Privacy Policy
We are committed to protecting your personal information and handling it responsibly, transparently, and in full compliance with Australian law.
Who We Are
This Privacy Policy applies to buysell.net.au, an Australian online retail store operated by Egbert Reuben Venture Group, ABN 80 630 589 817, located at 25 Ninth Ave, Campsie NSW 2194, Australia.
When you visit our website, create an account, place an order, or interact with us in any way, you are sharing personal information with us. This policy explains what we collect, why we collect it, how it is used, and what rights you have over your data.
Information We Collect
We collect only the personal information that is necessary to provide our products and services. This includes information you provide directly and information collected automatically.
- Full name
- Email address
- Phone number
- Shipping and billing address
- Payment details (via Stripe — not stored by us)
- Account login credentials
- Messages sent via contact forms
- Product reviews or feedback submitted
- IP address and approximate location
- Browser type and version
- Device type and operating system
- Pages visited and time spent on site
- Referring URLs and search terms
- Cookie identifiers
- Order and transaction history
- Clickstream and browsing behaviour
How We Use Your Information
Your personal information is used strictly for the purposes for which it was collected. We do not use your data for purposes that would be unexpected or incompatible with why you shared it.
- Processing and confirming your orders
- Arranging delivery and dispatch
- Handling returns, refunds and exchanges
- Sending order confirmations and shipping updates
- Processing payments securely via Stripe
- Responding to enquiries and complaints
- Resolving disputes or issues
- Verifying your identity when required
- Maintaining records of correspondence
- Analysing website usage and performance
- Personalising your shopping experience
- Testing new features and functionality
- Preventing technical errors and bugs
- Detecting and preventing fraudulent transactions
- Monitoring for suspicious account activity
- Complying with legal and regulatory obligations
- Enforcing our Terms and Conditions of Use
Legal Basis for Processing Your Data
Under the Australian Privacy Act 1988 and Australian Privacy Principles (APPs), we process your personal information on the following lawful grounds:
- Processing orders you have placed
- Delivering products to your address
- Managing refunds and returns
- Sending marketing communications
- Placing non-essential cookies
- Personalised advertising (where applicable)
- Complying with tax and financial laws
- Cooperating with regulatory authorities
- Responding to lawful government requests
- Fraud detection and prevention
- Website security and analytics
- Improving products and services
Third-Party Services We Use
We use a small number of trusted third-party services to operate buysell.net.au. Each service has access only to the data required for its specific function.
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Stripe | Payment processing | Name, email, billing address, card data | stripe.com/au/privacy |
| WooCommerce / WordPress | Store & order management | Order data, account information | automattic.com/privacy |
| Google Analytics | Website traffic & analytics | Anonymised browsing behaviour, IP | policies.google.com/privacy |
| Meta Pixel (Facebook) | Advertising & remarketing | Browsing behaviour, purchase events | facebook.com/privacy/policy |
| Australia Post / Carriers | Order delivery | Name, delivery address, phone | Carrier-specific policies |
International Data Transfers
buysell.net.au sources products from trusted suppliers in China and India. To fulfil your orders, limited information — such as your name and delivery address — may be shared with these suppliers.
Where personal information is transferred outside Australia, we take reasonable steps to ensure it receives a level of protection consistent with the Australian Privacy Act 1988. This includes:
- Entering into data sharing agreements with overseas suppliers
- Limiting the data shared to only what is required for fulfilment
- Ensuring suppliers handle data solely for order processing purposes
- Applying confidentiality obligations to all supplier relationships
Data Security
We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it from unauthorised access, disclosure, alteration, or destruction.
- SSL/TLS encryption on all pages (HTTPS)
- Stripe PCI-DSS compliant payment processing
- Secure server infrastructure
- Regular security updates and patches
- Firewalls and intrusion detection
- Access to personal data is strictly limited
- Staff bound by confidentiality obligations
- Data minimisation practices enforced
- Third-party vendors vetted for security
- Incident response procedures in place
In the event of a data breach that is likely to result in serious harm to affected individuals, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required under the Notifiable Data Breaches (NDB) scheme.
Cookies & Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyse site traffic, and support our advertising efforts. A cookie is a small text file placed on your device when you visit our website.
| Cookie Type | Purpose | Can Be Disabled? |
|---|---|---|
| Strictly Necessary | Enable core website functions: shopping cart, secure login, session management. These are essential and cannot be disabled. | No — Essential |
| Functional | Remember your preferences, language settings, and personalise your experience. | Optional |
| Analytical | Collect anonymised data about site usage via Google Analytics to help us improve performance. | Optional |
| Marketing / Advertising | Track visits across websites to deliver relevant ads (e.g. Meta Pixel, Google Ads remarketing). | Optional |
Data Retention
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by Australian law.
| Data Type | Retention Period | Reason |
|---|---|---|
| Order and transaction records | 7 years | Australian tax and accounting law (ATO requirements) |
| Customer account information | Duration of account + 2 years | Service provision and dispute resolution |
| Support and correspondence records | 3 years | Warranty, complaint, and dispute history |
| Marketing consent records | Until consent is withdrawn | Spam Act 2003 compliance |
| Website analytics data | 26 months | Google Analytics default retention setting |
| Payment data | Not stored by us | Handled and retained by Stripe only |
When personal information is no longer required, we securely delete or de-identify it in accordance with our data destruction procedures.
Your Privacy Rights
Under the Australian Privacy Act 1988 and the Australian Privacy Principles, you have the following rights regarding your personal information held by buysell.net.au:
📖 Right of Access
You have the right to request access to the personal information we hold about you. We will provide this within a reasonable timeframe at no charge in most cases.
✏️ Right to Correction
If you believe any personal information we hold about you is inaccurate, incomplete, or out of date, you may request that we correct it.
🗑️ Right to Deletion
You may request deletion of your personal data where it is no longer necessary for the purposes it was collected, subject to legal retention obligations.
🚫 Right to Object
You may object to the processing of your personal information for direct marketing purposes at any time and we will cease such processing promptly.
📦 Right to Portability
Upon request, we can provide your personal data in a structured, commonly used, machine-readable format where technically feasible.
📋 Right to Complain
If you believe your privacy rights have been violated, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).
Children's Privacy
buysell.net.au is not directed at children under the age of 13 years. We do not knowingly collect personal information from children under 13. If you are under 13, please do not use our website or submit any personal information.
If we become aware that we have inadvertently collected personal information from a child under 13 without appropriate consent, we will promptly delete that information from our records.
Marketing Communications
We may send you promotional emails and updates about new products, sales, and special offers. We will only do so where you have:
- Subscribed to our newsletter during checkout or via our website
- Expressly consented to receive marketing communications
- Previously purchased from us and not opted out (existing customer exception under the Spam Act 2003)
Opting out: You can unsubscribe from marketing communications at any time by:
- Clicking the Unsubscribe link in the footer of any marketing email
- Emailing us at support@buysell.net.au with your opt-out request
- Updating your preferences in your buysell.net.au account
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business practices, legal requirements, or the services we use. When we make significant changes, we will:
- Update the Last Updated date at the top of this policy
- Display a prominent notice on our website where changes are material
- Notify registered account holders by email of significant changes
We encourage you to review this policy periodically. Your continued use of buysell.net.au after any updates constitutes your acceptance of the revised policy.
Contact Us & Privacy Complaints
If you have any questions, concerns, or complaints about this Privacy Policy or the way we handle your personal information, please contact our Privacy Officer directly.
We will acknowledge your complaint within 5 business days and endeavour to resolve it within 30 days. If you are not satisfied with our response, you have the right to escalate your complaint to the Office of the Australian Information Commissioner (OAIC).
Get In Touch
Our team is available Monday – Friday, 9:00 AM to 5:00 PM AEST. We aim to respond to all privacy requests within 5 business days.
If your privacy complaint is not resolved to your satisfaction, you may lodge a complaint with the OAIC at www.oaic.gov.au or by calling 1300 363 992.