Privacy Policy

K & K Aus Pty Ltd
Last Updated: 18 April 2025


1. Introduction
At K & K Aus Pty Ltd (ABN 81 672 227 299), we are deeply committed to protecting the privacy and confidentiality of all individuals and businesses with whom we engage. This Privacy Policy outlines how we collect, store, use, and protect your personal and business information in strict compliance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). We recognise the importance of data privacy and are dedicated to upholding the highest standards of data protection. This Policy is a foundational document, reflecting our commitment to transparency and accountability in all data handling practices.


2. Scope and Application
This Privacy Policy applies to all personal and business information collected through our corporate website (kkaus.co), internal systems, communication channels (including email, phone, and social media), and any other interactions you have with K & K Aus Pty Ltd. Crucially, this Policy extends to its affiliated brand, Aleeya.au (aleeya.au), as both entities operate under a shared data infrastructure and centralised internal systems. This unified approach ensures consistent data management, storage, and privacy practices across both brands. While this Policy provides a holistic overview, specific processes may be detailed in supplementary documentation relevant to particular services or interactions. Any deviations from this Policy will be explicitly communicated.
 
3. Information We Collect
In order to facilitate optimal service delivery, maintain regulatory compliance, and drive continuous improvement across all business functions, K&K Aus. systematically collects and retains a range of personal and business information. This section provides a granular delineation of the data categories captured, the sources from which it is derived, and the rationale underpinning its collection. We are committed to data minimisation, ensuring we only process information which is demonstrably necessary for legitimate business purposes, as outlined below.

3.1 Categories of Information Collected
We may collect and retain the following categories of personal and business information:

  • Contact Information: This encompasses core identifying data, including full names, postal addresses, email addresses, and telephone numbers. We utilise this data for essential communications, order fulfilment, service provision, and account management.
  • Business Identification Data: For business-to-business interactions and supplier relationships, we collect key organisational details. This includes, but is not limited to, Australian Business Numbers (ABN), Australian Company Numbers (ACN), officially registered company names, trading names, business addresses, and relevant contact personnel. This data is critical for accurate invoicing, legal compliance, and effective supply chain management.
  • Communication Records: We maintain a comprehensive record of all communications with individuals and organisations. This includes all email correspondence, telephone logs, written enquiries submitted via our website or other channels, and records of service requests, complaints, and resolutions. These records serve as an audit trail, facilitate consistent customer service, and enable effective dispute resolution.
  • Supplier and Customer Account Data: To ensure seamless transactional processes, we collect and retain detailed account data for both suppliers and customers. This encompasses order histories, invoices (including details of goods or services provided, pricing, and payment terms), payment records (handled securely, as detailed in Section 6), credit information (where applicable and with appropriate consent), and any associated contractual agreements.
  • Internal Tracking and Compliance Data: For internal operational efficiency and to meet our statutory obligations, we collect internal tracking information. This includes audit logs, system usage data, data relating to compliance procedures (e.g., Know Your Customer (KYC) documentation), and records of employee training and qualifications. This data is essential for maintaining data integrity, ensuring adherence to regulatory standards, and mitigating risk.
  • Website Usage Data & Digital Footprint Analysis: We utilise analytics tools and cookie tracking technologies to gather data relating to website traffic, user behaviour, and browsing patterns. This data encompasses IP addresses, browser types, device information, referring URLs, pages visited, and dwell times. This information is crucial for understanding user engagement, optimising website performance, enhancing the user experience, and informing our digital marketing strategies. Users should consult our Cookie Policy (available on kkaus.co) for detailed information regarding our cookie usage and opt-out mechanisms.
     

3.2 Categories of Data Subjects

We collect personal information from the following categories of individuals:

  • Customers: Individuals who purchase products or services directly from K&K Aus. Data collected from customers extends beyond basic contact information to include purchase history, preferences, and any communication relating to their transactions.
  • Website Visitors: Individuals who browse our website, kkaus.co, even if they do not make a purchase or directly interact with us. Data collected from website visitors is primarily focused on website usage patterns and analytics, as described above.
  • General Public: Individuals who contact us via email, telephone, post, or other means, even if they are not customers or employees. This includes prospective clients, media representatives, and individuals making general enquiries.
     

3.3 Types of Personal Information Collected
The following provides a more granular breakdown of the specific types of personal information we collect:

  • Contact Information: Full names, residential addresses, billing addresses, email addresses, telephone numbers (including mobile numbers).
  • Technical Information: IP addresses, browser types, operating system details, device identifiers, browser language preferences, referring URLs, and browsing history on kkaus.co (including pages visited, links clicked, and time spent on each page).
  • Transactional Information: Order details (including products or services ordered, quantities, and pricing), payment information, shipping addresses, invoice details, and order confirmation details.

We remain fully committed to data protection principles and adhere to all relevant privacy legislation. Data will be processed fairly, lawfully and transparently, and retained only for as long as necessary for the specified purposes. Individuals have the right to access, rectify, and erase their personal data, as outlined in our Privacy Policy.
 
4. Your Consent & Marketing Communications
At K&K Aus., we are steadfastly committed to respecting your privacy and controlling your communication preferences. We operate under a strict opt-in policy for all marketing communications, meaning we will only send you promotional materials, newsletters, or other marketing content if you have provided us with explicit and freely given consent to do so. This consent is actively sought at the point of data capture – whether through website forms, purchase transactions, or direct interactions with our sales team – and clearly articulates the types of communications you will receive.
We recognise that communication preferences can change, and you retain the absolute right to withdraw your consent at any time. This can be achieved through several convenient mechanisms:

  • Unsubscribing from Email Communications: Every marketing email we send will contain a clear and readily accessible unsubscribe link. Simply click this link to automatically remove yourself from our mailing list.
  • Direct Contact: You can contact us directly via email (details available on kkaus.co), telephone, or postal mail to request withdrawal of your consent.
  • Account Management (Where Applicable): If you have an online account with K&K Aus., you can manage your communication preferences directly within your account settings.
    We are fully compliant with all relevant data protection regulations regarding consent management and will diligently maintain records of all consents obtained.


Data Sharing & Third-Party Disclosure:
We understand the importance of safeguarding your personal information and operate under a strict policy of data minimisation. We do not sell, rent, or share your personal data with any third parties for their own marketing purposes.
However, there are limited circumstances where we may be required to disclose your information:

  • Legal Compliance: We may be legally compelled to disclose your information to comply with applicable laws, regulations, or legal processes (e.g., a court order or subpoena).
  • Contractual Obligations: We may share your information with service providers who assist us in performing essential business functions, but only under strict contractual agreements that ensure the confidentiality and security of your data. These service providers may include (but are not limited to) payment processors, hosting providers, and shipping companies.
  • Business Transfer: In the unlikely event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred as part of the transaction, subject to appropriate safeguards.
  • Performance of Our Jobs: When requested to do so, and lawful to do so.
    We will always endeavour to inform you if we are required to disclose your information, unless prohibited by law.
     

5. Use of Google Analytics
K&K Aus. utilises Google Analytics, a web analytics service provided by Google, LLC (“Google”), to gain valuable insights into how users interact with our website, kkaus.co. This data is crucial for us to continuously improve website functionality, enhance user experience, and optimise our online performance.

Data Collected by Google Analytics:
Google Analytics collects a range of non-personally identifiable information, including:

  • Website Traffic Statistics: Total number of visitors, page views, sessions, bounce rate, average session duration.
  • User Behaviour: Pages visited, links clicked, time spent on each page, user navigation paths.
  • Technical Information: Device type (desktop, mobile, tablet), operating system, browser type, screen resolution, language settings.
  • Referral Sources: How users arrived at our website (e.g., direct link, search engine, social media).
  • Geographical Information: General location of users (e.g., country, city – aggregated and anonymised).
  • Demographic Information: Age range and gender (estimated, aggregated and anonymised).
  • Data Anonymisation & Aggregation:

It is crucial to emphasise that Google Analytics is configured to anonymise IP addresses and aggregate data, meaning that no personally identifiable information is collected or stored. We do not track individual users or collect any information that could be used to identify you personally.

Data Usage:
The data collected by Google Analytics is used exclusively for the following purposes:

  • Website Improvement: Identifying areas where we can improve website usability, content, and functionality.
  • Performance Analysis: Monitoring website performance metrics (e.g., page load times, bounce rate) and identifying areas for optimisation.
  • User Experience Enhancement: Understanding how users navigate our website and identifying opportunities to improve their overall experience.
  • Marketing Effectiveness: Measuring the effectiveness of our online marketing campaigns.

Data Security:
Google employs robust security measures to protect the data collected by Google Analytics. We have no direct access to the raw data collected by Google and rely on their security infrastructure.

Your Control & Opt-Out Options:
You have several options to control the data collected by Google Analytics:

  • Google Analytics Opt-Out Browser Add-on: You can install the Google Analytics Opt-Out Browser Add-on (available at https://tools.google.com/dlpage/gaoptout/ ) to prevent Google Analytics from collecting any information about your browsing activity.
  • Browser Settings: You can configure your browser settings to block cookies or other tracking technologies.
  • Privacy Settings: You can review and adjust your privacy settings within your Google account.
    For further information regarding Google’s data privacy practices, please refer to their Privacy Policy: https://policies.google.com/privacy . You may also refer to Google’s information regarding their use of data as it relates to partner sites at: https://policies.google.com/technologies/partner-sites .

 
6. Cookie Usage
At K&K Aus., we employ cookies and similar tracking technologies to optimise your experience on our website, kkaus.co, and to gather valuable, anonymised insights into how users interact with our content. Cookies are small text files that are stored on your browser or device when you visit a website. They serve a variety of functions, from enabling core website functionality to providing a more personalised experience. We are committed to transparency regarding our cookie practices and provide you with the information necessary to manage your preferences.


What Types of Cookies Do We Use?
We utilise a combination of first-party and third-party cookies, categorised by their purpose, as outlined below:

  • Essential Cookies (Strictly Necessary Cookies): These cookies are critical for the operation of our website and enable core functionality. Without these cookies, certain features of our website may not function correctly. They include:
  • Session Cookies: These temporary cookies are used to remember your session, such as items added to your shopping cart or login information, while you navigate our website. They expire when you close your browser.
  • Authentication Cookies: These cookies verify your identity and allow you to securely access your account.
  • Security Cookies: These cookies help protect against fraudulent activity and ensure the security of your data.
  • Performance Cookies (Analytics Cookies): These cookies collect information about how visitors use our website, such as the pages visited, the time spent on each page, and the links clicked. This data is aggregated and anonymised, meaning it cannot be used to identify individual users. We utilise these cookies to:
  • Improve Website Performance: Identify and address technical issues that may affect website speed or usability.
  • Analyse User Behaviour: Understand how users interact with our content and identify areas for improvement.
  • Measure Marketing Effectiveness: Track the performance of our online marketing campaigns

We use Google Analytics for these purposes.

  • Functionality Cookies (Preference Cookies): These cookies allow our website to remember your preferences and settings, such as your language, currency, and location. They enhance your user experience by providing a more personalised and convenient browsing experience. These include:
  • Language Preferences: Remember your preferred language for future visits.
  • Currency Preferences: Remember your preferred currency for pricing and transactions.
  • Regional Preferences: Remember your location for providing relevant content and offers.
  • Customisation Settings: Remember any customisation settings you’ve made to the website’s appearance or layout.

How to Control Cookies:
You have the right to control how cookies are used on our website. You can manage your cookie preferences through your browser settings. Most browsers allow you to:

  • Block all cookies: This may significantly affect the functionality of our website.
  • Block third-party cookies: This will prevent third-party advertisers and analytics providers from tracking your browsing activity.
  • Clear existing cookies: This will remove all cookies that have been stored on your browser.
  • Set preferences for specific websites: This allows you to control which websites can store cookies on your browser.
    For more information on how to manage cookies, please refer to your browser’s help documentation.

Cookie Duration:
Cookies vary in their duration. Session cookies expire when you close your browser, while persistent cookies remain on your device for a specific period of time, as defined in the cookie itself.
 
7. Data Security
At K&K Aus., the security of your personal information is paramount. We are committed to implementing and maintaining robust security measures to protect your data from unauthorised access, use, disclosure, alteration, or destruction. We continually assess and refine our security protocols to address evolving threats and ensure the confidentiality and integrity of your information.

  • Our Security Measures:
    We employ a multi-layered approach to data security, incorporating the following measures:
  • Secure Storage: Your personal information is stored on secure servers located in Australia, protected by physical and logical security controls. These servers are regularly monitored for vulnerabilities and undergo routine security audits.
  • Encryption: We utilise industry-standard encryption technologies, such as TLS/SSL, to protect sensitive information, such as payment details, login credentials, and personal identification information, both in transit and at rest. This ensures that even if intercepted, your data remains unreadable to unauthorised parties.
  • Access Control: Access to your personal information is strictly limited to authorised personnel who require it to perform their duties. We implement robust access control mechanisms, including multi-factor authentication and role-based access control, to ensure that only authorised individuals can access sensitive data.
  • Regular Security Assessments: We conduct regular security assessments, including vulnerability scanning, penetration testing, and security audits, to identify and address potential vulnerabilities in our systems and applications. These assessments are conducted by both internal security experts and third-party security professionals.
  • Data Minimisation and Retention: We adhere to the principle of data minimisation, collecting only the personal information that is necessary for legitimate business purposes. We retain personal information only for as long as is necessary to fulfil those purposes, after which it is securely deleted or anonymised.
  • Data Breach Response Plan: We have a comprehensive data breach response plan in place to address any security incidents that may occur. This plan outlines the steps we will take to contain the breach, notify affected individuals, and restore our systems and data.
  • Employee Training: Our employees receive regular training on data security best practices and are responsible for protecting the confidentiality and integrity of your personal information.
    We are committed to continuously improving our security measures and staying abreast of the latest security threats and technologies. We take data security seriously and will continue to invest in protecting your information.
     

8. Data Retention Policy
At K&K Aus., we recognise that responsible data management necessitates a clearly defined and rigorously enforced data retention policy. We are committed to retaining personal and business information only for as long as is demonstrably necessary to fulfil the legitimate purposes outlined in this Privacy Statement, adhering strictly to legal and regulatory obligations, and maintaining the integrity and quality of our data. This policy details the specific retention periods for various categories of information, ensuring compliance with relevant legislation Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).
We employ a tiered approach to data retention, reflecting the varied legal and business requirements associated with different types of information. These tiers are subject to periodic review to ensure ongoing compliance and alignment with best practices.

Detailed Retention Schedules:

  • Financial Records & Transactional Data: We retain comprehensive financial records, including invoices, payment details, and accounting documentation, for a minimum of seven (7) years to meet stringent tax obligations as mandated by ATO and to facilitate regulatory audits. This retention period begins from the end of the relevant financial year. Beyond the initial seven-year period, data may be retained for a further period if it is required to defend against legal claims or to comply with ongoing audit requirements. Data is archived securely in an encrypted format and access is strictly controlled.
  • Supplier & Customer Records: Supplier and customer records, including contact information, contract details, purchase history, and performance data, are retained for a minimum of six (6) years following the termination of our business relationship. This extended retention period supports product traceability, ensures quality assurance, facilitates business continuity, and enables us to fulfil warranty obligations. Indefinite retention may apply to key contractual agreements or records demonstrating critical business relationships, particularly those with long-term implications for product liability or intellectual property. Such records are subject to periodic review and justification.
  • Enquiries, Communications & Contact Details: Records of general enquiries, customer service interactions, and contact details are retained for a minimum of two (2) years from the date of the last interaction. This retention period allows us to provide effective customer support, respond to follow-up requests, and analyse communication trends to improve our services. Consent-based communications (e.g., marketing subscriptions) will be retained until explicit withdrawal of consent.
  • Website & Application Usage Data: Data collected through our website and applications, including IP addresses, browser types, and usage patterns, is retained for twelve (12) months for analytical purposes, to improve website functionality, and to detect and prevent fraudulent activity. This data is anonymised and aggregated where possible to protect user privacy.
  • Data Disposal & Anonymisation:
    When data is no longer required, we ensure its secure deletion or anonymisation. Secure deletion involves permanently removing data from our systems using approved data sanitisation techniques. Anonymisation involves removing personally identifiable information (PII) from data, rendering it impossible to re-identify individuals. We regularly review and update our data disposal procedures to ensure compliance with industry best practices and regulatory requirements. A comprehensive audit trail is maintained to document all data disposal activities.


9. Your Rights
At K&K Aus., we are committed to transparency and empowering individuals with control over their personal information. You possess a range of rights regarding your personal data, underpinned by applicable data protection legislation such as Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). We are dedicated to facilitating the exercise of these rights in a timely and efficient manner.

Detailed Explanation of Your Rights:

  • Right to Access (Subject Access Request): You have the right to request confirmation of whether we are processing your personal information, and to obtain a copy of that information. This includes details of the purposes of processing, the categories of personal data concerned, and the recipients to whom the data has been disclosed.
  • Right to Correction (Rectification): You have the right to request that we correct any inaccurate or incomplete personal information we hold about you. We will promptly investigate and rectify any inaccuracies identified.
  • Right to Deletion (Erasure – ‘Right to be Forgotten’): You have the right to request that we delete your personal information in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected, you withdraw your consent (where consent is the basis for processing), or the processing is unlawful. However, this right is subject to certain limitations, such as our legal obligations to retain data for regulatory or legal purposes.
  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal information in certain circumstances, such as when you dispute the accuracy of the data, or the processing is unlawful. Restriction of processing means that we will only process your data with your consent or for the establishment, exercise, or defence of legal claims.
  • Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format, and to transmit that data to another data controller. This right applies to data that you have provided to us with your consent or that is necessary for the performance of a contract.
  • Right to Object: You have the right to object to the processing of your personal information in certain circumstances, such as when we are relying on legitimate interests as the basis for processing, or for direct marketing purposes.

Exercising Your Rights:
To exercise any of these rights, please contact our Data Protection Officer (DPO) at info@kkaus.co. We will respond to your request within one month and provide you with a clear explanation of our actions.

  • Verification & Authentication:
    To ensure the security of your personal information, we may require you to provide proof of identity before fulfilling your request. We may also ask you to provide sufficient information to allow us to locate your data.
  • Limitations:
    Please be aware that certain limitations may apply to your rights, such as legal obligations to retain data for regulatory or legal purposes. We will inform you of any such limitations in our response.
  • Complaints:
    If you are not satisfied with our response to your request, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.
     

10. Changes to This Privacy Statement
At K&K Aus., we are committed to maintaining the transparency and accuracy of our Privacy Statement. Consequently, this document is subject to periodic review and may be updated to reflect evolving legal obligations, refinements in our business practices, the implementation of new technologies, or changes in industry best practices concerning data protection. We recognise the importance of keeping you informed of any such modifications.

  • Notification of Updates:
    We will provide notice of significant changes to this Privacy Statement through several channels to ensure broad reach and comprehension. These channels include:
  • Email Notification (Where Applicable): If the changes materially affect how we process your personal information and we have a direct email relationship with you, we will send a dedicated email notification outlining the key updates and providing a link to the revised statement. This email will be sent within 7 days of the publication date.
  • Specific Notice for Existing Contracts: Where changes to this Privacy Statement impact the processing of personal data under existing contracts, we will provide specific notice to the relevant contracting parties, outlining the changes and any required actions.
  • Version Control & Archiving:
    To ensure accountability and transparency, we maintain a comprehensive version control system for this Privacy Statement.
  • Document History: Each revision of the Privacy Statement will be clearly identified with a unique version number and a ‘last updated’ date.
  • Archived Versions: Previous versions of the Privacy Statement will be archived and readily accessible on our website for a period of three years. This allows you to review the policies that were in effect at a specific point in time. The archived versions will be clearly labelled with their effective dates.
  • Summary of Changes: For major revisions, we will include a ‘Summary of Changes’ section at the beginning of the updated document, outlining the key modifications made since the previous version. This provides a quick overview of what has changed and allows you to focus on the most relevant areas.
  • Effective Date:
    Any updates to this Privacy Statement will take effect immediately upon publication, as indicated by the ‘Last Updated’ date. Continued use of our services after the effective date constitutes your acceptance of the revised Privacy Statement. We encourage you to review this document regularly to stay informed of our data protection practices.

 

11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Statement, the processing of your personal information, or wish to exercise any of your data subject rights as outlined in Section 9, please do not hesitate to contact us through the following channels. We are committed to providing a prompt and comprehensive response to all inquiries.


K & K Aus Pty Ltd Unit 1, 19–23 Kylie Place, Cheltenham VIC 3192, Australia
General Inquiries: info@kkaus.co
This email address is monitored regularly by our customer support team. Please allow 14 business days for a response.
Postal Mail: Please address all correspondence to the physical address provided above, clearly marking it “Privacy Inquiry” or “Data Protection Request”.