It also explains how to contact us to correct, update or delete any personal information provided to us, or make a complaint if you have concerns. We are compliant with the Privacy Principles of Australia.
We will only collect and process personal information about you where we have a lawful basis to do so. Lawful basis includes consent (where you have given consent), use of our service (where processing is necessary for the performance of our service with you) and legitimate interests (including security threats or frauds, risk of harm to self or others, compliance with applicable laws, and enabling us to administer our service).
COLLECTION OF YOUR PERSONAL INFORMATION BY THIRD PARTIES
WHAT IS PERSONAL INFORMATION?
Personal information is defined as information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
WHEN AND HOW DO WE COLLECT YOUR PERSONAL INFORMATION?
We collect most personal information directly from you when you consent to use our service or receive communications from us. Your consent may be express (e.g. you agree to the use of your information by ticking a box) or implied by an action you take or do not take (i.e. because you have agreed to terms and conditions that contain information about the use or disclosure of your information).
You provide us your information when you use our service or you use our website generally or you deal with us.
WHAT PERSONAL INFORMATION DO WE COLLECT?
We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you:
Our website and service does not address anyone under the age of 16 (Children). Our website and service is intended for and directed to adults and we do not knowingly collect personal information from Children without the express consent of a parent or legal guardian.
If you are a parent or guardian and you are aware that your Children have provided us with personal information, please contact us. If we become aware that we have collected personal information from Children without verification of parental consent, we will take steps to remove that information from our servers.
WHY DO WE COLLECT YOUR PERSONAL INFORMATION?
We may collect your personal information when required by law but generally we collect personal information from you (or about you) to allow us to:
Personal information collected or received by us will only be used for the stated purpose for which it was provided.
WHEN DO WE DISCLOSE YOUR PERSONAL INFORMATION?
We may collect, hold, use and disclose your personal information for the following purposes:
If personal information is disclosed to a third party, we are required to take all reasonable steps to ensure your personal information is treated in accordance with the laws that apply to personal information in that country. We may also disclose your personal information to a trusted third party who also holds other information about you. This third party may combine that information in order to enable it and us to develop anonymised consumer insights so that we can better understand your preferences and interests, personalise your experience and enhance the products and services that you receive.
TO WHOM DO WE DISCLOSE YOUR PERSONAL INFORMATION?
AGGREGATE INFORMATION & DIRECT MARKETING
We do not sell your personal information. We may aggregate the information you and others make available to us and share it with third parties.
We may use, sell, license, and share this aggregated information with third parties for research or other purposes such as to improve our services or to help our partners understand more about the users of our service issues.
We and/or our carefully selected business partners may send you direct marketing communications and information about our service and products. This may take the form of emails, SMS, mail or other forms of communication, in accordance with the laws of your country. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (eg an unsubscribe link).
You can object to us using your information for these purposes.
WHAT IF YOU DON’T WANT US TO COLLECT YOUR PERSONAL INFORMATION?
You are not obligated to provide us with your personal information. You may choose whether you receive communications from us. Whilst it is your choice not to provide your personal information to us this may impede our ability to provide you with all the functionality of our service.
WHAT IF YOU DON’T WANT TO RECEIVE FURTHER COMMUNCATIONS FROM US?
Should you wish to remove yourself from our database you may do so at any time by contacting us.
HOW CAN I ACCESS, CORRECT AND/ OR UPDTE PERSONAL INFORMATION YOU HAVE COLLECTED?
At any time, you may contact us and request your personal information be modified. We will make all efforts to correct data once we have proved your identity.
We will deal with all requests for access to personal information as quickly as possible, but no later than 30 calendar days from the date of your request (unless any complexities arise). Requests for a large amount of information, or information which is not currently in use, may require further time before a response can be given.
We will provide you your personal information in a structured, commonly used, machine-readable format.
In some cases, we will refuse to give you access to personal information we hold about you. This includes, but is not limited to, circumstances where giving you access would: be unlawful; have an unreasonable impact on other people’s privacy; prejudice an investigation of unlawful activity; reveal our intentions in relation to negotiations with you so as to prejudice those negotiations; prejudice enforcement related activities conducted by, or on behalf of, an enforcement body; reveal evaluative information generated within our business in connection with a commercially sensitive decision-making process.
We will also refuse access where the personal information relates to existing or anticipated legal proceedings, and the information would not be accessible by the process of discovery in those proceedings. Further, we will refuse access where your request is frivolous or vexatious, and where we reasonably believe that unlawful activity, or misconduct of a serious nature, is being or may be engaged in against us and giving access would be likely to prejudice the taking of appropriate action in relation to that matter.
If we refuse to give you access we will provide you with reasons for our refusal, unless doing so would be unreasonable in the circumstances. We will also take reasonable steps to give you access in a way that meets your needs without giving rise to the reasons of our refusal. Further, we will provide details of how you may make a complaint about our decision.
HOW DO WE STORE AND PROTECT YOUR PERSONAL INFORMATION?
For us to provide excellent service we are required to store some personal information and take the greatest of care to ensure this information is treated as private and confidential. Transmitting personal data via the internet does have inherent risks associated with it. We will however take all reasonable steps to ensure the security of this data.
We have taken the necessary measures to ensure the personal information we hold is not compromised. In accordance with and as permitted by applicable law and regulations we will retain your information as long necessary to serve you, to maintain your account or as otherwise need to operate our service.
Our secure centre is equipped with the latest technology, infrastructure and dedicated technical staff to ensure our working environment has complete reliability and security for your data. However, we cannot be held liable for events outside our control particularly with respect to third parties who act as repositories of your information.
Our website is protected by security certificates and are built considering all modern security stands where possible. We will take reasonable steps to maintain the integrity and security of any personal information we have stored, including taking reasonable steps to prevent interference and loss, misuse, unauthorised access, modification or disclosure of such personal information.
Note that no information transmitted over the Internet can be guaranteed to be completely secure. While we will endeavour to protect your personal information as best as possible we cannot guarantee the security of any information that you transmit to us, or receive from us. The transmission and exchange of information is carried out at your own risk.
We have obligations to notify you if you are affected by a data breach. We will take all reasonable precautions to take remedial action to prevent such an event. However, as we cannot guarantee that remedial action will be sufficient to prevent all instances of a breach, we will take steps to notify you of an eligible data breach as soon as practicable, and provide recommendations as to what steps you should take to mitigate any serious issues.
For UK residents, where we employ data processors to process personal information on our behalf, we only do so on the basis that such data processors comply with the requirements under the GDPR and that have adequate technical measures in place to protect personal information against unauthorised use, loss and theft.
Whenever you use our website, in a case of an error in the website we collect data and information (through third party products) on your phone called Log Data. This Log Data may include information such as your device, Internet Protocol address, device name, operating system version, the configuration of the device when utilizing our website, the time and date of your use of our website and other statistics.
We may transfer data on we receive about you, including all personal information, to our hosting service providers and data centres located overseas, such as an Amazon Web Services node in another country. You hereby expressly and voluntarily grant your informed consent to such transfers. Transfers to out of your county will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website.
You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our website, we may collect information from you automatically through cookies or similar technology. While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
COOKIES THAT WE USE
COOKIES USED BY OUR SERVICE PROVIDERS
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/
Google AdWords remarketing service is provided by Google Inc. We may use Google AdWords.
You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads
Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/
Facebook remarketing service is provided by Facebook Inc.
You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950
To opt-out from Facebook’s interest-based ads follow these instructions from Facebook: https://www.facebook.com/help/568137493302217
Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.
For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.
GENERAL DATA PROTECTION REGULATION (GDPR) FOR THE EUROPEAN UNION (EU)
We will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.
We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.
We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it.
We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose. We will keep your data safe and secure.
We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation.
We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law.
We do not collect or process any personal information from you that is considered “Sensitive Personal Information” under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or if it is being collected subject to and in accordance with the GDPR.
You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.
YOUR RIGHTS UNDER THE GDPR
If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. We comply with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU.
Except as otherwise provided in the GDPR, you have the following rights:
We may ask you to verify your identity before acting on any of your requests.
ENQUIRIES, REQUESTS & COMPLAINTS
If you think your personal information, held by us, may have been compromised in any way or you have any other Privacy related complaints or issues, you should also raise the matter with the Privacy Officer.
We will ensure your claims are investigated and a formal response will be provided to you, within a reasonable time, considering the circumstances of your claims. If any corrective action is determined to be required, as a result of that investigation, we will take all reasonable steps to rectify the situation and advise you of such, again within a reasonable time considering the circumstances.
If we do not resolve your enquiry, concern or complaint to your satisfaction or you require further information in relation to any privacy matters, please contact the Office of the Australian Information Commission, whose contact details are below.
Office of the Australian information Commission
|Telephone||1300 363 992|
|Office Address||Level 3, 175 Pitt Street, Sydney NSW 2000|
|Postal Address||GPO Box 5218, Sydney NSW 2001|