The Privacy Act (1988) (Cth) (Privacy Act) and the Australian Privacy Principles (Privacy Principles) set out in Schedule 1 of the Privacy Act govern the collection, storage, use, and disclosure of information by which individuals may be identified. Further, we comply with EU General Data Protection Regulation 2016/679 (GDPR).
Special note on Confidential Information
Our Instructors are bound to a duty of confidentiality and must not disclose any confidential information which is acquired during an engagement with a client. In short – any confidential information you provide to us in connection with a session or class is kept strictly confidential. Please note this does not prohibit us from sharing confidential information with:
• any third party with your express approval;
• internally between employees and contractors;
• to external counsel for the purpose of obtaining professional advice, provided such information is disclosed in a confidential setting; and
• where we are required to disclose such information by law.
Please note this duty of confidentiality is separate and independent to our obligations under Australian privacy laws. If you have any queries about how we handle confidential information, please do not hesitate to contact us at firstname.lastname@example.org
Special Note on Sensitive Information
What Information Do We Collect
‘Personal Information’ means information that can be used to personally identify you such as your name, residential address, email address, contact number, or payment details. To be clear, we will not collect or process Personal Information of any person under the age of 18 without the consent of a parent or guardian.
‘Usage Information’ means anonymous aggregate data that is automatically collected through your use of the Website. This includes information that identifies your device, your operating system, your IP address and dates and times that you access and use the Website. This information is used to aid us in resolving any technical issues that may arise, or for statistical analysis to help us to improve the Services.
How Do We Collect Your Information
Personal Information is collected directly from you when you:
- fill out a new client form when you sign up for a session;
- book a women’s circle space;
- purchase a digital product;
- verbally or otherwise provide information to us during a session;
- provide your email to opt in to our mailing list; or
- contact us via email or otherwise about the Services.
It is your choice to provide Personal Information to us. Wherever it is lawful and practicable, you have the option not to identify yourself when interacting with us. Please be aware that it may be necessary for us to collect your Personal Information to enable us to provide the Services and Products to you. As such, if you do not wish to provide your Personal Information, we may not be able to provide the Services to you.
We collect anonymous Usage Data on our Website through cookies, pixel tags and other tracking technologies (collectively Cookies). Cookies are small packets of data that are downloaded onto your device when you access a website. Cookies hold specific information that helps a website ‘remember’ your actions and preferences over time. These are the types of Cookies that we may use to operate our Services:
Strictly Necessary Cookies – these Cookies are essential to ensure the Website works correctly, and record information that allows you to move around the Website and navigate its features.
Performance Cookies – these Cookies collect information about how you use the Website, such as how often you access the Website and if you encounter any errors.
Functionality Cookies – these Cookies allow our Website to remember the choices you make to provide a more personalised experience.
Cookies can stay on your device temporarily (Session Cookies) or until you manually delete them (Persistent Cookies). You can adjust your browser settings at any time to block Cookies, however please note that doing so may limit our ability to provide the Services to you.
If you have any questions about how we collect Usage Information via Cookies, please email your enquiry to us at email@example.com
How Do We Use Your Personal Data
Legitimate purposes that you agree we may use your Personal Data for include but are not limited to the following:
- to confirm your identity;
- to provide the Services to you;
- to send you emails/text messages about classes or sessions;
- to respond to requests submitted by you;
- to ensure technical functioning of the Website;
- to prevent, detect and investigate potential illegal activities, security breaches and fraud; and
- to contact you via email to provide you with information about the Services, only where you have opted in to receiving such communication and until you withdraw such consents.
For the avoidance of doubt, we will only use your Personal Data for purposes that you would reasonably expect us to use your Personal Data for in connection with providing the Services to you, or where we are required by law to collect your Personal Data. We will not sell, rent, or licence your email address or any of your Personal Data unless we have otherwise obtained your express consent to do so.
We recognise your right under the Spam Act 2003 (Cth) and the GDPR to opt out from direct marketing communications, and as such these consents can be modified at any time by emailing us at firstname.lastname@example.org, or by clicking ‘unsubscribe’ on any direct marketing communications.
Please note certain non-marketing related correspondence from us, including messages relating to your account and payment, will be automatically sent to you by virtue of your use of the Services and you may not have the option to unsubscribe from receiving this correspondence.
Who Do We Disclose Your Personal Data To
You agree and consent for us to disclose your Personal Data:
- to other service providers with whom we have entered into an agreement with to help us provide the Services, including marketing agencies, financial service providers and technical support;
- when we are required to do so by law.
You can withdraw your consent for us to share your Personal Data with third parties at any time by emailing us at email@example.com, however withdrawal of such consents may affect your ability to access and use the Services.
What are your rights to your Personal Data
In accordance with the GDPR, we acknowledge the right of EU citizens to:
- have their data erased that is no longer being used for a legitimate purpose;
- request a copy of all Personal Data held about them by us in a readable format; and
- request restricted processing of their Personal Data whilst any complaints or concerns are being resolved.
To erase, request or restrict processing of your Personal Data, please email us at firstname.lastname@example.org.
Accessing, Reviewing and Changing your Personal Information
We cannot modify your Personal Information. You can modify your own information by requesting a change of details form at any time by emailing email@example.com. You acknowledge that it is your responsibility to maintain the truth, accuracy, and completeness of your information and your failure to do so may inhibit our ability to provide the Services. You acknowledge and agree that we shall have no liability to you or any third party arising from your failure to keep your information up to date.
We protect your Personal Data through technical security measures i.e. firewalls, encryption that limit the risk of loss, disclosure, unauthorised access and modification. No security measures are, however, 100% secure so we cannot guarantee the security of your information or data at any time. To the extent permitted by law, we accept no liability for any breach of security, or direct hacking of our security measures, or any unintentional disclosure, loss or misuse of any information or data or for the actions of any third parties that may obtain any information or data.
Notwithstanding the above, we acknowledge our obligation to report any data breach that is likely to risk the rights and freedoms of natural persons to the Australian Information Commissioner and, where our data breach involves the information of EU citizens, report to the European Data Protection Supervisor. We will also inform you, where possible, if your data has been breached in the circumstance where it poses a risk of serious harm to your rights and freedoms.
Att: Privacy Officer