top of page
  • TikTok
  • Facebook
  • Instagram

PRIVACY POLICY

1.Who We Are

Business Name: Holiday Haven
Location: Perth, Western Australia
Last Updated: December 2, 2025

1.1 Introduction

Holiday Haven ("we", "us", "our") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website or purchase Christmas home décor products from our online store.

We comply with the Australian Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and are committed to handling your personal information responsibly and transparently.

By using our website and services, you consent to the collection and use of your information as described in this Privacy Policy

2. Information We Collect

2.1 Personal Information

You Provide

When you place an order, create an account, or contact us, we may collect:

  • Full name

  • Email address

  • Billing address

  • Shipping/delivery address

  • Phone number

  • Payment information (processed by our payment providers)

  • Order history and preferences

  • Communication history with our customer service team

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain information, including:

  • IP address and device identifiers

  • Browser type and version

  • Operating system

  • Pages visited and navigation patterns

  • Time and date of visits

  • Referring website addresses

  • Location data (based on IP address)

  • Cookies and similar tracking technologies

 

2.3 Payment Information

Payment information is collected and processed securely by our third-party payment providers (PayPal, credit card processors, and Apple Pay). We do not store complete credit card details on our servers. Payment providers maintain their own privacy and security practices.

3. How We Use Your Information

We collect and use your personal information for the following purposes:

Order Fulfillment: To process, fulfill, and deliver your orders through our drop-shipping suppliers

Payment Processing: To process payments securely and prevent fraudulent transactions

Customer Service: To respond to your inquiries, provide support, and communicate about your orders

Business Operations: To maintain and improve our website, products, and services

Marketing Communications: To send promotional emails about new products, special offers, and seasonal collections (only with your consent)

Legal Compliance: To comply with applicable laws, regulations, and legal processes

Analytics and Improvement: To understand customer behavior and improve our online store experience

4. Legal Basis for Collection and Use

Under the Australian Privacy Act 1988, we collect and use your personal information when:

  • It is reasonably necessary for our business functions and activities

  • You have provided consent (such as for marketing communications)

  • We are required or authorized by law

  • It is necessary to fulfill our contract with you when you place an order

5. Disclosure of Your Information

We may share your personal information with the following third parties:

5.1 Service Providers and Business Partners

Wix: Our website hosting and e-commerce platform provider

Payment Processors: PayPal, credit card processors, and Apple Pay to process your payments securely

Drop-shipping Suppliers: Third-party suppliers who manufacture and ship products directly to you (we only share information necessary for order fulfillment)

Shipping and Logistics Providers: Courier services and postal services to deliver your orders

Email Service Providers: To send order confirmations, shipping notifications, and marketing emails (with your consent)

Analytics Providers: To analyze website traffic and user behavior for business improvement

5.2 Legal and Regulatory Requirements

We may disclose your information when required by law, court order, subpoena, or to:

  • Comply with legal obligations

  • Protect our rights, property, or safety

  • Prevent fraud or illegal activities

  • Enforce our terms and conditions 

 

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to the acquiring entity.

5.4 With Your Consent

We may share your information with other third parties when you have given explicit consent.

6. International Data Transfers

As we operate a drop-shipping business serving customers in Australia and the United States, your personal information may be transferred to, stored, and processed in countries outside Australia, including:

  • United States (for payment processing and some suppliers)

  • Other countries where our drop-shipping suppliers are located

When we transfer your information internationally, we take reasonable steps to ensure your information is protected in accordance with Australian privacy laws. This may include:

  • Entering into contractual agreements with overseas recipients

  • Ensuring recipients are bound by privacy obligations substantially similar to the APPs

  • Only working with reputable international service providers

By providing your personal information, you consent to these international transfers. Please note that overseas recipients may not be subject to privacy obligations equivalent to Australian privacy laws, and you may not be able to seek redress under the Privacy Act 1988.

7. Data Security

We implement reasonable technical, physical, and administrative security measures to protect your personal information from unauthorized access, misuse, loss, disclosure, alteration, and destruction. These measures include:

  • SSL/TLS encryption for data transmission

  • Secure servers with firewalls

  • Access controls and authentication protocols

  • Regular security assessments and updates

  • Secure payment processing through PCI-DSS compliant providers

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and provide website functionality.

Types of Cookies We Use:

Essential Cookies: Required for the website to function properly (e.g., shopping cart, checkout process)

Performance Cookies: Help us understand how visitors interact with our website by collecting anonymous information

Functionality Cookies: Remember your preferences and choices to provide enhanced features

Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness (only with your consent)

Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to:

  • View and delete cookies

  • Block third-party cookies

  • Block all cookies

  • Receive notifications when cookies are set

Please note that disabling cookies may affect the functionality of our website and your user experience.

9. Marketing Communications

With your consent, we may send you marketing communications via email about:

  • New Christmas décor collections

  • Special promotions and discounts

  • Seasonal sales and exclusive offers

  • Product recommendations

 

Opting Out

You can unsubscribe from marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email

  • Contacting us at kclipz036@gmail.com

  • Updating your email preferences in your account settings

Please note that even if you opt out of marketing communications, we will still send you transactional emails related to your orders (e.g., order confirmations, shipping updates).

10. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Order and Transaction Records: Retained for at least 7 years to comply with tax and accounting obligations

Marketing Data: Retained until you withdraw consent or we determine it is no longer relevant

Account Information: Retained while your account is active or as needed to provide services

Customer Service Records: Retained for a reasonable period to handle inquiries and resolve disputes

When personal information is no longer needed, we will take reasonable steps to destroy or de-identify it securely.

11. Your Rights Under the Privacy Act 1988

Under the Australian Privacy Act 1988, you have the following rights regarding your personal information:

11.1 Right to Access

You have the right to request access to the personal information we hold about you. We will provide you with access unless an exception under the Privacy Act applies.

11.2 Right to Correction

You have the right to request correction of your personal information if it is inaccurate, out-of-date, incomplete, irrelevant, or misleading. If we refuse your request, we will provide you with written reasons.

11.3 Right to Complain

If you believe we have breached the Australian Privacy Principles, you have the right to lodge a complaint (see Section 13 below).

11.4 How to Exercise Your Rights

To access or correct your personal information, please contact us at:

Email: holidayhaven80@gmail.com

We will respond to your request within a reasonable timeframe (generally within 30 days). We may charge a reasonable fee for providing access to your information, and we will notify you of any fees before processing your request.

12. Third-Party Websites and Links

Our website may contain links to third-party websites, including social media platforms and partner sites. We are not responsible for the privacy practices or content of these external websites. We encourage you to review the privacy policies of any third-party sites you visit.

13. Making a Complaint

If you have concerns about how we handle your personal information or believe we have breached the Australian Privacy Principles, you can lodge a complaint with us:

Step 1: Contact Us

Email: holidayhaven80@gmail.com
Subject Line: Privacy Complaint

Please provide details of your complaint, including:

  • Your contact information

  • Description of the privacy concern

  • Any relevant dates or circumstances

  • What resolution you are seeking

Step 2: Our Response

We will acknowledge receipt of your complaint within 7 business days and investigate the matter thoroughly. We will provide a written response within 30 days, outlining our findings and any actions we will take.

Step 3: External Complaint (if unresolved)

If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Mail: GPO Box 5218, Sydney NSW 2001

The OAIC can investigate your complaint and, if appropriate, take regulatory action.

14. Children's Privacy

Our website and services are not directed at children under the age of 18. We do not knowingly collect personal information from children. If you are under 18, please do not provide any personal information through our website.

If we become aware that we have inadvertently collected personal information from a child under 18, we will take steps to delete that information as soon as possible. If you believe we have collected information from a child, please contact us immediately at holidayhaven80@gmail.com.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make significant changes, we will notify you by:

  • Posting the updated Privacy Policy on our website

  • Updating the "Last Updated" date at the top of this policy

  • Sending an email notification (where appropriate)

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our website and services after changes are posted constitutes your acceptance of the updated Privacy Policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Holiday Haven

Email: holidayhaven80@gmail.com
Location: Perth, Western Australia

We will respond to your inquiry as soon as reasonably possible, typically within 5-7 business days.

Acknowledgment: This Privacy Policy is designed to comply with the Australian Privacy Act 1988 and the Australian Privacy Principles. We recommend periodic review by a qualified legal professional to ensure ongoing compliance with current privacy laws and regulations.

SAFETY SECURITY

Our Commitment to Your Security

At Holiday Haven, your safety and security are our highest priorities. We understand that when you shop with us for Christmas home décor, you're trusting us with your personal and financial information. This policy explains in clear, straightforward terms how we protect your data, secure your transactions, and maintain the integrity of your information throughout your shopping experience.

We are committed to implementing industry-leading security measures and maintaining transparency about our practices so you can shop with complete confidence.

1. How We Protect Your Personal Information

1.1 Data Encryption

SSL/TLS Encryption: Every page on our website uses 256-bit SSL (Secure Socket Layer) encryption technology. This means that all information transmitted between your browser and our website is encrypted and cannot be intercepted by unauthorized parties. You can verify our secure connection by looking for the padlock icon in your browser's address bar.

Secure Data Transmission: All personal information you provide—including your name, address, email, and order details—is encrypted during transmission to prevent unauthorized access.

1.2 Secure Data Storage

Protected Servers: Your personal information is stored on secure servers maintained by Wix, our trusted e-commerce platform provider. These servers are:

  • Protected by advanced firewalls

  • Located in secure data centers with physical security measures

  • Monitored 24/7 for suspicious activity

  • Regularly updated with the latest security patches

Access Controls: We strictly limit access to your personal information. Only authorized Holiday Haven team members who need the information to process your order, provide customer service, or fulfill business operations can access your data. All team members are bound by confidentiality agreements.

Data Minimization: We only collect and store the information necessary to process your orders and provide our services. We do not collect unnecessary personal information.

1.3 Regular Security Audits

We conduct regular security assessments and monitoring to:

  • Identify and address potential vulnerabilities

  • Ensure our security measures remain up-to-date

  • Test our systems against emerging threats

  • Maintain compliance with industry standards

2. Payment Security

2.1 Third-Party Payment Processing

We never store your complete credit card information on our servers. All payment processing is handled by trusted, industry-leading third-party payment providers:

PayPal: A globally recognized payment platform with bank-level security. When you pay with PayPal, your financial information is processed and stored by PayPal according to their security standards. We never see your complete credit card or bank account details.

Credit Card Processors: Our credit card payments are processed through PCI-DSS (Payment Card Industry Data Security Standard) compliant payment gateways. These processors use advanced fraud detection and encryption to protect your card information.

Apple Pay: When you use Apple Pay, your card details are never shared with us. Apple Pay uses device-specific numbers and unique transaction codes, ensuring your card information stays secure.

2.2 Payment Verification

To prevent fraudulent transactions and protect both you and our business, we use third-party banking verification systems that:

Verify Card Authenticity: Confirm that the payment card is valid and has not been reported as stolen or fraudulent

Check Billing Information: Match your billing address with the information on file with your card issuer

Assess Transaction Risk: Use sophisticated algorithms to identify potentially fraudulent orders based on purchasing patterns, location data, and other risk factors

3D Secure Authentication: For certain transactions, you may be asked to verify your identity through your bank's additional authentication process (such as a one-time code sent to your phone)

2.3 What Happens If We Detect Suspicious Activity

If our fraud detection systems flag a transaction as potentially suspicious, we may:

  • Contact you via email or phone to verify the order

  • Request additional verification information

  • Temporarily hold the order until verification is complete

  • Cancel the order if we cannot verify its legitimacy

This is done to protect you from unauthorized use of your payment information.

3. How We Collect Your Data

3.1 Information You Provide Directly

During Checkout: When you place an order, you voluntarily provide:

  • Your name and contact information

  • Shipping and billing addresses

  • Email address and phone number

  • Payment information (handled by payment processors)

Account Creation: If you create an account, you provide:

  • Login credentials (email and password)

  • Saved addresses and preferences

  • Order history

Customer Service: When you contact us, we collect:

  • Your inquiry or complaint details

  • Communication history

  • Any additional information you choose to share

 

3.2 Information Collected Automatically

Website Usage Data: When you browse our website, we automatically collect:

  • IP address and location data

  • Browser type and device information

  • Pages you visit and how long you stay

  • Referring websites

  • Date and time of visits

Cookies and Tracking: We use cookies to:

  • Remember your shopping cart items

  • Keep you logged in (if you have an account)

  • Understand how you use our website

  • Improve your shopping experience

You can manage cookie preferences through your browser settings at any time.

3.3 Why We Collect This Information

We collect data to:

  • Process and fulfill your orders accurately

  • Communicate with you about your purchases

  • Provide customer support

  • Improve our website and product offerings

  • Prevent fraud and enhance security

  • Comply with legal obligations

  • Send marketing communications (only with your consent)

 

4. When We Contact You

We believe in transparent communication. Here's exactly when you can expect to hear from us:

4.1 After Your Purchase

Immediate Order Confirmation (within minutes):

  • You'll receive an email confirming we've received your order

  • This includes your order number, items purchased, and total amount

  • Keep this email for your records

Payment Confirmation (within 24 hours):

  • Once payment is verified and processed successfully

  • Confirms your order is moving to fulfillment

Shipping Notification (1-3 business days after order):

  • When your order is dispatched from our supplier

  • Includes tracking information so you can monitor delivery

  • Expected delivery timeframe

Delivery Updates (as applicable):

  • If there are any delays or issues with shipping

  • When your package is out for delivery

  • Delivery confirmation (if available through the carrier)

 

4.2 Customer Service Communications

We may contact you if:

  • We need to verify your order or payment information

  • There's an issue with your order (e.g., item out of stock)

  • You've submitted an inquiry and we're responding

  • We need additional information to complete delivery

  • There's a significant delay in shipping

 

4.3 Marketing Communications (Optional)

With your explicit consent, we may send:

  • New product announcements and seasonal collections

  • Special promotions and exclusive discounts

  • Holiday shopping guides and décor tips

You're always in control: You can unsubscribe from marketing emails at any time by clicking the unsubscribe link or contacting us at holidayhaven80@gmail.com.

4.4 We Will NEVER:

  • Contact you asking for your password

  • Request your full credit card details via email

  • Ask you to verify payment information through suspicious links

  • Send you unsolicited attachments

  • Contact you from unofficial email addresses

If you receive suspicious communication claiming to be from Holiday Haven, please report it to us immediately.

​​

5. How We Work With Third-Party Suppliers

5.1 Drop-shipping and Order Fulfillment

Holiday Haven operates on a drop-shipping model, which means:

What Information We Share: When you place an order, we share only the necessary information with our trusted suppliers:

  • Your name

  • Shipping address

  • Order details (items and quantities)

  • Special delivery instructions (if provided)

   What We DON'T Share: We never share:

  • Your payment information

  • Your email address (unless required for delivery)

  • Your phone number (unless required by the carrier)

  • Your browsing history or personal preferences

5.2 Supplier Security Standards

We carefully select drop-shipping partners who:

  • Maintain secure data handling practices

  • Comply with privacy and security regulations

  • Use encrypted communication channels

  • Protect customer information from unauthorized access

  • Have clear data protection policies

 

5.3 International Suppliers

Some of our suppliers may be located outside Australia. When your information is shared internationally:

  • We ensure appropriate contractual safeguards are in place

  • Suppliers are required to protect your data according to our standards

  • Your information is only used for order fulfillment purposes

 

6. Data Retention and Deletion

6.1 How Long We Keep Your Information

Active Orders: Information related to current orders is retained until delivery is complete and any potential return period has passed.

Transaction Records: We retain order history and transaction data for 7 years to comply with Australian tax and accounting laws.

Account Information: If you create an account, your information is retained while your account is active.

Marketing Lists: Your email address remains on our marketing list until you unsubscribe.

Inactive Accounts: If you haven't logged in or made a purchase in 3 years, we may contact you to confirm whether you want to keep your account active.

6.2 How to Delete Your Information

You have the right to request deletion of your personal information. Contact us at @gmail.com to request:

  • Account deletion

  • Removal from marketing lists

  • Deletion of personal data (subject to legal retention requirements)

Please note: We may need to retain certain information to comply with legal obligations, resolve disputes, or enforce our agreements.

7. Your Role in Security

While we implement robust security measures, you also play an important role in protecting your information:

7.1 Protect Your Account

Strong Passwords: If you create an account, use a strong, unique password that:

  • Is at least 8 characters long

  • Includes letters, numbers, and symbols

  • Is different from passwords you use on other websites

Keep Login Details Private: Never share your account password with anyone, including Holiday Haven staff.

Log Out: Always log out of your account when using shared or public computers.

7.2 Monitor Your Accounts

Review Statements: Regularly check your bank and credit card statements for unauthorized charges.

Check Order History: If you have an account, review your order history for any unfamiliar purchases.

Report Suspicious Activity: Contact us immediately if you notice:

  • Unauthorized orders on your account

  • Suspicious emails claiming to be from Holiday Haven

  • Unusual account activity

 

7.3 Be Cautious Online

Phishing Awareness: Be wary of emails asking for personal or payment information. We will never request sensitive information via email.

Secure Connection: Only shop on our website when you see "https://" and the padlock icon in your browser.

Public Wi-Fi: Avoid making purchases over unsecured public Wi-Fi networks.

8. Security Incident Response

8.1 Our Commitment

In the unlikely event of a data breach or security incident that affects your personal information, we will:

Act Quickly: Immediately investigate and contain the incident

Notify You Promptly: Inform affected customers as soon as possible, in compliance with Australian privacy laws

Provide Clear Information: Explain what happened, what information was affected, and what steps we're taking

Offer Support: Provide guidance on how to protect yourself and monitor for potential misuse

Report to Authorities: Notify the Office of the Australian Information Commissioner (OAIC) if required by law

8.2 How We'll Contact You

In case of a security incident, we will contact you via:

  • Email to the address on file

  • Notice on our website homepage

  • Other appropriate communication channels

 

9. Children's Safety

Holiday Haven's website is intended for adult customers (18 years and older). We do not knowingly collect personal information from children under 18.

If you are under 18, please:

  • Do not create an account

  • Do not make purchases

  • Ask a parent or guardian to shop on your behalf

If we discover we have inadvertently collected information from someone under 18, we will delete it immediately. Parents or guardians who believe we may have information about a minor should contact us at holidayhaven80@gmail.com

.

10. Updates to This Policy

We may update this Safety and Security Policy to reflect:

  • Changes in our security practices

  • New technologies we implement

  • Updates to legal requirements

  • Feedback from customers

When we make significant changes, we will:

  • Update the "Last Updated" date at the top

  • Post a notice on our website

  • Send an email notification (for major changes)

We encourage you to review this policy periodically to stay informed about how we protect your information.

11. Questions and Concerns

Your trust is important to us. If you have any questions or concerns about how we protect your information, please don't hesitate to reach out:

Holiday Haven
Email: holidayhaven80@gmail.com
Location: Perth, Western Australia

We typically respond to security inquiries within 24-48 hours.

12. Reporting Security Issues

If you discover a security vulnerability on our website or believe your account has been compromised, please contact us immediately at holidayhaven80@gmail.com with the subject line "SECURITY ISSUE."

Please include:

  • A description of the issue

  • Steps to reproduce (if applicable)

  • Any relevant screenshots or evidence

  • Your contact information

We take security reports seriously and will investigate all concerns promptly.

Thank you for trusting Holiday Haven with your Christmas home décor needs. Your security is our priority, and we're committed to protecting your information every step of the way.

bottom of page