Privacy policy
Last updated: 11 November 2023
Your privacy is important to us and we will never sell customer information. We value our customers’ right to privacy and are committed to both protecting your privacy, and adhering to the the Australian Privacy Principles under the Privacy Act 1988.
Drips & Dribblers (ABN 91 461 367 048) is a business of Baulkham Hills, NSW and referred to within this policy as “we”, “our” or “us”. By accessing and using insho.fashion (referred to as “site”) you acknowledge you have read, understood and accepted our Terms and Conditions and Cookie policy along with the contents of this Privacy policy.
If you are under 18, or considered a minor in your country, you must obtain permission from a guardian or parent prior to registering for an account at this site.
This policy may change periodically so we encourage you to check back regularly. If you have an account with us we will write to you, via email, to notify you of any changes to this policy.
Personal information
We use your personal information for the purposes you intend only. There are the following purposes required for our business:
- Social logins – Should you use a social login we may access email address, name, social provider identifier and access token as well as profile images to setup your account and for any future purposes.
- Purchases – when you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address to fulfil your order and for fraud prevention.
If you have an account with us, we’ll retain this information with your account. If you choose not to have an account, we retain it for a period for fraud purposes before anonymising the data.
- Comments or reviews – When you leave a comment or review, it will be associated with the details you provide as well as device data. If you have an account, we’ll associate the comment with the account.
- Solicited feedback – Following an order you may provide feedback through a link provided by us. This may be linked to your order information pending any follow up required. If no follow up is required the data will be anonymised and any feedback will be used solely to enhance future customer experiences.
- When you contact us – We will collect information you provide, such as name, phone number and email address, to respond to enquiries.
- Marketing – With your explicit permission, we may store your email address and name to send you emails about our store, new products and other updates. We will always provide an ability to opt-out of these materials and never send marketing without your permission.
Although we protect personal information, we may hand over personal information where required by law, or to facilitate investigations into a crime. If we are required to hand over your data, we will inform you via the contact details recorded unless legally compelled not to disclose the release.
Non-personal information
During your transacting or use of this site we may collect non-personal information such as your internet protocol (IP) address as well as device data and the date and time of any accesses. This information is used for the purposes of continuous improvement of our website or for security purposes.
We may also retain information such as pages you’ve viewed to display other web pages we believe you may be interested in. Where you have an account with us, this information will be linked to your account and personal information.
Third parties of note
As part of providing our services we partner with a number of third parties. In the process of using our services you may provide these providers your data, or provide us data you have with them. We can not control their use of your information and encourage you to review their privacy policies. Key partners include:
- Stripe, used for credit card processing – https://stripe.com/en-au/privacy – Stripe may retain credit card information on their servers if you choose to save your details. We retain only a reference to your card on our servers and no card details
- Paypal, used for payment processing – https://www.paypal.com/au/webapps/mpp/ua/privacy-full – PayPal is provided details about your purchase for payment purposes. We may retain references to your PayPal account for fraud purposes.
- Apple Pay, a payment option – https://www.apple.com/au/privacy/privacy-policy/ – Apple may retain card data you have previously chosen to provide them.
- ProtonMail, used for encrypted email you send to us through contact forms – https://protonmail.com/privacy-policy – Any information you provide via our contact form could be stored in their encrypted email services.
- Facebook, used for logins – https://www.facebook.com/about/privacy/ – Provides email address and name for order purposes.
- Google, used for logins and analytics – https://policies.google.com/privacy
- Cloudflare, used for content distribution – Cloudflare Privacy Policy
We may utilise Microsoft Clarity to capture how you use and interact with our website through behavioural metrics, heat maps, and session replay to improve our products and services. If we do, website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products, services and online activity. Additionally, we use this information for site optimization, fraud and security purposes. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
We may also share comments and data with providers for the purpose of reducing spam and improving website security.
Data security
We take all reasonable steps to ensure that your personal information is protected, but transmission of data via the internet has inherent risks. We will either delete, or de-identify, any of your personal information that is no longer needed. In order to protect your data, we recommend you invest in virus protection and you use strong and unique passwords for this site. To assist in managing passwords we recommend considering a strong password manager.
Some of the core security we use is outlined below:
- Website – Transport Layer Security (TLS) is used to secure communications between our site and you.
- Firewall & malware monitoring – We utilise the services of Sucuri to assist in the monitoring and protection of our website from security threats.
- Password – We do not retain your exact password, instead we compare a hash and salted version of your password for your protection. For further information on what this means please refer to Adding salt to hashing: A better way to store passwords
- Credit cards – We do not store any credit card data within our systems, instead payments are processed directly with our third party payment providers and only a reference is provided to us. Our current payment providers are Square or PayPal.
- Forms – All forms are protected by TLS between yourself and our website. The contact forms also use PGP (http://openpgp.org) to encrypt submissions for your security. No data from contact forms is retained on the server, nor retained once no longer required.
- Emails – Emails sent to you as notifications, or in response to an email request, may not be end to end encrypted depending on your settings. You may request we communicate with you in an encrypted format by sending a request via our Contact form and include the password you’d like to use.
We endeavour to continuously improve security but should you discover a vulnerability, please contact us.
Managing your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
If you have a customer account, please login and select the Account details section. You may then review and amend the details as appropriate.
If you require assistance, or would like to have you information deleted, please don’t hesitate to contact us.
Inactive user data is periodically anonymised or deleted inline with our retention strategy.
Further questions
We are always happy to assist in any way we can. Please don’t hesitate to contact us with any questions via our secure contact page.