Privacy Policy
Last updated 19 April 2026
Who we are
Nepal Harvest ("we", "us") operates the website at www.nepalharvest.com.au (the "Site"). This policy explains how we handle personal information under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
Questions: call 0426 819 417, email info@nepalharvest.com.au, or use the contact options on our Contact page.
What we collect
We may collect:
- Identity & contact: name, phone number, email address, delivery or pickup details you provide.
- Order & account data: items purchased, cart activity where logged-in, payment references (payments are processed by our payment providers — we do not store full card numbers on our servers).
- Communications: messages you send via forms, chat, or messaging apps when you contact us.
- Technical data: IP address, device/browser type, general location derived from IP, pages viewed, and timestamps — via cookies and similar technologies (see Cookies).
Why we use personal information
We use personal information to:
- process and deliver orders, and provide customer support;
- operate accounts (including authentication where offered);
- send service messages (for example, order updates);
- improve the Site, stock accuracy, and security;
- comply with law and assist regulators where required.
Where we rely on consent (for example, certain marketing emails or non-essential cookies), you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
Disclosure
We may disclose personal information to:
- Service providers who help us run the Site and our business (for example, hosting, database/auth, email delivery, analytics, and payment processing), subject to confidentiality and security arrangements.
- Professional advisers where required (for example, accountants or lawyers).
- Authorities when required or permitted by Australian law.
We do not sell your personal information. We do not use or disclose it for purposes unrelated to the above without notice where required.
Overseas disclosure
Some of our service providers may store or process data outside Australia (for example, in the United States or the European Union). Where we disclose personal information overseas, we take steps that are reasonable in the circumstances to ensure overseas recipients handle it in accordance with the APPs, having regard to the nature of the information and any contractual or other safeguards available.
Security
We implement reasonable technical and organisational measures to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. No online service is completely secure; please use strong passwords and protect your devices.
Access & correction
You may request access to personal information we hold about you and ask us to correct inaccurate, out-of-date, incomplete, irrelevant, or misleading information. We will respond within a reasonable period. In limited circumstances we may refuse access — if so, we will explain why and how you may complain.
Complaints
If you believe we have mishandled your personal information, contact us first using the details above. If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
Retention
We retain personal information only as long as needed for the purposes above, to meet legal obligations (for example, tax and consumer records), and to resolve disputes. When no longer required, we take reasonable steps to de-identify or destroy it securely.
Updates
We may update this policy from time to time. The "Last updated" date will change and, where changes are material, we will take additional steps that are reasonable in the circumstances (for example, a notice on the Site).