Rolly Ecommerce Privacy Policy

Last updated: January 26, 2025

Introduction

Welcome to Rolly Ecommerce (“Rolly,” “we,” “our,” or “us”). We provide a platform that helps merchants build online stores and offers various services for selling products worldwide. This Privacy Policy describes how we collect, use, and share your personal information, as well as the rights and choices you have regarding your data. Rolly operates in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We may update this Privacy Policy from time to time. If we make significant changes, we will notify you by posting a notice on our website or emailing you directly.

Core Principles

Your Data, Your Control

We carefully determine what information is essential to operate our services effectively. Whenever possible, we minimize or anonymize data. We aim to give you clear options to manage your personal information.

We Protect Your Data

We do not disclose your personal information to third parties without your permission unless legally required. If a lawful request demands disclosure, we will inform you in advance unless the law prohibits it.

Helping Merchants Meet Privacy Obligations

Our goal is to make our platform privacy-friendly, with built-in controls and resources. We offer documentation, FAQs, and guidance to help merchants address privacy concerns and comply with relevant regulations.

Who This Policy Covers

We handle personal information in different ways depending on who you are:

  • Merchants: Individuals or businesses who use Rolly's platform to create or manage an online store.
  • Customers: People who visit or purchase from merchants' Rolly-powered stores.
  • Partners and Developers: Third parties who develop or integrate apps and services for Rolly merchants.
  • Website Visitors and Support Contacts: Anyone who visits our own websites, interacts with our content, or contacts us for help.

Compliance with Australian Privacy Law

Rolly follows the Australian Privacy Principles set out in the Privacy Act 1988 (Cth). If you have concerns about how we handle your personal information under Australian law, please see the How to Make a Complaint section below.

What Personal Information We Collect

The categories of information we collect may include (depending on your interaction with Rolly):

  • Identifiers: Name, email address, telephone number, shipping/billing address.
  • Account Information: Login details and payment data (e.g., credit card or bank account info) if you're a merchant.
  • Transaction Details: Records of your orders, cart contents, returns, and refunds.
  • Device & Usage Info: IP address, browser details, device type, operating system, and how you browse our platform.
  • Geolocation Data: Location information for shipping calculations or fraud prevention (when enabled by you).
  • Communication Info: Correspondence with our support team or publicly posted reviews/questions on Rolly services.
  • App Integrations: When you connect third-party apps or services to your store or account, we may receive relevant data from those integrations.
  • Sensitive Information: We generally do not collect sensitive information (such as health data or biometric identifiers) unless it is necessary for a specific service and you have provided explicit consent or it is otherwise permitted by law.

Children's Data

Rolly's services are intended for users aged 18 and above. We do not knowingly collect personal information from individuals under 18 years of age without verifiable parental consent. If we discover that a minor has provided us with personal information without appropriate consent, we will promptly delete it. If you believe a minor has provided us with personal data, please contact us at [email protected].

Why We Process Your Information

We rely on several lawful bases (which may vary based on jurisdiction) for collecting and processing personal data:

Contractual Obligations

We need certain personal information to create your account, process payments, or provide our services.

Legitimate Interests

This includes preventing fraud, assisting with customer service, improving our products, analyzing usage trends, and facilitating app integrations.

Consent

In some cases, we will request your consent (e.g., for certain marketing communications or optional cookies). You can withdraw your consent at any time by updating your settings or contacting us.

How We Use Your Information

  • To Provide and Improve Our Services: Creating and managing accounts, facilitating transactions, offering analytics, and providing technical support.
  • To Personalize Your Experience: Tailoring content, recommendations, and features based on your preferences.
  • To Communicate With You: Sending administrative and marketing messages, responding to inquiries, and troubleshooting issues.
  • For Security and Fraud Prevention: Monitoring account activity, detecting suspicious behavior, and taking appropriate measures to protect users.

Sharing Your Information

We share personal data under these circumstances:

  • Service Provider (Processors): Companies that help us with payment processing, cloud hosting, shipping logistics, email services, analytics, or other support services. These entities process personal data on our behalf and must comply with the Privacy Act 1988 (Cth) and relevant privacy laws.
  • Business Partners and App Developers: If you choose to install or connect a third-party app or integration, we may share relevant data to enable their functionality. These third parties have their own privacy practices, and we encourage you to review their policies.
  • Merchants: If you visit or purchase from a Rolly-powered store, that merchant has access to your purchase-related details (e.g., name, email, shipping address). Merchants are responsible for their own handling of your data.
  • Legal Compliance: We may disclose information when required by law, subpoena, or if necessary to protect our rights and the security of our users. Where permitted, we will notify you in advance unless legally prohibited.

International Transfers

Rolly is headquartered in Australia, but we work with service providers and partners around the world. When transferring personal information overseas, we take reasonable steps to ensure the recipient complies with the Australian Privacy Principles or other relevant data protection laws. Such steps may include contractual agreements and ensuring the recipient country has adequate data protection standards.

Your Rights and Choices

If you are a customer of a Rolly-powered store and want to exercise these rights regarding a specific transaction, please contact the merchant directly. We operate as the processor on behalf of merchants and help them handle these requests. If you have a direct account with Rolly (e.g., you are a merchant or partner), please reach out to us (see How to Contact Us below). Depending on your location, you may have the right to:

  • Access or Port your personal information.
  • Correct or Update inaccuracies.
  • Request Deletion of certain data.
  • Object or Restrict specific data processing.

Data Retention

We only keep your information for as long as necessary to fulfill the purposes outlined in this policy or as required by law, including record-keeping obligations. For example:

  • Merchant Accounts: Data is retained while your account is active and for a period after closing, generally up to 2 years (or as legally required), after which it is securely deleted or anonymized.
  • Customer Transactions: Records of purchases may be kept for periods required by tax or other regulatory obligations (e.g., up to 5 or 7 years).
  • After these periods, we will securely destroy or de-identify your data.

Cookies and Tracking

Where required, we'll request consent before placing certain cookies on your device. You can adjust your browser settings to block or remove cookies, but this may affect some site functionalities. If we use third-party tracking or advertising services, they may also set cookies in line with their privacy policies. We encourage you to review those policies for details on how they handle your information. We use cookies and similar technologies to:

  • Essential site features.
  • Performance analytics (e.g., Google Analytics).
  • Traffic analysis for user behavior insights.

Security

We take data security seriously. Our team uses industry-standard practices—including encryption in transit and at rest, secure servers, and strict access controls—to protect your information from unauthorized access, alteration, or destruction. However, no online platform can guarantee complete security. We encourage you to keep your login credentials confidential and promptly notify us of any suspected unauthorized activity.

Machine Learning and Automated Decision-Making

Rolly may use machine learning or automated processes (e.g., for fraud detection, personalized recommendations). Where these processes could significantly affect you, we involve a human reviewer or provide a way to request a review of the decision.

How to Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our data practices, please contact:

Rolly Ecommerce

Email: [email protected]

Table of Contents

IntroductionCore PrinciplesWho This Policy CoversCompliance with Australian Privacy LawWhat Personal Information We CollectChildren's DataWhy We Process Your InformationHow We Use Your InformationSharing Your InformationInternational TransfersYour Rights and ChoicesData RetentionCookies and TrackingSecurityMachine Learning and Automated Decision-MakingHow to Contact Us
Thank you for trusting Rolly Ecommerce.

We are committed to safeguarding your personal information and continuously improving our platform to meet your privacy needs.