Contents:

Privacy policy

Manchester Warehouse and Your Privacy

At our Kogarah store, as well as our online store, we are committed to protecting your privacy. Any personal information you provide to us will be used to provide you with the services you have agreed to. It is safe and secure with us.

It is important for you to know and understand that it is necessary for us to collect information from you in the following circumstances:

  • When you join our customer database.
  • When you order a product(s) from us – whether online or by visiting our Kogarah store.
  • When you have a ‘lay-by’ with us or when we ‘hold’ product(s) for you. ‘Lay-bys’ and ‘holds’ can only be done by visiting our Kogarah store and not online.
  • When you return products and require a credit note.
  • When you send us a customer enquiry.
  • When we deliver you products.

If you wish to remain completely anonymous you may purchase directly from our Kogarah store without ordering, putting on lay-by or hold and/or having your products delivered.

 

Your Personal Information

You can visit our website without disclosing any personal information to us. If you purchase from us or choose to provide your personal information to us, we will only use this information for purposes of communicating with you. At any point in time you can unsubscribe from our marketing database by sending us an email to onlineenquiries@manchesterwarehouse.com.au.

Manchester Warehouse will keep your personal information confidential and secure. All of your information is kept in a location that is protected by secure servers. If you wish to access the information we have on you at any time please contact us via onlinenquiries@manchesterwarehouse.com.au. Manchester Warehouse aims to ensure all of your personal information is accurate at all times. To assist us in doing this we ask that you inform us of any changes via email, phone or by coming into our Kogarah store.

Personal information will not be disclosed without your consent, the only exception to this is where we would be required by law to do so. Manchester Warehouse will not accept responsibility for the use of any information that has been obtained through unauthorised access.

If you have any further queries in regards to Manchester Warehouse privacy policy you can contact our Privacy Officer by email: onlineenquiries@manchesterwarehouse.com.au, phone 02 8567 5600, fax 02 9588 7829 or by mailing Manchester Warehouse 140 Rocky Point Rd, Kogarah NSW 2217.

 

Online Security

Our website runs on a Shopify Plus platform which has successfully completed the PCI external scan requirements and is “compliant with the remote vulnerability audit requirements of the Payment Card Industry Data Security Standard (PCI-DSS)” as determined by ScanAlert, the world’s largest PCI certification service.

Security Details of Shopify’s Platform are as follows:

Physical Security
Shopify uses a combination of colocation facilities and virtual hosting environments. In both cases, your data is stored in data centers with industry-standard security certifications.

Facilities
Shopify’s data processing and storage takes place in North America, in facilities operated by trusted third parties. Shopify’s servers are co-located or hosted at data centers with the following certifications:

  • Tier III
  • ISO 27001
  • PCI DSS

Site Protection
Sites housing physical servers owned and operated by Shopify are protected by:

  • Perimeter security and multi-tier security zones with alarms
  • CCTV surveillance and 24/7 on-premises security staff
  • Multi-factor identification with biometrics
  • Private cages and physical locks

In order to prevent leaking residual data, hard drives do not leave data centres. Instead, they are destroyed securely on site when they reach the ends of their lives.

Technical Security
Shopify develop systems with security and privacy as guiding principles. Systems undergo thorough testing throughout their life cycles. Shopify complies with the SOC 2 standard for security and availability and has a SOC 2 Type 2 report available under NDA, as well as a publicly available SOC 3 report posted on www.shopify.com/security.

Architecture
Shopify is based on a multi-tenant architecture, optimised for performance and resiliency. Merchant data is segregated by application-level controls. The application environment on each server (the application, its dependencies, and its configuration files) is replaced when changes are deployed, which eliminates vectors for malware persistence.

Application
Maintaining application security is critical to Shopify’s development process. Shopify’s developers are trained regularly on application security best practices, including OWASP Top Ten. An automated service running on Shopify’s code base monitors application dependencies for vulnerabilities. If a security issue is discovered in a library that Shopify use, their developers can respond quickly to mitigate any risk.

Input Validation
Customer input, such as form fields, is validated against a whitelist and decoded safely. Input validation and safe decoding protect against common attack vectors, including:

  • HTML injection
  • SQL injection
  • XSS

Encryption
Information in transit is encrypted using industry-standard cryptographic protocols:

  • SSH
  • IPSec
  • HTTPS-TLSv1.2

Many other commerce platforms use HTTPS only for checkout, but Shopify uses the HTTPS protocol for storefronts and admin pages by default as well. Credit card information and other sensitive information in operational data stores is encrypted at rest. All user passwords are salted and hashed using the bcrypt hashing algorithm when stored.

Shopify’s security team works to implement current best practices as the cryptographic landscape evolves.

Data Disposal
A reasonable period of time after a store has closed, personal information is purged from storage automatically at the application level.

Vulnerability Scanning and Penetration Testing
Third-party vulnerability scans and penetration tests are performed regularly in order to identify and remedy potential security weaknesses. Reports can be provided on request.

Payment Card Processing
Shopify undergoes an annual PCI DSS on-site assessment by a qualified security assessor. An attestation of compliance with PCI DSS Level 1 can be provided on request.

Operational Security
Server and application performance are monitored continuously by Shopify’s production engineering team.

Configuration Management
Shopify’s configuration management tooling ensures servers have the current configuration applied. Security patches are applied to systems hourly through an automated patching process. For systems outside of the automated process, Shopify monitors applicable vulnerability disclosure and security update sources, and patches as necessary.

Security Incident Response
Shopify’s security incident response plan is reviewed and tested regularly. All Shopify employees undergo security awareness training that covers appropriate communication and escalation processes.

DDoS Mitigation
Shopify uses a combination of techniques for DDoS mitigation. For upstream protection, Shopify have an on-demand traffic scrubbing service that can be activated in the event of a large attack beyond the capacity of their network. The last layer of DDoS mitigation is Provider Edge filtering, which ensures that traffic over ports commonly used for DDoS attacks are not routed into their infrastructure.

 

SMS Marketing Privacy Statement

TCPA Compliance - Text Marketing Notifications

By entering your phone number in the checkout and initializing a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. Text marketing messages will not exceed 30 a month. You acknowledge that consent is not a condition for any purchase.

If you wish to unsubscribe from receiving text marketing messages and notifications reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you within any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply.

For any questions please text HELP to the number you received the messages from. You can also contact us for more information. If you wish to opt out please follow the procedures above.

GDPR Compliance - Text Marketing Terms and Conditions

We are using a text messaging platform, which is subject to the following terms and conditions. By opting in for our text marketing and notifications, you agree to these terms and conditions.

By entering your phone number in the checkout and initializing a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. You acknowledge that consent is not a condition for any purchase.

Your phone number, name, and purchase information will be shared with our SMS platform Klaviyo. This data will be used for sending you targeted marketing messages and notifications. Upon sending the text messages, your phone number will be passed to a text messages operator to fulfil their delivery. For full terms of service, please visit our Terms of Service.

If you wish to unsubscribe from receiving text marketing messages and notifications reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you within any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply.

For any questions please text "HELP" to the number you received the messages from. You can also contact us for more information. If you wish to opt out please follow the procedures above. Carriers (AT&T, T-mobile, Verizon, T-Mobile, Sprint, Rogers, MetroPCS, etc) are not responsible or liable for undelivered or delayed messages.

icon

SHOP NOW. PAY LATER. INTEREST FREE.

Shop now and pay later in 4 simple interest free instalments. Just select afterpay as your payment method during checkout.

icon

30 DAY 
RETURN POLICY

We know you will love your new purchase, however if for any reason you are not satisfied with an item and need to return it, we are here to help. We offer a full refund within 14 days, or an online store credit within 30 days of order placement.

icon

50+ YEARS 
EXPERIENCE

We have over 50 years of experience in the textile and manchester industry, transitioning from manufacturing, to wholesale, and then into retail in 1999.

icon

FAMILY OWNED 
AUSTRALIAN BUSINESS

At Manchester Warehouse we work hard so that you can rest easy. We are a family owned and operated business that prides itself on being a true destination both in store and online.