Sign the
Petition
An elderly woman writing terms and policies for Responsible Vaping Australia

age-section

 

Age Verification

To enter the Responsible Vaping Australia website you must be aged 18 years or over.

Please verify your age.

You are below the minimum age to view this content

Privacy Policy

1. When did we last update this Privacy Policy?
20th January 2023

2. About this Privacy Policy
2.1. British American Tobacco Australia Limited (BATA, we, our, or us) respects your privacy. We are committed to safeguarding the privacy of our users including, but not limited to those:

(a) users using our website;

(b) users who have signed the petition, or engaged with an elected representative, government agency or subscribed to our website, via our website;

(c) users who contact us through phone, email, SMS, website apps, contact us forms, online chat functions or any other method via our website;

(d) users who respond to the emails and surveys we send, including, but not limited to, emails and surveys where we request participation from users;

(e) users who interact with us via our social media channels (where applicable), including, but not limited to, users who interact with our posts, and users who directly message us through our social media channels;

(f) users who interact with our digital and offline advertisements, including the advertising we place on third party websites which link to our website and our media channels (where applicable);

(g) users who interact with our website or social media channels with QR codes; and

(h) users who interact with us at an event, meeting, function or in a public place, including, but not limited to events where we collect user information.

2.2. In this Privacy Policy, including any future updates (Privacy Policy), our users (including visitors to our website, social media channels, physical premises, events, meetings, functions and visitors who interact with our digital advertising on third party websites or who interact with us in a public place) are referred to as you.

2.3. Please read this Privacy Policy carefully as it informs you of our privacy practices, including the way your information is collected, how that information is used and how we share, store and protect that information.

2.4. You agree to the collection, use and disclosure of your personal information under this Privacy Policy when you:

(a) visit our website;

(b) contact us by any means (including or contacting us online or by post);

(c) authorise us to collect your personal information in any other way, such as at events, meetings or functions;

(d) interact with our social media channels (including by interacting with our posts or directly messaging us through our social media channels);

(e) interact with the digital advertising we place on third party websites with link back to our website or social media channels; or

(f) respond to the emails and surveys we send, including, but not limited to, emails and surveys where we request participation from you.

2.5. This Privacy Policy applies to and does not restrict our rights and obligations under applicable laws, including Australia's Privacy Act 1988 (Cth) as amended or replaced from time to time (Privacy Act).

3. How can you contact us?
If you have any questions about this Privacy Policy, you can write to us at:

Privacy Officer, Responsible Vaping Australia, Locked Bag 20, Royal Exchange NSW 1225, Australia.
Email: privacyofficer@bat.com

Phone: +61 2 9370 1500

4. What personal information do we collect?
4.1. We may collect any personal information that you provide to us or authorise us to collect. This may include:

(a) your name, date of birth and contact details (including address, post code, phone number and email address);

(b) information that you submit online via our website (including via a contact us form, or entry fields on our website);

(c) information that you provide in response to the emails and surveys we send, including, but not limited to, emails and surveys where we request participation from you;

(d) details of your visits to our website and the resources that you access (which may include, amongst other things, traffic data and communication data);

(e) details about other people that you provide to us with their consent (see section 4.3); or

(f) any other personal information that you authorise us to collect, for example, if you authorise us to collect your photo at a meeting or event.

4.2. We will usually collect your personal information directly from you unless it is not reasonable or practical to do so. We may collect personal information about you from another person if we have, or they confirm that they have, your consent.

4.3. There may be times when you provide us with personal information about another person, for example, in connection with promotional events. If you do so, you confirm that:

(a) they are over eighteen years old;

(b) you have their authorisation to:

(i) provide their personal information to us; and

(ii) allow us to collect and use their information under this Privacy Policy.

(c) you have or will inform them of their rights to access and request correction of their personal information as set out in this Privacy Policy.

4.4. We will not intentionally collect any information about anyone who is under eighteen years of age. If we become aware that anyone who is under eighteen years of age has provided us with any information, that information will immediately be deleted from our records.

4.5. When you use our website, we may also collect information about you and your use of our website using automatic data collection tools. These tools collect certain standard information about your access and computer, such as your browser type, operating system and language, access times and your Internet Protocol (IP) address. We use the information for statistical reporting and analytics and do not link it to any named individuals.

4.6. You do not have to provide us with any personal information that we request. However, if you do not do so, it may affect our ability to provide you with products or services or further information you have requested.

Cookies
4.7. Like many online services, we use a feature called a 'cookie', which is a small data file that is sent to your browser from a web server and stored on your device's hard drive. We also use a feature called a ‘pixel’, which is code that we place on our website to collect data about ‘pixel events’. ‘Pixel events’ are actions that happen on our website that are tracked for analytics purposes, these include but are not limited to signing up for our newsletter, navigating through our website, and viewing or reading content on our website. References in this Privacy Policy to ‘cookies’ also include other means of automatically accessing or storing information on your device.

4.8. Cookies enable us to provide you with a better experience by enabling our website to recognise that you have visited before and in some cases to record preferences to personalise your visit. Cookies also assist us to analyse the profile of our visitors and how you use our website.

4.9. Sometimes we partner with third parties (such as advertising and social media partners) who may place a cookie (or cause a pixel event to trigger) on your device when you visit our website to remember that you have visited our website. This means that when you later visit another website, the advertisements displayed to you may be advertisements for our website or products or about other products and services that are tailored to your apparent interests. If you click on one of our advertisements, it will redirect you back to one of our website. Our third-party partners may provide us with information about the total number of views, shares, and click-throughs these advertisements have received. However, other than your IP address, they will not collect or provide to us or any other third party any information that identifies you.

4.10. To delete or stop cookies being placed (or pixel events triggering) on your computer, refer to the help menu on your internet browser. In some cases, blocking cookies and pixels may reduce the functionality of our website or otherwise prevent access to them depending on your chosen browser options. For further information visit www.aboutcookies.org.

5. What do we do with your personal information?

Use of your personal information
5.1. We (and the third parties described in section 6) may use your personal information:

(a) to provide you with information, products and services that you request;

(b) to respond to your queries (including when you contact us online or via post);

(c) to, if required, verify your age and identity (see sections 5.7 to 5.11);

(d) to facilitate our internal business operations (including for training and for developing, maintaining and testing our IT systems and infrastructure);

(e) to ensure that our website content is presented as effectively as possible for you;

(f) for our internal purposes, such as quality control, website performance, system administration and to evaluate the use of our website, so that we can provide you with enhanced services;

(g) to notify you about changes to our website or our services;

(h) to provide you with information about products or services that we think may interest you (see section 5.4 and 5.5);

(i) to create reports to assist with future initiatives and marketing, including sharing your information with third-party agents, representatives, business partners, sub-contractors, suppliers, or other organisations to assist with initiatives, marketing or responding to your requests;

(j) to enable you to participate in the features of our website, when you choose to do so;

(k) to share with elected representatives, government agencies and interested third parties in connection with RVA initiatives, including petitions on our website; or

(l) for any other purpose that you authorise or that is permitted by applicable law, including the Privacy Act.

Use of statistical and aggregated information

5.2. We may monitor your use of our website and record your email address and/or IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical information about our users’ browsing actions and patterns and does not identify any individual.

5.3. We may collect non-personal aggregated statistics data about visitors to our website and, if applicable, sales and traffic patterns. Just to be clear, this information does not identify users in any personal capacity and we do not use this information to build profiles on individual users; it just contains generalised information about the users of our website.

Direct Communications
5.4. Unless you have ‘opted-in’ and indicated that you consent to us directly communicating with you, if you provide us with your contact details, we will not contact you by electronic means (including email or text message) and by telephone and post, with information about products and services that we think may be of interest to you. Please indicate with the relevant boxes when you create an account, or at any other entry point on the website when we collect your information, if you consent to receiving such direct communications. With your consent, we may also pass your information to other organisations who may contact you to communicate with you about their products and services by electronic means (including email or text message) and by telephone and post.

5.5. You may ask us at any time not to use your information to directly communicate with you by contacting us on the website by navigating to the ‘Contact Us’ page and submitting a request. Alternatively, you can email us directly on info@responsiblevaping.com.au or follow the unsubscribe instructions contained in each electronic communication you receive from us.

5.6. We may also use statistical and aggregated information, as well as Cookies, for direct communication purposes. Please refer to the information above, including details on how to delete or stop cookies being placed on your computer.

Verifying your age
5.7. If you use our website, you will be asked to confirm that you are 18 years or over and we may keep a record of that confirmation.

5.8. We may take additional steps to verify that you are aged 18 years or over before we engage with you. To enable us to do this we will require certain information about you. This information will then be passed to our identity verification service provider who will check it against public sources of information to deliver confirmation of your identity and age. To verify your identity, we may also require you to provide:

(a) demographic information (such as gender and birth date); and

(b) personally identifiable information (such as your passport number or driving licence number) which may be used by our identity verification service provider to verify your details.

This information is checked against secure independent data sources to help verify identity.

5.9. In some cases, we may need to ask for further information to verify your age. If this is necessary, we will contact you to explain why.

5.10. Failing age verification will mean we cannot engage with you.  

5.11. All information we collect from you for verifying your age will be used, held and disclosed by us under this Privacy Policy.

6. Who do we share your information with?
6.1. We may share your personal information in the following ways:

(a) From time to time your personal information may be transferred to:

(i) our other entities worldwide; or

(ii) third party agents, representatives, business partners, sub-contractors or suppliers, to provide us with services, such as system maintenance and support, marketing, storage services, customer response centre services and to assist us to respond to your requests (including, if required, to verify your age and identity).

(b) We may also disclose your personal information to our other entities worldwide for any of the purposes set out in section 5 above.

(c) We may also be required to disclose your personal information to:

(i) respond to duly authorised information requests from the police and governmental authorities; 

(ii) comply with any law, regulation, subpoena or court order;

(iii) help prevent fraud or to enforce or protect the rights and properties of us or our subsidiaries; or

(iv) protect the personal safety of our employees, third party agents or members of the public.

6.2. We may also disclose your personal information to enforce or apply our terms or any other agreements we have with you or to protect our rights, property or our users. This may involve exchanging information with other companies and organisations for fraud protection and credit risk reduction.

6.3. Circumstances may arise where, whether for strategic or other business reasons, we decide to sell, buy, merge or otherwise reorganise businesses or our assets in some countries. Such a transaction may involve the disclosure of your personal information to prospective or actual purchasers, or the receipt of it from prospective or actual sellers. It is our practice to seek appropriate protection for personal information in these types of transactions.

6.4. We may, with your consent pass your information to other organisations who may contact you to provide information about their products and services by electronic means (including email or text message) and by telephone and post (see section 5).

6.5. We may share the non-personal aggregated statistics data about visitors to our website with third parties.

6.6. The disclosure of your personal information, in accordance with this section, may involve the transfer of your personal information outside Australia (which may include countries that do not have developed data protection laws). For example, disclosure may take place in countries in which our group has business operations including those countries listed on our global website at www.bat.com/countries. From time to time we may need to disclose your personal information to parties in countries other than these. This will be on an ad hoc or case by case basis and for the purposes described in this Privacy Policy.

6.7. Any third party, agent or representative of ours who imports personal information in the course of providing services to us is required to keep that information confidential and comply with national data protection laws or, where applicable, to be bound by appropriate contractual obligations that protect your personal information, to ensure that your personal information continues to be protected by security safeguards that are comparable to the safeguards that are required under the Privacy Act.

7. How do we manage the accuracy of your personal information?
7.1. We strive to keep your personal information accurately recorded. Generally, we will rely on you to update any personal information that you have provided to us.

7.2. If you would like copies of your personal information that we hold about you, or to request correction of any factual inaccuracies in that information, please contact our Privacy Officer (see section 3).

8. How do we manage the security and storage of information we hold?

Security
8.1. Any personal information that we collect in accordance with this Privacy Policy will be held by us at our head office, or on our behalf by our group companies or service providers.

8.2. We take reasonable technical and organisational security measures to prevent loss or unauthorised access, use, alteration or disclosure of personal information you provide to us or authorise us to collect. Any third party, agent or representative of ours who requires access to your information is also required to implement reasonable technical and organisational security measures to protect your information.

8.3. Unfortunately, the transmission of information via the Internet is not completely secure. Although we will apply our normal procedures and comply with legal requirements to protect your information, we cannot guarantee the security of your information transmitted to or from our website and any transmission is at your own risk.

Links to third-party websites
8.4. Our website may, from time to time, contain links to and from other websites. If you follow a link to any of those sites, please note that those sites ought to have their own privacy policies and that we do not accept any responsibility or liability for those sites or their privacy policies. Please check those privacy policies before you submit your information to those sites.
 

9. Our website?
9.1. We use Drupal CMS. If you use our website, Drupal will collect your personal information to provide services to us, including providing aggregated data analysis. Please read the Drupal privacy policy available at https://www.drupal.org/privacyto see what security measures Drupal has in place and how they treat your information.

9.2. We use the Klaviyo electronic messaging and email management  platform. If you consent to receiving direct communications through our website, Klaviyo will collect your personal information to provide services to us, including providing aggregated data analysis. Please read the Klaviyo privacy policy available at https://www.klaviyo.com/privacy to see what security measures Klaviyo has in place and how they treat your information.

9.3. We use other media platforms including Facebook, Instagram, Twitter and LinkedIn. These platforms are subject to their own terms and conditions and privacy policies. When you interact with our pages on other media platforms, please read their respective policies or contact them for more information about how they collect and use your personal information.

9.4.  We may also use other third-party applications or providers. These third-party applications or providers are subject to separate terms and conditions. Where they are applicable to you, you should ensure that you have read and agreed with these terms and conditions before using our Website.

 

10. How (and when) we can change this Privacy Policy?
10.1. We reserve the right to change this Privacy Policy at any time by publishing an amended Privacy Policy on this website. The updated version of this Privacy Policy will take effect immediately upon such notice and will apply to all personal information that we hold about you.

10.2. You are responsible for reviewing this Privacy Policy regularly to ensure that you are aware of any updates, and by continuing to use and access our website after any updates to this Privacy Policy, you agree to be bound by this Privacy Policy. We will use reasonable endeavours to notify you if any update to this Privacy Policy has a detrimental impact on you.