Privacy

This Privacy Policy forms part of the Just Comfort Shoes Terms and Conditions.

This Privacy Policy sets out our commitment to protecting your privacy as required in accordance with the Privacy Act 1988 (including the Australian Privacy Principles (“APPs”) set out in the Act) when collecting your Personal Information in person or by telephone, mail, email, web form, e-commerce transactions or any other means. People located in the European Union are not permitted to use the Just Comfort Shoes website to contact us or send information.

The term "Personal Information" in this policy means information or an opinion about an identified or reasonably identifiable individual.

By providing your Personal Information, you indicate that you have had sufficient opportunity to access this Privacy Policy and have read and accepted it. If you do not wish to provide Personal Information to us, you are not required to do so, though this may affect our service to you or your use of the Website or products and services offered on it.

Please read this Privacy Policy carefully and contact us if you have any questions.

Types of Personal Information We Collect

If you buy from us online or contact us, online or otherwise, we may collect details you provide, including your full name, phone number, email address, home address, postal address, billing address, shipping address, credit card details, payment and order details, details of your interests in our products and services, and details you write in forms and online customer chat windows, including those used to provide footwear at pop-up shops or through private visits, or to recommend and/or supply shoes on a remote basis. This information may include physical and digital data and files containing details of your available times for appointments, foot tracings, foot measurements, foot and shoe photographs, shoe sizes, orthotic use, and foot features and conditions. We may also collect publicly available non-sensitive personal information and associate it with your customer record.

If you visit our Website or online shop at justcomfortshoes.com.au or contact us through a web form or third-party app associated with the website, we and the third-party providers of online services we use on our Website may record your IP address and details of your use of our Website.

Your provision of Personal Information implies your consent for Just Comfort Shoes to use it for your express purpose or any reasonably inferred related purpose involving serving you with information, products or services relating to footwear, footwear accessories, or Department of Veterans' Affairs Medical Grade Footwear services, as well as conducting related transactions or referring you to relevant health services.

We may also collect and store information that podiatrists or other health practitioners send us or tell us about you as their clients in relation to your footwear needs.

For Department of Veterans' Affairs ("DVA") clients seeking Medical Grade Footwear (“MGF”), we may also gather information that the Department of Veterans’ Affairs (“DVA”) requires us, as a Medical Grade Footwear Supplier, to collect, including DVA file number, DVA card type, foot tracings (or scans or photographs), clinical information relating to MGF requests, assessing health provider details, sporting body membership details relating to DVA recreational footwear issue, history of DVA footwear issued, and case details relating to fitting and issuing of shoes. We are unable to erase required DVA records at your request.

If we receive your Personal Information from third parties, including podiatrists or other health professionals such as assessing health providers for DVA MGF, we will use and protect it as set out in this Privacy Policy.

Collection and Use of Personal Information

Purposes for collection and use of your Personal Information may include: communicating with you; scheduling shoe fitting, delivery or collection appointments; recommending and providing shoes; processing and shipping orders; processing returns, refunds, exchanges and repairs; providing information to you in the future about your purchases; including you on a distribution list (only with your explicit approval) to receive physical mail, email or SMS messages; advising you of products and services that may interest you in relation to footwear, footwear accessories and foot health; entering you into a competition or prize draw; providing relevant and/or targeted advertising and communications about our products and services; providing your information (only with your consent if you are a private customer, or as necessary to meet government requirements to serve you if you are a DVA MGF client) to bootmakers, shoe repairers, pedorthists, podiatrists and other health professionals about your needs; improving our services; and other purposes that you may specify.

If you are a DVA clients, purposes for collection and use of your Personal Information may additionally include advising you of processes or progress relating to DVA MGF footwear prescriptions, keeping records as required by DVA, and liaising with DVA and podiatrists or other assessing health providers about your case.

Use of your personal information includes storing it in software systems that we use to provide you with products and services (see Third Party Services, Websites and Apps, below).

Disclosure of Personal Information

We disclose Personal Information to other third parties only in limited circumstances. We will disclose it where required by law, or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement, or as necessary to report unlawful activity, or if reasonably necessary to avert a serious threat to health and safety. We will also disclose it to a health practitioner, pedorthist, orthotist, cobbler, bootmaker, shoe repairer or other similar service provider (and, if you are a DVA MGF client, to DVA and your assessing health provider) as necessary to fulfil a service to you or to any further extent we deem beneficial if you instruct or allow us to do so.

Collection and Disclosure of Sensitive Personal Information

You may be asked to sign a Sensitive Personal Information Usage Consent if information provided is considered sensitive. Signing involves consenting to the collection, storage and use of personal information about the shape, condition and health of your feet, other aspects of your health as they affect your footwear needs, and any aspect of your footwear use that may reveal information about your health. In doing so, you acknowledge that this may include details of spoken or written statements in person or by phone or email, as well as foot measurements, tracings, photographs, digital scans, and the details of footwear referrals, prescriptions or comments of health practitioners provided to Just Comfort Shoes to meet your current and future footwear needs. It also involves allowing Just Comfort Shoes to share this information with any relative, friend, health practitioner, carer, care organisation, funding body or government body involved in the selection, approval, modification or funding of your shoes. You may revoke this consent at any time except where records must be kept to comply with government requirements, but must accept that doing so may affect the quality of service you receive.

How We Protect Your Personal Information

In order to protect your Personal Information, we use physical building security and staff training as well as software measures including regular software updates, the use of antivirus and anti-malware software, strong passwords, SSL (Secure Sockets Layer) encryption for our web store and email marketing, TLS (Transport Layer Security) on our general email software, and careful choice of reputable payment gateways and other online services.

Email, Postal, SMS, MMS and Phone Marketing

We may use your Personal Information to contact you with postal, email, SMS or MMS newsletters, marketing or promotional materials and other information that may be of interest to you. We do this on an opt-in-only basis. You may opt out of receiving physical mail by contacting us and expressing your wish. You may opt out of email, SMS, or MMS marketing communications by following the Unsubscribe link or instructions provided in the footer of one of our marketing emails or following any unsubscribe instructions in an SMS or MMS message, as applicable.

For the protection of email subscribers, MailChimp account passwords are hashed, all MailChimp login pages (from the MailChimp website and mobile website) pass data via SSL, and the entire MailChimp application is encrypted with SSL.

General Email and Physical Mail Communications

Just Comfort Shoes’ general email communications use an HTTPS connection and TLS (Transport Layer Security) to encrypt email messages. However, because email communication involves two parties, including the use of systems outside those of our email provider, email is less secure than many of our other internet-based storage systems. Customers are asked not to provide credit card details, passwords or any other sensitive information by email.

If you correspond with us by email or physical mail, we may retain the content of your messages, your email or postal address, and our responses. For communications other than non-personalised email and postal mail marketing, we may communicate with you as outlined in this Privacy Policy without a requirement for you to opt in.

You may not opt out of any service-related notices required by law (for example, if any apply in relation to DVA MGF prescriptions).

Third-Party Services, Websites and Apps

Just Comfort Shoes uses various third-party services in the course of providing you with products and services. These third-party providers will collect, use and disclose your information in accordance with the Australian Privacy Principles, and generally only to the extent necessary to allow them to perform the services they provide to us.

However, if you choose to interact with a third-party service provider, your Personal Information becomes subject to its Privacy Policy, and may become subject to the laws of the jurisdiction/s in which that service provider or its facilities are located. For example, if you are in Australia and your transaction is processed by a payment gateway in the United States, your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Our Website may contain links to other websites. We are not responsible for the privacy practices of such sites. Your interactions with our information on such sites is governed by their Privacy Policies, which we recommend reading. Links from justcomfortshoes.com.au do not imply that Just Comfort Shoes endorses or has reviewed such linked third-party websites.

Use of Credit Card Details

Credit card details we process on an EFTPOS machine are not stored by Just Comfort Shoes after use. Credit card details taken in person, over the phone or through a card imprinter for orders, refunds or reimbursements are destroyed immediately after use except for records required by bank policy. Customers are asked not to provide credit card details, passwords or any other sensitive information by email.

Payments processed through our Shopify-hosted online store are compliant with the Payment Card Industry Data Security Standard (PCI DSS). This is a security standard for organisations that handle credit and debit card information. The standard was created to increase controls around payment data to reduce fraud. Shopify is certified Level 1 PCI DSS compliant. This compliance extends by default to all stores powered by Shopify.

Shopify Website and Online Store Privacy and Security

Just Comfort Shoes records visitor IP addresses through Google Analytics.

The Just Comfort Shoes online shop is hosted by Shopify, which provides an online e-commerce platform integrated with its website content management system.

Our online shop uses the industry best practice SSL (Secure Sockets Layer) protocol with an SSL Certificate, creating a secure connection for transmission of data including credit card numbers. Online payment occurs using the customer's choice of reputable online payment processors.

Credit card data is encrypted using the Payment Card Industry Data Security Standard (PCI-DSS). The payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands such as Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

Just Comfort Shoes does not store credit card details except for records required by our banking provider's merchant policies. Some of our online payment processors store card details, including for purposes such as refunds. The practices of Apple Pay, Google Pay (formerly Android Pay), PayPal, Shop Pay and Afterpay are governed by the agreement pertaining to your account with them. Shop Pay processes payments using the Stripe payment service. Card numbers submitted to Stripe are encrypted on disk with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and does not share any credentials with Stripe’s primary services (API, website, etc.).

For more information, you may also want to read the Privacy Policies of third-party providers listed below under “Key Third-Party Privacy Policies”.

Online Services and Cross-Border Data Transfer

Just Comfort Shoes uses online services, some of which involve the transmission or storage of customer information electronically on computer servers outside Australia, where data protection laws may differ. Services used by Just Comfort Shoes that process customer data include Asana, Apple Pay, Aramex/Fastway, Australia Post, ClickSend, Cognito Forms, Google Pay (formerly Android Pay), G Suite (including Gmail, Google Drive, Google Docs, Google Sheets, Google Contacts, Google Calendar), Google Chrome, Google Backup and Sync, Google Analytics, Hike Point of Sale, MailChimp, Microsoft Office 365 Business, MYOB, PureChat, Shopify and Stripe. See the links to Key Third-Party Privacy Policies below for information about the countries these services use for data storage and processing. Just Comfort Shoes takes measures to ensure that it chooses online services whose cross-border processing and disclosure of Personal Information meet Australian requirements.

MYOB AccountRight stores data exclusively in Australia using the world-class security features of Microsoft Azure in secure data centres in Sydney and Melbourne, and leaves MYOB in effective control of all business data.

The Australian Government's Office of the Australian Information Commissioner provides information on rules for cross-border disclosure of personal information as follows: https://www.oaic.gov.au/agencies-and-organisations/app-guidelines/chapter-8-app-8-cross-border-disclosure-of-personal-information.

Google Analytics

Our Website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.

By using our Website, you consent to the processing of data about you by Google in the manner described in Google’s Privacy Policy and for the purposes set out in this Privacy Policy. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google.

Cookies and Targeted Advertising

Our Website uses “cookies”. A cookie is a small text file that our Website may place on your computer for various purposes, including recording website usage patterns or remembering your preferences.

Our website uses the following Shopify cookies for analytics purposes: _y, _s, _shopify_y, _shopify_s, _shopify_fs. It uses the _landing_page cookie to track landing page use. The secure_customer_sig Shopify cookie is used in connection with customer login. The cart_currency Shopify cookie assists with the secure checkout process. The _orig_referrer Shopify cookie is used for shopping cart functionality. The _pay_session Shopify cookie assists with secure checkout and payment functionality. Other Shopify cookies are as follows: _tracking_consent, which tracks Shopify user consent; _shopify_tm, _shopify_tw, and _shopify_m, which are all used for tracking customer privacy settings. A cookie called __cf_bm set by Afterpay.com is used by CloudFare to support Cloudfare Bot Management. The __cfduid cookie from Afterpay.com is used by CDN services such as CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.

You may refuse the use of cookies by selecting the appropriate settings on your browser, though this may affect some of our Website’s functionality.

MailChimp, Social Media, Facebook Advertising, Google Ads

Justcomfortshoes.com.au uses interfaces with email newsletter and social and video media sites including MailChimp, Facebook, Twitter, Instagram, YouTube and Vimeo. If you choose to "like" or "share" information from our Website through these services, you should review the privacy policy of those services. If you are a member of a social media site or a subscriber to our email newsletter through MailChimp, the interfaces may allow the site to connect your visits to this Website with other Personal Information. By using justcomfortshoes.com.au, subscribing to our email or postal newsletter, or entering any kind of prize draw or promotion, you agree to the corroboration of Personal Information we already hold about you with Personal Information automatically recorded (including IP addresses) or provided by you through our Website, in order to identify you for the use of “targeted”, “similar audiences”, “retargeting” or “remarketing” or similar advertising using any combination of MailChimp, Google Ads code or the Facebook Pixel, which is used to deliver targeted advertising to Facebook users who visit our Website.

Key Third-Party Privacy Policies

For more information about the privacy policies of relevant third-party service providers, please refer to the following:

Afterpay - https://www.afterpay.com/en-AU/privacy-policy
Aramex/Fastway - 
https://www.fastway.com.au/terms-and-conditions/privacy-policy/
Apple Pay - https://support.apple.com/en-kw/HT203027
Asana - asana.com/terms (includes Privacy Policy)
Australia Post - https://auspost.com.au/privacy
Clicksend - https://www.clicksend.com/au/legal/privacy-policy/
Gmail, Google Contacts, Google Chrome, G Suite, Google Backup and Sync, Google Analytics, Google Pay (formerly Android Pay) - 
http://www.google.com/intl/en/policies/privacy/
Hike Point of Sale - https://hikeup.com/au/privacy-policy/
MailChimp - 
https://mailchimp.com/legal/privacy/
Microsoft - https://privacy.microsoft.com/en-ca/privacystatement
MYOB - https://www.myob.com/au/privacy-policy
PayPal - https://www.paypal.com/au/webapps/mpp/ua/privacy-full
PureChat - https://purechat.com/privacy and https://purechat.com/dpa
Shopify - https://www.shopify.com/legal/privacy
Stripe - https://stripe.com/gb/privacyhttps://stripe.com/docs/security/stripe

Security Disclaimer

While we use industry-standard means of protecting your Personal Information, we cannot guarantee its absolute security in either a physical or electronic environment. No physical security, method of data transmission over the internet or method of electronic storage is 100% secure. Just Comfort Shoes shall not be held responsible for the consequences of any third-party hacking attempts that may result in User information being compromised.

How We Deal with Requests and Complaints

You may request access to Personal Information that we hold about you in certain circumstances set out in the Privacy Act 1988 (Commonwealth). You may ask us to correct your Personal Information if you find that it is not accurate, up to date or complete. You may also make a complaint about our handling of your Personal Information. Proof of identity may be required, and no charge applies for making a request. However, a fee may apply for labour time, materials or postage where required to meet your request.

You can contact us using the web form on this Website or send your request or complaint to the postal address below. We undertake to respond within a reasonable timeframe.

Acquisitions, Mergers and Asset Sales

If Just Comfort Shoes is involved in a merger, acquisition or asset sale, your Personal Information may be transferred to another entity.

Contact Us

To contact us about your privacy concerns, or to make a complaint or to report what appears to be an error in this Privacy Policy or its links to other websites, please use the Contact page web form or write to us at the address below. Customers are asked not to provide credit card details, passwords or any other sensitive information on the web form, which transmits by email.

Privacy Officer
Just Comfort Shoes
155 Brisbane Rd
Mooloolaba QLD 4557
Australia

Changes to this Policy

This policy may change at any time without notice, and was last updated at 10.23pm AEST on Saturday, March 20, 2021.