Privacy & Security Notice
Types of personal information collected
How personal information is collected and held
Purposes for handling personal information
Sharing of personal information
Procedures for access, correction and feedback
Additional privacy information
Card number, PINs and passwords
Third party sites
Changes to policies and procedures
At Coles Group Limited (“Coles”), we respect the privacy of your personal information in our care. Personal information means information which identifies you as an individual or from which your identity can be reasonably ascertained.
The types of personal information we collect includes name, contact details, identification information, household details, payment and transaction details/history (including information about payment cards linked to flybuys and associated transactions), details regarding participation in flybuys and our other clubs and programs operated from time to time, records of your communications and interactions with us, and details/history of preferences, interests and behaviour relating to transactions, products, services and activity with our digital services.
We may not be able to provide our products or services, or make offers to you without your personal information. For example, we may not be able to ensure you are awarded flybuys points, contact you or deliver your orders.
We may collect your personal information in relation to your interactions and transactions with us and Wesfarmers group companies. This includes: using your flybuys card or number or associated identifiers such as payment cards; making a purchase in store; placing an order online; making a non-cash payment; participating in a promotion, competition or survey; registering for services; or using related digital services. We may monitor and record your communications with us (including email and telephone) for security, dispute resolution, and training purposes, and we also operate video and audio surveillance devices in our premises. We may also collect personal information from third parties including public sources, information service providers, providers who administer Coles-branded products and services such as payment cards and insurance, anyone authorised to act on your behalf, and other Wesfarmers group companies including flybuys.
We hold personal information electronically and in hard copy form, both at our own premises and with the assistance of our service providers. We implement a range of measures to protect the security of that personal information. We also take measures in respect of destroying or de-identifying personal information that is no longer needed for any lawful purpose.
We handle your personal information in connection with providing, administering, improving and personalising our products and services. This can include processing payments, delivering orders, managing promotions, providing refunds and discounts, verifying your identity, communicating with you (including direct marketing), conducting product and market research, maintaining and updating our records, dealing with enquiries from you, and working with our service providers and other Wesfarmers group companies. Using personal information, we endeavour to improve our understanding of your interests, suitability and behaviour in relation to products, services and offers, including conducting risk assessments for financial products (including credit and insurance).
We may also handle your personal information to protect our lawful interests and facilitate purchases and potential purchases of our businesses. We may provide marketing communications and targeted advertising to you on an ongoing basis by telephone, electronic messages (e.g. email), our digital services and other means. These communications may relate to the products and services we, and other Wesfarmers group companies provide, and other products which may be of interest to you. You can call us on 131116 at any time to opt out of electronic and telephone direct marketing communications.
To make it easy for you to deal with other Wesfarmers group companies (including flybuys) and provide you with a more personal and consistent experience, we may exchange and combine personal information with them for the purposes described in our respective privacy policies.
We and Wesfarmers group companies may exchange your personal information with service providers engaged to assist with services including data processing, data analysis, information broking, credit reporting, online computing, printing, contact management, legal, accounting, business consulting, marketing, research, auditing, archival, delivery, security, investigation and mailing services, and in the provision of Coles-branded products and services such as payment cards and insurance..
The third parties to whom we disclose personal information may be located in Australia and other countries including Ireland, Hong Kong, Singapore and the United States of America. We take steps to ensure that our service providers are obliged to protect the privacy and security of your personal information and use it only for the purpose for which it is disclosed.
We provide information and services through a range of digital and online services including websites apps, email, online advertisements, IPTV and social media profiles. These services may be operated by us, other Wesfarmers group companies and flybuys program participants (collectively, Digital Services) to provide a consistent experience, personalise your use of each of those services and provide targeted marketing.
Our systems record a variety of information in relation to interactions with our online services. This can include information about software versions used, device identifiers (like IP address), location data (where available and not disabled by the user), dates, times, file metadata, referring website, data entered and user activity such as links clicked.
Some information we collect in relation to Digital Services is not related an individual. In many cases the information only relates to a device or is of an aggregated or statistical nature, and we will have no way of knowing the identity of the user. In other cases we may associate information about your use of Digital Services over time with your personal information, e.g. where on any occasion you have logged in, followed a link sent to you by email or we have otherwise been able to identify you.
Our online services may contain links to other sites. We are not responsible for the privacy practices or policies of those sites and recommend that you review their privacy policies.
If you wish to access or correct any personal information we hold about you or have any feedback or concerns about privacy, please contact us as set out below. Where you seek a response from us, we will let you know who will be handling your matter and when you can expect a full response.
In the case of access and correction requests, please provide as much detail as you can about the particular information you seek, in order to help us retrieve it. Under the Privacy Act and other relevant laws, we are required to provide our reasons if we refuse your request. Where we decide not to make a requested correction and you disagree, you may ask us to make a note of your requested correction with the information.
For information about privacy generally, or if your concerns are not resolved to your satisfaction, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au and on 1300 363 992.
Queries regarding privacy should be directed to the Coles Privacy Officer:
Phone: 13 1116
Post: 800 Toorak Road
Hawthorn East VIC 3123
When you register with Coles Group & Myer Corporate Services, your information is stored in a safe and secure environment. When you place a Gift Card order, it is sent to our supplier partners in an encrypted form using Secure Sockets Layer (SSL) technology. SSL technology is the standard form of encryption that is used by major banking institutions and e-commerce websites.
When you sign in to any service that we may offer on this site, the information collected is compared with the details we stored when you first registered with us for that service.
When submitting feedback or questions via email, it is very important that you do not disclose any details that could be used by others to gain access to your personal information. This includes your card number and any PINs or passwords.
Please make sure you secure your card numbers, PINs and passwords at all times.
Our site contains links to other sites. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the privacy practices of third parties or the content of other web sites to which you provide your personal information. Please take care at all times to check whose site you are visiting.
We use high security levels for our online services. We use security levels which are standard for Internet banking and large scale e-commerce sites. You can check the security level of a web page by clicking on your internet browser's padlock or key icon.
Encryption is the standard way of protecting your information as it is transmitted between you and us. This involves converting the information into an unreadable code using a "key" (and also de-coding it using this "key"). The longer the key, the more difficult it is for others to break the encrypted code.
From time to time and in line with customer expectations and legislative changes, our privacy and security policies and procedures will be reviewed and, if appropriate, updated. You should therefore check this Privacy and Security Notice every time you propose to use our website or submit information to us.