Shopping Cart - $0.00

You have no items in your shopping cart.


Privacy Policy


In this Privacy Policy, Penny Scallan, we, our or us is a reference to Penny Scallan Trading Pty Ltd (ACN 163 871 216).

This Privacy Policy explains the key measures we have taken to implement the requirements of the Privacy Act 1988 including the Australian Privacy Principles (Privacy Act) and where applicable, other data protection laws such as the European Union General Data Protection Regulations (GDPR). It aims to answer the questions you may have about how we collect, store, use and disclose the information we collect from you, including your Personal Information.

If you have any further questions about our privacy practices, please contact our Privacy Officer.


Our Privacy Officer can be contacted by:


Our services are not directed or targeted at children under the age of sixteen (16) years. We do not knowingly collect, store or use Personal Information from anyone under the age of sixteen (16) years. By accessing (our web site) or placing an order on our web site you confirm that you are sixteen (16) years or older. If you are under the age of sixteen (16) years, you may not use our web site unless your parent consents to this Privacy Policy. If you are under the age of sixteen (16) years please discuss this Privacy Policy with your parent and ensure that your parent has provided their consent for us to process your Personal Information in accordance with this Privacy Policy.


Personal Information is information or an opinion relating to an identified or reasonably identifiable individual, whether true or not.

We may collect the following Personal Information about you:

  •  name
  •  email
  •  phone
  •  address

Sensitive Information is a subset of Personal Information and is defined in the Privacy Act to include information or an opinion about an individual’s racial or ethnic origin, political opinion, religious beliefs, philosophical beliefs, membership of a trade union, sexual orientation, criminal record, and health, genetic or biometric information. Penny Scallan does not solicit or store Sensitive Information.

Penny Scallan collects Personal Information in the process of conducting its business. Where practical, we will only collect information directly from you. However, Personal Information may also be collected via a contact in your organisation or through a third party who we believe has informed you that your details may be provided to us.

Generally, we do not collect or store your payment details. We use third party payment processors. If you wish to make a payment for our products or services, your payment information may be collected by such third parties but not us. These third parties will be governed by their own privacy policies, the Privacy Act, GDPR and any other relevant law. You should read their privacy policies before providing your Personal Information to them. We use reasonable steps to ensure that we only use third party payment processors who comply with the above laws, however, we are not responsible for the actions of these third party payment processors.

However, in some instances we may be required to process your order manually over the phone. If this occurs, we may have to collect your payment details to pass on to third party payment processors.


We collect Personal Information directly and indirectly from you in a number of ways, including:

      1. when you visit or use our web site, including signing up to our database;
      2. through our web site when you create an account or place an order with us;
      3. when you contact our customer service centre;
      4. when you sign up to our database at events such as trade or consumer shows;
      5. when you enter competitions run by us;
      6. via any third-party web sites or platforms (including social media) through which you access our products and services, or interact with us; or
      7. when you apply for a position with Penny Scallan.


We may collect, store or use your Personal Information if:

  •  it is necessary for us to provide you with the services or products that you have requested;
  •  it is necessary for us to comply with our legal obligations;
  •  it is for our legitimate business interests;
  •  we have obtained your consent from you to do so;
  •  the assets of Penny Scallan are sold or the business interests of Penny Scallan are acquired by another party, in which case you consent to the control of your Personal Information being transferred to the new owner by Penny Scallan; or
  •  in the case of employees and contractors, it is necessary for our own internal administration purposes such as processing payroll.

We will only collect, store or use your personal information if we believe it is relevant to conducting our business with you, including to ensure that we can maintain contact with you.

Contact with you may be verbal, electronic or written. The reason for the contact may be to advise you that your products have been dispatched, maintain a relationship with you (e.g. notify you about promotions and upcoming events or share brand news and content).

If we do not collect your Personal Information then we may not be able to contact you or process the orders you place for our products.


By creating an account with us, subscribing to our database or entering competitions run by us, you consent to us using your Personal Information for marketing purposes. If you are within the EU or UK, we will ask you to confirm your consent for marketing purposes through an email link that we will send to the email address that you have provided.

Penny Scallan allows you to withdraw your consent to the processing of your Personal Information for marketing purposes at any time. We enable customers to withdraw their consent and opt out of marketing emails via the unsubscribe function on every marketing email or by contacting our Privacy Officer.

We utilise third party software to process email correspondence and use best endeavours to ensure that all unsubscribe requests are attended to in a timely manner. On occasion some customers may have multiple email contact points, if this is the case please contact our Privacy Officer and we will unsubscribe your details from our email list directly.


The security and protection of your Personal Information is important to us. Your information is held either in paper-based records or in electronic form in our databases and secure servers hosted in Australia. We take steps to ensure that your Personal Information is protected from misuse and loss and from unauthorised access, modification or disclosure. We also take reasonable steps to ensure that your Personal Information is stored in a secure environment accessed only by authorised persons and protected by Antivirus Software and Firewalls.

The Penny Scallan web environment has added security available as a default option by using Secure Sockets Layer (SSL) technology and Hyper Text Transfer Protocol Secure (HTTPS). This means that for authenticating and transacting orders on line, information you send is encrypted by your computer, and then decrypted again on our side, preventing others from accessing your private information in between.

If we have reasonable grounds to believe the Personal Information that we hold may be subject to unauthorised access or disclosure (data breach), we will investigate and assess the suspected data breach to determine whether the data breach is likely to result in serious harm to you (Notifiable Data Breach). If a Notifiable Data Breach occurs then we will notify you and the Australian Information Commissioner as soon as practicable after we become aware of the Notifiable Data Breach in accordance with our obligations under the Privacy Act. We will comply in every way with our obligations under Part IIIC – “notification of eligible data breaches” of the Privacy Act.


You have a right to be informed about any protections that we have in place when we transfer your Personal Information, including overseas. This Privacy Policy will outline where we disclose your Personal Information and the steps we have taken to protect your Personal Information during that transfer.

Whilst we hold your Personal Information on secure servers within Australia, we may also disclose your Personal Information to third party service providers, including international distributors, IT service providers and email marketing platforms (Service Providers) on a need to know basis to allow the provision of services and products to us and you, and to ensure our web site is working efficiently.

Our Service Providers and – if relevant – their servers are located around the world, including but not limited to:

  •  Australia;
  •  New Zealand;
  •  European Union;
  •  United State of America; and
  •  United Arab Emirates.

Access to Personal Information by Service Providers is governed by any agreements we may have in place with the Service Providers and the Service Providers’ obligations under the Privacy Act, GDPR and any other relevant law. Our agreements with Service Providers require such Service Providers to comply with these laws.

We may also disclose your Personal Information if we believe it is necessary to do so to prevent or help detect fraud or serious credit infringements - for example, we may share information with credit reporting agencies, law enforcement agencies and fraud prevention units.

Nothing in this Privacy Policy permits us to sell your Personal Information to another party for use as a general contact database or for the purposes of marketing to you.


Our web site uses cookies which are small amounts of information sent from a web server to your computer. These cookies are used to retain login and state information. We do not use cookies to track your internet activity before or after you leave our web site. Any activity whilst you are at our web site may be monitored. Most web browsers automatically accept cookies and this function can be disabled by changing your browser settings.

No third party has access to our cookies. Instead, Penny Scallan use third-party software to monitor and analyse the behaviour of customers on our web site so that we can improve your customer experience.


You can access the Personal Information we hold about you at any time. Simply contact our Privacy Officer to make your request. We will always endeavour to meet your request for access. However, in some circumstances we may decline a request for access. If we decline your request for access, we will give you reasons for our decision when we respond to your request.


It is important that the Personal Information we hold about you is accurate. We will take reasonable steps to ensure that your Personal Information is accurate, complete and up-to-date at the time of collecting, storing, using or disclosing the Personal Information. If you believe that any Personal Information we hold about you is inaccurate, incomplete or out-of-date, you should contact our Privacy Officer and we will take reasonable steps to correct it.


We will keep your Personal Information for as long as we require the Personal Information for a valid and lawful purpose.

Purposes include (but are not limited to):

        1. to provide you with our services and the products that you requested;
        2. protect our rights, investigate or defend any claims (actual or potential) made against us;
        3. perform our obligations under a contract; and
        4. comply with our legal obligations.

If your Personal Information is no longer needed, we will either delete it from our systems or de-identify it, so that it cannot be attributed to you personally, unless we are required to keep it by law.

Without limiting the above, you may also request that we delete your Personal Information, or that we stop or limit the processing of your Personal Information. If you would like to make such a request, you should contact our Privacy Officer and we will take reasonable steps to comply with your request.


If you are in the EU or UK, you may have the right to request that we help you move your Personal Information to other companies or organisations where this is technically feasible provided that the Personal Information was collected by automatic means. If you would like to make such a request, you should contact our Privacy Officer. If we are required to do so at law, we will take reasonable steps to process your request.


If you have any further queries relating to this Privacy Policy, please contact our Privacy Officer. If we become aware of any ongoing concerns or problems with your Personal Information, we will take these issues seriously and work to address these concerns.

If you have a complaint in relation to the way Personal Information has been handled by us, the complaint should be made in writing to our Privacy Officer in the first instance. We will investigate the complaint and prepare a response to you in writing within a reasonable period of time.


From time to time, our policies will be reviewed and may be revised. We reserve the right to change this Privacy Policy at any time and publish such changes on our web site. Before providing us with Personal Information, please check this Privacy Policy on our web site for any changes.

This Privacy Policy was last updated in September 2018.