We may collect personal information from you when you:
- register or subscribe for a service, list or account, including our Membership Program;
- contact us by email, phone or contact us form;
- enter a contest or other trade promotion;
- attend an event;
- visit our website including through cookies, beacons and pixels;
- interact with us on social media platforms.
Information will only be collected directly from you unless you authorise another person to provide the information.
Data that we collect about you
Personal information means any information that can identify a natural person or any information that can link to an identifiable natural person. Personal information does not include information that is anonymised and where no natural person can be identified. The type of information we may collect varies based on your activity:
- when you subscribe to a list, service, account, membership, or enter a contest, we may collect your full name, location, date of birth, nationality, residential or postal address, email, telephone number, IP address, dietary requirements, account and profile information, profile photo (if applicable), passport details or other information you disclose to us; or
- when you visit our website or view our social media accounts, we may collect statistical information to analyse your online and offline preferences, habits, movements, trends, and other information for statistical purpose; or
sharing with our service providers for targeted advertising or marketing purposes.
In certain circumstances, such as entering a contest or subscribing to a membership program, we will require accurate and correct information, however, should you contact us with a general question you may interact with us anonymously or through the use of pseudonym.
Our properties may feature LiveRamp’s Authenticated Traffic Solution (ATS) which provides a privacy-centric and transparent solution for people-based advertising. ATS enhances addressability for publishers while providing visibility and control for individuals. ATS allows publishers to match user data with a LiveRamp RampID in real-time, enabling people-based advertising on authenticated, cookieless inventory across the internet. Click here to learn more about LiveRamp. If you’d like to opt out, please click here.
If we obtain personal information without an individual’s knowledge we will either delete/destroy the information, or inform the individual that we hold such information. We will hold any information acquired in this manner in accordance with this policy.
When personal information is used and disclosed
The primary purpose of collection is determined by the reason we collected and/or submitted the information. For example, if you subscribed to our mailing list, we will use your personal information to send you emails.
Other reasons include:
- verifying your identity if you enter a contest, subscribe to our mailing list, or join our membership program;
- communicating with you in general;
- retargeting marketing campaigns;
- administration needs, including with respect to your account;
- processing any purchases of services that you may make through us or this website; or
- enabling pixel tags so that when we send emails, it is in a format you can read and allow us to know if an email has been opened; or
operating and improving our websites, products and services.
We will also disclose personal information in the following situations:
- third party websites when you have selected a link from our website to be redirected to their website;
- sponsors of contests to allow the sponsor to award the prize of the contest or trade promotion;
- marketing, market research, research and analysis and communications agencies;
- we may disclose or receive personal information or documents about you to/from law enforcement agencies to assist in the prevention of criminal activities or for any other lawful requirement or purpose, including to government agencies or regulators; or
- we may disclose your personal information to employees, a related company, entity or brand, contractors in order to provide services, mailing software such as the one to manage our newsletters and professional advisors, including accountants, auditors and lawyers; or in order to sell our business (in that we may need to transfer personal information to a new owner).
You will be notified if we intend to sell out business and you have the right to restrict processing of your personal data and/or withdraw consent.
We do not allow our service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
By continuing to use our services and/or by providing us with your personal information (or allowing another person to do so on your behalf), you consent to that personal information being processed, transferred and/or disclosed by us for the purpose for which it was collected and, where permitted by relevant local data protection laws, for any related secondary purpose which we believe you would reasonably expect.
We will not use your information for purposes other than described above unless we have your consent or there are specified law enforcement or public health and safety reasons.
We may disclose your personal information to our related entities in Australia and New Zealand and other oversea entities where those entities are contractors or service providers with whom we have a business association. These transfers may involve transferring your personal information within and outside the European Economic Area. We will ensure that there is an adequate level of protection for personal data in the receiving entity.
We may use the following methods to safeguard the transfer of data internationally:
- Transfer of personal data to a country that has officially been deemed to provide an adequate level of protection for personal data by the European Commission (‘adequacy decisions’);
- We may use Standard Contractual Clauses approved by the European Commission;
- We may transfer data to the US if they are part of the Privacy Shield. If the receiving third party is not a part of the Privacy Shield then we may use the Standard Contractual Clauses;
- We may use Binding Corporate Rules that ensure that all of Urban List’s group entities will have an adequate level of protection for personal information; or
We will not be liable in any way for direct or indirect damages caused by wrongfully or improper use of personal information by a third party.
Opting “In” or “Out”
At any time, you may request for us to stop using some or all of your personal information.
To opt-out of receiving emails, please contact us or select the ‘unsubscribe’ link in the email. For all other types of services, please contact us.
Please note, that by removing your personal information, we may be unable to offer you the same level of service or in some instances, this will terminate your access to those services.
Security of your personal information
We store your personal information using secure servers protected from unauthorised access, modification or disclosure.
While we endeavour to only hold personal information that is accurate, complete and up-to-date, if you become aware this information is no longer accurate, complete or up-to-date please contact us to correct the information.
Third party external links
We may, however, use in a general sense without any reference to your name, your information to create marketing statistics, identify user demands and to assist it in meeting customer needs generally. In addition, we may use the information that you provide to improve our website and services but not for any other use.
Please keep in mind that whenever you voluntarily make your personal information available for viewing by third parties online – for example on message boards, web logs, through email, or in chat areas – that information can be seen, collected and used by others besides us. We cannot be responsible for any unauthorised third-party use of such information.
Disposal of personal information not required
You may make a request to us in writing to remove your personal information and, where permitted, we will do so in accordance with the APP and the GDPR.
Under Australian law, financial records, such as those relating to financial transactions, must be retained for 7 years after the transactions contemplated by those records are completed.
- remember your preferences;
- recognise you as logged in while you remain so. This avoids you having to log in again every time you visit a new page;
- show relevant notifications to you; and
- remember details of data you choose to submit to us (e.g., through online contact forms or by way of comments).
When you use the website, your device or browser may be sent cookies from third parties, for example when using embedded content and social network links (such as Google Analytics). It's important for you to know that we have no access to or control over cookies used by these companies or third-party websites. We suggest you check the third-party websites for more information about their cookies and how to manage them.
Compliance with Australian Assistance and Access Legislation
Laws in Australia compel companies to share data with Australian intelligence agencies and law enforcement or build in data sharing mechanisms which may report directly to these agencies. While we endeavour to protect your data and our technology from vulnerabilities wherever possible, we can’t break the law, nor can we inform you when we’ve been issued with a notice under the new legislation.
By using our website or any services we provide, you expressly release and indemnify us from any liability to you which arises from sharing data or building data sharing mechanisms (including ‘back-doors’ and vulnerabilities) into our technology at the direction of Australian Government and its agencies, including where those mechanisms are later exploited by a third party.
New digital threats are emerging all the time, and the online environment is more hostile than ever. To protect your data online, including any data or material transmitted by you to us, we recommend reading, implementing and observing any relevant procedures and safety tips recommended by the Department of Industry, Innovation and Science (see - https://www.business.gov.au/Risk-management/Cyber-Security) and the Australian Cyber Security Centre (see - https://www.acsc.gov.au/ and https://cyber.gov.au) from time to time.
Under the European Union General Data Protection Regulation, data subjects within the European Economic Area (EEA) are entitled to the following rights:
- Right of access – you have the right to be informed on how we use your personal information and you have the right to request access to the personal information that we have collected about you;
- Right of rectification – you have the right to correct inaccurate information that we may have about you;
- Right to object – you have the right to object to us processing your personal information;
- Right to restrict processing – you have the right to request us to suspend processing under certain circumstances;
- Right to data portability – you have the right to obtain a copy of your personal information in an easily readable format in order to transfer to another service;
- Right to erasure – otherwise known as the ‘right to be forgotten’ meaning that you have the right to request that we delete all the personal information that we have on you (with certain legal exceptions); or
- Right to withdraw consent – where the processing is based on consent, you have the right to at all times, withdraw your consent.
We extend the above rights to data subjects outside of the EEA, and we also adhere to the rights of the user under the Privacy Act 1988, the APP and the New Zealand Privacy Act 2020.
If you wish to exercise any of your rights, please contact us by contacting our Privacy Officer, using the details below.
Please note that you will be requested to provide specific identification information in order to verify your identity before your request can be processed. This is a security measure that we have implemented to ensure that there is no unauthorised access to personal information by third parties.
We are committed to providing you with a response to your request within 30 days. However, if there are delays in providing you with your request, we will notify you of the delay, the reason for the delay and extend our response time.
Right to make a complaint
You have the right to make a complaint anytime:
- if you are in Australia, to the Office of Australian Information Commissioner; or
- if you are in the EEA region, to the supervisory authority or Data Protection Authority of your country of residence; or
- If you are elsewhere, to the relevant and competent authority in matters of privacy and data protection.
How to access your personal information
Upon your request, we will provide access to your personal information we hold except in certain prescribed circumstances, including emergency situations, specified business imperatives, or law enforcement.
Questions and Contact
If you would like further information about the way we manage personal information we hold, or would like access to your personal information held by us please contact our Privacy Officer.
The Privacy Officer
If you have any queries, questions, concerns or wish to make a complaint regarding how we deal with your personal information, please contact us:
The Privacy Officer
The Urban List
3/93 Commercial Road
Newstead, Qld 4006
Telephone: 07 3252 7515