Privacy Policy
Last reviewed: 29 January 2026
This Privacy Policy explains how we collect, use, disclose and protect your personal information when you visit our website, make a purchase, contact us, or otherwise interact with us. We comply with the Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs).
1. Who we are
Phoenix Leisure Group (ABN 37073884983) trading as Rossignol Australia (“we”, “us”, “our”). Registered address: Warehouse 2, 5 Aero Road, Ingleburn NSW 2565. Contact: customercare@rossignol.au | 02 9552 6900.
2. Scope
This policy covers our websites, mobile experiences, social channels under our control, in‑store forms (if applicable), and customer support interactions.
3. Types of information we collect
• Personal information: name, email, phone, billing and shipping address, order and returns history, account details, gift card details, support messages.
• Payment information: we process payments via third‑party providers (e.g., Shopify Payments, Stripe, PayPal). We do not store full card numbers; providers handle them securely.
• Technical data: IP address, device and browser type, operating system, pages viewed, timestamps, referrers, approximate location, and cookie identifiers.
• Preference & engagement data: marketing preferences, survey responses, wishlists, back‑in‑stock alerts, product reviews.
4. How we collect information
• Directly from you (checkout, account creation, forms, emails, chat, phone).
• Automatically via cookies, pixels and similar technologies (see “Cookies & Tracking”).
• From service providers and partners (fulfilment, payments, analytics, advertising, anti‑fraud), where permitted by law.
5. Cookies & Tracking
We use cookies, pixels, SDKs and similar tech to operate the site, measure performance, prevent fraud, personalise content, and deliver advertising. You can adjust browser settings to block cookies (some features may not work). Where required by local law, we display a cookie banner with choices.
6. How we use personal information
• To process orders, deliver products, provide customer support and manage returns/warranties.
• To operate, secure, troubleshoot and improve our website, apps and services.
• To personalise content and recommendations.
• To send service messages (e.g., order confirmations, shipping updates).
• Direct marketing: to send offers, updates and newsletters. You can opt out at any time via the unsubscribe link or by contacting us. We comply with APP 7 and applicable anti‑spam/Do‑Not‑Call rules.
7. Legal basis / lawful use
Australia (APPs): We collect, use and disclose personal information for the primary purpose of collection and for related purposes you would reasonably expect, or with consent, or as otherwise permitted by the APPs (e.g., required or authorised by law).
EU/EEA (when GDPR applies): If we offer goods/services to individuals in the EU/EEA or monitor their behaviour there, we process personal data under applicable GDPR lawful bases (e.g., consent, performance of a contract, legal obligation, legitimate interests) and extend GDPR rights to those users.
8. Direct marketing
We include a simple opt‑out in every marketing message and honour opt‑outs promptly. We also follow the Spam Act 2003 and Do Not Call rules where relevant.
9. Disclosing information to others
We disclose personal information to: payment processors; e‑commerce, hosting and cloud providers; warehousing and couriers; customer support platforms; analytics and anti‑fraud providers; professional advisers; and as required or authorised by law. We require our service providers to handle personal information securely and only for the purposes we authorise.
10. Overseas disclosures (Cross‑border)
To provide our services, we may disclose personal information to recipients located outside Australia (for example, cloud hosting, payments, analytics, customer support or logistics). Before disclosing, we take reasonable steps under APP 8 to ensure the overseas recipient does not breach the APPs, and note that we may remain accountable for the recipient’s handling under s 16C.
Likely countries: [List likely countries, e.g., United States (hosting/payment), EU/EEA (analytics/CDN), Singapore (CDN), New Zealand/Philippines (support), United Kingdom (payments)]. If this list changes materially, we will update this policy.
EU/UK data transfers (if GDPR/UK GDPR applies): We use approved transfer safeguards such as the European Commission’s Standard Contractual Clauses (and UK equivalents) with supplementary measures as needed.
11. Security
We take reasonable steps (technical and organisational measures) to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure, and we regularly review our controls.
12. Retention
We keep personal information only as long as needed for the purposes described or as required by law. When no longer needed, we take reasonable steps to destroy or de‑identify it, subject to legal holds.
13. Your choices and rights (Australia)
• Access: You can request access to the personal information we hold about you.
• Correction: You can request corrections if your information is inaccurate, out‑of‑date, incomplete, irrelevant or misleading.
• Marketing opt‑out: You can opt out of direct marketing at any time using the unsubscribe link or by contacting us.
We will respond to requests within a reasonable time and may ask you to verify your identity.
14. GDPR rights (where GDPR applies)
If GDPR applies to our handling of your personal data, you may have rights to access, rectification, erasure, restriction, portability and to object to certain processing, and to withdraw consent where relied upon. You also have the right to lodge a complaint with your local data protection authority.
15. Children’s privacy
We do not knowingly target our services to children. Under Australian law, privacy rights apply regardless of age; capacity to consent is assessed case‑by‑case, and as a general rule individuals over 15 are considered likely to have capacity unless unsure. We will align with the forthcoming Children’s Online Privacy Code when it commences.
16. Automated decision‑making (ADM)
If we use significant automated decision‑making that uses personal information, we will include clear disclosures about the kinds of personal information used and the types of decisions affected. We will meet the new ADM transparency requirements by 10 December 2026.
17. Data breaches
If we have reasonable grounds to believe an eligible data breach has occurred that is likely to cause serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) and publish an eligible data breach statement as required.
18. Complaints
If you have a privacy complaint, please contact us first using the details below. We will acknowledge and respond within a reasonable time. If you are not satisfied, you can contact the https://www.oaic.gov.auOffice of the Australian Information Commissioner (OAIC).
19. Changes to this policy
We may update this policy from time to time. The “Last reviewed” date shows the latest version. Significant changes will be communicated where reasonably practicable. Continued use of the site after updates constitutes acceptance of the updated policy.
20. Contact us
Phoenix Leisure Group
Email: customercare@rossignol.au
Address: Warehouse 2, 5 Aero Road, Ingleburn NSW 2565
Phone: 02 9552 6900
