Privacy Policy


This Privacy Policy was last updated 8 July 2021.

1 In this Privacy Policy:

1.1 The words “us” or “our” or “we” or “Floss” refers to Floss Bakes Pty Ltd ACN 649 489 734 and the words “you” or “your” refers to the party accessing the website for the purpose of viewing its contents and/or placing an order with us for the purchase and supply of Products;
1.2 “Goods” means each and every product sold and/or supplied by Floss by means of the website.
1.3 “Website” means

2 Our commitment to your privacy

2.1 The privacy of individuals, including our staff and our users, is of utmost importance to Floss. This includes information or opinions about you that we collect and record which reasonably could be used to identify you. We adhere to the Australian Privacy Principles and the Privacy Act 1988 (Cth).
2.2 This document sets out Floss’s policies for managing personal information across our business operations in Australia. The details of our Privacy Officer, are as follows: Elizabeth Florence and/or Sam Pethely c/- The Privacy Officer, Floss Bakes Pty Ltd, 54 Martha Street, Camp Hill Qld 4152 or c/-

3 Application of this Privacy Policy

3.1 This Privacy Policy applies to the Website.
3.2 Not all the information described in the Privacy Policy is ‘Personal Information’ under the Privacy Act 1988 (Cth) - some of the Online Information Floss collects does not identify you (for example, some information we collect using cookies or information that is aggregated or de-identified).
3.3 Floss reserves the right to change this Privacy Policy. We recommend that you check the current version of the Privacy Policy available from time to time. If Floss makes changes to this Privacy Policy, the date at the top of this Privacy Policy will be updated.
3.4 You acknowledge that for the purposes of this Privacy Policy, Floss is the Data Controller for Personal Data which may be stored. When using the payment services, you will also be providing your information, including personal information, to one or more Payments entities, which will also be the Data Controller (the “Payments Data Controller”) of your information related to the Payment Services, and one or more payment entities are the Data Processors in respect of any Personal Data.

4 Types of Personal Information Floss Collects

4.1 When you use the Website we generally collect your name, age, physical address, email address, telephone number and other contact details. If you use the Website some additional information such as a dietary preference may also be collected.
4.2 We generally do not collect sensitive information (such as relating to ethnic origin, religious or philosophical beliefs, membership of a political or trade association, sexual preferences or health), and would not do so without your consent.
4.3 Floss does not collect information in a way that is unfair or unlawful. The collection of information will not intrude unreasonably on the personal affairs of the individual concerned.
4.4 We may gather Online Information if you:
(a) use the Website;
(b) receive or reply to electronic communications from us;
(c) view or click on our ads or other online content; and
(d) interact with us through social media websites and other websites and apps.

5 Why Floss Collects Personal Information

5.1 Generally, we collect, hold, update and use personal information about you related to our functions and activities so we can establish, manage and administer the products and services provided by us, and to comply with legal and regulatory obligations. We also use, store, and process information about you to provide, understand, improve, and develop the Website, and to create and maintain a trusted and safer environment. We may also use and disclose your information for purposes related to those mentioned above, including:
(a) to provide requested services to you, and bill you for our services and collect overdue payments;
(b) to operate, protect, improve and optimize the Website and your experience, such as by performing analytics and conducting research;
(c) to personalize or otherwise customize your experience by, among other things, ranking search results or showing ads based on your search, history, and preferences;
(d) to enable you to access and use the payment and delivery services;
(e) to provide customer service;
(f) to send you service or support messages, such as updates, security alerts, and account notifications;
(g) for our research and development of new products and services;
(h) for training, quality control and verification purposes (including monitoring and recording your telephone conversations with us from time to time);
(i) to communicate our promotional materials to you;
(j) for record keeping, data analytics and auditing;
(k) to detect and prevent fraud, spam, abuse, security incidents, and other harmful activity;
(l) to conduct investigations and risk assessments;
(m) to verify or authenticate information or identifications provided by you (such as to verify your address or compare your identification photo to another photo you provide);
(n) to conduct checks against databases and other information sources;
(o) to resolve any disputes with any of our users and enforce our agreements with third parties;
(p) to enforce our terms of service, payment terms, and other policies; and
(q) to meet our legal obligations.

6 How Floss Collects Information

6.1 Generally, we collect personal information directly from you, in response to our direct e-mails, forms that you complete and submit to us, or when you have other dealings with us. We may collect that information over the internet, and when you write to us.
6.2 We may also collect personal information through third parties such as:
(a) a third-party business that provides commercial financial information;
(b) market research organisations;
(c) persons authorised by you (such as lawyers or accountants); and
(d) publicly available sources of information.
6.3 We only collect your information from external sources if it is impractical to collect it directly from you, or when we are permitted to do so.
6.4 We (and our Service Providers) also collect information through Cookies and Similar Technologies. Most Cookies and Similar Technologies will only collect De-Identified Information such as how you arrived at our Website or your general location. However, certain Cookies and Similar Technologies do collect Personal Information. For example, if you click Remember Me when you log in to our Website, a cookie will store your username.
6.5 We (and our Service Providers) may collect information using Cookies and Similar Technologies about:
(a) the device you use to access our Website (for example, we may collect information about the operating system or the browser version and the type of computer or mobile device);
(b) the IP Address and information related to that IP Address (such as domain information, your internet provider and general geographic location);
(c) browsing history on our Website (such as what you search for, the pages you view, how long you stay, and how often you come back);
(d) how you search for our Website, and from which website or app you came from;
(e) which ads or online content from us you view, access, or click on;
(f) whether you open our electronic communications and which parts you click on (for example, which links you use); and
(g) the location of your mobile device (for example, to help prevent fraud or when you register to receive location-based content).
6.6 We (and our Service Providers) may also collect information made publicly available through third-party platforms (such as online social media platforms), through online databases or directories, or that is otherwise legitimately obtained.

7 What happens if you do not provide information that has been requested?

7.1 It is your choice whether you provide personal information or not. However, if you don’t provide your personal information, we might be unable to provide you a full experience of the Website or be able to identify you to protect you against fraud.

8 How Floss stores information

8.1 We store personal information in a combination of secure computer storage and other record formats. We have taken a number of steps to protect the personal information we hold from misuse, loss and unauthorised access, modification or disclosure. We use generally accepted technology and security so that we are satisfied that your information is transmitted safely to us through the internet or other electronic means.
8.2 We will take reasonable steps to securely destroy or permanently de-identify personal information when we no longer need it.
8.3 We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorised access, loss, destruction, or alteration. However, the internet and mobile devices are not a 100% secure environment, so we can’t guarantee the security of the transmission or storage of your information.

9 When we may disclose your personal information

9.1 By continuing to use the Website you agree and consent to the use, disclosure and storage of your personal information under this policy.
9.2 Generally, we may disclose personal information about you in the following circumstances:
(a) to comply with our legal obligations (we notify you any time we are required to produce information in this way unless we are prohibited by court order or law or there is suspicion of fraud and/or criminal activity);
(b) where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter;
(c) where we are satisfied on reasonable grounds that disclosure is necessary to lessen or prevent a serious threat to the life, health, safety or welfare of an individual or to public health, safety or welfare;
(d) the disclosure is necessary for research or the compilation or analysis of statistics in the public interest, but does not involve the publication of the personal information in a form which would identify an individual;
(e) anyone authorised by you or to whom have provided your consent (either expressly or impliedly).

10 Sharing Your Information With Your Consent

10.1 We may share your information at your direction or as described at the time of sharing, such as when you authorise a third-party application or website to access your browsing and/or purchasing history with us.

11 Service Providers

11.1 We use a variety of third-party service providers to help us provide services related to the Website. Service providers will be located inside Australia. For example, service providers may help us:
(a) verify or authenticate your identification;
(b) check information against public databases;
(c) assist us with background checks, fraud prevention, and risk assessment; or
(d) provide customer service, advertising, or payments services.
11.2 These providers have limited access to your information to perform these tasks on our behalf and are contractually obligated to use it consistent with this Privacy Policy.

12 Safety and Compliance with Law

12.1 Floss may disclose your information to courts, law enforcement or governmental authorities, or authorised third parties, if and to the extent we are required to do so by law or if such disclosure is reasonably necessary:
(a) to comply with legal process and to respond to claims asserted against Floss;
(b) to respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability,
(c) to enforce and administer our Terms or other agreements with users;
(d) for fraud investigation and prevention, risk assessment, customer support, product development and debugging purposes, or
(e) to protect the rights, property or personal safety of Floss, its employees, its users, or members of the public.

13 Aggregated Data

13.1 We may also share aggregated information (information about our users that we combine together so that it no longer identifies or references an individual user) and non-personally identifiable information for industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
13.2 Aggregated Information or De-identified Information does not identify you individually; it helps us to analyse patterns among groups of people. We may share Aggregated Information or De-identified Information in several ways, for example:
(a) for the same reasons as we might share Personal Information;
(b) with businesses to help develop and market programs, products or services and present targeted content including Targeted Advertising;
(c) with businesses to conduct analysis and research about app users; or
(d) with Third-Party Ad-Servers to place ads to analyse the effectiveness of those ads.

14 Analysing your Communications

14.1 We may review, scan, or analyse your communications on the Website for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research, and customer support purposes. For example, as part of our fraud prevention efforts, we scan and analyse messages to mask contact information and references to other websites. In some cases, we may also scan, review, or analyse messages to debug, improve, and expand product offerings. We use automated methods where reasonably possible. However, occasionally we may need to manually review some communications, such as for fraud investigations and customer support, or to assess and improve the functionality of these automated tools. We will not review, scan, or analyse your communications to send third-party marketing messages to you, and we will not sell reviews or analyses of these communications.

15 Third-party partners & integrations

15.1 The Website may contain links to third party websites or services, such as third-party integrations, co-branded services, or third party-branded services (“Third-Party Partners”). Floss doesn’t own or control these Third-Party Partners and when you interact with them, you may be providing information directly to the Third-Party Partner, Floss, or both. These Third-Party Partners will have their own rules about the collection, use, and disclosure of information. We encourage you to review the privacy policies of the other websites you visit.

16 Will Your personal information be used for direct marketing?

16.1 We use and disclose your personal information to keep you informed about our range of offers.
16.2 You may opt out of receiving direct marketing from us at any time by contacting Floss’s Privacy Officer, whose details are provided at clause 2 above.

17 Cookies & Similar Technologies

17.1 If you do not want us to collect information about your use of Cookies & Similar Technologies, you can disable or delete them. Most computer systems and browsers offer their own privacy settings. We encourage you to use them to enhance your choices. Most browsers’ advanced settings (such as those in Internet Explorer, Google Chrome or Safari) allow you to disable Cookies & Similar Technologies.
17.2 Important – If you do disable or delete Cookies & Similar Technologies, some Website features and services may not work. You will need to manage your settings for each computer and browser you use to access the Internet.

18 Keeping Your Details Up-to-Date

18.1 We will take reasonable steps to make sure that the personal information we collect, use or disclose is accurate, complete and up-to-date. If your personal details change, you must update your details so that we can continue to provide you with our services.

19 You can access your personal information

19.1 Following a request, we will provide you with a copy of personal information which we hold about you in accordance with our obligations under the Privacy Act. We may charge a fee for retrieving this information (we will inform you of the fee before providing the information).
19.2 Please note that there are some circumstances set out in the Privacy Act where we may refuse your request.
19.3 We will promptly acknowledge and investigate any complaints about the way we manage personal information.

20 About this Privacy Policy Statement

20.1 We may update our policies and this Privacy Policy from time to time. The date at the top of Privacy Policy indicates when this Privacy was last updated.

21 Contacting us

21.1 If you have any questions about our policies, or if they wish to update or access the information we hold about you, wish to make a related complaint, opt out of receiving direct marketing material, please write to us at The Privacy Officer, Floss Bakes Pty Ltd, 54 Martha Street, Camp Hill Qld 4152 or email us at
21.2 If Floss takes more than 30 days to respond to your privacy complaint, or if you are dissatisfied with the outcome, they can make a complaint to the Privacy Commissioner at the Office of Australian Information Commissioner. The OAIC can be contacted on 1300 363 992 or at


Aggregated Information: data or information relating to multiple people which has been combined or aggregated. Aggregated Information includes information that we create or compile from various sources, including card transactions or certain data from Cookies and Similar Technologies.
Cookies and Similar Technologies: a cookie is a small data file that an app or website transfers to your computer's hard drive. We may place cookies when you use our websites or apps or where you use another company’s website and apps that our ads appear on. We may also place cookies when you request or personalize information or register for certain services. If you accept these cookies, you may give us access to information about your interests. We may use that information to personalize your experience. Similar technologies such as web beacons, pixels, gifs, and tags also do the same thing. We use the term Cookies and Similar Technologies in this statement to refer to all technologies that collect information in this way.
De-identified Information: data or information used in a way that does not identify you to a third party. We often derive De-Identified Information from Personal Information. It includes information that we may collect from various sources, such as card transactions or certain data from Cookies and Similar Technologies.
IP Address: a number assigned to a device when connecting to the Internet.
Online Information: data or information which may include Personal Information, Aggregated Information and De-Identified Information collected on the App as well as on websites and apps of third parties relating to topics about our business.
Other Information: Floss’s internal information, information from our Business partners, and other online and offline information we collect from or about you.
Personal Information: means information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion (such as name, address or telephone number).
Service Providers: any vendor, third party and/or company that performs business operations on our behalf, such as printing, mailing, and other communications services (email, direct mail, etc), marketing, data processing, servicing, collections, or ad management.
Targeted Advertising: ads we, or our Service Providers, display on the App based on the preferences or interests inferred from data collected from a particular computer or device regarding web viewing behaviors over time and across different websites and apps.
Third-Party Ad-Servers: companies that provide the technology to place ads on websites (and apps) and track how ads perform. These companies may also place and access cookies on your device. The information they collect from our websites or apps is in a form that does not identify you personally.