Last updated: January 2026.
Organisation: redstonerx-au.com
Contact: contact form
redstonerx-au.com is committed to protecting the personal information of everyone who visits and uses our site. This Privacy Policy explains what personal information we collect, why we collect it, how we use and disclose it, and what your rights are — in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained in Schedule 1 of that Act.
1. Who We Are
Organisation: redstonerx-au.com
Contact: Via the contact form available on our website
Website: https://redstonerx-au.com
We are responsible for the personal information we collect and hold. Under APP 1, we are required to have a clearly expressed and up-to-date privacy policy that describes how we manage personal information. This document fulfils that requirement.
2. Personal Information We Collect
We collect only the personal information that is reasonably necessary for our functions and activities (APP 3.1). We do not collect personal information unless it is reasonably necessary for, or directly related to, one or more of our functions.
| Category | Specific information | How collected |
|---|---|---|
| Identity | Full name | Order form |
| Contact | Email address | Order form |
| Delivery | Full postal address (street, suburb, city, state/territory, postcode) | Order form |
| Transaction | Order amount, date and reference number. We do not store full card numbers — payment data is processed directly by PCI-DSS certified gateways | Order system |
| Technical browsing data | IP address, browser type, pages visited, date and time of access | Automatically by web server |
What we do NOT collect: No phone number (not required). No full card numbers. No Medicare numbers or government identifiers. No medical records or clinical histories beyond what is contained in your order.
3. Sensitive Information — Health and Medication Data
Health information under the Privacy Act 1988: The Privacy Act treats health information as a type of sensitive information (s 6 of the Act) that requires a higher standard of protection. The medications you order may reveal information about your health.
We handle your order information with the highest level of confidentiality. We never disclose what medications you have ordered to health insurers, employers, government health agencies, Medicare or any other organisation. Your medication purchase history is not used to create health profiles and is never shared with or sold to any third party for any commercial purpose.
4. Why We Collect Your Personal Information — Purposes
Under APP 3, we collect personal information only for purposes that are lawful and directly related to our functions. We collect and use your personal information for the following primary purposes:
| Purpose | Applicable APP |
|---|---|
| Processing and fulfilling your order | APP 3 — primary purpose of collection |
| Delivering your package to your nominated address | APP 3 — directly related to primary purpose |
| Sending order confirmation and tracking information | APP 3 — directly related to primary purpose |
| Invoicing and meeting ATO record-keeping obligations | APP 3 — required by law (Tax Administration Act 1953) |
| Customer service, handling complaints and refund claims | APP 3 — directly related to primary purpose |
| Fraud prevention and website security | APP 3 — legitimate operational purpose |
Under APP 6, we will not use or disclose personal information for a secondary purpose unless you would reasonably expect us to do so and the secondary purpose is related to (or, for sensitive information, directly related to) the primary purpose. We do not use your personal information for direct marketing (APP 7) without your express consent.
5. How Long We Keep Your Information
- Order and transaction records (name, address, order details): retained for 5 years from the date of the transaction, in accordance with the Australian Taxation Office (ATO) record-keeping requirements under the Tax Administration Act 1953
- Email address for order-related communications: retained for the duration of our business relationship and until any outstanding matter is resolved
- Technical server logs (IP address, access logs): retained for a maximum of 12 months
- Under APP 11.2, we will take reasonable steps to destroy or de-identify personal information once it is no longer needed for any purpose for which it may be used or disclosed under the APPs
6. Who We Disclose Your Information To
Under APP 6, we disclose personal information only to third parties in ways that are consistent with the purpose for which it was collected:
- Payment processors: PCI-DSS Level 1 certified payment gateways that process your payment. They receive only the information necessary to complete the transaction — they do not receive your order history or any information about which medications you purchased
- Courier and postal services: receive your name and delivery address to complete the shipment. They receive no information about the contents of your package
- Legal and regulatory authorities: we may disclose personal information where required by Australian law, a court order or a lawful government request (including requests from the Australian Border Force or Australian Federal Police in appropriate circumstances)
We never sell, rent or trade your personal information to any third party for commercial, marketing or any other purpose.
7. Cross-Border Disclosure of Personal Information
Under APP 8, before disclosing personal information to an overseas recipient, we must take reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to that information. We remain accountable for the handling of your personal information by any overseas recipient.
Some personal information may be processed or stored outside Australia — for example, by our payment processing partners or server infrastructure providers. Where this occurs, we ensure contractual protections are in place requiring the overseas party to handle your information consistently with the Australian Privacy Principles.
By using our website and providing your personal information, you consent to it being handled in the manner described in this policy, including potential disclosure to overseas recipients under APP 8.
8. Your Rights Under the Australian Privacy Principles
The APPs give you the following rights in relation to your personal information:
Access (APP 12)
Request access to the personal information we hold about you. We must provide access unless an exception applies (e.g. access would pose a serious threat to life or safety, or is unlawful).
Correction (APP 13)
Request correction of personal information that is inaccurate, out of date, incomplete, irrelevant or misleading. We must take reasonable steps to correct or attach a notation if we disagree.
Anonymity (APP 2)
Where lawful and practicable, you have the option of not identifying yourself or using a pseudonym when dealing with us. Note: anonymous ordering is not possible as we need your address for delivery.
Opt out of direct marketing (APP 7)
You may request that we stop using your personal information for direct marketing purposes at any time. We do not currently engage in direct marketing without consent.
Deletion / destruction
Request deletion of your personal information where it is no longer needed, subject to our legal retention obligations (e.g. ATO record-keeping requires 5 years).
Complaint (s 36)
Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have not handled your personal information in accordance with the APPs.
How to exercise your rights: Contact us through the contact page and describe your request clearly. We will respond within 30 days. There is generally no fee for a reasonable access or correction request.
9. Office of the Australian Information Commissioner (OAIC)
If you have a complaint about how we have handled your personal information and you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
Website: www.oaic.gov.au
Phone: 1300 363 992
Email: [email protected]
Post: GPO Box 5218, Sydney NSW 2001
We encourage you to contact us first through the contact form so we can attempt to resolve your concern directly before you approach the OAIC.
10. Security of Your Personal Information
Under APP 11, we take reasonable steps to protect the personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure. Our security measures include:
- 256-bit SSL/TLS encryption on all connections between your browser and our website
- No storage of full card numbers — card payments are processed through PCI-DSS Level 1 certified gateways
- Access controls — personal information is accessible only to personnel who require it for their role
- Regular secure backups in access-controlled environments
- Notifiable Data Breaches (NDB) scheme: in the event of an eligible data breach that is likely to result in serious harm, we will notify both the OAIC and all affected individuals as required under Part IIIC of the Privacy Act 1988
11. Cookies
redstonerx-au.com uses technically necessary cookies required for the shopping cart, session management and basic site navigation. These cookies do not collect personally identifiable information beyond what is needed for site functionality. We do not use third-party advertising tracking cookies without your consent. For more information, see our Cookie Policy.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, our practices or our services. When we make material changes, we will notify users prominently on the website at least 30 days before the changes take effect. The date of the most recent update is always shown at the top of this document.
13. Contact Us About Privacy
For any questions about this Privacy Policy, to request access to or correction of your personal information, or to exercise any other right described above, contact us through the contact page. Please identify your enquiry as "Privacy" for faster handling. We respond within 30 days.
See also our Terms and Conditions for information on the terms of use of this website, and our Delivery Conditions for information on how we handle your delivery details.
