PRIVACY POLICY
Corporate Shadows Pty Ltd t/a ComSafe (ABN 65 051 956 319)
Effective date: 7 December 2025
Last updated: 7 December 2025
We respect your privacy and are committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).This Privacy Policy explains how Corporate Shadows Pty Ltd (“we”, “us”, “our”) collects, uses, discloses, stores, and protects your personal information when you use our website comsafe.org (https://www.comsafe.org), purchase goods or services from us, or otherwise interact with us.
1. What personal information do we collect?
We may collect the following types of personal information:
- Identity and contact information: name, email address, postal address, phone number, date of birth
- Payment and transaction information: credit card number, expiry date, CVV, billing address (note: card data is tokenized and never stored in full on our systems)
- Account information: username, password (hashed), order history
- Technical data: IP address, browser type, device information, cookies, analytics data
- Marketing and communication preferences
- Any other information you voluntarily provide (e.g., via customer support or surveys)
2. How we collect personal information
We collect personal information in the following ways:
- Directly from you when you create an account, place an order, subscribe to our newsletter, or contact us
- Automatically through cookies and similar technologies when you visit our website
- From third parties such as payment gateway providers (e.g., Stripe, PayPal, Zip, Afterpay), delivery partners (e.g., Australia Post, Sendle), and analytics providers (e.g., Google Analytics)
3. Why we collect, use and disclose your personal information
We collect and use your personal information for the following purposes (APP 3 & 6):
| Purpose | Legal basis under APPs |
|---|---|
| Process and fulfill your orders (including payment and delivery) | Necessary to perform a contract with you (APP 3.2) |
| Communicate with you about your orders, accounts, or enquiries | Necessary to perform a contract / legitimate interests |
| Comply with payment card industry (PCI DSS) security standards | Legal obligation / legitimate interests |
| Prevent and detect fraud or unauthorized transactions | Legitimate interests |
| Send marketing communications (if you have consented) | Consent (APP 3.2) or legitimate interests (existing customers – soft opt-in) |
| Improve our website, products, and services (analytics) | Legitimate interests |
| Comply with legal obligations (e.g., tax, consumer law, notifiable data breaches) | Legal obligation |
We will only use or disclose your personal information for a secondary purpose if you would reasonably expect it, you have consented, or the law permits or requires it.
4. Payment card information (PCI DSS compliance)
We do not store your full credit card details on our servers. Card data is collected and processed through certified PCI DSS Level 1 compliant payment providers (e.g., Stripe, PayPal). These providers tokenize your card and handle all storage and transmission securely. We only receive a token that allows us to process future transactions (where you have authorized saved cards).
5. Who we may disclose your personal information to
We may disclose your personal information to:
- Payment gateway providers (Stripe, PayPal, etc.)
- Delivery and logistics partners (Australia Post, CouriersPlease, etc.)
- IT and hosting service providers (e.g., cloud providers located in Australia or overseas)
- Professional advisors (accountants, lawyers, auditors)
- Government or regulatory bodies when required by law
- Third parties in the event of a merger, acquisition, or sale of assets (with notice to you where required)
Some of these recipients may be located overseas (e.g., United States, Singapore). See section 8 below.
6. Marketing and opting out
If you have given consent or we are otherwise permitted under the Spam Act 2003 (Cth), we may send you marketing emails. Every marketing email contains an easy “unsubscribe” link. You can also opt out at any time by:
- Clicking “unsubscribe” in any email
- Emailing us at privacy@comsafe.org
- Updating your preferences in your account
7. Security of your personal information
We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorized access, modification, or disclosure. These steps include:
- Encryption of data in transit (TLS/SSL)
- Tokenization of payment card data
- Access controls and regular security testing
- Staff training
If we experience an eligible data breach, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme.
8. Overseas disclosure
Some of our service providers are located overseas (e.g., United States, Singapore, Ireland). When we disclose personal information overseas, we take reasonable steps to ensure the recipient complies with the Australian Privacy Principles or is subject to a law or binding scheme that has substantially similar effect (APP 8). Common overseas recipients include:
- Stripe, Inc. (USA)
- Google LLC (USA)
- Shopify International Limited (Canada/Ireland) – if applicable
9. Cookies and tracking technologies
Our website uses cookies and similar technologies. For full details, please see our separate Cookie Policy at [link].
10. Access and correction
You have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate information
Contact us at privacy@comsafe.org. We will respond within 30 days (or sooner where required).
11. Complaints
If you believe we have breached the Australian Privacy Principles, please contact us first at privacy@comsafe.org so we can try to resolve it. You also have the right to complain to the Office of the Australian Information Commissioner (OAIC):
Website: www.oaic.gov.au
Phone: 1300 363 992
12. Changes to this Privacy Policy
We may update this policy from time to time. The latest version will always be posted on our website with the “Last updated” date.
13. Contact us
Privacy Officer
Corporate Shadows Pty Ltd
Email: privacy@comsafe.org
Address: 2A Westall Rd, Clayton Vic 3168
Phone: 1300 720 800