Privacy Policy

HappyHound Labs — Privacy Policy

Effective date: 29 November 2025
Company: HappyHound Labs Pty Ltd

This Privacy Policy explains how HappyHound Labs (we, us, our) collects, uses, discloses and stores personal information when you visit and use the KibbleFlux website and buy KibbleFlux products, and the rights you have under applicable Australian and Queensland privacy laws.

1. Scope and why this applies to you

This policy applies to personal information we collect about customers, prospective customers, visitors to our website, and other individuals who interact with KibbleFlux services in Australia and overseas. It is written with the Australian Privacy Act 1988 (including the Australian Privacy Principles — APPs) and related guidance in mind, and with reference to privacy laws relevant in Queensland. If you are in Queensland, some state rules (such as the Queensland Information Privacy Act 2009) govern public sector agencies — this policy focuses on our obligations as a private business under federal law while noting relevant Queensland guidance.

2. Personal information we collect

We collect only the personal information reasonably necessary to provide our products and services, including:

Identity & contact details: name, delivery/billing address, phone number, email address.
Account & transaction data: purchase history, order details, payment method (we do not store full card numbers; payment processed by third-party payment providers).
Technical & website data: IP address, device and browser information, cookies and similar technologies, pages viewed, referral source.
Marketing preferences: consents and opt-out preferences (for email/SMS marketing).
Customer service records: support requests, returns, warranty claims.
Sensitive data (limited): only where necessary and with explicit consent (for example, health-related details for a pet with special needs if voluntarily provided).

We do not collect more sensitive personal information than is reasonably required to deliver the product or comply with legal obligations.

3. How we collect information

We collect personal information:

When you place an order, create an account, sign up for newsletters, or contact us.
Automatically when you use our site (cookies, analytics).
From third parties where you have consented or where allowed by law (e.g., payment gateways, delivery partners, social login providers).
From publicly available sources as permitted by law.

If you provide us with someone else’s personal information (for example, a gift recipient), you confirm you have the right to do so.

4. Purposes for which we use personal information

We use personal information to:

Provide, process and deliver orders and related customer service.
Process payments and prevent fraud.
Communicate with you about your orders, account, updates, recalls and safety notices.
Send promotional material where you’ve consented (you can unsubscribe anytime).
Improve our products, website and marketing through analytics.
Comply with legal obligations, respond to lawful requests and for dispute resolution.

We will not use your information for unrelated purposes without further consent, unless permitted by law.

5. Legal basis and Australian rules

As an Australian business, we manage personal information in accordance with the Australian Privacy Principles (APPs) in the Privacy Act 1988. If we are an “APP entity” (for example, if we meet criteria in the Privacy Act), we are required to follow these principles on open handling, access/correction, data security and cross-border disclosures. Key obligations include providing transparency about our handling of personal information, taking reasonable steps to secure it, and enabling access and correction.

The Notifiable Data Breaches (NDB) scheme requires entities covered by the Privacy Act to notify individuals and the OAIC where a data breach is likely to result in serious harm. If we are covered and such a breach occurs, we will comply with the notification obligations. Our breach response plan is designed to detect, contain and assess incidents and notify affected persons and regulators when required.

Note: Queensland’s Information Privacy Act 2009 (and Queensland Privacy Principles) applies to Queensland Government agencies; private businesses in Queensland are primarily subject to the federal Privacy Act — but we take account of Queensland privacy guidance where relevant.

6. Cookies, tracking and analytics

We use cookies and similar technologies to operate the website, remember preferences and analyse site usage to improve the user experience. You can manage cookie preferences through your browser or via our cookie banner. Third-party analytics providers may place cookies (e.g., Google Analytics). We do not use tracking for purposes beyond those disclosed without consent.

7. Marketing, direct contact and the Spam Act

We will only send marketing communications where you have consented or where another lawful basis exists (for example, direct marketing reasonably expected from a transactional relationship). All marketing communications include a clear opt-out/unsubscribe mechanism and are sent in compliance with the Spam Act 2003 and ACMA guidance — we will honour opt-out requests promptly.

8. Disclosure to third parties

We may disclose personal information to:

Service providers who help operate our business (payment processors, fulfilment/shipping partners, IT/hosting providers, analytics and marketing services).
Professional advisers (lawyers, accountants) where needed.
Courts or regulators where required by law or to enforce our rights.
Overseas recipients where necessary (see Section 9).

We require third-party service providers to handle personal information in a manner consistent with this policy and applicable laws.

9. Cross-border disclosures and overseas storage

Some service providers (hosting, analytics, payment processors) may store or process information outside Australia. If we disclose personal information overseas, we will take reasonable steps to ensure the overseas recipient handles it consistently with the APPs (or otherwise has adequate safeguards), or we will obtain your consent where required.

Examples: payment gateways (may process data in data centres overseas), cloud hosting providers, email marketing platforms.

10. Data security and retention

We take reasonable administrative, technical and physical measures to protect personal information from misuse, interference and loss and from unauthorised access, modification or disclosure. Measures include secure servers, encryption for data in transit, access controls and staff training.

We retain personal information only as long as necessary for the purposes it was collected, any legal obligations (e.g., tax and warranty records), or legitimate business purposes. Retention periods vary by data type (for example, transactional records are typically retained for at least 7 years for tax purposes; marketing lists are retained until you unsubscribe).

No security measure is perfect. In the event of a suspected data breach, we will act in accordance with our incident response plan and legal obligations under the NDB scheme (if applicable).

11. Your rights (access, correction, complaint)

Subject to legal exceptions, you can:

Access personal information we hold about you.
Request correction if the information is inaccurate, out of date or incomplete.
Withdraw consent to certain uses (for example, direct marketing).
Complain if you believe we have breached privacy obligations.

To exercise these rights, contact privacy@happyhoundlabs.com.au. We will respond within a reasonable period and advise if we need more information. If you remain dissatisfied, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC). The OAIC oversees compliance with the Privacy Act and can accept complaints from individuals.

12. Children and minors

Our products are intended for pet owners. We do not intentionally collect personal information from children (persons under 16) without parental consent. If a parent or guardian becomes aware their child has provided us with personal information without consent, please contact us and we will delete that information where appropriate.

13. Changes to this policy

We may update this policy from time to time. When we make significant changes, we will publish the updated policy on our website with an updated “Effective date” and, where appropriate, notify registered users.

14. Third-party sites and links

Our site may contain links to third-party websites. This policy does not apply to those sites — check their privacy policies before providing personal information.

15. Practical information for customers in Queensland

If you are in Queensland and want more information about privacy rights in the state context, the Queensland Office of the Information Commissioner provides guidance about the Queensland Privacy Principles (QPPs) that apply to state agencies. While those laws are primarily directed at public sector bodies, the guidance is useful in understanding privacy expectations in Queensland.

16. How to contact us

If you have questions, requests or complaints about this policy or how we handle your personal information, please contact:

Privacy Officer
HappyHound Labs Pty Ltd
happyhoundlabs@gmail.com

If you remain unsatisfied after contacting us, you may make a complaint to the Office of the Australian Information Commissioner (OAIC): https://www.oaic.gov.au/.

Important legal notes (summary of authorities referred to in this policy)

The Australian Privacy Principles (APPs) in the Privacy Act 1988 set the primary obligations for entities covered by the Act.
The Notifiable Data Breaches (NDB) scheme requires notification to affected individuals and the OAIC when an eligible data breach causes serious harm.
The Spam Act 2003 and ACMA guidance govern consent, identification and unsubscribe requirements for commercial electronic messages.
The Information Privacy Act 2009 (Qld) and Queensland Privacy Principles primarily apply to Queensland Government agencies; we reference related guidance to ensure strong privacy practice in Queensland.