Moose EU Privacy Policy

Last updated: 19 January 2024 | Effective date: 19 January 2024

Moose is committed to safeguarding your privacy online. Moose is made up of different legal entities, including Moose Toys Ltd (UK registered company number 01606138), Moose Enterprise Pty Ltd, Moose Creative Pty Ltd, Moose Creative Management Pty Ltd, Moose Enterprise (INT) Pty Ltd, Moose Toys Pty Ltd and Moose Toys LLC. This privacy policy is issued behalf of the Moose Group so when we mention Moose, “we”, “our” or “us” in this policy we are referring to the relevant company in the Moose Group responsible for processing your data. We will let you know which entity will be the controller of your data when you purchase a product or service with us. Moose Toys Ltd is the data controller and is responsible for this website.

It is very important to us that you should be able to use and enjoy this website without having to worry about your privacy in any way.

Please read the whole of this policy to understand: how your personal information will be treated, your privacy rights and how the law protects you.

This policy may change from time to time, so please check back regularly. All changes will be posted on our website. The last updated date will be changed at the start of the amendment of the policy.

Privacy Policy
This Privacy Policy (“Privacy Policy”) describes the personal information that may be collected by us, what we use your personal information for, when we might disclose your personal information, the choices you can make about your personal information and how we handle your information.

This Privacy Policy applies to all circumstances where you use our services, or visit our websites (including all interactive features, applications or downloads available through these websites) and apps operated by Moose which contain this Privacy Policy (however accessed and/or used), whether via personal computers, mobile devices, or other technology (“Device”) (collectively “Website”). By using the Website, you acknowledge that you’ve read and understood this Privacy Policy.

Contact details

For UK and EU Residents
For the purpose of the data protection laws, the data controller is Moose Toys Ltd, a private limited company registered in England and Wales under number 01606138. If you want to request more information about our privacy policy or information regarding data protection you should contact us by email at DPO@www.moosetoys.com, or by post using the details provided below.

FAO: Data Protection Manager
Moose Toys Ltd
Unit 3, Hurling Way
St Columb Major Business Park
Trekenning
St Columb Major
Cornwall, TR9 6SX
United Kingdom

You have the right to complain about the processing of your personal data. Please contact us using the details provided above if you are unhappy with how we are collecting or using your personal data. If you are still unsatisfied you have the right to complain to the Information Commissioner’s Office (for UK residents) or the relevant national Data Protection Authority for residents of other EU countries (a list is available here: https://edpb.europa.eu/about-edpb/board/members_en).

For Australian Residents

F.A.O: Data Protection Manager
29 Grange Road
Cheltenham
Victoria, 3192
Australia

If you would like to make a complaint about the way we process your personal data you can contact the Office of the Australian Information Commissioner (OAIC). Please contact us to find out more.

For Californian Residents

F.A.O: Data Protection Manager
29 Grange Road
Cheltenham
Victoria, 3192
Australia

If you would like to make a complaint about the way we process your personal data you can contact the California Attorney General.

Collection of Personal Information

Personal information, or personal data, is information about an identifiable individual, or an individual who is reasonably identifiable whether the information is true or not. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

Identity Data includes first name, last name, username or similar identifier, marital status, title, date of birth and gender.
Contact Data includes billing address, delivery address, email address and telephone numbers.
Financial Data includes bank account and payment card details.
Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
Usage Data includes information about how you use our website, products and services.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

How we collect data

We collect, use, store and transfer information that is directly related to the products and services you use.

Generally, we will collect personal information directly from you, and only to the extent necessary to provide the product or service you requested or to carry out our internal administrative operations. We may collect personal information from you when you:

• fill in an application form;
• deal with us over the telephone or through any Device;
• purchase a product;
• e-mail us;
• submit your personal details through the Website;
• create an account with us;
• ask us to contact you after visiting the Website; or
• contact us, give us feedback or agree to complete an on-line survey.

We may also collect personal information about you indirectly, through some publicly available sources, or through social media sites, like Facebook, Twitter, Google and others, who disclose to their users that the users’ personal information is provided to businesses like Moose. We will collect personal information from you by lawful and fair means and not in an unreasonable way.

Information collected automatically

As you interact with our Website, we will automatically collect Technical Data about your Device, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. Please see below and our cookie policy for further details.

We also use cookies (see below) and other internet technologies to manage the Website and certain online products and services.

This information is used by Moose for aggregated statistical analyses or systems administration purposes only. No attempt will be made to identify users or their browsing activities, except where required by law.

Cookies

When you interact with us on the internet, our system automatically sends you a ‘cookie’. A cookie is a small amount of information sent from a web server to your computer, electronic tablet or smart phone that enables your device to be recognised. It is used to handle your internet sessions on that device and contains a unique identifier.

Other information stored by the cookie includes website traffic data. This data is not used to identify individual details. We only collate the data into anonymous results in order to evaluate and improve our internet user ability and services. You may disable cookies using your browser’s preferences, but some features of the Website may not function if you do so.

Using Personal Information

We will collect, hold, use and disclose personal information for the purposes of providing or offering goods and services to you, for any purposes that you may reasonably expect, for any other purpose authorised by law, or for any other purposes with your consent (whether express or implied). This may include disclosures to organisations that provide us with technical and support services, and professional advice.

We will only use your personal data where the law allows us to. Most commonly, we will use personal information to:

• perform a contract we are about to enter into or have entered into with you;
• comply with a legal obligation;
• provide you with news and information about our products and services;
• provide, deliver, source, administer, and improve our products and services;
• provide marketing offers through direct marketing, database compilation, market research, data analysis and segmentation, and the processing or creation of other marketing information;
• communicate with you such as responding to queries and complaints;
• provide you with functionality on the Website, and customising and improving your online experience with us;
• personalise your experience with our products and services, for example, via connectivity with social media services;
• send you marketing and promotional material that we believe you may be interested in; or
• seek your feedback for market research purposes. Participation in feedback such as online surveys is completely voluntary and anonymous. It will not be used to gather identifying information about any individual

Your personal information may also be used and disclosed to protect our rights or property and that of our users and, where appropriate, to comply with legal processes, which may include disclosures to law enforcement, regulatory or government agencies.

Direct marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.

From time to time we may use the personal information we collect from you to identify particular products and services which we believe may be of interest to you (we call this marketing). We may then contact you to let you know about these products and services and how they may benefit you. Every directly addressed marketing contact sent or made by Moose will include a means by which you may unsubscribe (or opt out) of receiving further marketing information. You may at any time request that we, or third parties, stop sending you emails or other communications. You can do this by contacting us at any time, or by following the opt-out links on any marketing message sent to you.

Where you opt-out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/services purchase, warranty registration, product/service experience or other transaction.

For UK or EU Residents
We will always obtain your express opt-in consent before we share your personal data with any third party for marketing purposes.

For Californian Residents
California Civil Code Section 1798.83 permits customers of Moose who are California residents to request certain information regarding its disclosure of their personal information to third parties for their direct marketing purposes. Further, you may instruct us at any time to remove any previous consent you provided to receive marketing communications from us. To make such a request, please send an e-mail to DPO@www.moosetoys.com. These services will respect your browser’s Do Not Track signals (or other well-established, commercially available mechanisms that provide you with the ability to exercise choice regarding the collection of Personal Information). If we receive a Do Not Track notice, we will stop using any Personal Information for online behavioral advertising purposes.

For Canadian Residents
We may send you marketing communications by e-mail, text message or other electronic means unless you did not opt-in when required or have opted-out from receiving further messages. You may at any time opt out of the use of your personal information for marketing purposes by contacting our Data Protection Manager – see Contact Us above.

Entrants in Competitions, Contests and Sweepstakes

We may offer competitions, sweepstakes and contests through the Website that may require registration. By participating in a competition, contest or sweepstake, you agree to the terms, conditions and/or official rules that govern that particular promotion. If you choose to enter a competition, sweepstake or contest, we may disclose personal information to third parties or the public in connection with the administration of such competition, contest or sweepstake, including, without limitation, in connection with winner selection, prize fulfillment, and as required by law or permitted by the official rules, such as on a winners’ list.

Suppliers

We collect information from suppliers that is directly related to the products and services Moose and its customers purchase and provide. This information may contain personal information such as the name and contact details of the contact people at each supplier.  Generally, we will collect personal information directly from the contact person but some information may be provided by third parties.

We use information from suppliers in the following ways to:

  • provide you with news and information about our products and services;
  • to be supplied with products or services;
  • communicate including responding to queries and complaints;
  • maintain quality control and product safety; or
  • produce innovative products.

Job Candidates

We collect information from job candidates. This information will contain personal information such as name, address, employment history and referee details. Generally, we will collect personal information directly from the job candidate but some information may be provided by third parties providing human resource services. Job candidate personal information will be used for recruitment purposes and to evaluate the job candidate’s application. Where we wish to use the information for other purposes we will seek your agreement beforehand. If you do not wish for us to keep you personal data for any reason, please let us know using the contact details set out at the start of this policy.

Disclosure to third parties

We will keep your information within the Moose organisation except where disclosure is required or permitted by law or when we use third party service providers (data processors) to supply and support our services to you. We have contracts in place with our data processors. This means that they cannot do anything with your personal data unless we have instructed them to do so. They will not share your personal data with any organisation apart from us. They will hold it securely and retain it for the period we instruct.

Third parties we may disclose personal information to include:

• our related companies;
• our service providers including IT service providers, advertising, analytics and cloud hosting service major delivery companies, mail houses and third party fulfilment contractors;
• our professional advisors including our accountants, auditors and lawyers;
• payment system operators and financial institutions; or
• government agencies.

If you wish to know more about the service providers, you can contact us at. DPO@www.moosetoys.com.

Some of our service providers may provide services to us entirely or partly from locations outside your jurisdiction and we may in order to receive those services occasionally transfer personal information to such other jurisdictions (where the information may be available to the government of these other jurisdictions), including where:

• we use service providers, cloud computing solutions or data storage located in other jurisdictions;
• we, or our related bodies corporate, have offices in other jurisdictions;
• we need to comply with foreign legal or regulatory requirements; or
• an international payment has been made.

Your personal information may be stored or processed outside of the European Economic Area (EEA). These countries may not have the same data protection laws as the EEA. If we transfer your information outside of the EEA, we will take appropriate steps to ensure that your information is adequately protected.

UK and EU residents’ Only

European data privacy laws grant individuals subject to those laws the following rights with respect to their personal data:

To be informed – We must make this privacy policy (sometimes referred to as a privacy notice) available with the emphasis on transparency over how we process your data.
Access – you have a right to access your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Rectification – We are obliged to correct or update your details. We will correct or update your data without delay provided you make the request in writing to the contact details provided in this policy, clearly specifying which data is incorrect or out of date.
Erasure – This is also known as the request to be forgotten. Under Data Protection Laws you have the right to erasure under specific circumstances. A request for your personal data to be deleted will be decided on a case by case basis and should be submitted in writing to the contact details provided in this policy.
Restrict processing – You have the right to ‘block’ or suppress the processing by us of your personal data.
Portability – You have the right to obtain and reuse your personal data that you have provided to us.
Object – You have the right to object to us processing your data in relation to direct marketing and or profiling.
Rights in relation to automated decision making and profiling – We do not use automatic decision making or profiling.

Please note that you may need to provide identification in order to prove who you are if you wish to invoke any of your rights as provided by the Data Protection Laws and as summarised above.

If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

Kids Privacy Assured by PRIVO: COPPA Safe Harbor Certification & GDPRkids™

Moose is a member of the PRIVO Kids Privacy Assured Program (“the Program”) for COPPA Safe Harbor Certification and GDPRkids™. PRIVO is an independent, third-party organization committed to supporting online services to safeguard children’s personal information collected online.

COPPA Safe Harbor Certification

COPPA Safe Harbor Certification by PRIVO

The Program certification applies to the digital properties listed on the validation page that is viewable by clicking on the PRIVO COPPA certification Seal. The certification Seal posted on this page indicates Moose Toys has established COPPA compliant privacy practices and has agreed to submit to PRIVO’s oversight and consumer dispute resolution process. If you have questions or concerns about our privacy practices, please contact us at +613 95797377 or dpo@moosetoys.com. If you have further concerns after you have contacted us, you can contact PRIVO directly at privacy@privo.com.

GDPRkids™ Privacy Assured

GDPRkids™ Privacy Assured Program by PRIVO

The Program applies to the digital properties listed on the validation page that is viewable by clicking on the PRIVO GDPRkids™ Verified Shield. The PRIVO GDPRkids™ Privacy Assured Program supports child directed services known as Information Society Services under the General Data Protection Regulation (GDPR), to comply with the requirements of this legislation. It impacts any child directed service in an EU Member State and any service globally that collects and or processes the personal data of children and minors. There is no safe harbor for the GDPR to date, but to ensure this company’s services meet the program requirements, we conduct regular monitoring and consulting.

Accessing and checking the personal information we hold about you

You have the right to request access to the personal information we hold about you. This right is subject to certain exceptions (see below) allowed by law. The file containing your personal information will be kept on our servers and those of our service providers

Moose will, upon your request to the Data Protection Manager (see Contact Us), and subject to applicable privacy laws, provide you with access to your personal information that is held by us. However, we ask that you identify, as clearly as possible, the type(s) of information requested. Moose will deal with your request in a reasonable time. Depending on the breadth of your request, we may recover from you our reasonable costs incurred in supplying you with access to this information.

We rely on the accuracy of the information you provide to us. If you think that we may hold information about you that is incorrect in any way, please contact us and we will correct any errors or inaccuracies where required.

Exceptions

Your right to access your personal information is not absolute. In some circumstances, the law permits us to refuse your request to provide you with access to your personal information. Such circumstances may include where:

• access would pose a serious threat to the life or health of any individual;
• access would have an unreasonable impact on the privacy of others;
• the request is frivolous;
• the information relates to a commercially-sensitive decision-making process;
• access would be unlawful;
• access may prejudice enforcement activities, a security function or commercial negotiations.

Security

Moose is committed to keeping your trust by protecting and securing your personal information. We have in place reasonable commercial standards of technology and operational security to protect all personal information provided to us from misuse, interference, loss, unauthorised access, modification or disclosure.

We limit access to personal information to individuals with a business need consistent with the reason the information was provided. We keep personal information only for as long as it is required for business purposes or by the law.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

How long do we keep your personal information

Our data retention policy is dictated by applicable data protection laws and is available for inspection by submitting a written request using the contact details provided in this policy.

Safety on the Internet

Please remember that whenever you voluntarily give personal information publicly online – for example on message boards, through e-mail, or in chat areas – that information can be collected and used by others. We are not responsible for any loss or damage you may suffer as a result of sharing your personal data publically.

Assignment

We may change our ownership or corporate organisation or sell some of our assets. As a result, please be aware that in such event we may transfer some or all of your information to a company acquiring all or part of our assets or to another company with which we have merged. Under such circumstances we would, to the extent possible, require the acquiring party to follow the practices described in this Privacy Policy, as it may be amended from time to time. Nevertheless, we cannot promise that an acquiring company or the merged company will have the same privacy practices or treat your information the same as described in this Privacy Policy and it is your responsibility to review our Privacy Policy regularly for changes (as set out at the start of this policy).

Security

We incorporate commercially reasonable safeguards to help protect and secure your Personal Information. However, no data transmission over the Internet, wireless transmission or electronic storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure or warrant the security of any information you transmit to us, and your use our Website and provide us with your information at your risk.

Contact Us

If you have a query or question about this policy, please contact our Data Protection Manager by email at DPO@www.moosetoys.com. Alternatively, you may contact us by mail at:

Unit 3, Hurling Way, St Columb Major Business Park, Trekenning, St Columb Major, Cornwall, TR9 6SX, United Kingdom

or

Data Protection Manager, 29 Grange Road, Cheltenham, Victoria, 3192, Australia.