Privacy & Data Processing Policy

1. Introduction & Data Controller

This Privacy Policy outlines the operational procedures of Mill & Hide regarding the collection, routing, and securing of personal data. As a premium lifestyle and agricultural retail entity, maintaining the trust of our clients and adhering to the Australian Privacy Principles (APPs) and international spam regulations is our highest priority.

Data Controller Identity:
Mill & Hide
Attn: Kate Lenehan, Director of Digital Operations
125 Comur Street, Yass, NSW 2582, Australia

2. Data Collection Vectors

We operate a strict "Zero-Party" data policy. We do not purchase, scrape, or harvest data from external sources. Data is acquired explicitly through the following secure channels:

2.1 E-Commerce Transactional Checkout

When initiating a purchase on millandhide.com for home goods, saddlery, or fashion items, we collect essential routing data via TLS 1.3 encrypted sessions:

• Identity Data: First name, Last name.
• Contact Data: Billing address, Shipping address, Email address, Phone number (strictly for courier delivery alerts).
• Financial Data: Processed directly via PCI-DSS compliant gateways (e.g., Stripe, Shopify Payments). We do not store raw credit card numbers on our infrastructure.

2.2 In-Store Point of Sale (POS)

At our physical dispatch location in Yass, NSW, customers may opt-in to receive digital tax invoices. Email addresses are manually entered into our secure POS terminal by authorized cashiers and are tagged with source: POS_receipt_only to prevent any unauthorized marketing utilization.

3. Purpose of Data Processing (System Routing)

The email addresses and contact information collected are injected into our routing infrastructure exclusively for fulfillment, security, and legal obligations.

• Transactional Alerts: Order confirmations, digital receipts (Tax Invoices), and refund processing notifications.
• Logistics Webhooks: Real-time automated alerts regarding package dispatch, tracking links, and delivery confirmations.
• Security (Infosec): Transmission of Account Verification links (Double Opt-In), Password Reset tokens, and Two-Factor Authentication (2FA) codes.

Note on Marketing: Any promotional communication requires an explicit, secondary "opt-in" action (unchecked by default). Marketing and Transactional data streams are separated at the infrastructure level to protect our primary IP reputation.

4. Third-Party Disclosures & Sub-Processors

Mill & Hide explicitly prohibits the sale, rental, or brokering of personal data. Data is only routed to vetted third-party sub-processors required to complete the physical delivery of goods or systemic operations:

• Logistics Providers: Australia Post, FedEx, or specialized agricultural freight services (name, address, and phone number for delivery coordination).
• Tier-1 Email Service Providers (ESPs): Dedicated transactional routing engines (e.g., Mailgun) utilized solely for delivering the critical system alerts defined in Section 3.

5. Encryption & Data Security

Our infrastructure employs enterprise-grade security protocols to prevent unauthorized access, alteration, or data leaks:

• Data at Rest: Encrypted using AES-256 standard within our secured databases.
• Data in Transit: All API payloads, webhook transmissions, and user sessions are enforced via TLS 1.2 or TLS 1.3.
• Access Control: Administrative access to our database and ESP logs is restricted via IP-whitelisting and strict Role-Based Access Control (RBAC).

6. User Access & Right to Erasure

In accordance with global privacy standards, individuals retain full control over their personal data residing on our infrastructure.

• Right to Access: You may request an exported log of your historical transactional data and digital receipts.
• Right to be Forgotten (Erasure): You may request the permanent deletion of your profile. Please note that we are legally obligated to retain specific fiscal records (Tax Invoices) for a period of up to 7 years to comply with the Australian Taxation Office (ATO).