Read our commitment to accessibility
Order by 16 December for delivery by Christmas.   Learn more.
Get $10 off when you give $10 to a friend → Give $10, get $10 off →

Privacy Policy

Last Updated November 2022


Here at Who Gives A Crap Limited (Company Number 10334484) (although you may know us as Who Gives A Crap or Good Time) (also referred to as “we”, “our”, “us”, “Good Goods”), we know how much you value your privacy while using our products on the loo, the W.C., the crapper, the lavatory, the restroom, the potty, the throne room, the toilet (whatever you call it, you get the idea!). We want you to know that we give the same level of importance to protecting the personal information that you provide to us when purchasing our products and using our website or mobile site (https://eu.whogivesacrap.org/).


Let’s be real here - we know that reading a privacy policy is not going to keep you on the edge of your (toilet) seat, but it is a very important document, and we have tried our best to keep you entertained. So, bear with us while we let you know how we collect, use, share and manage your personal information.

 

CONSENT, THE REALLY IMPORTANT LEGAL STUFF

Consent 

By providing personal information directly to us and by using our website or our mobile site, you consent to the collection of your personal information by Good Goods and its use and disclosure in accordance with this Privacy Policy.

You warrant that the personal information you provide to us is your own or if you provide us with the personal information of another individual, for example where you advise us to deliver to an address that is not your own or where you refer a friend, you must ensure you obtain the individual’s consent to provide their personal information to us. You agree to take reasonable steps to ensure, where you share the personal information of another individual to us, that they are made aware of the matters set out in this Privacy Policy.

You have rights in relation to how we use your personal information, which you can read more about below.

Age

By using our website or mobile site, you represent that you are at least 18 years of age. We do not knowingly advertise to, or collect personal information from, any individual under the age of 18. If we become aware that we have collected personal information from you and you are under the age of 18, we will suspend any services we are providing to you and delete your personal information immediately.

 

THE PERSONAL INFORMATION WE COLLECT, HOW AND WHY

Data Controller and Data Processor

For the purposes of General Data Protection Regulations (“GDPR”), Good Goods is a “Data Controller”. The third parties whom we share your personal information with are “Data Processors” and in some cases joint “Data Controllers”. We rely on the following legal bases to process your personal information:

  • where you have given your consent; 
  • where the processing is necessary to perform a contract that we have with you, for example when you purchase our products; and
  • our legitimate business interests, such as improving and developing our products and services and marketing new features or products. 

 

Personal Information We Collect

The following are the kinds of personal information we may collect from you:

  • Account login and contact details such as your name, company name, email address, telephone number, shipping address, billing address.
  • Payment or credit card information.
  • Personal details such as age, date of birth, gender identity, marital status, sexual orientation, ethnicity, lifestyle information, household size.
  • Gift card recipient and friend referral details such as name, email address, personal information you may include in any personalised message you provide.
  • Purchase history, purchase motivations, personal preferences such as cart contents.
  • Social media details such as Instagram handles, profile name.
  • Images, photos, user generated content.
  • Device information such as IP address, device ID and type, device location, website activity logs, network access, device storage information, referrer, domain, browser type, language, previously visited pages on our website or mobile site, interaction with our website through click behaviour, country, time zone.

 How We Do It

We collect this personal information from you when you:

  • Access and use our website and mobile site via the use of Cookies (unfortunately, not the yummy edible kind - Rather the data files placed on your device or computer to track information, see our Cookie Policy for further information), Log Files (which track actions occurring on our website or mobile site), Web Beacons, Tags and Pixels (electronic files used to record information about how you browse our website or mobile site).
  • Create an account, place an order with us via your account or as a guest, click the ‘remember me’ option and/or request a refund.
  • Participate in our promotions.
  • Refer a friend. 
  • Rate and/or review our products.
  • Join our mailing list. 
  • Contact us with an enquiry or complaint.
  • Engage with us on social media.
  • Apply for a job with us.
  • Respond to a survey conducted by us or a third party on our behalf. 

Why We Do It

We collect this personal information from you in order to provide you with our products (which are good for the world, good for people and good for your bum!) and also to:

  • Process your order for our products including verifying your credit card. 
  • Provide you with our products including arranging delivery or a return. 
  • Notify you regarding the status of your order, including abandoned cart notifications.
  • Respond to your enquiry or complaint.
  • Use your image, photo, user generated content to promote our products and services, when you provide your express consent for us to do so via direct message on social media.
  • Verify ratings and/or reviews when you rate or review our products.
  • Update you with news about our store, website and products, special events, promotions and offers when you opt-in to marketing, for example, you may opt-in when making a purchase by selecting the check box to receive news and offers from us or by signing up to our mailing list.
  • Personalise our communications to you based on your past purchase history and other information to make your experience more relevant.
  • Engage with you on social media.
  • Screen orders for potential risk or fraud.
  • Review job applications and for recruitment purposes. 
  • Improve and optimise our website and mobile site.
  • Market research and analytics to enhance our product offering, to assess the success of our marketing and advertising campaigns, better understand our customers to guide our strategy and decision making and market our products to you.
  • Accounting, audit, legal and internal business purposes.

MARKETING

Sell 

We do not sell your personal information to third parties.

Direct Marketing 

Where we collect your personal information for marketing purposes, we will always give you the opportunity to opt-in or opt-out to receiving such communications via email or SMS. 

At Good Goods we want to communicate with you only if you want to hear from us (we don’t want to be annoying!) so if you change your mind and no longer wish to receive communications from us, you can: 

  • Follow the opt-out (sometimes also known as “manage subscription” or “unsubscribe”) instruction in the emails we send you.
  • If you have opted into receiving text messages from us and wish to opt out, you can follow the opt-out instruction in that specific text message if you wish to opt-out. 
  • Contact us at privacy@whogivesacrap.org.

If you opt out of receiving marketing communications from us, your personal information will not be used for marketing, but may still be used for the other purposes described in this Privacy Policy (such as fulfillment of orders).


Now you have made it this far, we think you deserve a joke. Why did the toilet paper roll down the hill? …

To get to the bottom!


Targeted Marketing


We also conduct targeted advertising or marketing communications which we believe may be of interest to you through Facebook, Instagram, Google, Bing and/or YouTube. This allows us to tailor our marketing to better suit your needs and to only display advertisements that are relevant to you.


You can opt out of targeted advertising by visiting the following websites:


Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at:  http://optout.aboutads.info/.


DISCLOSURE TO THIRD PARTIES & CROSS-BORDERS


We share your personal information with our offices around the globe and to third parties, where required, to ensure we are providing the best products and services to you. We consider that the collection and such processing of this information is necessary to pursue our legitimate interests in a way that might reasonably be expected (eg, to analyse our customers’ buying habits, develop our products and grow our business) and which does not materially impact your rights, freedom or interests.

These third parties include:

  • Service providers or persons who perform functions on our behalf, for example: 
    • Payment gateways, credit card transaction processors.
    • Cloud or other storage providers.
    • Analytics, product tracking and marketing platforms, communications platforms and contractors to process data.
    • Logistics and operations technology platforms and systems to transmit order and other information within our supply chain.
    • Warehouse, distribution and freight companies to fulfil and deliver orders to you.
  • Government regulatory bodies and law enforcement agencies as required, authorised or permitted by law.
  • Our professional advisers.
  • A third party that acquires or intends to acquire Good Goods or its assets.
  • Anyone else to whom you authorise us to disclose it.

We may also share your information with our related companies overseas, including our US company, Who Gives A Crap Inc, State File Number 4904789, and our AU company, Goods Goods Pty Ltd, ABN 67 154 870 452.

We may also share or publish aggregate information that does not specifically identify you, such as statistical information about how our customers use our products or their demographic characteristics.

We reserve the right to transfer your personal information to and from any country, including Australia, Europe, United Kingdom, United States and the Philippines (where some of our Customer Happiness Team are located). We do this in order to provide our products and services to you, and also to process data and prepare it for processing in accordance with this Privacy Policy. You agree to your personal information being transferred to other countries when you share your data with us. If you later wish to withdraw your consent to this transfer, you can delete your data by contacting us via the details below.

Where we transfer your personal information to a third party in another country not covered by GDPR protections, we only transfer or disclose your personal information where that country is considered to have an adequate level of protection, we have a European Commission-approved standard contractual clauses (we call this a Data Processing Agreement or “DPA” for short) in place with the third party, the third party has approved codes of conduct (or certification) or binding corporate rules. To date, the European Commission has not adopted an adequacy decision in respect of Australia or the United Arab Emirates. Instead, we rely on other legal grounds to lawfully transfer personal data around the world (including transfers to countries where an adequacy decision has not been adopted). These grounds include your consent and the DPA, which require certain privacy and security protections. You may obtain a copy of the European Commission approved standard contractual clauses included in our DPA by contacting us on the details below.

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. Where we make a disclosure to a third party, we require that the third party agree to comply with relevant privacy laws when processing your personal information. 

Third-party service providers have their own privacy policies, which will apply when they are processing your personal information. For ease, we have set out our main providers in the below table together with a link to their privacy policies (if you would like a full list of our third-party providers to whom your personal information is provided please contact us on the details below). 

For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled. In particular, certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

Third Party

Location

Access their Privacy Policy Here

Shopify – We use Shopify to power our online e-commerce store and provide our products and services to you. Your personal information is stored through Shopify’s data storage, databases and the general Shopify application housed on a secure server behind a firewall. If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). 

Canada

https://www.shopify.com/legal/privacy

Google Inc – We use Google to store and file our documents and we use analytics to understand how customers use our website and data analysis (information used in data analysis is anonymised). You can opt-out of Google analytics here: https://tools.google.com/dlpage/gaoptout

United States

https://www.google.com/intl/en/policies/privacy/

Klaviyo – We use Klaviyo as a segmentation and email marketing tool.

United States

https://www.klaviyo.com/privacy/policy

Stripe – We use Stripe for payment processing and secure storage of customer payment information (including encryption). 

United States

https://stripe.com/au/privacy

Dear Systems – We use Dear Systems as our order and Inventory Management / Fulfillment system.

United Arab Emirates

https://dearsystems.com/privacy-policy/

Zendesk – We use Zendesk as our customer service/ helpdesk platform where all customer queries are received and responded to.

United States

https://www.zendesk.com/company/customers-partners/privacy-policy/

Thankful.ai – We use Thankful.ai as an answer-bot service which responds to customer queries automatically.

United States

https://www.thankful.ai/docs/privacy-policy

Talkable – We use Talkable to power our friend referral program.

United States

https://www.talkable.com/privacy

Yotpo – We use Yotpo to enable to you to be able to review our products.

United Kingdom 

United States 

https://www.yotpo.com/privacy-policy/

Rise.ai – We use Rise.ai to provide you with our gift cards.

Israel

https://d1wr3t1or162si.cloudfront.net/website/Privacy%20Policy.pdf

ReCharge – We use the ReCharge App through Shopify when you purchase a subscription for our products to auto-bill the credit card you provide and process your order. 

United States

https://rechargepayments.com/privacy-policy/

Repeat - We use Repeat to help you reorder your favourite products

United States

https://www.getrepeat.io/legal/privacy-policy

Loqate – We use Loqate to assist you to enter your location and validate your address.

United Kingdom

https://www.loqate.com/en-us/privacy/

Justuno – We use Justuno for website popups and to personalise your experience when using our website or mobile site. 

United States

https://www.justuno.com/legal/privacy-policy/

Mention.me - We use Mention.me to power our friend referral program. United Kingdom https://mention-me.com/help/privacy_policy_s#cookies

 

Once you leave our website or mobile site or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our Terms of Service.

That was tough going there but we appreciate your persistence (kudos to you!) and know that you can make it to the very end of this Privacy Policy.  


YOUR RIGHTS AND IMPORTANT THINGS YOU MIGHT NEED TO KNOW

While we have set out your rights throughout this Privacy Policy, we understand that sometimes you just need quick and easy access to the relevant info (similar to when you are reaching frantically for that last emergency loo roll - don’t worry, we have all been there!) 


To ensure you are fully informed and prepared for anything, here are your rights: 


Disclosure of Your Personal Information

You may request that we disclose to you the personal information that we hold about you, 

including receiving a copy and also details of our processing activities such as what we collect, how we use it and any third parties with whom we share it. 

You may request your personal information in a portable format (structured, commonly used and machine-readable format) so that you can transmit your personal information to another entity, or you may request that we transmit it to another data controller. 


 We may limit or reject your request in certain cases, including without limitation where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, where the rights of other persons would be violated or as required by law. 

To make a request contact us via the contact details below.


Huh? That is Not Correct 

While we take reasonable measures to ensure that your personal information is complete and up to date, please notify us if your personal information held by us is inaccurate or incomplete. 

You may update or correct your personal information by logging into your account or contacting us with your request via the contact details below.

 

Objection & Restriction 

You may object to all or part of your personal information being processed by us in certain circumstances, including processing for the purposes of direct marketing or market research, or where we do not have a lawful or contractual basis to process your personal information.  

You may restrict the way we process your personal information in certain circumstances, including where you are contesting the accuracy of the personal information we hold, where we do not have a lawful or contractual basis for processing, to oppose erasure where we no longer need your personal information but you may have a claim or legal proceedings on foot, or if you are exploring your right to object. 


Please Forget Me

You may request that we delete your personal information that we hold, that is, you can request that we forget you (but we will miss you “insert sad face emoji”!). If you make a request, we will delete your personal information that we hold except for information we are allowed or required to retain by law. Click here to manage your privacy.


Withdrawing Consent & Opting-Out

You may withdraw your consent or opt-out of receiving communications from us at any time. If you withdraw your consent or opt-out, we will no longer send you marketing communications however, we will still communicate with you where it is necessary to complete our contract with you, for example, to fulfil your order for our products. 

 

What Happens When You Exercise Your Rights

When you exercise any of your rights in relation to your personal information, we will continue to provide you with, insofar as is possible, the same high standard of service as all our customers experience. 

However, you acknowledge that where you do not supply certain information requested by us or request its deletion, we may be delayed or prevented from finalising your order or satisfying your request or enquiry. For example, if you do not provide us with a delivery address, we cannot deliver our product to you until we have an address to deliver to. 


Complaints

If you have a complaint about the way in which we handle your personal information, please contact us via the contact details below.


Verifying it is You

We take privacy seriously here, so when you contact us to make an enquiry or to exercise your rights, we just want to make sure that we're talking to the right person and this means that we may ask you some additional questions. We are sorry if this causes any inconvenience, but it's an important step in making sure your account and personal information remains secure. Thanks in advance for your patience.


SECURITY

We take all reasonable security and organisational measures to make sure your personal information held by us is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.  

We use Secure Sockets Layer (SSL) technology (our online ordering system is the industry standard for encryption technology) to protect your online order information (well that’s fancy!). SSL encrypts all information including your credit card and all personal information passed from you to our checkout and we follow all PCI-DSS requirements.  Encryption provides you with security and peace of mind when your browser and local network supports the use of encrypted data transmissions. While we will do our bit, we suggest that you also take appropriate security precautions, in particular when you access the internet via public WI-FI networks or shared computers. 

We must emphasise that no method of transmission over the internet using industry standard technology is 100% secure. Therefore, we cannot guarantee the absolute security of your personal information.

If we ever experience unauthorised access, disclosure or use of your personal information, rest assured that we have processes in place and will notify you and the relevant government body in accordance with relevant laws. 



RETENTION

Where you provide us with your personal information, we will retain it for our records in order to provide you with our products and services and otherwise for the purposes set out under the section titled “Why We Do It” above. Generally, we will retain your personal information until you ask us to delete it, with the exception of any information that we no longer require will be destroyed securely at the time we no longer require it. 

 We will only keep your data for as long as is necessary for the purpose for which it was collected, subject to satisfying any legal, accounting or reporting requirements.  At the end of any retention period, your data will either be deleted completely or anonymised (for example, by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning).  In some circumstances, you can ask us to delete your data.


DISCLAIMER, LINKS TO OTHER WEBSITES

We may make available on our website or mobile site certain opportunities for you and other users to share information online such as on message boards, social media, blogs. Please be aware that whenever you voluntarily disclose personal information online, that information becomes public and can be collected and used by others. We have no control over, and take no responsibility for, the use, storage or dissemination of such publicly disclosed personal information. By posting personal information online in public forums, you may receive unsolicited messages from third parties.

Sometimes our website or mobile site may contain a link to third party websites. We are not responsible for the content or material contained in, or obtained through, any third-party website or for the privacy practices of the third-party website. We suggest that you review the privacy policy of each website or mobile site that you visit.

We welcome the General Data Protection Regulation (“GDPR”) of the European Union (“EU”) as an important step forward in streamlining data protection globally.  

GDPR rights

The requirements of the GDPR include the following rights:

  • you are entitled to request details of the information that we hold about you and how we process it.  For EU residents, we will provide this information for no fee;
  • you may also have a right to:
  • have that information rectified or deleted;
  • restrict our processing of that information;
  • stop unauthorised transfers of your personal information to a third party;
  • in some circumstances, have that information transferred to another organisation; and
  • lodge a complaint in relation to our processing of your personal information with a local supervisory authority; and
  • where we rely upon your consent as our legal basis for collecting and processing your data, you may withdraw that consent at any time.

If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.  However, please be aware that:

  • such objection or withdrawal of consent could mean that we are unable to provide our products to you;
  • even after you have chosen to withdraw your consent, we may be able to continue to keep and process your personal information to the extent required or otherwise permitted by law, in particular:
  • to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and which does not materially impact on your rights, freedoms or interests; and
  • in exercising and defending our legal rights and meeting our legal and regulatory obligations.

 

UPDATING OUR PRIVACY POLICY

Privacy laws and our practices change over time and may result in changes to our Privacy Policy. We reserve the right to modify or vary this Privacy Policy at any time. 

Any changes to this Privacy Policy will be effective upon our publication on our website and will replace any other privacy policy published by us to date. In all cases, your continued use of our services or our website or mobile site after the publication of any modified Privacy Policy indicates your acceptance of the updated Privacy Policy.

Any material changes to this Privacy Policy will be notified to you in a manner that we consider appropriate such as via email (if we have your contact information) or a pop-up when you access our website or mobile site. 

HOW TO SEND A LOVE LETTER (AKA CONTACT US WITH A QUERY OR COMPLAINT)

If you have any enquiries or complaints about your account (including updating your personal information), you can contact our customer service team at wedo@whogivesacrap.org.

If you have any questions or complaints about how we handle your personal information, you can contact our Privacy Officer via email at privacy@whogivesacrap.org.


Or alternatively write us a love letter and send it to Who Gives A Crap Limited c/o MHA MacIntyre Hudson, 6th Floor, 2 London Wall Place, London, EC2Y 5AU, UK.


We always endeavour to reply to emails as soon as we can and at a minimum, within 14 days. Replies to mail will be processed slower and subject to postal delivery times and delays. We will always endeavour to resolve any query or complaint to your satisfaction.

Our Privacy Policy is based on the requirements of the Regulation (EU) 2018/1725. If you are a European resident and would like further information regarding privacy laws relevant to you or are not satisfied with the way in which we handle your enquiry or complaint, you can locate further information via your local data protection authority’s website or can contact your local data protection authority. For general information and assistance to locate your relevant local data protection authority, visit the European Data Protection Board at https://edpb.europa.eu/edpb_en.


And that is a wrap on our Privacy Policy, thank you for reading and be sure to visit us again soon!

 

 

100% money-back guarantee
We know you'll love our products, but if for any reason you don't, send them back for a full refund.