Privacy policy

Hey Sara Pty Ltd – Privacy Policy

Last updated: January 2026

1. Introduction

Hey Sara Pty Ltd (“Hey Sara”, “we”, “us”, “our”) recognises and values the protection of personal information. We are committed to managing personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose, store, secure, and provide access to personal information in the course of operating our online retail business.

Hey Sara operates primarily from Australia and is subject to Australian privacy law. Where we provide goods or services to customers located outside Australia, we take reasonable steps to ensure personal information is handled consistently with applicable privacy obligations.

2. Anonymity and Pseudonymity

Where lawful and practicable, individuals may interact with Hey Sara anonymously or using a pseudonym. Customers may browse our website, view products, and access general information without identifying themselves.

When placing an order, creating an account, making a payment, or requesting customer support, Hey Sara requires certain personal information, including name, contact details, and delivery address. This information is necessary to process transactions, deliver goods, prevent fraud, and meet operational and legal requirements.

In some circumstances, postal or courier services may require recipients to provide proof of identification to collect or receive parcels. For these reasons, anonymity or pseudonymity is not practicable for order fulfilment or related services.

Anonymous browsing may still involve the collection of non-identifiable data through cookies, analytics, or tracking technologies, as described in this Privacy Policy.

3. Collection of Personal Information

Hey Sara collects personal information that is reasonably necessary for the operation of its business, including but not limited to:

• Name

• Billing and delivery address

• Email address

• Phone number

• Order and transaction details

• Customer communications and support enquiries

• Marketing preferences

Personal information may be collected when you:

• Place an order through our website

• Create or manage a customer account

• Contact us via email, phone, chat, or social media

• Participate in promotions, competitions, or surveys

• Apply for employment with Hey Sara

Sensitive Information

Hey Sara does not intentionally collect sensitive information as defined under the Privacy Act 1988 (Cth). If sensitive information is incidentally provided, it will be handled in accordance with the Privacy Act and only used where lawful and necessary.

Hey Sara does not store credit card or payment credential information. All payment transactions are processed securely by third-party payment providers in accordance with PCI DSS requirements.

4. Unsolicited Personal Information

If Hey Sara receives personal information that it did not request, we will determine whether the information could have been collected under the Australian Privacy Principles. If the information is not required for our business purposes, it will be destroyed or de-identified where lawful and reasonable to do so.

5. Use and Disclosure of Personal Information

Hey Sara uses personal information for purposes including:

• Processing and fulfilling orders

• Managing customer accounts

• Providing customer support and communications

• Marketing and promotional activities (where permitted by law)

• Business operations, analytics, and service improvement

• Fraud prevention and security

• Recruitment and employment assessment

Personal information is not sold to third parties.

6. Direct Marketing

Hey Sara may use personal information to send marketing communications via email or SMS where permitted by law.

All marketing communications include a clear and functional unsubscribe mechanism, allowing recipients to opt out at any time. Opt-out requests are processed promptly.

7. Third-Party Service Providers and Platforms

Hey Sara uses reputable third-party service providers to operate and market its business, including:

• Shopify – e-commerce hosting, checkout, and order management

• Google – analytics, advertising, and performance measurement

• Meta (Facebook and Instagram) – advertising and social media engagement

• Klaviyo – email and SMS marketing communications

These service providers may process personal information on our behalf, including in locations outside Australia.

8. Overseas Disclosure of Personal Information

Some personal information collected by Hey Sara may be stored or processed by third-party service providers located outside Australia.

Hey Sara takes reasonable steps to ensure that overseas recipients handle personal information in a manner consistent with the Australian Privacy Principles, including through contractual safeguards and platform compliance measures.

By using our services, you consent to the overseas disclosure of your personal information where required for business operations.

9. Quality of Personal Information

Hey Sara takes reasonable steps to ensure that personal information it collects, uses, or discloses is accurate, up to date, and complete. Customers are encouraged to contact us if their personal details change.

10. Security of Personal Information

Hey Sara takes reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure.

Security measures include the use of secure cloud-based systems, access controls, and reputable third-party platforms. While reasonable precautions are taken, no method of transmission over the Internet is completely secure.

11. Retention and Disposal of Personal Information

Hey Sara retains personal information only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, taxation, and reporting obligations.

When personal information is no longer required, it is securely destroyed or de-identified in accordance with applicable laws and reasonable business practices.

12. Automated Processing and Analytics

Hey Sara may use automated tools, analytics, and profiling technologies to analyse website usage, improve services, and personalise marketing communications. These processes do not produce legal or similarly significant effects on individuals.

13. Access to Personal Information

You may request access to the personal information that Hey Sara holds about you at any time. Requests should be made using the contact details below, and identity verification may be required.

Hey Sara will respond to access requests within a reasonable period. Access will generally be provided free of charge, although a reasonable administrative fee may apply where permitted by law.

If access is refused, written reasons and information about available complaint mechanisms will be provided.

14. Correction of Personal Information

If you believe that personal information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, you may request correction. Hey Sara will take reasonable steps to correct the information and notify you of the outcome.

15. Data Breaches

In the event of a data breach that is likely to result in serious harm, Hey Sara will comply with its obligations under the Notifiable Data Breaches (NDB) scheme, including notifying affected individuals and the Office of the Australian Information Commissioner where required.

16. Children’s Privacy

Hey Sara does not knowingly collect personal information from children under the age of 16. If such information is identified, it will be deleted as soon as reasonably practicable.

17. Links to Other Websites

Our website may contain links to external websites. Hey Sara is not responsible for the privacy practices or content of third-party websites and encourages users to review their privacy policies.

18. Privacy Governance and Accountability

Hey Sara is responsible for ensuring compliance with this Privacy Policy and the Australian Privacy Principles. Staff who handle personal information are required to follow internal policies and procedures designed to protect privacy and data security.

19. Complaints and Contact Details

Hey Sara Pty Ltd

Email: info@heysara.com

Phone: +61 7 5616 8956

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

20. Changes to This Policy

Hey Sara reserves the right to amend this Privacy Policy at any time. The most current version will be published on our website.

© Hey Sara Pty Ltd – All Rights Reserved