Privacy Policy

1. Introduction

Little Layer Lab ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

We comply with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) and other applicable privacy laws.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us when you:

• Place an order
• Create an account
• Contact us via email or contact form
• Subscribe to our newsletter (if applicable)

This information may include:

• Name
• Email address
• Shipping address
• Phone number
• Payment information (processed securely by Square)

2.2 Automatically Collected Information

When you visit our website, we automatically collect certain information about your device, including:

• Browser type and version
• Operating system
• IP address
• Pages visited and time spent on pages
• Referring website addresses

3. How We Use Your Information

We use the information we collect to:

• Process and fulfill your orders
• Send order confirmations and shipping notifications
• Respond to your inquiries and provide customer support
• Improve our website and services
• Detect and prevent fraud
• Comply with legal obligations
• Send marketing communications (only with your consent)

4. Third-Party Services

We use trusted third-party services to operate our business. These services may have access to your personal information only to perform specific tasks on our behalf:

4.1 Payment Processing

We use Square to process payments. Square collects and processes your payment information according to their own privacy policy. We do not store your complete credit card information on our servers.

4.2 Database and Hosting

We use Firebase (Google) to store order information and Vercel for website hosting. These services are compliant with industry-standard security practices.

4.3 Image Hosting

Product images are hosted on Cloudinary, which provides secure and optimized image delivery.

4.4 Email Services

We use email services to send order confirmations and customer communications. Your email address is used solely for these purposes.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience. Cookies are small data files stored on your device that help us:

• Remember your shopping cart items
• Understand how you use our website
• Improve website performance

You can control cookies through your browser settings. However, disabling cookies may affect your ability to use certain features of our website.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Secure SSL/TLS encryption for data transmission
• Secure cloud storage with access controls
• Regular security assessments
• Limited access to personal information by authorized personnel only

However, no method of transmission over the internet is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Order information is typically retained for:

• Tax and accounting purposes (minimum 7 years as required by Australian law)
• Warranty and customer service purposes
• Legal compliance and dispute resolution

8. Your Privacy Rights

Under Australian privacy law, you have the right to:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal obligations)
• Opt-out: Unsubscribe from marketing communications at any time
• Complaint: Lodge a complaint about our handling of your personal information

To exercise any of these rights, please contact us using the details provided below.

9. Children's Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can delete it.

10. International Data Transfers

Some of our third-party service providers (such as Google Firebase, Vercel, and Cloudinary) may store or process data outside of Australia. When we transfer your data internationally, we ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable laws.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

If you are not satisfied with our response to your privacy complaint, you have the right to contact the Office of the Australian Information Commissioner (OAIC):