Privacy Policy

 

1. What Personal Information We Collect

When you make a purchase, contact us, or register a warranty, we may collect:

• Full name, email address, and phone number
• Delivery and billing address
• Order history and product details
• Payment method type (we do not store card numbers)
• Warranty registration details (product model, colour, purchase date, proof of purchase)
• Communications you send to us (emails, support tickets, live chat messages)

When you visit our website, our systems also automatically collect your IP address, browser type, pages visited, device identifiers, and cookie and tracking data.

We do not intentionally collect sensitive information such as health information, racial or ethnic origin, political opinions, religious beliefs, criminal records, or financial account credentials.

2. How We Use Your Personal Information

We use your personal information only for the purpose for which it was collected, including:

• Processing and fulfilling your order
• Arranging delivery through our logistics provider
• Communicating order status, dispatch confirmations, and delivery updates
• Processing warranty registrations and managing warranty claims
• Responding to your enquiries and providing customer support
• Sending marketing emails and product updates where you have opted in
• Analysing website usage to improve our site and customer experience
• Complying with our legal obligations under the Australian Consumer Law
• Detecting and preventing fraud

3. Third Parties We Share Data With

We may share your personal information with the following third parties, strictly to the extent necessary to deliver our products and services:

Third Party	Purpose
Shopify Inc.	E-commerce platform hosting our website and storing order data on secure servers.
Direct Mail Corporation (DMC)	Third-party logistics provider. Receives your name and delivery address to fulfil and dispatch your order.
Direct Freight Express (DFE)	Last-mile delivery. Name and delivery address shared as required.
Shopify Payments	Payment processing. Card details are encrypted and handled by the payment processor. We do not see or store your full card number.
Klaviyo	Email marketing platform used to send order confirmations, dispatch notifications, and opted-in marketing communications.
Meta Platforms Inc.	The Meta Pixel on our website collects pseudonymised browsing data to enable targeted advertising on Facebook and Instagram and measure ad performance.
Legal authorities	Where required by law, court order, or to protect our legal rights or the safety of our customers.

We do not sell, rent, or trade your personal information to any third party for their own marketing or commercial purposes, under any circumstances.

Shopify Inc. is headquartered in Canada and stores data in the United States and other jurisdictions. Klaviyo and Meta are US-based companies. By using our website, you acknowledge that your personal information may be transferred to and processed in countries outside Australia. We take reasonable steps to ensure any overseas recipients handle your information consistently with the Australian Privacy Principles.

4. Payment Information

All payment transactions are processed by Shopify Payments or our nominated payment gateway. We do not collect, store, or have access to your full credit card number, CVV, or bank account details. Payment data is encrypted using SSL/TLS technology and handled in accordance with PCI-DSS requirements.

Payment options at checkout — including credit card, PayPal, Afterpay, Zip, and Apple Pay — are each governed by the respective provider's own privacy policy.

5. Warranty Registration Data

When you register your UPRYTE product warranty, we collect your name, email address, delivery or installation address, product model and colour, and proof of purchase. This information is used solely to verify warranty eligibility, process warranty claims, and contact you regarding product safety notices or recalls.

Warranty registration data is retained for the duration of the applicable warranty period plus two (2) years, after which it is securely deleted or permanently de-identified. We will not use warranty registration data to send marketing communications without your separate, express consent.

6. Cookies and Tracking Technologies

Cookies are small text files placed on your device when you visit a website. We use the following types of cookies:

• Essential / Functional (Shopify): Required for the website and shopping cart to operate. Cannot be disabled without breaking core functionality.
• Analytics (Shopify): Tracks page views, session duration, and traffic sources so we can improve how visitors use our site.
• Marketing — Meta Pixel (Meta Platforms Inc.): Tracks browsing behaviour to enable personalised advertising on Facebook and Instagram and measure ad performance.
• Email preferences (Klaviyo): Remembers your email subscription status and marketing preferences.

You can control or disable cookies through your browser settings. To opt out of Meta advertising, visit facebook.com/privacy/explanation or use the Ad Preferences tool within your Facebook or Instagram account.

7. Email Marketing and the Spam Act 2003

We send marketing emails only where you have provided consent — typically by opting in at checkout or via our website. Every marketing email includes a working unsubscribe link. You may opt out at any time by clicking 'Unsubscribe' in any marketing email or by emailing info@upryte.com.au.

Once you opt out, we will remove you from marketing communications within 5 business days. We may still send transactional emails (order confirmations, dispatch notifications, warranty correspondence) as these do not require opt-in consent under the Spam Act 2003 (Cth).

8. How We Protect Your Personal Information

We take reasonable steps to protect your personal information, including SSL/TLS encryption for all data transmitted via our website, secure server infrastructure managed by Shopify, access controls limiting who within UPRYTE can access personal information, PCI-DSS compliant payment processing, and regular review of our data security practices.

No method of internet transmission is completely secure. While we implement reasonable safeguards, we cannot guarantee the absolute security of information transmitted to us electronically.

9. Notifiable Data Breaches

The Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth) requires us to notify affected individuals and the Office of the Australian Information Commissioner (OAIC) when a data breach is likely to result in serious harm.

If we become aware of such a breach, we will assess it as quickly as practicable, notify the OAIC and affected individuals as required by law, and take immediate steps to contain the breach and prevent further harm.

10. Data Retention

We retain your personal information only as long as necessary for the purposes described in this Policy or as required by law:

• Order and transaction data: 7 years (ATO record-keeping requirements)
• Warranty registration data: Duration of warranty period + 2 years
• Marketing list data: Until you unsubscribe; deleted within 30 days of opt-out
• Website analytics (Shopify): 26 months
• Customer support correspondence: 3 years from last interaction
• Meta Pixel data: Governed by Meta's data retention policies

11. Your Rights

You have the following rights in relation to your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request that we correct inaccurate, incomplete, or outdated information
• Opt-out: Unsubscribe from direct marketing communications at any time
• Deletion: Request deletion of your personal information, subject to our legal retention obligations
• Complaint: Lodge a complaint about how we have handled your personal information

To exercise any of these rights, contact us at info@upryte.com.au. We will acknowledge your request within 5 business days and respond within 30 days. We will not charge a fee for access or correction requests.

12. Links to Third-Party Websites

Our website may contain links to third-party websites. Once you leave upryte.com.au, this Privacy Policy no longer applies. We encourage you to read the privacy policies of any third-party site before providing personal information.

13. Children's Privacy

Our products and website are not directed at children under 15 years of age. We do not knowingly collect personal information from children under 15. If you believe a child under 15 has provided us with personal information, please contact us at info@upryte.com.au and we will delete it promptly.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the 'Last updated' date at the top of this page and notify customers by email where the changes are significant. Continued use of our website following any changes constitutes acceptance of the updated Policy.

15. Complaints and the OAIC

If you have a concern about how we have handled your personal information, please contact us first so we can attempt to resolve it directly. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

• Website: oaic.gov.au/privacy/privacy-complaints
• Phone: 1300 363 992 (Monday to Thursday, 10am – 4pm AEST)

16. Contact Us

For any questions, requests, or complaints relating to this Privacy Policy:

This Privacy Policy is governed by the laws of Victoria, Australia.

---