Privacy Policy

The Privacy Act 1988 (Cth) requires entities like us to maintain a privacy policy, such as this one. This privacy policy describes how waterdrop (“waterdrop”, “us”, “our”, “we”) collects and uses the personal information you provide on our Website:

It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.

We will update this policy from time to time as our practices change regarding how we handle information. We will publish these updates on our website and using our email subscription lists.

Overview of this Policy

This policy sets out:

  1. How we collect your information;
  2. How we use your information;
  3. How we share your information;
  4. How we secure your information; and
  5. Your rights to access and correct your information.

1. How We Collect Your Information

In order to provide our services, we collect personal information from you. We do so in two main ways:

  1. information you provide to us directly; and
  2. information we collect from you automatically.

Direct Collection

We collect the following personal information from you directly:

  • Contact Information such as name, email address, mailing address, phone number
  • Billing Information such as credit card number, and billing address
  • Unique Identifiers such as user name, account number, password
  • Preferences Information such as product wish lists, order history, marketing preferences
  • Information about your business, such as its name, size, type and operations

Some of the information we collect from you may be in the nature of sensitive personal information. This may include details about you, such as your age, gender, personal interests, associations, memberships and opinions.

Automatic Collection

We also automatically gather information about you from your computer, such as your IP address, browser type, referring/exit pages, and operating system.

Cookies and Tracking Technology

We may use cookies, for example, to keep track of your preferences and profile information. Cookies are also used to collect general usage and volume statistical information that does not include personal information.

We use another company to place cookies on your computer to collect non-personally identifiable information to compile aggregated statistics for us about visitors to our site.

Web Beacons

Our Web pages contain electronic images known as Web beacons (sometimes called single-pixel gifs) and are used along with cookies to compile aggregated statistics to analyze how our site is used and may be used in some of our emails to let us know which emails and links have been opened by recipients. This allows us to gauge the effectiveness of our customer communications and marketing campaigns.

Our Web pages may also contain electronic images known as Web beacons (sometimes called single-pixel gifs) that are set by our third party partners. Web beacons are used along with cookies enabling our partners to compile aggregated statistics to analyze how our site is used.

We use a third party to gather information about how you and others use our website. For example, we will know how many users access a specific page and which links they clicked on. We use this aggregated information to understand and optimize how our site is used.

Local Shared Objects (Flash Cookies)

Third Parties, with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity, use Flash cookies to collect and store information. Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by your browser will not remove Flash cookies.

To learn how to manage privacy and storage settings for Flash cookies click here:

2. How We Use Your Information

We use the information we have collected in order to:

  • Fulfill your order
  • Send you an order confirmation
  • Assess the needs of your business to determine suitable products
  • Send you requested product or service information
  • Send product updates or warranty information
  • Respond to customer service requests
  • Administer your account
  • Send you a newsletter
  • Send you marketing communications
  • Respond to your questions and concerns
  • Improve our website and marketing efforts
  • Conduct research and analysis
  • Display content based upon your interests
  • Perform work incidental to any of these tasks, in order to provide our services

We do not sell your personal information to any other third party, or use it for extraneous commercial gain outside the services we provide.

We enable you to create a profile, and share information such as messages, photos, and videos with others. We cannot control the actions of others with whom you may choose to share your pages and information.


You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or you can contact us at or using the details at the end of this policy.

3. How We Share Your Information

In certain circumstances, we share your personal information with third parties as set out in this policy or as required by law. We do not sell your personal information to third parties.

Service Providers

We may provide your personal information to companies that provide services to help us with our business activities such as shipping your order or offering customer service. These companies are authorised to use your personal information only as necessary to provide these services to us.

Disclosure under the Mandatory Data Breach Notification Scheme

Under Part IIIC of the Privacy Act 1988 (Cth), we are required by law to notify you and the Office of the Australian Information Commissioner if:

  1. there is unauthorised access to, or unauthorised disclosure of, personal information we hold; and
  2. a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates;
  3. ORinformation is lost in circumstances where there is likely to be unauthorised access to, or unauthorised disclosure of, that information; and
  4. if that unauthorised access or disclosure were to occur, a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates.

Unless an exemption under the Privacy Act 1988 (Cth) applies, we will notify you of any breach of your privacy. We will also share the existence and nature of the breach with the Office of the Australian Information Commissioner.

That notification will take the form of a Breach Statement and may contain details of the information (including the information itself) which has been affected by the unauthorised disclosure, access or loss.

Compliance with Other Laws and Legal Processes

We may also disclose your personal information

  • as required by law such as to comply with a subpoena, or similar legal process
  • when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud;
  • if waterdrop is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information at that time.

Links to Other websites

Our Site includes links to other websites whose privacy practices may differ from those of waterdrop. If you submit personal information to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any website you visit.

4. How We Secure Your Information

Storage and Security of Personal Information

When we collect personal information directly from you, we take steps to keep that information secure and safe from the risk of external or internal unauthorised access or disclosure.

The measures we employ are divided into 3 classes:

  1. protection from internal risks;
  2. protection from external risks; and
  3. protection from cyber risks.

Internal Risk Management

To guard against the risk of unauthorised access, loss or disclosure of information from internal sources, we:

  1. permit access to information to only those staff who require such access in order to perform their duties;
  2. train staff in the use of information-technology, systems and software;
  3. keep records of the equipment and storage devices maintained by us to prevent unauthorised removal;
  4. implement policies and procedures with respect to the use of information, including procedures as to how work is performed to ensure consistency with privacy principles.

External Risks

To guard against the risk of unauthorised access, loss or disclosure of information from external sources, we:

  1. maintain security at our premises;
  2. ensure information-technology is password protected so that access to our premises does not permit access to your information;
  3. prohibit third-party personnel from accessing areas of our premises in which information is stored; and
  4. do not permit the reproduction of information for removal from our premises.

Cyber Risk

To guard against the risk of unauthorised access, loss or disclosure of information from cyber attack or intervention, we:

  1. maintain updated information-technology platforms;
  2. regularly change passwords;
  3. protect our systems, communications and servers using proprietary encryption software, which is updated (or replaced) regularly;
  4. maintain firewalls and scanning tools to detect attempts by outside sources to access our systems, network or information-technology;
  5. prohibit access using our information-technology to harmful websites; and
  6. do not permit the installation of third-party platform software capable of displacing control of our systems.

In addition, we destroy any information held which is no longer required by us.

No method of transmission over the Internet, or method of electronic storage, is 100% secure and we cannot guarantee absolute security. If you have any questions about security on our website, you can contact us at or using the details set out at the end of this policy.

Use of Shopping Cart Providers

In order to make a purchase from us, you must use our shopping cart provider to finalise and pay for your order. Its privacy statement and security practices will also apply to your information. We encourage you to read that privacy statement before providing your information.

We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services contact us at or using the details set out at the end of this policy.

Your Rights to Access, Correct and Contact

Correcting and Updating Your Personal Information

Under the Privacy Act 1988 (Cth), you have the right to ask us for access to the personal information we hold about you. You may also ask us to correct that information.

Where you request us to access your personal information or to correct it, we must respond to that request within 30 days. If you have requested a correction, we must take reasonable steps to do so if we agree that it requires correction, subject to any legal obligations preventing us from doing so.

To review and update your personal information to ensure it is accurate, contact us at or using the information contained at the end of this policy

Notification of Privacy Statement Changes

We may update this privacy statement to reflect changes to our information practices, the law or industry standards.

If we make any material change which may affect how we deal with your information, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

Making a Complaint

If you are concerned about our use of your information, or your privacy, you can contact us so that we can address those concerns. You may use the contact information contained at the end of this policy to contact us.

If you are no satisfied with the way in which we handle your complaint, you have the right to contact the Office of the Australian Information Commissioner using the following details:

Office of the Australian Information Commissioner GPO Box 5218 Sydney NSW 2000 Ph: 1300 363 992

Additional Policy Information

Our website includes Widgets, which are interactive mini-programs that run on our site to provide specific services from another company (e.g. displaying the news, opinions, music, etc). Personal information, such as your email address, may be collected through the Widget. Cookies may also be set by the Widget to enable it to function properly. Information collected by this Widget is governed by the privacy policy of the company that created it.

You can log in to our site using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign up form. Services like Facebook Connect give you the option to post information about your activities on this website to your profile page to share with others within your network.

Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them.

Our Contact Information

You can contact us about this privacy statement by writing to the email below: