top of page

Privacy Policy

Your privacy

At The Wild Flower Wedding Co [ABN 25 980 591 273] (we, us, or our), we are committed to protecting your privacy and making sure your personal information is secure to the best of our ability. This Privacy Policy explains how we collect, use, store and disclose your information to comply with the Privacy Act 1988 (Cth) (Act) and includes recent amendments made to the Act under the Privacy and Other Legislation Amendment Bill 2024 (Cth). By accessing our website, social media accounts, purchasing our services or products or otherwise interacting with us, you agree to the collection of that information and our use of it as set out in this privacy policy.

 

Types of personal information we collect

The types of personal information we may collect about you include:

  • your name, images and complete contact details;

  • your age and/or date of birth;

  • payment details;

  • any customer survey results and customer service history;

  • website access and usage information;

  • information required for automated decision making processes (including where we use artificial intelligence or other software); and

  • any other personal information you or a third party provide to us.

 

Collection and use of personal information

We may collect, hold, use and disclose personal information to:

  • provide access to and use our website and services;

  • communicate with you;

  • conduct administrative activities such as invoicing and record keeping;

  • conduct marketing, analytics and research;

  • fulfill legal obligations and respond to disputes; and

  • consider employment applications.

Disclosure of personal information to third parties

We may disclose personal information to:

  • third party service providers to enable them to provide their services;

  • our employees and contractors;

  • current or potential business partners;

  • sponsors or promoters of any competition we run;

  • third parties if we sell or transfer our business or assets (in whole or in part);

  • credit reporting agencies, courts, tribunals or regulatory authorities (where you fail to pay for services or goods);

  • law enforcement or regulatory bodies, as required by law or for legal proceedings; or

  • third parties (including overseas service providers) involved in marketing, IT or data processing, for example Google Analytics.

 

By providing us with personal information, you consent to its disclosure outside Australia and acknowledge that overseas recipients may not be required to handle that personal information in compliance with the Privacy Act (Act) and the Australian Privacy Principles (APPs). If an overseas party mishandles your data, they may not be legally accountable under Australian law.

 

How we treat personal information that is also sensitive information

Information classified as “Sensitive Information” has a higher level of protection under the APPs. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.

 

We only collect Sensitive Information with your explicit consent or where required by law. If we need to collect Sensitive Information we will inform you of the specific reason and obtain your consent before doing so.

 

So long as you consent, your sensitive information (if we hold any) may only be used and disclosed for purposes relating to the primary purpose for which the sensitive information was collected.

 

Automated decision making & AI transparency

If we use automated systems such as Artificial Intelligence (AI), automated decision making tools or algorithms either now or at any time in the future, we will:

  • inform you when a decision affecting you has been made automatically;

  • provide transparency on the criteria used in automated processes; and

  • allow you to request human review of an automated decision where legally required or where decisions significantly impact your rights.

 

Data security and breach reporting

If a data breach occurs that is likely to result in serious harm, we will:

  • assess the breach within 30 days as required under the Notifiable Data Breaches NDB (NDB) Scheme;

  • notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable; and

  • provide details on the nature of the breach and actions taken to mitigate harm.

 

Serious invasions of privacy

We acknowledge that individuals have the right to take legal action for the reckless or intentional invasion of their privacy. This applies where personal information is misused knowingly and the invasion causes distress, even if no financial harm occurs.

 

Doxxing

Publishing someone’s personal information online with the intent to harass, threaten, or cause harm is a criminal offence. We implement measures to prevent unauthorised disclosure of personal information online and comply with laws in this regard.

 

Our security measures include encryption, access controls and regular cybersecurity audits.

 

Your rights

 

At all times, you have the right to:

  • request access to your personal information;

  • correct inaccurate or outdated information;

  • request deletion of your personal information, subject of course to our legal obligations; and

  • opt out of receiving marketing communications at any time by using the unsubscribe function in our emails or by contacting us directly.

 

We comply with the Spam Act 2003 (Cth) and will not send marketing communications without your express or inferred consent.

 

Overseas transfer

Your personal information may be transferred to an overseas jurisdiction with substantially similar data protection laws such as the United States of America, the United Kingdom, or countries within the European Union (EU). These countries have data protection laws, which protect personal information in a way that is at least substantially similar to the APPs, and there will be mechanisms available to you to enforce the protection of your personal information under that overseas law.

We take reasonable steps to ensure overseas recipients handle personal information in accordance with APPs. Where personal information is transferred outside Australia, we will ensure appropriate safeguards, such as contractual obligations or data protection agreements, are in place where required. For individuals in the European Union (EU), data transfers outside the EU will be carried out in compliance with Article 46 of the GDPR, ensuring appropriate safeguards.

 

GDPR

In some circumstances, the European Union General Data Protection (GDPR) provides additional protection to individuals located in Europe. Where this is the case, there may be additional rights and remedies available to you under the GDPR if your personal information is handled in a manner inconsistent with that law.

 

Storage and security

We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic 

and managerial procedures to safeguard and secure the personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

 

We cannot guarantee the security of any information transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that the personal information we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.

 

Cookies, web beacons and Google analytics

We use cookies and tracking technologies to enhance user experience and measure website performance. By using our website and social media accounts, you consent to use of our cookies.

While cookies don’t tell us your email address, they do allow third parties, like Google and Facebook, to track you as part of our retargeting campaigns. If and when you choose to provide our website with personal information, this information may be linked to the data stored in the cookie. You can manage or disable cookies through your web browser settings.

 

Web beacons monitor the behaviour on our website and collect data about your web page viewing.

We also use Google Analytics to collect and process data from time to time.

 

Links to other websites

We do not have any control over Third Party Websites and we are not responsible for the protection and privacy of any personal information that you provide whilst visiting them. Third Party Websites are not governed by this Privacy Policy, even if you followed a link from our website to the Third Party Website.

Amendments

We may update this privacy policy as laws change. The latest version will always be available on our website.

For any questions or notices, please contact our Privacy Officer at:

Bronte Judd trading as The Wild Flower Wedding Co [ABN 25 980 591 273]

Email: bronte.judd@wildflowerweddingco.com.au

Last update: May 2025

bottom of page