Your rights and choices
As set out in more detail below, you may:
How can I access (and, if necessary, correct or delete) personal information that Goods has collected and holds about me?
If you wish to review (and, if necessary, correct, update or erase) personal information that we may have collected and hold about you, please contact our Privacy / Data Protection Officer.
We will respond to your requests to access, correct or erase your personal information as soon as possible (but in any case, within a reasonable period).
How can you complain about us if we breach any of applicable privacy principles or any registered code that binds it?
Contact our Privacy / Data Protection Officer (details below) if you have a complaints about any breach of any applicable privacy principles or of any registered code that binds us. If you are located in the European Union, then you may make a complaint with a supervisory authority in your jurisdiction.
How will we deal with complaints you might have about breaches of applicable privacy legislation or any relevant registered code?
We will treat any complaint about a breach of privacy legislation or any relevant registered code seriously, and will investigate any breach of which we become aware – including how it occurred and how best to prevent such a breach occurring again.
What steps does Goods take to secure personal information?
We take reasonable steps to ensure that your personal information is treated securely and in accordance with this policy and is not subject to misuse, interference or loss, or unauthorised access, modification or disclosure. For example, apart from using secure servers, we implement firewalls and password access and, where relevant, impose limits on who can access personal information.
While we take reasonable steps to ensure security, please note that the transmission of information (including over the Internet) is never completely secure. You understand, therefore, that the transmission and storage of personal information is not necessarily wholly secure, and that the steps we take to protect your personal information, though reasonable, may not always be effective. In those circumstances, we do not accept responsibility for any misuse or loss of, or unauthorised access to, your personal information. If you suspect any misuse or loss of, or unauthorised access to, your personal information, please let us know immediately.
If we have given you (or where you have chosen) a password which enables you to access our services or parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Do we disclose personal information to people or organisations outside Australia?
We hold personal information securely both in our offices and on secure servers, some of which are located overseas, including in the United States. The transfer of your personal information overseas is necessary for the performance of our services.
Personal information may also be processed by staff or agents operating outside Australia. Such staff or agents may be engaged in, among other things, hosting information on the cloud, processing payment details and providing support services.
We also may use third-party service providers (such as GitHub, GitLab CI/CD, Travis CI, Bitris, Fastlane, Codacy, Codeov, Codemagic, Crowdin and Circle CI) to automate the development of our services. Information on the privacy policies of each of these (including what data they collect and how they process it) is available on each of their websites.
We will not, however, transfer your personal information overseas to a country that is not subject to a comparable privacy scheme unless the organisation to which we disclose that information implements privacy policies comparable to the obligations that apply under Australian law.
Who do I contact about privacy issues?
If you have any concerns or questions about privacy issues, including how we are dealing with or holding your personal information, contact our Privacy / Data Protection Officer by email to firstname.lastname@example.org.
Please also contact our Privacy / Data Protection Officer if, for example: