Privacy Policy – Shop Bits & Pieces


Heinemann Australia Pty. Ltd. Trading as Shop Bits & Pieces (ABN 36 159 521 338) ("we", “us”, “our” or “Heinemann”) recognises and values the importance of protecting the privacy of our customers and complying with applicable privacy laws (including the Privacy Act 1988 (Cth) (Privacy Act)). 

We recognise the importance of privacy and our respect for our customers' and other individuals' right to privacy of their personal information is paramount. We have policies and procedures to ensure that all personal information is handled by us in accordance with applicable privacy laws.


Why we collect personal information?

Personal information is information that allows others to identify you. We only collect personal information that is reasonably necessary to carry out our business functions.


If you are our customer or do business with us, we collect personal information that permits us to provide you with our products and services. We also identify you in case you should need to have your purchased product exchanged or repaired. We also collect personal information for the purpose of letting you know about our products, services, promotions or opportunities that may interest you.


We will collect your personal information in connection with, but not limited to, the operation of the Webshop, including to allow us to provide you with functional access to many of its features. Functional access includes the ability to purchase goods, use the shopping cart and maintain a user account with us. 


We will also use your personal information to verify your entitlement to particular goods (including an entitlement to particular quantities of goods) and/or particular pricing for such goods. If you do not provide us with the requested personal information and agree to us using it for the above purposes, you will regrettably not be able to purchase goods via the Webshop. 


We may also use your personal information for the related purpose of allowing us and our selected partners to send you direct marketing materials. If you do not agree to us using your personal information for this purpose, you should simply notify us of this and you will not receive (or no longer receive) such materials. There are no other consequences of you so notifying us. 


We will always collect your personal information directly from you (including via the registration form on our Webshop) and will never collect your personal information from anyone else.


What personal information do we collect?

We collect personal information from customers in order to:

  • Process purchases on our Webshop and In-Store;
  • Handling Customer Enquiries through our Customer Service centre; and
  • Administer our Loyalty Program (launch date TBC)


The types of personal information we may collect include but is not limited to your:

  • Name – (For Customer Service)
  • Telephone number – (For Customer Service)
  • Address – (For Delivery)
  • Email address
  • Birthdate
  • Nationality
  • Staff or Airport ID



How we collect your personal information

We take steps to ensure that we collect personal information by lawful means, and obtain your personal information in various ways including but not limited to:

  • when you contact us (including our customer service centre)
  • when you create an account on our webshop
  • when you shop in our stores
  • if you order a product from our Webshop
  • via social media
  • from competitions or promotions you have participated in
  • from publicly available sources
  • when you apply to work with us


How we may use personal information

We will use your personal information for a number of purposes and will comply with our legal, regulatory, industry or workplace requirements. More specific purposes include but are not limited to:

  • any purpose you have consented to
  • any related purpose related to one or more of our functions or activities
  • marketing, event and promotional activities;
  • market research
  • administration
  • recruitment purposes; and
  • to comply with industry, legal and regulatory requirements

How we store personal information

Heinemann takes all reasonable steps to keep secure any information we hold about you and keep this information accurate and up-to-date. Your personal information may be stored in hard copy or electronically (including on secure servers in controlled facilities).


Heinemann has security processes in place to protect personal information from misuse, loss or unauthorised access, modification or disclosure. The types of measures we take vary with the type of information and how it is collected and stored.


How long do we retain your personal data for?

We will retain your personal data for so long as is necessary for the purposes defined in this data protection statement and to address any claims or issues that may arise concerning your use of our Services.


After that, we may continue to hold data that relates to you for research and statistical analysis, as permitted under the relevant sections of the Privacy Act. However, during the time you may contact us to request that we delete personal data we hold about you.


How you can control what we collect and how we use it

In some cases you may not want us to collect or use your information in a particular way. Alternatively, you may want to withdraw permission that you gave us earlier. We will provide you an opportunity to tell us so that we can change the way we collect or use your personal information, where possible, or withdraw a service. However, you should be aware if we do not receive information that we need, we may not be able to provide you with our products, services or offers.


Access to information we hold about you

You are entitled to access the personal information we hold about you (except in limited circumstances in which it is permitted by law for us to withhold this information). If you require access to your personal information, please contact us. We will require you to provide us with your proof of identify before we provide access to your personal information. We will usually be able to respond to your request within 21 days.


Correction of information we hold about you

We also encourage you to actively engage with us and let us know when your details change or if your personal information needs correction or updating via our contact information provided below.


Deletion of Data

You have the right to ask us to erase your personal data or not to process your personal data. We will inform you (before collecting your data) if we intend to use your data for marketing purposes or if we intend to disclose your information to any third party for such purposes.

If at any point you believe the information we process on you is incorrect you may ask to see this information and have it corrected or deleted. You also have the right to ask that we restrict the processing of your personal data and to object to our processing of your personal data. You also have the right to obtain from us, and reuse, the personal data we maintain from you, for your own purposes.


Your Privacy on the Internet

It is our usual practice to collect information about all visitors to our online resources. We provide online shopping facilities through which we may also collect information. We collect information to monitor the use of our online services. The information helps us improve our services by learning what our users prefer and what, if anything, needs fixing. We take steps to ensure that information we obtain through our websites is protected. For example, our websites have electronic security systems in place, including the use of firewalls and data encryption. User identifiers, passwords or other access codes may also be used to control access to your personal information on our websites. We do not give personal information collected online to other agencies or organisations without your consent unless we are required to by law, or we believe an individual would reasonably expect us to do so.

Your order details are only stored and transmitted in encrypted form on our internet servers. This means that communication between your browser and our order system, for instance, cannot be read by others on the internet. Using our ordering system is regarded as consenting to the storage and use of your information by Bits and Pieces.


Cookies and Local Storage

When you access or use the Webshop, we will use industry-wide technologies such as “cookies” or similar technologies, which stores certain information on your computer (“Local Storage”) and which will allow us to enable automatic activation of certain features, and make your Service experience much more convenient and effortless. The cookies used by the Webshop are created per session and does not include any information about you, other than your session key (usually removed as your session ends but sometimes can be kept in your device for no more than 6 months) and the ability to login again quickly. Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you block or erase cookies your online experience with the Service may be limited.


Card Transactions

Your full card details are not recorded or stored in our database. We only collect and store the final four numbers of your credit or debit card together with the expiry date and cardholder name in order for you to be able to select that card when making a future purchase. The details are encrypted and transferred securely to one or more third party payment service providers.

Disclosure of your personal data

We will never sell your personal information.


Complaints and enquiries

If you believe that there has been a breach of the APPs, you may lodge a complaint with us via the contact details below. We will review your complaint and gather any relevant paperwork or documentation before responding which will ordinarily be within 7 days of receipt of your complaint. When we respond, we will give you written reasons for our decision.


Bits and Pieces Customer Care

Heinemann Australia Pty Ltd

PO Box 3027 

Sydney International Airport 

Mascot NSW 2020 


From time to time, we may amend this data protection statement and will publish the amended version to our website.

You may also request a physical copy of the data protection statement by contacting our Customer Service Centre at our Contact Us page.

For information about privacy generally, or if your concerns are not resolved to your satisfaction, please contact the Office of the Australian Information Commissioner at or on 1300 363 992