INTRODUCTION

MISHA Collection Pty Ltd (ABN:53790855157) and its related companies (MISHA Collection, we, us, our) understands that your privacy is important and ensures that your personal information is handled in accordance with the Privacy Act 1988 (Cth) (Privacy Act), and GDPR. This Privacy Policy sets out the basis on which we collect and process your personal data through your use of our website, and/or signing up for newsletters and other marketing activities either in store or online.

We are the primary data controller for the purposes of this website and our registered head office is 1 Yarra St, Richmond, Victoria, 3121, Australia.

PURPOSES FOR HANDLING PERSONAL INFORMATION

Personal information is information about you, such as your name, contact details and records of your dealings with us. We collect, hold, use and disclose personal information:

To process transactions and deliver products to you
To communicate with you
To maintain our business records and to otherwise run our business
For purposes disclosed to you and to which you have consented
Or purposes that you would otherwise reasonably expect, and
For any other purposes required or permitted by law

COLLECTION OF YOUR PERSONAL INFORMATION

We collect personal information such as an email address, mobile phone numbers, home address, shipping and payment card billing address, payment card details, IP address, search criteria and shopping history from our customers, business contacts and other individuals with whom we deal. We only collect personal information by lawful and fair means.

We collect information in several ways which are listed below:

On https://mishaworld.com (the "Website").
When you use or enter your personal information into https://mishaworld.com
When you sign up to our marketing campaigns (our Newsletter)
When you contact MISHA Collection by telephone, email, or chat
When you enter any event, prize draws or competitions run by MISHA Collection
When completing any forms for transactional or other purposes.
When you buy products or gift certificates (the details of transactions you make from MISHA Collection)

When you visit our website: we may use cookies to help make the experience of using our website better. This means we will remember your previous visits and track the pages on our website that you visit
When you visit https://mishaworld.com the MISHA Collection web server may automatically record your public internet protocol ('IP') address

MISHA Collection uses the Gorgias Chat service which involves use of cookies to track consumer activity and log chat activity on the website. MISHA will not intentionally collect personally identifiable information via Gorgias Chat, but may aggregate data collected on the MISHA website, with or without data collected from other sites. You have the option to opt out of tracking by following the advice given in this Privacy Policy.

COLLECTION OF WEBSITE USAGE INFORMATION

Our website utilises "cookies". A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site.

Use of a cookie does not provide us with information about you that can be used to identify you. Rather, they anonymously track usage of our website so that we can enhance users' experience of our website. You may elect to reject cookies in your browser and still use our website, however in doing so, you may not be able to access all features of the website.

IP addresses are used to analyse trends, administer our website, track user movements on our website, and gather broad demographic data for aggregate use, which we may share with our operational partners. We do not link IP addresses to any information that could personally identify you.

Pixels and tags are also used to understand trends so we can provide an optimal browsing and shopping experience for customers. Pixels and tags are not linked to any information that can personally identify you.

How to control cookies:

You can control and/or delete cookies as you wish – for details, see aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed.

PROCESSING & DISCLOSURE OF YOUR PERSONAL INFORMATION

We will only use and disclose your personal information for the purposes set out in this Privacy Policy.

We may disclose your personal information to third parties including:

Our service providers (including IT services, email marketing platforms, financial institutions, and distribution and delivery services)
Our related companies and other business partners
Our professional advisers (including lawyers, accountants and auditors)
Other parties as required or authorised by law
In doing so, we may disclose your personal information outside of Australia to related parties
At times we use third party platforms to manage and deliver marketing campaigns, deliver products, payments, refunds, IT services; to name a few. In providing these services, your personal information will, where applicable, be used by the service provider on our behalf. For example, a delivery company using your name and address to deliver your order.

We will check any third party that we use to ensure that they can provide sufficient guarantees regarding the confidentiality and security of your personal information. We will have written contracts with them which provide assurances regarding the protections that they will give to your personal information and their compliance with our data security standards and international transfer restrictions. Your Personal Data may be transferred and stored outside the European Economic Area and be processed by staff who work for us or for one of our suppliers outside the European Economic Area. By submitting your Personal Data, you are agreeing to this transfer, storing or processing.

How we use your information:

We only collect the information that’s necessary to carry out our business, provide the particular service you’ve requested and to keep you up to date about all the latest exciting MISHA news.

For our use of your personal information to comply with applicable data protection and GDPR law, that use by us needs to fall under at least one of the specific lawful reasons that are set out in applicable data protection law. Lawful reasons for using your personal data include:

Fulfilment of our contract with you – the purchase of goods via our website is a contract
Compliance with our legal obligations
Your direct consent for information
Further details are listed below:

Name, contact details, delivery details

Required to:
Take your orders, process your payments and deliver the items you have purchased
Send you delivery update messages by SMS or email
Send you additional services you have requested, such as our marketing communications by SMS, post, or email
Link your online records to provide you with a better shopping experience
Give you access to services reserved for registered users, such as wishlist's
Provide you with help and assistance via our Customer Service team
Fraud prevention and detection
Manage and create your online user account

Payment information

Required to:
Take payment for purchased goods and to provide refunds
Fraud prevention and detection
We do not store credit card or payment information on MISHA Collection servers.

Contact history with us

Required to:
Provide personalised customer service and support
Train our staff
Purchase history and wishlist items

What you’ve purchased and what you’ve left in your basket or wishlist 

Required to:
Deliver your purchases to you
Provide personalised customer service support, and process returns
Allow you to save items to purchase later – via wishlist or leaving them in your bag

Back in store notification requests

Required to:
Notify you if the specific product you requested has comes back in store

How we use information about your phone or laptop, and how you use our website. Information you give us when you browse our site, including your IP address, GEO location, device type, as well as how you use our website 

Required to:
Analyse broad data to improve our website usability
And to serve you the right language and currency for your location
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

We retain your personal information for as long as it is necessary and relevant for our operations. In addition, we may retain personal information from closed accounts to comply with legal requirements, prevent fraud and resolve disputes. Where a legal requirement obliges the retention of personal data for a specific minimum period, we will retain data for at least that period. When we determine the maximum retention duration of any personal data we hold we do so with regard to our legitimate interests to retain data, our obligation under GDPR to minimise data we hold; the nature, and sensitivity of the personal data and the potential risk of harm from unauthorised use or disclosure of your personal data.

SECURITY OF YOUR PERSONAL INFORMATION 

We make all reasonable efforts to ensure that your personal information is stored securely, both in electronic and physical form, and otherwise protect it from misuse, interference and loss caused by unauthorised access, modification or disclosure. We hold your personal information in both paper-based and electronic files. Our employees and agents are obliged to treat any personal information held by us confidentially.

Your credit card details are completely safe. Your credit card number is transmitted by SSL directly to a secure, electronic vault. At no time is your credit card information stored on our servers.

We use third party platforms to manage and deliver marketing campaigns, delivery, payments, refunds, IT services; to name a few. In providing these services, your personal information will, where applicable, be used by the service provider on our behalf.

We will check any third party that we use to ensure that they can provide sufficient guarantees regarding the confidentiality and security of your personal information. We will have written contracts with them which provide assurances regarding the protections that they will give to your personal information and their compliance with our data security standards and international transfer restrictions.

PERSONAL INFORMATION COLLECTION STATEMENT

MISHA Collection Pty Ltd (ABN: 53790855157) and its related companies (MISHA Collection, we, us, our) collect your personal information so that we can process your orders and provide our products to you, interact with you and otherwise operate our business.

We collect your personal information directly from you. You have the right to refuse to provide us with some or all of your personal information, however this may prevent us from processing your orders and delivering products to you.

MARKETING

We may use your personal information, including your contact details, to provide you with relevant consumer information, notify you of products, store openings and offers that may be of interest to you as a valued MISHA customer or business associate. To receive these communications, you need to have opted in, but if you change your mind you may opt out of receiving all marketing information from us at any time. You can do this by:

Following the instructions at the bottom of our Newsletter communications
Logging in to your online account to manage your Newsletter subscription
Contacting customercare@worldofmisha.com to remove you

It may take up to 48 hours for your subscription status to be updated on our systems.

Note: Back In Stock notifications are not associated to the Newsletter, you will need to contact customercare@worldofmisha.com to be removed from this notification list for each item you have requested.

ACCESSING, MODIFYING, & DELETING YOUR PERSONAL INFORMATION

The General Data Protection Regulation provides for rights of access, modification and deletion of your personal information.

Please submit your rights servicing request to customercare@worldofmisha.com. A summary of your rights are listed below:

The right of access
Your right to obtain confirmation as to whether or not personal data is being processed, and, where that is the case, access to the personal data along with details regarding the nature of processing.

The right of rectification
Your right to obtain the rectification of inaccurate personal data.

The right of portability
Your right to receive personal data they have provided to a controller in a structured, commonly used and machine-readable format.

The right to be forgotten
Your right to erase your personal data.

The right to restrict processing
Your right for your data to be effectively 'frozen'; stored and not further processed.

The right to object
Your right to object to how your personal data is processed including your right to object to our profiling of you as outlined in this privacy policy.

If you do not feel that your data is being handled in a correct or fair manner, you have the right to contact the Office of the Australian Information Commissioner (OAIC), the data protection supervisory authority in Australia (www.oaic.gov.au).

CHANGES TO THIS PRIVACY POLICY 

MISHA Collection may make changes to this Privacy Policy from time to time, without notice to you. The up-to-date version of our Privacy Policy is on our website.

We may use your personal information to provide you with information about products and services that may be of interest to you. You may opt out of receiving this information at any time by contacting us using the details set out below.

Our Privacy Policy sets out our approach to managing your personal information. It explains how you can seek to access and/or correct the personal information that we hold about you, as well as how you can make a complaint about how we handle your personal information. If you have any questions, comments or complaints, you can contact customercare@worldofmisha.com.

You have the right to make a complaint at any time to the Office of the Australian Information Commissioner (OAIC), the data protection supervisory authority in Australia (www.oaic.gov.au).