privacy policy

Last Updated on: 12 September 2025

a. general information

1. our privacy commitment to you

We understand the importance of, and are committed to, protecting your Personal Data. This Privacy Policy explains how we collect, manage and disclose your Personal Data and is designed to build trust in us regarding the collection and use of any Personal Data provided to us by you.

Please take a moment to read our Privacy Policy as it describes what Personal Data we have, where it goes, and how such information is used when you interact with us or use any of our websites or app in Australia ("Websites" or "App").

In this Privacy Policy:

• "APPs" means the Australian Privacy Principles set out in the Privacy Act 1988 (Cth);

• "Personal Data" has the same meaning as 'personal information' set out in the Privacy Act and (in summary) means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or otherwise;

• "Privacy Act" means the Privacy Act 1988 (Cth); and

• "Sensitive Personal Data" has the same meaning as 'sensitive information' set out in the Privacy Act, and includes certain specific types of Personal Data such as health information, and information about a person's racial or ethnic origin, sexual orientation or practices, criminal record, religious beliefs or affiliations, political opinions, membership of a political, professional or trade association, and biometric and genetic information.

2. about us

For purposes of this Privacy Policy, "we" "us" and "our" refers to:

• Australia Homeware Enterprise Pty Ltd;

• AHE Global Pty Ltd;

• DIY Resolutions Pty Ltd, which includes Connected Spaces, Flatpax, Groove Furniture, Inabox, Kaboodle Kitchen;

• DIY NZ Pty Ltd;

• Kinetic Sourcing Group Pty Ltd, which includes Evekare, Kwiksemble, Enduraseal, Shaw and Mason, D’Lucci, Smartex and Gastite;

• Australian Brushware Corporation Pty Ltd, which includes Monarch and Pro Renovator;

• Hardware Lane Distributors Ltd (a UK company); and

• their related entities,

(together, the 'Group').

The Group was founded in Australia and works hard to do things in an orderly, organised and correct way, offering solutions and services to home-organising enthusiasts in Australia, New Zealand, the UK and the US.

b. collection of personal data and purposes of use

The Personal Data we collect is generally determined by the nature of your interaction with us, our partners, or our service providers, who assist us in hosting, managing and/or presenting content to you on our Websites and App, process and fulfill any orders, market our goods and services and process payments. We may also utilise third-party service providers for marketing efforts across the internet, including social media platforms.

a. how do we collect personal data?

We collect Personal Data from a variety of people, such as employees, job candidates, potential customers, customers, participants at our events (in-person or virtual), business partners and their employees, advisors, and contractors who:

i. Visit our Websites, or purchase or order our goods and/or services on our Websites;

ii. Purchase or order our goods and services at third-party locations where our products are sold or displayed;

iii. Contact us, including submitting any inquiry about our goods and/or services, providing feedback, making a complaint or seeking a refund, whether via email, phone call, text, or mail;

iv. Access or use the Websites or our App, including logging into your account, viewing our content or publications and to take or store photos;

v. When you interact with an AI Chatbot on our App or Websites;

vi. When utilising the 'QR code' feature on our App to take or upload pictures or photos and link them to a QR code sticker affixed to our storage containers;

vii. Register, attend and/or take part in our events, competitions, trade promotions and contests that we hold;

viii. Subscribe to our mailing lists, or use our online applications, (where applicable);

ix. Interact with the content we post on social media platforms;

x. Work with us, or apply to work with us, view, or share job postings;

xi. Participate in online or recorded meetings or events;

xii. Engage with our customer service, sales team, or any other of our employees;

xiii. Request a quotation for a service provided by a third party that we use to deliver a service to you; or

xiv. Work at a partner or supplier of ours and interact with us in the course of doing business or contemplating doing business with us.

Where it is reasonably practical to do so, we will collect your Personal Data directly from you. However, we may collect your Personal Data from a variety of other sources, including but not limited to:

i. Publicly available sources (such as Government bodies, online search platforms, social media or other available sources);

ii. Our service providers;

iii. Our business partners;

iv. Third-party advertisers;

v. Social media, such as aggregated data from our posts and your interactions on our accounts;

vi. The device used when you download or use the App or visit our Websites;

vii. Anyone you have authorised to give your personal information to our company, or anyone you have given your authority to act on your behalf; and

viii. Any person who provides information to our company for law enforcement and/or loss prevention purposes.

If we collect Personal Data about you from a third party we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information as set out in this Privacy Policy.

b. what types of personal data do we collect?

We commonly collect the following types of Personal Data:

i. Identifying Information: When you create a profile, make a purchase, take advantage of offers, or communicate with us, we may collect the following types of information about you:

1. your name, date of birth, age, gender or sex;

2. your contact details, such as residential or business address, postal or zip code, email and telephone number(s);

3. your employment details;

4. your identification information, including your signature, driver's licence numbers, passport number and any other identification;

5. your vehicle's registration number;

6. your financial information, such as your bank details, your credit card details and your credit history;

7. if you are applying for a job with us, details of your previous employment, qualifications and/or similar information; and

8. in the case of a supplier or contractor, your company name or other business details.

ii. Event Information: When you sign up for events, we may collect your name, contact information and mailing address.

iii. Online Account Information: When you sign up for an account with us, we may collect a username, password and security question answers from you, in order to protect our services and for your security.

iv. Photos and Pictures: The App works in conjunction with physical QR code stickers to help individuals effortlessly organise and track their belongings. When utilising the 'QR code' feature on the App, you may choose to take or upload a photo or picture and link them to a QR code sticker affixed to our storage containers. We will collect and store any photos or pictures you choose to upload to the App, including any Personal Data captured in such photos or pictures. Photos or pictures uploaded by App users are only accessible only by the account holder. We do not enable users to access photos or pictures uploaded by another user and we do not access, use or analyse data within any photos or pictures uploaded to the App.

v. Demographic Information: When you take part in a contest, trade promotion, or survey, we may collect demographic information such as your gender or postal code.

Device Information: When you visit our Websites, use or download our App, or open our emails, we might collect information about the device used to access our Websites, App or emails, including your device identifiers such as IP address, time and location data, file metadata, tags/pixels, mobile operating system and referring website, versions of software you’ve used and your activity, including added items to a basket, added items to a wish list, app installations, app launches, links clicked and purchases made.

vi. Commercial Information: When a purchase is made, we may collect details about the products purchased, obtained, or considered, as well as other purchasing or consuming histories or tendencies.

vii. Internet Activity Information: When you visit our Websites, use our App, open an email from us, or interact with our other technologies, we may collect or keep track of what you have viewed on our Websites or App, as well as your browsing history of other websites you have visited, your search history and other information regarding interactions with our Websites or App to collect information such as: which of our emails you have opened, which links you have clicked, which email client you are using, whether you opened our email on a computer or mobile device, and the geolocation of your IP address. We use this data to analyse and improve the performance of our e-mail campaigns. We do so through the use of cookies (these are small data files which are transferred onto your device when our Websites are accessed), web beacons and tags/pixels (these ‘tag’ your device). We use cookies to identify specific machines in order to collect aggregate information on how visitors are experiencing our Websites. This information will help to better adapt our Websites to suit personal requirements. While cookies allow a computer or device to be identified, they do not permit any reference to a specific individual. For information on cookie settings of your internet browser, please refer to your browser’s manual.

We may use a third party vendor to show our ads on sites on the internet and serve these ads based on a user’s prior visits to our Websites, use of our App and other internet activity. We may also collect and analyse data supplied by these vendors to help inform and enhance the performance of our ad campaigns and enable personalised advertising based on your prior visits to our App or Websites.

viii. Employees: We collect Personal Data in relation to employees and prospective employees as part of their job application and during the course of their employment, either from the employee directly or, in some cases, from third parties such as recruitment agencies, referees, government bodies (e.g. police checks, if required) and academic and professional bodies (e.g. to validate details and currency of qualifications). The information we collect may include contact details, qualifications, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records, and logs of the employee's usage of our equipment (e.g. phones, computers and vehicles). Under the Privacy Act, Personal Data about a current or former employee may be held, used or disclosed in any way that is directly connected to the employment relationship. We handle employee information in accordance with legal requirements and our applicable policies in force from time to time.

We may also collect Sensitive Personal Data from employees, such as details of disabilities, allergies, and health issues or injuries that may impact the employee's role or which arise while on our premises or in the performance of the employee's duties, so we can accommodate and otherwise assist the employee with any related requirements and manage any incidents. We only collect Sensitive Personal Data about you with your consent, or otherwise in accordance with the Privacy Act.

ix. AI Chatbot: When you interact with the AI Chatbot on our App or Websites, we may collect information that you voluntarily provide to us through the interactions with our AI Chatbot. This can include, but is not limited to, messages you send, questions you ask, and any other data you choose to share with our AI Chatbot. Information that is personally identifiable is identified using an automated process and then redacted before being saved to the AI Chatbot database. We use the data collected through our AI Chatbot to provide you with the service, including responding to your queries and delivering relevant information, to monitor and prevent abusive behaviour, and to enhance and improve the quality and functionality of the chatbot service. Any Personal Data collected by our AI Chatbot may be shared with our suppliers or sub-processors.

If Personal Data is inadvertently submitted during your interactions with our AI Chatbot, it will be handled in accordance with this Privacy Policy and our Kaboodle AI Privacy and Confidentiality Policy.

For more information, please visit our Kaboodle AI Privacy and Confidentiality Policy, located at: https://kaboodle.com.au/kaboodle-ai-privacy-and-confidentiality-policy-au.

x. Other Information: We may look at how often you use our Websites or App and where these were downloaded or accessed from based on your IP address. This information includes things such as pages and files viewed, operating system, searches, system configuration, and date/time stamps associated with usage. When you call our customer service team, we record calls for quality assurance and operational purposes.

Where we request your Personal Data and you fail to provide such Personal Data, we may be unable to meet our obligations or offer our goods and services to you.

c. how we use your personal data

We commonly collect, hold, use and disclose your Personal Data for a number of purposes, including but not limited to the following:

i. Product and Services fulfillment.

1. Complete, fulfill, manage, deliver, and communicate with you about, your purchases;

2. Provide you with information about our goods and/or services;

3. Communicate about the App, our services, our Websites or any experience and feedback related to our goods and services;

4. Set up and service your user account with us;

5. Provide customer service and alert you about features and functions in our services;

6. Review any feedback and/or complaints that you provide to our company and provide you with refunds and/or replacements (where applicable); and

7. Enhancing our products and services.

ii. Internal operations.

1. Improve the effectiveness of our Websites, App, merchandise, inventory, third-party vendors, and customer service;

2. Conduct research, data processing and analytics for our operations and services;

3. Recruit staff and procure contractors; and

4. Perform other logistics and operational activities as needed.

iii. Payment Processing.

1. Processing customer payments; and

2. Address inquiries or requests about purchases with us or a third-party store front.

iv. Security, compliance, legal obligations and fraud prevention.

1. Protect our assets (both online and offline) and prevent any suspected or actual breaches of the law or fraudulent activities;

2. Validate credentials and authenticate users logging into the App or Website account;

3. Protect the security and integrity of our services and our data; and

4. Assist us, our suppliers or law enforcement in investigations for loss and/or prevention purposes and respond to legal/regulatory inquiries, if necessary.

v. Marketing, promotions and advertising.

1. Market or send you information about our products, services, and promotions either from us or from third parties which may be of interest you, such as personalised offers via email, where you have asked us to (or have otherwise consented to us doing) or it is otherwise permitted by law;

2. Personalise online content as it applies to your interests, including on our Websites, and ads on other websites or platforms;

3. Monitor your items and shopping preferences;

4. Track activity on our Websites, including monitoring the products you are interested in and how often you visit our Websites or App;

5. Manage or conduct contests, trade promotions, competitions, events or surveys; and

6. Perform data processing, including analysing data, market research results and trends.

We may conduct direct marketing through various channels, including over the phone and by e-mail, SMS and post.

If you would like us to stop sending you direct marketing communications, you can request this by contacting our Privacy Officer (see the contact details provided under the “How to Contact Us“ section below).

Please note that there are certain types of communications that you may not be able to opt-out from, such as communications that we are required or permitted by law to send you.

vi. Other purposes

1. Any other purpose to which you have consented when collected; and

2. Any other related purposes as otherwise required to manage our business.

d. disclosure of personal data

We may disclose your Personal Data to third parties for certain purposes, including the following:

i. General Business Purposes: We may share Personal Data with our suppliers, consultants and service providers who may assist us with customer or technical support, sales, operations, account management, operating and maintaining our Websites and App, analysing data and trends in relation to your transactions, and other legitimate general business purposes.

ii. Compliance with the Law: We may disclose Personal Data where legally required to comply with applicable laws, regulations, legal processes, court orders, warrants, legal processes or government requests, including to government agencies, law enforcement or other third parties.

iii. Protection of our Rights: We may disclose Personal Data to our legal advisers to protect or exercise, establish, or defend our legal rights.

iv. Business Transfers: We may share or transfer Personal Data to support negotiations of or for a merger, sale of company assets, financing, or acquisition of all or a portion of our business.

v. Managing Events: If you use our Websites or App to register for an event organised by a third party partner, we may share your Personal Data with that partner to process your registration and participation in the event.

vi. Receiving Professional Advice: In certain instances, we may share Personal Data with professional advisers, including lawyers, accountants, bankers, financial advisers, auditors, and insurers where we operate, who provide their professional services, but only to the extent we are legally obliged or have a legitimate interest in sharing information.

vii. Related bodies corporate: We may share Personal Data with our related companies who may use your Personal Data to analyse data and trends for helping better understand your preferences and needs

viii. Publicly Shared Information: Any Personal Data or other data you choose to submit in communities, forums, blogs, social media, or elsewhere may be read, collected, and used by others who visit these places, depending on account settings.

If we disclose Personal Data to a third party, we generally require that the third party protect your Personal Data to the same extent that we do.

c. international transfers, security and data retention

1. use of personal data overseas

We may hold Personal Data as either secure physical records, electronically on our intranet system, in cloud storage, and in some cases, records on third-party servers, which may be located overseas. Some of the third parties to whom we disclose Personal Data may be located outside Australia. The countries in which such third-party recipients are located depend on the circumstances. In the ordinary course of business we commonly disclose Personal Data to recipients located in New Zealand, the United Kingdom and the United States.

From time to time we may also engage an overseas recipient to provide services to us, such as cloud-based storage solutions. Please note that the use of overseas service providers to store Personal Data will not always involve a disclosure of Personal Data to that overseas provider.

By providing your Personal Data to us, you consent to us disclosing your Personal Data to any overseas recipients, as disclosed at section C, for purposes necessary or useful in the course of operating our business, and agree that APP 8.1 will not apply to such disclosures. For the avoidance of doubt, in the event that an overseas recipient breaches the APPs, that entity will not be bound by, and you will not be able to seek redress under, the Privacy Act.

Whenever we transfer your Personal Data outside of Australia, we will do so in accordance with the requirements of applicable privacy and data protection laws. We may disclose your Personal Data to overseas recipient without your consent where permitted by the Privacy Act (and, in such circumstances, we will comply with the applicable requirements of the Privacy Act in doing so).

2. security

We employ a range of measures designed to reasonably protect the Personal Data we hold to prevent any loss, misuse, unauthorised access, disclosure or modification of Personal Data, including maintaining the security of our systems and employing commercially reasonable measures such as encryption and limiting access to only those who need access to do their job.

If you become aware of any suspected breach of security, please contact our Privacy Officer immediately on the contact details set out in section I below.

3. data retention

We will retain the Personal Data we collect from you in connection with our goods and services for the length of time necessary to conduct our business or we have a valid reason to hold, store or use your Personal Data.

We determine the length of our retention periods for your Personal Data on the basis of the purposes for the information was collected; the amount, nature, and sensitivity of the information used, any potential risk from unauthorised use or disclosure of that Personal Data, and whether we can achieve the purposes through other means, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).

When we have no ongoing legitimate business need to hold, store, process or use your Personal Data, we will either delete or anonymise it or, if this is not possible (for example, because it is stored in backup archives), we will securely store and isolate it from further processing until deletion is possible.

d. third party links

Our Websites or App may contain links to other websites operated by third parties. We make no representations or warranties in relation to privacy practices of any third-party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices and procedures.

e. internet advertising

We may also use your information with online targeted advertising services that help our ads to reach you (and other people who may be interested in our products and services) on websites, app and social media platforms across the internet. These online targeted advertising services are operated by third party vendors. The advertising service providers that we currently use include Meta (Instagram and Facebook), TikTok, Pinterest and Google (YouTube).

Some of these services work by using non-identifying data about your behaviour and demographics that has been collected through cookies and other tracking technologies (such as pixels and device identifiers) when you use the Internet, including when you move between different websites and app and use different devices. For example, third-party vendors, such as Google, may use cookies and/or device identifiers to serve ads based on your past visits to our Websites or App. Your browser or device may provide you with the option to disable or opt-out of some of these cookies and other tracking technologies (such as device identifiers).

Other services require us to use limited amounts of your Personal Data. For example, we may include your information in a customer list that we provide to selected online advertising service providers (such as Meta (Instagram and Facebook), TikTok, Pinterest and Google (YouTube)) so that we can conduct audience-based advertising. This allows us to show our ads to you (if you also use those platforms) and to other users of those platforms who share similar characteristics with you. The customer list is usually hashed (to improve security and confidentiality) before it is processed by the service provider to target and serve our ads.

Our online advertising service providers also help us by measuring the effectiveness of our ad campaigns and providing us with analytics data that we use to inform and optimise our ad campaigns. The analytics data we receive is generally aggregated and non-identifying.

When we use any advertising service that requires us to use or disclose your Personal Data, we will only do so if we are permitted to do so by applicable privacy laws. You can notify us at any time if you would like us to stop using your Personal Data for these targeted advertising purposes by contacting our Privacy Officer as set out below.

You can also opt-out of certain online targeted advertising networks directly by visiting:

• the Digital Advertising Alliance’s opt-out portal (http://optout.aboutads.info/);

• the Network Advertising Initiative’s opt-out page (https://thenai.org/opt-out/);

• use Facebook’s settings you to manage the types of advertising you are shown (https://accountscenter.facebook.com/ad_preferences/);

• use Google’s settings to manage your ad preferences and opt-out of Google’s use of cookies and device identifiers (http://www.google.com/settings/ads);

• use LinkedIn's settings to manage your ad preferences and control data collected about you (https://www.linkedin.com/mypreferences/d/categories/ads); or

• use Instagram's settings to manage your ad preferences (https://help.instagram.com/2885653514995517/?helpref=uf_share).

f. social media

We use social media platforms such as Meta (Instagram and Facebook), TikTok, Pinterest and Google (YouTube) to communicate with the public about our services and businesses. We may collect the Personal Data that you choose to share with us through these platforms, including photos, videos and comments and posts.

These social media platforms have their own privacy policies, and may handle your Personal Data for their own purposes. You can access the privacy policies for these social media platforms on their websites.

If you choose to use these social media platforms to communicate with us, please be mindful that certain pages within these platforms may be publicly available. We encourage you to use the privacy settings available on each platform.

g. privacy concerns

a. access or correct personal data

If you wish to access, correct or update Personal Data, please contact us by sending an email to privacy@austbrush.com.au or by using the contact details provided under the “How to Contact Us“ section below. We will of course need to verify you are who you say you are before we provide any access to any Personal Data. If you do have an inquiry, please provide us with the following:

i. your name;

ii. type of request;

iii. approximate date of collection of the information; and

iv. a valid email address to contact you.

b. concerns or complaints

If you have a concern or complaint about this Privacy Policy or how we may have handled your Personal Data, please contact us at privacy@austbrush.com.au or on the contact details set out in the “How to Contact Us“ section below. When contacting us, please provide as much detail as possible in relation to your concern or complaint. We take all concerns and complaints seriously and respond within a reasonable period. We request that you cooperate with us during this process and provide us with any relevant information that we may need.

If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner who can be contacted at:

Office of the Australia Information Commissioner
GPO Box 5218, Sydney, NSW, 2001
Telephone: 1300 363 992
Email: enquiries@oaic.gov.au.

h. changes to this privacy policy

We will update and amend this Privacy Policy when needed, which may occur at any time. When we make changes to this Privacy Policy, we will post the updated version on our Websites and App and update the effective date. We recommend you check our Privacy Policy regularly for any updates. Your continued use of our Websites and App following the posting of such changes constitutes your notice of and acceptance of our Privacy Policy.

i. how to contact us

If you have questions or comments about this Privacy Policy or the ways in which we collect, handle and use your Personal Data, please do not hesitate to contact us at:

• Phone Number: 1800 666 078

• Email Address: privacy@austbrush.com.au

• Postal Address:

Attn: Privacy Officer
P.O. Box 338
Somerton VIC 3062
Australia