Privacy policy

1. Australian Privacy Principles

(a) Berm Riding Wear Pty Ltd ABN 14 638 180 604 ("we", "us", "our") are committed to maintaining the privacy and
confidentiality of personal information. We believe that the responsible use of personal information collected is critical to our
business objectives and reputation.

(b) We have elected to be subject to the Commonwealth Privacy Act 1988 and accordingly will adhere to the Australian Privacy
Principles (APPs) when collecting, using, disclosing, securing and providing access to personal information.

(c) As part of our commitment to privacy, we have adopted this Privacy Policy which deals with the management of personal
information.

(d) The contents of this Privacy Policy are subject to change and are not intended to create a contract between us and any
individual or entity that provides us with personal information. From time to time, it may become necessary for us to review or
amend this policy. Any changes will be made as and when required. We will advise you of any changes by posting an updated
version of our Policy on our website.

(e) Our website and some emails include hyperlinks which enable access to third party websites. These third party websites are not
subject to this Privacy Policy.

2. Personal Information Collection and Storage

(a) Personal information is any information, including any opinion, about an identified individual, or an individual who is
reasonably identifiable:

i) whether the information or opinion is true or not; and

ii) whether the information or opinion is recorded in material form or not.

(b) Sensitive Information is personal information, which is given a greater level of protection under the Australian Privacy
Principles, such as information about your health, criminal records, your religious beliefs or affiliations or political opinions.
We only collect such information where we are permitted to do so under the Australian Privacy Principles and if such
information is necessary to provide our services to you or where we are required to collect this information by law.

(c) We may invite you to provide information about yourself so that we are able to provide our services to you and to our clients.

(d) The extent and type of personal information we receive from you depends on the information you provide to us directly
through our mailbox, website, telephone or face-to-face meetings, indirectly through clients of ours who provide services or
information to you and/or when you request services from us or one of our clients.

(e) In order for us to provide you with our services or otherwise to deal with you we generally require your name, address, contact
details and interests. The type and amount of information necessary will vary depending on the services you require.

(f) Your personal information will be held in a database record stored on secured servers that are protected in controlled facilities.
Access to the database is limited to us and our key personnel.

(g) Where it is lawful and reasonable to do so, you can remain anonymous or use a pseudonym if you wish, however it may reduce
the type and quality of services we will be able to provide.

3. Use and Disclosure of Personal Information

(a) We use the personal information which you provide to deliver services most suited to your needs.

(b) We use your personal information to respond to your requests, to provide you with information about our services or the
services of our clients, to communicate with you, to provide any of our services, to administer and manage those services
(including billing), to market our services or the services of our clients by promotional and educational material, direct
electronic marketing, newsletters and invitations, to gather feedback, to protect our rights and property and to comply with any
legal obligations. For example, if you send us an e-mail message requesting information, we will use your e-mail address and
other information you supply to respond to your request.

(c) We may use your personal information to inform you about our other services from time to time, however, we will give you an
opportunity to decline to receive such communications.

(d) The personal information you provide to us will be retained only for as long as necessary to fulfil the purposes for which the
information was collected or as required by law.

(e) We do not share personal information with third parties except as set out below or otherwise as necessary to provide our
services or as required by law or other legal processes, and we never sell your personal information.

(f) The third party people/organisations to which we disclose your personal information may include clients of ours with whom
you already have, or have requested services or information, our contractors and outsourced service providers who manage the
services we provide to you, your authorised representatives, our professional advisers (including our accountants and auditors),
government and regulatory authorities and other similar organisations, as required or authorised by law and our related entities.

(g) Personal information collected by us may be transferred to our subsidiaries or related entities where it is necessary to meet the
purpose for which you have submitted the information. By submitting data to us electronically, you are providing explicit
consent to trans-border transmission of data collected.

4. Data Access and Quality

(a) We take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up-to-
date.

(b) You can request access to the personal information we hold about you if you wish to do so. If we are unable to
provide you with access, we will explain why. You can request details of the information we hold about you and we
will provide a copy within 28 days of your request. We reserve our rights to charge a fee for searching for and
providing access to your information.

(c) You can contact us at any time to update your information and we recommend you do so as and when required. You can also
advise us of changes by e-mail, telephone or letter using the details on our website.

5. Cookies

(a) "Cookies" (small text files placed on your computer when you first visit our website) may be used on some parts of our
website. Most browsers now recognise when a cookie is offered and permit you to refuse or accept it. If you are not sure
whether your browser has this capability, you should check with the software manufacturer, your company's technology help
desk or your internet service provider.

(b) Cookies are primarily used to enhance your online experience and are not used to track the navigational habits of identified
visitors, unless we obtain your permission to do so. If you visit our website to read or download content, much of the
information we do collect via cookies is statistical only (for example the domain from which you access the internet, the date
and time you access our site, and the internet address of the website from which you linked directly to our site) and is not
personally identifiable. We use this information about the number of visitors and their use of the sites in aggregate form to
make our site more useful and attractive to users.

6. Overseas Transfer

(a) We use internet service providers that have servers located in United States. We may also use, or use in the future, internet
service providers that may have servers located overseas, including cloud service providers. This means that your personal
information supplied to us online, for example through our website or our social media sites, may sometimes be transferred
overseas. If you elect to provide personal information to us through any of our online services you are deemed to consent to the
possible overseas transfer of such information.

(b) Apart from the above we will only transfer your personal information overseas if:

i) we are required to do so by law;

ii) we reasonably believe that the recipient will be required to uphold privacy principles which are similar to the
Australian Privacy Principles;

iii) you have consented to the transfer;
iv) it is not practical to obtain your consent or the transfer is for your benefit and your consent is likely to be given;

v) the transfer of the information is necessary for the performance of a contract between you and us; or

vi) we have taken reasonable steps to ensure that your personal information will not be held, used or disclosed by the
overseas recipient in a way which does not comply with the Privacy Act and/or the APPs.

7. Data Security

(a) We are committed to protecting your personal information from misuse and loss, and from unauthorised access,
modification and disclosure, and will take reasonable steps to do so.

(b) Our personnel who have access to personal information have been trained to maintain the confidentiality of such information.

8. Complaints

(a) We recognise our responsibility for protecting the privacy of your personal information. If you have a questions or comments
about our administration of your personal information, please contact us at the contact details below. You may also use these
contact details to communicate any concerns or complaints you may have regarding compliance with our Privacy Policy.

(b) If you are not satisfied with how we handled your complaint, you can lodge a complaint with the Office of the Australian

Information Commissioner at:

Telephone: 1300 363 992 (or +61 2 9284 9749 if calling from outside Australia).

TTY: 133 677 (then ask for 1300 363 992)

Post: GPO Box 5218 Sydney NSW 2001

Facsimile: +61 2 9284 9666

Email: enquiries@oaic.gov.au

Website: www.oaic.gov.au

9. Further Information

If you have questions or comments about this policy or our administration of your personal information, please contact us at
letschat@bermridingwear.com