Skip to main content

Last updated: 09/12/2025

We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose and safeguard your information in accordance with the Privacy Act 1988 (Cth), Australian Privacy Principles (APPs), and other applicable Australian laws.

By using our website, you agree to the terms outlined in this Privacy Policy.

Who we are

Our website address is: https://horsleywholesale.mdz.com.au.

This website is operated by Horsley Wholesale PTY LTD, an Australian business located in New South Wales (NSW).

We operate an online store powered by WordPress and WooCommerce, which requires the collection and processing of personal information to fulfil orders, provide customer service, and improve user experience.

For privacy-related enquiries, please contact:
wayostation@outlook.com
21 Finlay Rd Goulburn NSW 2580

What personal data we collect

We collect personal information for business, operational, and legal purposes. This may include:

  • Name

  • Billing and shipping addresses

  • Email address

  • Phone number

  • Payment information (processed securely by third-party gateways; we do NOT store full credit card details)

  • Order history

  • Account login details

  • Customer support messages

  • IP address, browser data and analytics

  • Information required to comply with Australian laws

WooCommerce also collects data required to process transactions, shipping, taxes, and refunds.

Comments

When visitors leave comments on the site, we collect the data shown in the comments form, as well as:

  • IP address

  • Browser user agent string (to assist spam detection)

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, avoid uploading images with embedded location (EXIF GPS) data.
Visitors may be able to download and extract location data from website images. 

Cookies

Our website uses cookies to improve your experience.

Cookies are used to:

  • Remember your cart contents

  • Maintain your login session

  • Track browsing preferences

  • Assist WooCommerce in processing orders

  • Monitor performance and analytics

  • Prevent fraud and security threats

WooCommerce may set cookies such as:

  • woocommerce_cart_hash

  • woocommerce_items_in_cart

  • wp_woocommerce_session_

  • Various session and preference cookies

You can choose to block cookies in your browser, but this may affect website functionality.

 If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles or pages on this site may include embedded content such as:

  • Videos

  • Images

  • Social media posts

  • Maps

  • Widgets

  • External product content

Embedded content behaves as though you have visited the external website directly. These websites may collect data, use cookies, embed third-party tracking, and monitor your interaction.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

We do not sell your data.
However, we may share personal information with trusted third parties to operate our business, including:

  • Payment processors (e.g., Stripe, PayPal, Afterpay)

  • Shipping carriers and logistics partners

  • Email marketing platforms (e.g., MailChimp, Klaviyo)

  • Accounting and tax software

  • Spam detection services

  • Website hosting providers

  • Analytics and performance tools (e.g., Google Analytics)

  • Security and firewall tools

These third parties are required to handle your data in accordance with privacy and security standards.

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected.

Typical retention periods include:

  • Order records: 7 years (to comply with Australian tax and legal requirements)

  • Customer account information: retained until you request deletion

  • Comments and metadata: retained indefinitely

  • Contact forms: retained for customer service purposes

  • Analytics data: retained as per third-party provider policy

  • Security logs: generally retained for 30–180 days

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

Under Australian privacy law, you have the right to:

  • Request access to your personal information

  • Request corrections to inaccurate information

  • Request deletion of your data (where legally permissible)

  • Request information about how your data is handled

  • Withdraw email marketing consent at any time

  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

To exercise these rights, contact us at wayostation@outlook.com

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

our data may be transferred to:

  • Hosting servers (which may be located overseas)

  • Payment processors

  • Spam detection and security services

  • Cloud-based storage providers

  • Analytical or marketing tools

We only use reputable providers that comply with strict data protection requirements.

Visitor comments may be checked through an automated spam detection service.

How We Protect Your Data

We take reasonable steps to safeguard your personal information, including:

  • Secure server hosting

  • SSL encryption

  • Restricting access to authorised staff only

  • Regular website security scans

  • Two-factor authentication on admin accounts

  • Firewalls and malware detection tools

  • Backup and recovery procedures

Data Breach Procedures

In the event of a data breach, we will:

  1. Assess the nature and severity of the breach

  2. Attempt to immediately secure compromised data

  3. Notify affected customers where required

  4. Notify the Office of the Australian Information Commissioner (OAIC) if the breach meets the threshold under the Notifiable Data Breaches Scheme

  5. Review and improve protective measures

Industry Regulatory Disclosure Requirements

We may disclose personal information if required to comply with:

  • Australian laws

  • Tax and accounting obligations

  • Fraud prevention

  • Court orders or government agencies

  • Law enforcement requests

E-Commerce & WooCommerce Data Handling

WooCommerce stores data necessary to process your orders, including:

  • Products viewed and added to cart

  • Order notes

  • IP address and location for tax/anti-fraud

  • Shipping and billing details

  • Account login activity

  • Payment method selections

Payment gateways process your payment externally — we never store full credit card numbers.

Email Marketing & Consent (Spam Act 2003)

By subscribing to our emails, creating an account, or purchasing from us, you consent to receive:

  • Order updates

  • Product information

  • Promotions or newsletters (optional)

You can unsubscribe at any time using the link in any email.

We comply with the Spam Act 2003 (Cth).

Your Contact Information

For privacy matters, please contact:

Horsley WHolesale PTY LTD
wayostation@outlook.com
ABN: 83 616 924 942
21 Finlay Rd Goulburn NSW 2580

17. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated “Last Updated” date.

Your continued use of the website constitutes acceptance of any revisions.