PRIVACY POLICY

Mesaío
ABN: 22 105 685 872

Last updated: February 2026

1. Introduction

Mesaío (“we”, “us”, “our”) is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using our website and purchasing our products or services, you agree to the collection and use of your information as described in this policy.

2. What Personal Information We Collect

We collect personal information that is necessary to provide our products and services to you. This may include:

  • Identity and contact information: Your full name, email address, phone number, and delivery/billing address.

  • Payment and financial information: Payment card details, billing information, BSB numbers, and bank account numbers collected for the purpose of processing payments. BSB and account numbers are stored securely by Mesaío and used solely to facilitate payment transactions. Payment card details are processed directly by our payment processor(s) and are not stored by Mesaío.

We only collect personal information that is reasonably necessary for our business functions, in accordance with APP 3.

3. How We Collect Your Information

We collect personal information directly from you when you:

  • Place an order on our website

  • Contact us via email, phone, or our website contact form

  • Subscribe to our mailing list or promotional communications

  • Are onboarded by us as a consignment client — in this case, we collect your information directly and create an internal account in our system on your behalf to manage the consignment arrangement

We do not collect personal information from third parties or through indirect means.

4. Why We Collect and Use Your Information

We use your personal information to:

  • Process and fulfill your orders

  • Communicate with you about your orders, returns, or enquiries

  • Send you transactional emails (e.g. order confirmations and shipping updates)

  • Comply with our legal and regulatory obligations

  • Improve our products and services

We will not use your information for any purpose that is unrelated to our business functions without your consent.

5. Disclosure of Your Personal Information

We may share your personal information with trusted third parties only where necessary to operate our business. This includes:

  • Payment processors: We share your payment and billing information with our payment processor(s) (such as Stripe or PayPal) to securely process your transactions. These providers are bound by their own privacy policies and industry-standard security obligations.

We do not sell, trade, or rent your personal information to any other third parties. We will not disclose your information without your consent unless required or authorised by law.

6. Security of Your Personal Information

We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure, as required by APP 11. This includes:

  • Secure encrypted connections (SSL/HTTPS) on our website

  • Restricted access to personal information within our organisation

  • Partnering with payment processors who comply with the Payment Card Industry Data Security Standard (PCI-DSS)

  • Storing BSB numbers and bank account numbers using industry-standard encryption and access controls, with access strictly limited to authorised personnel involved in payment processing

In the event of a data breach that is likely to result in serious harm to you, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme.

7. Data Retention

We retain your personal information only for as long as is necessary to fulfil the purposes for which it was collected, or as required by law. When your personal information is no longer needed, we will take reasonable steps to destroy or de-identify it in accordance with APP 11.

8. Your Rights

Under the APPs, you have the right to:

  • Access upon request the personal information we hold about you (APP 12)

  • Correct any personal information that is inaccurate, out of date, or incomplete (APP 13)

9. Contact Us

For any questions, access requests, correction requests, or privacy complaints, please contact us at:

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The updated policy will be posted on our website with the revised date. We encourage you to review this policy periodically.

This Privacy Policy was prepared in compliance with the Privacy Act 1988 (Cth), the Australian Privacy Principles, and the Privacy and Other Legislation Amendment Act 2024 (Cth).