Last updated: 22 July 2025
At Bondi Hemp Essential Oil, your privacy is treated with the utmost respect. Personal information should be handled transparently, securely, and with a clear understanding of why it’s collected and how it’s used. This page outlines how we manage your data when you visit or shop with us at bondihempoil.com.au. This policy is compliant with the Australian Privacy Act 1988 (Cth) and its Privacy Principles Framework.
Who We Are
Bondi Hemp Essential Oil is an Australian-owned business committed to providing high-quality, compliant hemp products online.
Contact Details
- Business Name: Bondi Hemp Essential Oil
- Website: https://bondihempoil.com.au
- Email: support @ bondihempoil. com. au
- Postal Address: Bondi Hemp Oil, PO Box 327, Bondi NSW 2026
Personal Information We Collect
We only collect necessary information to provide our services, support, improve your experience on our website, or help us better tailor our marketing to your interests.
This information can include:
- Name
- Email address
- Billing and shipping addresses
- Contact number
- Order history
- Payment and transaction details (processed securely by third parties)
- IP address, browser/device info, and usage data (via cookies and analytics tools)
- Credentials, user names and passwords for your account
All payments made via our store are processed through trusted third-party platforms, such as Stripe and PayPal, which securely handle your payment details. We store none of these.
How We Collect Your Information
We collect information in several ways:
- When you place an order or create an account
- When you contact us or subscribe to our updates
- Interactions or actions via this website (traffic, navigation and cookie data)
- When you interact with us via email, forms, or support requests
- When you engage with our marketing (e.g., Mailchimp or Meta tracking)
Some data may also be collected via third-party apps integrated with our store (e.g. analytics, email marketing, payment gateways).
Why We Collect It: Purposes of Use
We collect and process your personal information on the following legal bases: fulfilling contractual obligations (e.g., processing your order), complying with legal obligations, obtaining your consent (e.g., for marketing purposes), and serving our legitimate business interests (e.g., site analytics and fraud prevention).
This includes, but is not limited to, purposes such as:
- Processing orders and delivering products
- Communicating with you about your order, delivery, or account
- Responding to enquiries or customer service requests
- Sending updates, content, or marketing (only with consent)
- Improving our website, services, marketing and user experience
- Complying with Australian legal and regulatory obligations
How We Use and Share Your Data
We never sell your data. We only share your information with trusted third parties that help us operate efficiently. These may include:
- Delivery partners (e.g. Australia Post, Sendle)
- Payment processors (e.g. Stripe, PayPal)
- Marketing and analytics platforms (e.g. Mailchimp, Meta Pixel, Google Analytics)
- E-commerce platform providers (e.g. WooCommerce, Shopify, or WordPress plugins)
- IT and hosting services
In some cases, these providers may be located overseas (e.g. the United States). We take steps to ensure all data shared internationally is handled with care and under adequate privacy protections.
Overseas Data Processing Disclosure
While we are based in Australia, some of our third-party service providers operate internationally. This means your data may be stored or processed in countries such as:
- United States (e.g. Stripe, Mailchimp, Google, Meta)
We only engage with providers who adhere to privacy standards comparable to those in Australia, and we avoid any unnecessary data sharing with offshore providers.
When transferring your data outside of Australia, we ensure that the overseas recipients meet privacy protections that align with Australian legal standards. These protections are documented in our service terms with third-party service providers.
Inadvertant
Our products and services are not permitted for purchase or use by individuals under 18 years of age. We do not intentionally or knowingly collect information from anyone under 18 years of age. However, it is not always feasible for us to verify the age of an individual visiting or shopping at our online store.
Where we are notified or become aware that we have inadvertently transacted with, or collected information from, a minor via our website, we will remedy the situation and entirely erase all data associated with this individual. Please contact us directly if you believe this situation has occurred, providing details of the issue and any relevant evidence to support our investigation.
Access, Correction and Complaint Rights
Under the Australian Privacy Principles, you have rights to access your data, request corrections, withdraw consent, and lodge a complaint. We honour these rights and aim to respond to any request regarding these concerns within 10 business days.
You’re entitled to:
- Checking Data Recorded: You can ask to view the personal details we currently have on record for you.
- Correcting Information: If any of that information is incorrect, outdated, or incomplete, you’re welcome to request a correction.
- Marketing Opt Outs: You can change your mind at any time and opt out of our promotional emails or updates.
- Flagging a Problem: If you think your data hasn’t been handled correctly, we want to hear about it.
For privacy-related enquiries, correction requests, or complaints, please contact our Data Privacy Officer at support @ bondihempoil. com. au or via our postal address. We respond promptly and take all privacy requests seriously.
How We Keep Your Information Secure
We take a ‘layered’ approach to security and privacy for maximum protection of information.
This includes both technical and non-technical protocols designed to prevent issues from occurring, as well as minimise their impact if they do occur.
Here are some of the key ways we protect processed data and information:
- SSL encryption across our website to keep your information secure in transit
- Tightly controlled access, so only authorised personnel can handle your data
- Secure third-party storage through reputable providers we trust
- Minimal data retention, meaning we only hold onto your information for as long as necessary to meet legal or operational requirements
- Data retention periods: We retain your data only for as long as necessary to fulfil the purpose for which it was collected, including for legal, tax, and accounting purposes. Typically, order and account information is kept for 7 years to meet regulatory, legal and accounting compliance requirements.
- Routine reviews of how we manage and store data to ensure we’re staying up to date with best practices
While we take every reasonable measure to protect your information, no digital system is entirely immune to risk. If a breach were to occur that puts your data at risk, we’ll notify anyone impacted, as well as the Australian Information Commissioner. This notification process will be fully compliant with the Notifiable Data Breaches (NDB) scheme.
Use of Cookies & Analytics
View our full Cookies Policy here for more information about how we use and handle cookies.
We use cookies and tracking technologies to:
- Help your shopping cart work properly
- Analyse website usage and performance
- Improve content and services
- Show ads and measure engagement (via tools like Facebook Ads and Google Analytics)
All modern browsers allow you to control cookies, their permissions and how they’re managed via the browser’s cookie settings. Please note that blocking or disallowing cookies on this site may compromise the site’s functionality.
Upon visiting our site, you’ll be prompted to manage your cookie preferences. You can accept, reject, or customise which cookies are stored. These settings can also be adjusted at any time via your browser.
Marketing Communications
If you opt in to our communications, we may occasionally communicate with you with updates, tips, promotions, or newsletters.
At any time, you can remove your consent or opt out of marketing, promotional, or update communications by using the unsubscribe links provided in each email, or by contacting us.
Opt-outs or withdrawal of marketing consent do not affect any processing that has already occurred before the request. It also does not affect or revoke consent for communications related to non-promotional support, account, or service matters.
We comply with the Spam Act 2003 (Cth) in Australia and never send marketing-related communications without explicit consent being obtained.
We may use automated tools (e.g., those provided by Google or Meta) to better understand customer interests for targeted marketing purposes. These tools may segment audiences, but do not make decisions that significantly impact your rights or access to services.
Complaints
You may raise a formal complaint if you believe there has been a compliance or privacy breach that needs flagging. To do this, please:
- Contact us directly at: support @ bondihempoil. com. au or via our contact page.
- Share a description of the issue, any evidence and details of what was breached, date, time, digital channel or location.
- We’ll investigate and respond within 10 business days
- If we don’t resolve the issue or you’re unsatisfied, you reserve the right to complain to the Australian Information Commissioner on your own terms.
Acceptance and Policy Updates
By accessing or using our website (https://bondihempoil.com.au), you agree that you have wholly reviewed, understood and accepted this Privacy Policy, as well as the Terms of Use that are governed by it. If you do not accept, do not use, browse or shop via any part of this site. Continuing to use the site in any way will represent acceptance of these terms and policies on an ongoing basis.
We reserve the right to update this policy from time to time to reflect any changes in law or updates to our services. We encourage you to review it periodically. Check the top of this page for the latest version and most recent update dates.