Legal

Privacy Policy

Last updated: 1 January 2025 · Effective immediately

Knex Spares ("we", "us", "our") is committed to protecting your privacy. This policy explains how we collect, use, disclose and safeguard your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. Who We Are

2. What Information We Collect

Information you provide directly

• Name, email address, delivery address and phone number (when placing an order)
• Email address (if you subscribe to our newsletter via MailerLite)
• Any correspondence you send us (emails, contact form messages)

Information collected automatically

• Browser type, device type, IP address and pages visited (via Google Analytics 4)
• Cookie data and session identifiers
• Shopping cart data stored in your browser's local storage

Payment information

We do not store your card number, CVV or banking details. All payment processing is handled by Stripe, Inc. Payment information is transmitted directly to Stripe over HTTPS and is subject to Stripe's Privacy Policy.

3. How We Use Your Information

• To process and fulfil your order and send order confirmation emails
• To calculate and arrange shipping
• To communicate with you about your order (tracking, delays, issues)
• To send you marketing emails if you opted in (you can unsubscribe any time)
• To analyse website traffic and improve our store (via Google Analytics — anonymised)
• To comply with our legal obligations

4. Cookies

Our website uses the following cookies and local storage:

• Google Analytics (_ga, _gid, _gat): Anonymised website usage statistics. You can opt out using Google's opt-out tool.
• Stripe: Fraud prevention and payment security cookies.
• knx_cart (localStorage): Stores your shopping cart locally in your browser. Never transmitted to us unless you complete a purchase.

You can disable cookies in your browser settings, though this may affect checkout functionality.

5. Sharing Your Information

We do not sell, rent or trade your personal information. We share it only with:

• Stripe, Inc. (payment processing) — Privacy Policy
• Australia Post / shipping carriers (your name and address, to deliver your order)
• MailerLite (email marketing, only if you subscribed) — Privacy Policy
• Google LLC (analytics, anonymised) — Privacy Policy
• Legal authorities, if required by law

6. International Data Transfers

Some of our third-party providers (Stripe, Google, MailerLite) are based outside Australia and may process your data overseas. We ensure these providers maintain adequate privacy protections consistent with the APPs.

7. Data Retention

• Order data: Retained for 7 years to comply with Australian tax law (ATO requirements)
• Email subscribers: Until you unsubscribe, then deleted within 30 days
• Analytics data: 14 months (Google Analytics default retention period)

8. Your Rights

Under the Privacy Act, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your data (subject to legal retention requirements)
• Unsubscribe from marketing emails at any time (link in every email)
• Complain about how we handle your personal information

To exercise these rights, email us at WorldToyx@gmail.com. We will respond within 30 days.

9. Complaints

If you are not satisfied with how we handle your complaint, you can contact the Office of the Australian Information Commissioner (OAIC):

10. Security

We use HTTPS (SSL/TLS) across our entire website. No card data is stored on our servers — all payment data is handled by Stripe's PCI-DSS compliant infrastructure.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be noted with a revised "Last updated" date at the top of this page. Continued use of our site after changes constitutes acceptance.

12. Contact

Privacy enquiries: WorldToyx@gmail.com