Privacy & Security Policy

Tony Bianco takes your privacy and the security of your financial information seriously. Please read the following information to learn more about how we protect your information.

1. Introduction

Tony Bianco recognises the trust you are placing in us when you become our customer. Under law, your rights to privacy are also protected. Privacy laws place strict requirements on us to treat certain information collected as confidential, to store your information securely and to allow you easy access to check and correct your inforWmation.

This Privacy Policy explains how we gather information about you and how we may store, maintain and use that information. Our Privacy Policy applies to this website and to any other website created or hosted by us from time to time on which this Privacy Policy appears.

This Privacy Policy is incorporated by reference into our Terms. Any capitalised terms not defined in this Policy are defined in the Terms. You agree to comply with all Terms when accessing or using our Services, including this Privacy Policy.

By accessing and using our website and Services, you warrant and represent to us that you are 16 years of age or older or you have the consent of your parent or guardian and you agree that you are consenting to the collection of information by us in accordance with this Privacy Policy.

2. What information do we collect and how is it collected?

At times, we are required to collect Personal Information as defined in the Privacy Act (including Sensitive Information as defined in the Privacy Act) for the purposes set out in this Policy.

Some of the information we may collect from you includes:

  • your name and contact details, such as your physical address, email address and phone number;
  • your gender, shoe size and date of birth;
  • your purchase history;
  • the name of the domain from which you access the internet;
  • the date and time you access our sites; and
  • the internet address of the website from which you linked directly to our sites.
2.1. Personal Information provided by you

We collect information that you knowingly and voluntarily provide to us via use of our Services as well as through any other means used to contact us (such as email, phone, live chat, contact forms or social media).

The kinds of Personal Information we collect include your contact and payment information such as your name, email address, organisation, address, phone number, mobile number, password, billing information.

For example, we may need to collect such information to provide you with further services, register your membership to our Services or to answer or forward any requests or enquiries. We may also collect information about whether you opt-in or opt-out of our newsletters or promotional material.

2.2. Automatically collected Personal Information

We automatically record information from your device and its software when you access our Services, including your IP address, web browser and device type, internet service provider, mobile phone carrier, platform type, the website from which you came and the website to which you are going when you leave our Website, date and time stamp and cookies that may uniquely identify your web browser or account.

When accessing our Services using a mobile device, we may also receive and collect identification numbers associated with your device, mobile carrier, device type and manufacturer, and, if enabled, geographical location data (including GPS). Please note that some of the information we collect, for example an IP address, can sometimes be used to approximate a device's location.

2.3. Personal Information collected via cookies

We make use of “cookies” on our websites. A cookie is a small software message sent to your web browser by our web server. Your web browser stores the message in a file and the message is then sent back to our servers each time your web browser requests a page from our servers.

We use cookies to gain statistics on which areas of our sites attract traffic. We also use cookies to improve your experience of our websites. For example, cookies allow us to recognise whether or not you are returning to our websites. In addition, we make use of third parties who use cookies to serve ads based on past visits to our website. This may allow us to alert you to products or offers which we think you might be interested in viewing.

Most Internet browsers are set up to accept cookies. If you do not wish to receive cookies, you will need to adjust the settings of your web browser to refuse all cookies or to notify you each time a cookie is sent to your computer.

We also use Google Analytics, which allows us to anonymously track the use of our Website by recording the number of users who have visited, the number of pages viewed, navigation patterns, what systems users have and the date and time of visits through cookies. This information is collected for statistical purposes only and cannot be used to identify you.

3. For what purposes do we collect and use Personal Information?

We collect your Personal Information as outlined in this Privacy Policy for the purposes described below:

  • for provision of, and administration of, the Services, including:
    • creating a loyalty account;
    • accepting customer orders;
    • processing online purchases and payments;
    • dealing with customer service requests (including via social media);
    • processing credit card payments;
    • arranging product holds;
    • receiving prize application forms;
    • accepting gift voucher payments;
    • processing cash refunds; and
    • maintaining detailed information on our websites;
  • for communication with you and to provide messaging and/or communications to you in association with the functions and features of the Services;
  • for communicating to you any announcements and updates, updated terms, conditions and policies, security alerts, technical notices, purchase confirmation, invoices, support and administrative messages;
  • for analysis, monitoring, development and improvement of our Services, including in relation to other products or services;
  • for security purposes, including to protect the Services and our property from abuse, fraud, malicious, unauthorised access or potentially illegal activities, and to protect our rights, safety and property and that of our other users;
  • for sending marketing communications to you, including notifying you of promotional or special offers, contests and rewards, upcoming events and other news about products and services offered by us and use of our Services; and
  • for the performance of other functions described at the time of collection or as consented to in relation to our Services.
4. How do we store and protect your Personal Information?
4.1. Security and Storage of Personal Information

We understand the importance of your Personal Information and have appropriate procedures in place to safeguard and secure the information we collect to prevent unauthorised access or disclosure, maintain data accuracy and ensure the appropriate use of information.

We take website and credit card security extremely seriously and always endeavour to provide a secure and safe platform from which to conduct online transactions. We use the industry standard Secure Sockets Layer (SSL) protocol, which encrypts information as it is transmitted over the internet. This encryption scrambles details such as credit card numbers, billing details and delivery addresses so that other computers are unable to decipher the information, ensuring privacy and security.

Your Personal Information is stored in secured, encrypted servers located in the United States of America and Australia (e.g. in data storage and cloud computing facilities operated by us or by third parties on our behalf).

It is important for you to protect your account against unauthorised access. Ensure you sign out when you have finished visiting our websites especially if you have accessed the websites from a shared computer.

4.2. Storage of Personal Information on third party platforms

Sometimes we use third-party platforms and services to process sales, store and analyse data and information, provide web support, send marketing messages, deliver products or otherwise deliver information (Third-Party Platform). These Third-Party Platforms are hosted and managed by organisations other than ourselves, and some of these services are hosted overseas, including in the United States of America and Australia. These Third-Party Platforms may include Shopify, PayPal, and Afterpay.

The privacy policies and terms and conditions of relevant Third-Party Platforms will apply. It is your responsibility to read, agree to and comply with such privacy policies and terms and conditions. The Third-Party Platform may collect, transmit or store data such as your full name, address and billing address, billing and payment information, phone number and email.

You acknowledge and agree that Tony Bianco has no control over the security or privacy of Personal Information collected by Third-Party Platforms and that Tony Bianco is not liable for any loss or damage to you in connection with any breach of this Privacy Policy or any data breach by any Third-Party Platform. To the maximum extent permitted by law, Tony Bianco shall not be liable for the act, omission, negligence or the conduct of any such Third-Party Platform.

4.3. Destroying and de-identifying Personal Information

We reserve the right to maintain and store any information or data where we reasonably believe, in our sole discretion, that such action is required to comply with any legal or regulatory obligations, to prevent criminal or other unlawful activity whether immediate or in the future, or where we have a legitimate business reason to do so, including collection of amounts owed, resolving disputes, enforcing our Terms or for record keeping integrity.

We destroy or de-identify your Personal Information where it is no longer needed for the purposes outlined in this Privacy Policy. If the GDPR applies to you and you have not contacted us or placed an order in the past two years, we will delete your Personal Information.

You may contact us at any time to request permanent deletion of your Personal Information from our system, however such requests may limit or prevent us from providing the Services to you.

5. Who can access your Personal Information and to whom is it disclosed?

Disclosure of your Personal Information will occur in accordance with the purpose for which it was collected or as outlined in this Privacy Policy. Accordingly, your Personal Information may be disclosed to other individuals and companies as outlined below:

5.1. Tony Bianco, Related Bodies Corporate

Your Personal Information may be accessed by us, including our directors, officers, employees and contractors. You consent to us providing your Personal Information, including Sensitive Information to our Related Bodies Corporate (as defined in the Corporations Act 2001 (Cth)).

5.2. Service providers

Your Personal Information may also be accessible to our third-party service providers, such as our website host and technical support providers. We may procure such third party service providers for the purposes of enforcement of our terms and conditions, providing fraud detection and prevention services, processing payments, delivering goods or providing analytics services. We may also share your Personal Information with our business partners who offer goods or services to you jointly with us (for example, contests or promotions).

The countries this information may be disclosed to will vary from time to time, but may include Australia, New Zealand, and the United States of America. We use reasonable steps to ensure that these parties are either governed by substantially similar, accessible and enforceable laws to the Australian Privacy Principles or adhere to the Australian Privacy Principles, however to the maximum extent permitted by law, we are not liable for the privacy practices of such parties. By accessing, registering, using or subscribing to our Services, you acknowledge and consent to disclosure of Personal Information to such overseas recipients.

If the GDPR applies (as defined in clause 11), transfers of your Personal Information to another country or international organisation will only take place in accordance with the GDPR, where that country or organisation has provided appropriate safeguards and on the condition that you have enforceable data rights and effective legal remedies.

Where Personal Information is shared with these third parties, they are obliged to observe the confidential nature of such information and are prohibited from using any or all of this information other than for the purpose for which it was provided.

5.3. Parties required by law

Your Personal Information may be disclosed by us to any party to whom we are required by law to provide your Personal Information and to any party to whom disclosure is permitted under the Australian Privacy Principles.

5.4. Other third parties

We may share your Personal Information where we have reason to believe that doing so is necessary to identify, contact or bring legal action against anyone damaging, injuring, or interfering (intentionally or unintentionally) with our rights or property, users, or anyone else who could be harmed by such activities.

We will also disclose Personal Information to a law enforcement agency if we are requested to do so by that agency in relation to suspected unlawful activity.

We may also share your Personal Information with third parties with your consent in a separate agreement, in connection with any company transaction (such as a merger, sale of assets or shares, reorganisation, financing, change of control or acquisition of all or a portion of our business by another company or third party) or in the event of bankruptcy, dissolution, divestiture or any related or similar proceedings.

Note that we reserve the right to share your Personal Information with other third parties where, in our sole discretion, it is required to:

  • investigate and defend ourselves against any third party claims or allegations;
  • protect against harm to the rights, property or safety of Tony Bianco, its users or the public as required or permitted by law; and
  • detect, prevent or otherwise address criminal (including fraud or stalking), security or technical issues.
6. Promotional communications

You agree and expressly consent to us using or disclosing Personal Information (other than Sensitive Information) to keep you informed about our products and services and other products and services that we consider may be of interest to you. We may use or disclose Sensitive Information about you for the purpose of direct marketing if you have consented to the use or disclosure of the information for that purpose.

We want to communicate with you only if you want to hear from us. If you would prefer not to receive promotional information from us, please let us know by clicking on the “unsubscribe” or “update your preferences” at the bottom of any of our communications, or by clicking into your account and manage the level of communication which you want to receive from us.

7. Third party websites

When you click on links and banners on our Website that takes you to third-party websites, you will be subject to that third party's privacy policies and we recommend that you make your own enquiries as to their privacy policies. While we support the protection of privacy on the internet, we cannot be held responsible for the actions of any third party websites. We do not make any representation about and are not liable for any information on, or the privacy practices of, any third-party websites, whether or not linked from our Services.

8. Access and corrections to your information

You may review, change or delete Personal Information related to your use of our Websites. To access your information, simply sign into your account and visit your account dashboard. If you would like to know what information we hold about you, please contact our Privacy Manager via the details set out at the bottom of this page.

If you discover that there is an error or information is missing, please update your details online by signing in and editing the relevant details on your account dashboard.

We will try to ensure that all information we collect, use or disclose about you in accordance with this Privacy Policy is accurate, complete and up-to-date. We expect that you will promptly notify us of any changes to your Personal Information.

If you hold multiple accounts with us through our loyalty program, we may combine your accounts to create one profile. Prior to doing this, we will take reasonable measures to ensure we have verified your membership details and that all the accounts belong to you.

9. Privacy complaints

If you believe that we have breached your privacy rights in any way, or if you would like to discuss any issues about our privacy policy please contact our Privacy Manager on

All such enquiries or complaints will be taken seriously and handled with impartiality and discretion.

If you wish to submit a complaint, please provide us with all relevant details such as the date and time of the incident or communication, the circumstances surrounding the event and your concerns about what was said or done. You will also receive an acknowledgment from us within 7 days confirming receipt of your complaint.

Once you have submitted your complaint we will assess it to determine whether or not you have complained about a privacy issue which is governed by the relevant privacy laws. If you have complained about something which is not governed under the privacy laws, we will write to you and explain why our Privacy Manager is unable to address your complaint.

If you have complained about something which is governed by the privacy laws, we will thoroughly investigate all aspects of your complaint including ascertaining the relevant facts and what your expectations are for any resolution. During our investigation we may need to seek further information from you as to the circumstances surrounding your complaint.

At all times, we will endeavour to respond to you and to offer a practical solution which is consistent with our legal obligations.

If you are not satisfied with our handling of your complaint or if we have not replied to you within a reasonable period of time, then you are entitled to make a complaint to the Office of the Australian Information Commissioner or, if you are in the EU, a data protection authority or supervisory authority.

10. Amendments

We reserve the right to vary this Privacy Policy from time to time as we see fit. While we will endeavour to notify you as soon as reasonably possible of any changes to this Privacy Policy by email or by a notice on our Website, it is your responsibility to keep up to date with any changes or amendments by checking this page prior to using our Services. This page contains our most accurate and up to date version of our Privacy Policy.

11. Contact us

Please address all enquiries, updates, requests and complaints to our Privacy Officer at the details below:

Attention: Privacy Officer

Company: Bianco Retail Pty Ltd trading as Tony Bianco


Phone: 1 800 790 799

Postal Address:

4/29 Cromwell Street

Collingwood VIC 3066


12. Application of GDPR

For the purpose of clarity, data processing of individuals in the European Union (EU) is carried on only occasionally and as such, no EU representative has been designated, however the General Data Protection Regulation (GDPR) (EU) 2016/679 may apply to you if you are resident of, reside in or are located in the EU.

If the GDPR applies, in this Privacy Policy, “Personal Information” shall also include the definition of “Personal Data” under the GDPR and terms that are defined in the GDPR shall be defined in this Privacy Policy in accordance with the GDPR.

If the GDPR applies, this paragraph applies in addition to the above paragraphs to the extent that we are acting as a “Data Controller” with respect to your Personal Information.

12.1. Consent and right to withdraw consent

By clicking accept to this Privacy Policy or otherwise notifying us of your acceptance of this Privacy Policy, you agree that you are providing express, freely given consent to us processing your Personal Information for the purposes outlined above and that we may lawfully process your Personal Information on the basis of this consent.

To the extent that our legal basis for processing your Personal Information is consent, you have a right to withdraw consent to the collection of your Personal Information at any time by sending us a written request to do so via the contact details above.

12.2. Legal Basis

Our legal bases for collecting and processing your Personal Information for the purposes listed above may be:

  • your express consent;
  • for our legitimate interests in providing information about the Services to you or providing the Services to you and improving and developing the Services; and/or
  • in order to perform a contract (whether verbal or written) for you in order to provide paid Services to you.
12.3. Your rights

We have summarised your rights under the GDPR, but please note that not all of the details of your rights have been included in these summaries. Please ensure to read the relevant laws and guidelines for a full explanation of these rights.

You may exercise these rights by contacting us to notify us of the rectification or provide information to complete your Personal Information.

  • Right of access

You have a right to obtain confirmation as to whether or not your Personal Information is being processed and, if so, you may request access to that Personal Information and further information including the purposes of the processing, the categories of Personal Information concerned and the recipients of the Personal Information. The first copy of such information will be provided free of charge, but additional copies may be subject to a reasonable fee.

  • Right of rectification

You have the right to obtain the rectification of inaccurate Personal Information concerning you and you have the right to have incomplete Personal Information completed.

  • Right to erasure

You have the right to obtain the erasure of your Personal Information without undue delay if:

  • the Personal Information is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • you withdraw consent to consent-based processing;
  • you object to the processing under certain rules of the GDPR; or
  • the Personal Information has been unlawfully processed.

However, there are exclusions of the right to erasure such as where processing is necessary to exercise the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims.

  • Right to restriction of processing

You have the right to restrict the processing of your Personal Information if:

  • you contest the accuracy of the Personal Information;
  • processing is unlawful, but you oppose erasure;
  • we no longer need the Personal Information for the purposes of our processing, but you require Personal Information for the establishment, exercise or defence of legal claims; or
  • you have objected to processing, pending the verification of that objection.

Where processing has been restricted on this basis, we may continue to store your Personal Information, however we will only process it with your consent, for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest.

  • Right to data portability

To the extent where your Personal Information has been provided based on consent, under a contract, or where processing is carried out by automated means, you have a right to receive Personal Information concerning you in a structured, commonly used and machine-readable format and you have a right to transmit that data to a Data Controller, except where this would adversely affect the rights and freedoms of others.

  • Right to object

You have the right to object to our processing of your Personal Information for direct marketing purposes. If you make such an objection, we will cease to process your Personal Information for this purpose.

13. Governing Law

The above terms and conditions are governed by the laws applicable of the state of Victoria in Australia.