Privacy Statement (AU)

This privacy statement was last changed on April 25, 2024, last checked on April 25, 2024, and applies to citizens of Australia.

In this privacy statement, we explain what we do with the data we obtain about you via https://catniphaven.com. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose and categories of data

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)

1.1 Contact – Through phone, mail, email and/or webforms

The following categories of data are collected

  • Date of birth
  • Geolocation data
  • IP Address
  • An email address
  • A telephone number
  • A home or other physical address, including street name and name of a city or town
  • A first and last name
  • Account name or alias

Retention period

We determine the retention period according to fixed objective criteria: As per request.

1.2 Newsletters

The following categories of data are collected

  • Date of birth
  • Geolocation data
  • An email address
  • A telephone number
  • IP Address
  • A home or other physical address, including street name and name of a city or town
  • A first and last name
  • Account name or alias

Retention period

We determine the retention period according to fixed objective criteria: The criteria we use to determine the retention period for the data are based on our organization’s data retention policy and applicable legal and regulatory requirements. We retain the data for as long as it is needed to fulfill our contractual obligations and provide the necessary services to the party involved, maintaining an accurate record and continuing to deliver the agreed-upon services. We also comply with relevant data protection and privacy laws by retaining the data for as long as we have a legitimate business need to do so, in order to fulfill our legal and regulatory obligations. However, if the party involved requests the deletion of their data at any time, we will honor that request promptly, unless there is a specific legal requirement for us to continue retaining the information. Additionally, the data may be retained for a reasonable duration to protect our legitimate business interests, such as defending against potential legal claims or maintaining an audit trail for internal processes. Our goal is to balance the needs of the business with the privacy rights of the individual. The data will remain in the system for as long as necessary, but the party involved has the right to request the deletion of their data at any time, and we will comply with such requests unless legally prohibited from doing so.

1.3 To support services or products that a customer wants to buy or has purchased

The following categories of data are collected

  • Date of birth
  • Geolocation data
  • IP Address
  • A telephone number
  • An email address
  • A first and last name
  • A home or other physical address, including street name and name of a city or town
  • Account name or alias

Retention period

We determine the retention period according to fixed objective criteria: The criteria we use to determine the retention period for the data are based on our organization’s data retention policy and applicable legal and regulatory requirements. We retain the data for as long as it is needed to fulfill our contractual obligations and provide the necessary services to the party involved, maintaining an accurate record and continuing to deliver the agreed-upon services. We also comply with relevant data protection and privacy laws by retaining the data for as long as we have a legitimate business need to do so, in order to fulfill our legal and regulatory obligations. However, if the party involved requests the deletion of their data at any time, we will honor that request promptly, unless there is a specific legal requirement for us to continue retaining the information. Additionally, the data may be retained for a reasonable duration to protect our legitimate business interests, such as defending against potential legal claims or maintaining an audit trail for internal processes. Our goal is to balance the needs of the business with the privacy rights of the individual. The data will remain in the system for as long as necessary, but the party involved has the right to request the deletion of their data at any time, and we will comply with such requests unless legally prohibited from doing so.

1.4 To be able to offer personalized products and services

The following categories of data are collected

  • A first and last name
  • An email address
  • A telephone number
  • IP Address
  • Geolocation data
  • Date of birth
  • A home or other physical address, including street name and name of a city or town
  • Account name or alias

Retention period

We determine the retention period according to fixed objective criteria: The criteria we use to determine the retention period for the data are based on our organization’s data retention policy and applicable legal and regulatory requirements. We retain the data for as long as it is needed to fulfill our contractual obligations and provide the necessary services to the party involved, maintaining an accurate record and continuing to deliver the agreed-upon services. We also comply with relevant data protection and privacy laws by retaining the data for as long as we have a legitimate business need to do so, in order to fulfill our legal and regulatory obligations. However, if the party involved requests the deletion of their data at any time, we will honor that request promptly, unless there is a specific legal requirement for us to continue retaining the information. Additionally, the data may be retained for a reasonable duration to protect our legitimate business interests, such as defending against potential legal claims or maintaining an audit trail for internal processes. Our goal is to balance the needs of the business with the privacy rights of the individual. The data will remain in the system for as long as necessary, but the party involved has the right to request the deletion of their data at any time, and we will comply with such requests unless legally prohibited from doing so.

1.5 Compiling and analyzing statistics for website improvement.

The following categories of data are collected

  • A first and last name
  • A telephone number
  • An email address
  • IP Address
  • Geolocation data
  • Date of birth
  • A home or other physical address, including street name and name of a city or town
  • Account name or alias

Retention period

We determine the retention period according to fixed objective criteria: The criteria we use to determine the retention period for the data are based on our organization’s data retention policy and applicable legal and regulatory requirements. We retain the data for as long as it is needed to fulfill our contractual obligations and provide the necessary services to the party involved, maintaining an accurate record and continuing to deliver the agreed-upon services. We also comply with relevant data protection and privacy laws by retaining the data for as long as we have a legitimate business need to do so, in order to fulfill our legal and regulatory obligations. However, if the party involved requests the deletion of their data at any time, we will honor that request promptly, unless there is a specific legal requirement for us to continue retaining the information. Additionally, the data may be retained for a reasonable duration to protect our legitimate business interests, such as defending against potential legal claims or maintaining an audit trail for internal processes. Our goal is to balance the needs of the business with the privacy rights of the individual. The data will remain in the system for as long as necessary, but the party involved has the right to request the deletion of their data at any time, and we will comply with such requests unless legally prohibited from doing so.

1.6 To be able to comply with legal obligations

The collection is required or authorized by the following law or court/tribunal order:

The following categories of data are collected

  • A first and last name
  • An email address
  • A telephone number
  • IP Address
  • Date of birth
  • Geolocation data
  • A home or other physical address, including street name and name of a city or town
  • Account name or alias

Retention period

We determine the retention period according to fixed objective criteria: The criteria we use to determine the retention period for the data are based on our organization’s data retention policy and applicable legal and regulatory requirements. We retain the data for as long as it is needed to fulfill our contractual obligations and provide the necessary services to the party involved, maintaining an accurate record and continuing to deliver the agreed-upon services. We also comply with relevant data protection and privacy laws by retaining the data for as long as we have a legitimate business need to do so, in order to fulfill our legal and regulatory obligations. However, if the party involved requests the deletion of their data at any time, we will honor that request promptly, unless there is a specific legal requirement for us to continue retaining the information. Additionally, the data may be retained for a reasonable duration to protect our legitimate business interests, such as defending against potential legal claims or maintaining an audit trail for internal processes. Our goal is to balance the needs of the business with the privacy rights of the individual. The data will remain in the system for as long as necessary, but the party involved has the right to request the deletion of their data at any time, and we will comply with such requests unless legally prohibited from doing so.

1.7 Registering an account

The following categories of data are collected

  • Date of birth
  • Geolocation data
  • IP Address
  • A telephone number
  • An email address
  • A first and last name
  • A home or other physical address, including street name and name of a city or town
  • Account name or alias

Retention period

We determine the retention period according to fixed objective criteria: The criteria we use to determine the retention period for the data are based on our organization’s data retention policy and applicable legal and regulatory requirements. We retain the data for as long as it is needed to fulfill our contractual obligations and provide the necessary services to the party involved, maintaining an accurate record and continuing to deliver the agreed-upon services. We also comply with relevant data protection and privacy laws by retaining the data for as long as we have a legitimate business need to do so, in order to fulfill our legal and regulatory obligations. However, if the party involved requests the deletion of their data at any time, we will honor that request promptly, unless there is a specific legal requirement for us to continue retaining the information. Additionally, the data may be retained for a reasonable duration to protect our legitimate business interests, such as defending against potential legal claims or maintaining an audit trail for internal processes. Our goal is to balance the needs of the business with the privacy rights of the individual. The data will remain in the system for as long as necessary, but the party involved has the right to request the deletion of their data at any time, and we will comply with such requests unless legally prohibited from doing so.

1.8 Payments

The following categories of data are collected

  • A first and last name
  • An email address
  • IP Address
  • Geolocation data
  • A telephone number
  • Date of birth
  • A home or other physical address, including street name and name of a city or town
  • Account name or alias

Retention period

We determine the retention period according to fixed objective criteria: The criteria we use to determine the retention period for the data are based on our organization’s data retention policy and applicable legal and regulatory requirements. We retain the data for as long as it is needed to fulfill our contractual obligations and provide the necessary services to the party involved, maintaining an accurate record and continuing to deliver the agreed-upon services. We also comply with relevant data protection and privacy laws by retaining the data for as long as we have a legitimate business need to do so, in order to fulfill our legal and regulatory obligations. However, if the party involved requests the deletion of their data at any time, we will honor that request promptly, unless there is a specific legal requirement for us to continue retaining the information. Additionally, the data may be retained for a reasonable duration to protect our legitimate business interests, such as defending against potential legal claims or maintaining an audit trail for internal processes. Our goal is to balance the needs of the business with the privacy rights of the individual. The data will remain in the system for as long as necessary, but the party involved has the right to request the deletion of their data at any time, and we will comply with such requests unless legally prohibited from doing so.

2. Sharing with other parties

We only share or disclose this data to other recipients for the following purposes:

3. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

4. What if you don't provide us with your personal information?

If you don’t provide us with your personal information, we may not be able to provide you with the information, products or assistance that you are seeking.

5. How we respond to Do Not Track signals & Global Privacy Control

Our website does not respond to and does not support the Do Not Track (DNT) header request field.

6. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy on our Cookie Policy (AU) webpage. 

We have concluded a data processing agreement with Google.

Google may not use the data for any other Google services.

The inclusion of full IP addresses is blocked by us.

7. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

The security measures we use consist of:

  • Vulnerability Detection
  • Website Hardening/Security Features
  • (START)TLS / SSL / DANE Encryption
  • HTTP Strict Transport Security and related Security Headers and Browser Policies
  • DKIM, SPF, DMARC and other specific DNS settings
  • Security measures of hardware that contain, or process personal data.
  • Login Security

8. Third party websites

This privacy statement does not apply to third party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

9. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

10. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below. You have the following rights:

10.1 You have the following rights with respect to your personal data

  1. You may submit a request for access to the data we process about you.
  2. You may request an overview, in a commonly used format, of the data we process about you.
  3. You may request correction or deletion of the data if it is incorrect or not or no longer relevant for any purpose under the Privacy Act.

11. Children

Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.

12. Contact details

Catnip Haven

Philippines
Website: https://catniphaven.com
Email: contact@catniphaven.com

We have appointed a contact person for the organization’s policies and practices and to whom complaints or inquiries can be forwarded:

Annex

MailPoet

MailPoet newsletter & emails

If you have subscribed to our newsletter or if you are a member of our website (you can log in) or if you have purchased on our website, there is a good chance you will receive emails from us.

We will only send you emails which you have signed up to receive, or which pertain to the services we provided to you.

To send you emails, we use the name and email address you provide us. Our site also logs the IP address you used when you signed up for the service to prevent abuse of the system.

This website can send emails through the MailPoet Sending Service. This service allows us to track opens and clicks on our emails. We use this information to improve the content of our newsletters.

No identifiable information is otherwise tracked outside this website except for the email address.

Below is a list of cookies that may be generated by MailPoet (note that some cookies are only utilized when WooCommerce is installed and activated):

Cookie name: mailpoet_page_view
Cookie expiry: 3,650 days.
Cookie description: The purpose of this cookie is to track the last time a subscriber viewed any page on the site.

Cookie name: mailpoet_revenue_tracking
Cookie expiry: 14 days.
Cookie description: The purpose of this cookie is to track which newsletter sent from your website has acquired a click-through and a subsequent purchase in your WooCommerce store.

Cookie name: mailpoet_subscriber
Cookie expiry: 3,650 days.
Cookie description: The purpose of this cookie is to track subscriber engagement. It is used when the user logs in, signs up in a form, confirms subscription to a newsletter, or places an order through WooCommerce.
Note: User must be opted-in and a confirmed subscriber.

Cookie name: popup_form_dismissed_{$formId}
Cookie expiry: the expiration date varies and can be set per form.
Cookie description: This cookie is used to track if a user has previously dismissed a specific form, preventing the re-display of the form until the cookie’s expiration date. It is applicable for popup, slide-in, or fixed bar forms.

Share This