“the Company,” “we,” “us,” “our,” and “ours” means Samuel Karl Norton T/A Function.Fitness.Flow ABN 39715607449 and including any related body corporate or related entity as defined in the Corporations Act 2001 (Cth) their successors in title and assigns; and
“you,” “your,” and “yours” refer to the user or viewer of the Website or user of our Services.
As an Australian business we handle personal information principally in accordance with the Privacy Act 1988 (Cth) (Act) and other applicable Australian State and Commonwealth laws. However, different data protection laws may apply where we obtain personal information from people outside of Australia and we seek to comply with those laws when applicable.
We know that there’s a lot of information here, but we want you to be informed about your rights, and how we use data to provide you with the best possible service.
INFORMATION WE MAY COLLECT AND HOLD
We have set out below a number of different reasons for which we may collect and process your personal information and data.
Personal information and data are only used and processed to the extent necessary to achieve the purpose for which it was intended. The personal information we may collect depends on how you use our Services as well as the type of relationship we have with you and may include:
name and date of birth;
address (for correspondence and address for legal service and may include your home address);
contact details, such as email address, fax and telephone numbers;
financial information such as bank account, credit card details;
Medical and injury history (superficial detail, insofar as it is relevant to coaching)
Hobbies, likes and dislikes (as above)
Training history (as above)
Amongst other relevant data.
We do not collect information that is sensitive personal information (a particular type of personal information under the Act), unless it is relevant to our functions and activities. Sensitive personal information includes information about a person's race, ethnic origin, political opinions, health, religious or philosophical beliefs and criminal history. If we request sensitive personal information we are subject to strict requirements in relation to it including to only collect and use sensitive information with consent and for the purposes for which it was collected or otherwise in accordance with applicable law, such as the Act.
THIRD PARTY PERSONAL INFORMATION
You might also need to provide us information about other persons (e.g. a referee). If so, you represent that, if at any time you supply us with their personal information, you are authorised to do so and you agree to inform that person who we are, that we will use and disclose their personal information as set out in this policy, and that they can gain access to their personal information.
You further acknowledge and agree we may send that person a notice we have collected and hold that person’s personal information.
WHAT ARE OUR PERSONAL INFORMATION HANDLING PRACTICES?
How is personal information collected?
We collect personal information via:
our website including through online portals, noticeboards, email enquiries and postings;
other electronic and paper correspondence;
face to face meetings; and
our social media channels and accounts.
COLLECTION OF PERSONAL INFORMATION FROM YOU
Where possible, we will collect your personal information directly from you, your authorised representative or third parties you have authorised us to contact such as a referee or previous employer.
There may be instances where we receive your personal information from third parties such as:
contracted service providers, who have collected your information on our behalf; or
member organisations or social media operators who you have authorised to share your personal information with other third parties such as us.
If we receive your personal information from another party we will contact you, if we have enough information to do so and it is reasonable in the circumstances. Some exceptions to advising you may arise where:
you have provided consent or reasonably expect the collection to occur;
the collection is required or authorised by or under law;
the collection is for the purposes of an investigation or personnel issues; or
the collection is for the purposes of litigation or legal advice.
WHAT ARE THE PURPOSES FOR COLLECTING, HOLDING, USING AND DISCLOSING PERSONAL INFORMATION?
We collect personal information to perform our functions, undertake our activities and provide the Services to you and for related secondary purposes.
Examples of how we may use personal information include:
client and business relationship management;
complying with legislative and regulatory requirements;
performing administrative functions, including accounting, risk management, record keeping, archiving, systems development, credit scoring and staff training;
managing our rights and obligations in relation to external payment systems;
conducting market or customer satisfaction research;
developing, establishing and administering alliances and other arrangements with other organisations in relation to the promotion, administration and use of our respective products and services;
developing and identifying products and services that may interest you; or
providing you with information about other products and services but only where this is permitted and whilst you are registered with us.
If we request personal information and you choose not to or you cannot provide us with that information, we may be unable to provide you with the relevant Services you have requested or need.
From time to time we will use the personal information we collect from you to inform you of products and services that we consider may be of interest to you.
If you elect to follow or link-in with any our affiliated official web pages or opt to follow or link-in with any employee of the Company on LinkedIn, Twitter, Facebook or other social media or networking platforms, we will infer you are open to receiving direct marketing through these mediums.
If you do not wish to receive direct marketing information you can tell us at any time by contacting us using the details set out in the ‘How to Contact Us’ section or using the unsubscribe function in the relevant electronic communication.
In addition to meeting privacy obligations we endeavour to comply with relevant anti-spam laws which may apply if we market directly to you.
We can, and usually will disclose personal information where:
you have consented to the disclosure;
you would reasonably expect that your information will be disclosed; or
the disclosure is authorised or required by or under law, including circumstances where we are under a contractual or lawful duty of care to disclose information.
However, we don't sell or rent your personal information or data to any third parties for any purpose. The only uses of your personal information or data are those highlighted in this policy. Users are the only owner of their personal information or data and can request modification or deletion at any time.
THIRD-PARTY SERVICE PROVIDERS
We need to share your personal information and data with third parties to meet legal and regulatory obligations and provide our Services and fulfil our contractual promises to you. Whenever personal information or data is provided to these parties it remains our property and is only used for the specific purpose for which it is supplied, or a purpose related to that specific purpose as permitted under the Act or applicable law.
Examples of third parties to whom we may disclose personal information you provide include:
I.T. contractors and database designers and service internet service suppliers;
credit reporting agencies and financial institutions;
background checking and screening agents;
our agents, suppliers, contractors and external advisers whom we engage from time to time to carry out, or advise on, our functions and activities;
regulatory bodies, government agencies, law enforcement bodies and courts;
other organisations with whom we have alliances or arrangements for promoting our respective products and services, and any agents used by us and our business partners in administering such an arrangement or alliance;
external payment systems operators;
any person to the extent necessary, in our view, to carry out any instruction you give to us;
our related bodies corporate for the marketing of their products and services;
your agents and contractors, including your legal adviser and your financial adviser;
your executor, administrator, trustee, guardian or attorney; or
If we need to disclose your information to recipients or organisations based outside of Australia to provide Services to you, then wherever possible, we deal with such third parties who are bound by the provisions of the Act and Australian Privacy Principles (APPs). If this is not possible we will make every reasonable effort to verify that they would otherwise comply with the APPs or we reasonably believe they are subject to laws or contractual obligations which effectively uphold the principles for the handling of personal information that are substantially like the APPs.
It is not practicable to list all countries we may disclose this information to, however, if you would like further information on this, please contact us.
STORAGE, DATA SECURITY & RETENTION
Collected personal information is held securely in our electronic and paper recordkeeping systems.
We have controls in place to protect against interference with personal information by way of unauthorised access, misuse, loss, modification, or disclosure including in the following ways:
access to information collected from individuals is limited to authorised persons with a need-to know;
our internal network, electronic records management system, and databases are protected using firewall, intrusion detection and prevention, antivirus, user authentication complexity and other IT security technologies and protocols;
web transactions are conducted in accordance with PCI DSS standards;
our web services are vulnerability tested against intrusion;
our premises are under 24-hour surveillance and access is via security passes only with all access (and attempted access) logged electronically;
we regularly conduct system audits and staff training to ensure we adhere to our established protective and IT security compliance and best practices; and
aftercare measures are taken to support the removal of access to personal information when no longer required.
We take reasonable steps to destroy or permanently de-identify personal information when it is no longer required for any purpose for which it may be used or disclosed. However, it is not always practicable to destroy or de-identify electronic data. Where it is not reasonable to destroy or permanently de-identify personal information in electronic form, we will take reasonable steps to prevent inadvertent access to it.
REMAINING ANONYMOUS OR USING A PSEUDONYM
You have the right to contact us anonymously or using a pseudonym unless there is a legal requirement that prevents this.
Where you wish to make an enquiry or give us feedback, you may have the option of not identifying yourself. For example, you may sign up for our news services using a pseudonymous email address.
You should be aware, however, that there may be instances where we cannot respond to you or properly investigate a complaint if you do not provide contact details or sufficient information.
This policy may be updated from time to time including when the OAIC guidance material is revised or legislative amendments are made to the Act or other applicable laws.
COPY OF THIS POLICY
If you wish to access this policy in hard copy it can be downloaded and printed from the Website or if you require an alternative format, please contact us.
We will provide the policy to you at no cost, together with hard copies or any documents referred to in this policy and maintained by us.
ACCESS TO AND CORRECTION OF PERSONAL INFORMATION
How you may access and correct personal information we hold about you
You may request access to personal information we hold about you. We will provide you with access as requested, if it is reasonable and practicable to do so. There may be a moderate charge for us to provide access and there may be instances where we refuse your request such as:
providing access would pose a serious and imminent threat to the life or health of any individual;
providing access would have unreasonable impact on the privacy of other individuals;
the request for access is frivolous or vexatious;
the information sought relates to existing or anticipated legal proceedings between you and us and that information would not be accessible by the process of discovery in those proceedings;
providing access would be unlawful;
denying access is required or authorised by or under law; or
providing access would be likely to prejudice an investigation of possible unlawful activity.
If we deny your request for access, we will, where permitted by law, provide you with reasons for that denial.
You may request corrections to any of your personal information that we hold to ensure the information is accurate, up to date, complete, relevant and not misleading.
We must be satisfied that you are seeking access to or correction of your own personal information. We may ask you to provide verification of your identity. This process is free of charge.
How to request access or correction
If you wish to access or correct personal information we hold about you please contact us. Details of how to contact us are in the ‘ How to Contact Us ’ section.
LINKS TO OTHER WEBSITES
Function.Fitness.Flow may provide links to websites outside of our website. These linked sites are not under the control of Function.Fitness.Flow and Function.Fitness.Flow is not responsible for the conduct of companies linked to the Function.Fitness.Flow website, nor for the performance or otherwise of any content and/or software contained in such external websites.
COMPLAINTS ABOUT PRIVACY
If you wish to inquire or make a complaint about the way we have handled your personal information, you may contact us are in the ‘How to Contact Us’ section.
We are committed to quick and fair resolution of customer complaints and will ensure any privacy complaint is taken seriously. You will always be treated professionally and respectfully.
Complaints to the Office of the Australian Information Commissioner
If you are dissatisfied with the way we handle a privacy complaint, you may contact the Office of the Australian Information Commissioner (OAIC):
Phone: 1300 363 992
Write to: Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
You may also make a complaint directly to the Information Commissioner, however, the Commissioner may recommend you try to resolve the complaint with us first.
HOW TO CONTACT US
Contact us if you want to:
obtain access to your personal information held by us;
request correction of your personal information held by us;
make an enquiry or complaint about our compliance with the APPs; or
Phone: 0422 471 211
International callers: +61 422 471 211
Write to: Privacy Officer
37/219 Chalmers Street Redfern 2016
WHAT WE WILL DO
We will acknowledge your requests or enquiries within 5 business days.
Provided you have given us your contact details we will endeavour to provide you with a written response within 30 calendar days after receiving your request by:
providing access to documents;
advising you of our decision to refuse access to or correction of documents; or
advising you of any difficulties we have encountered in actioning your request, in which case we will provide you with an expected timeframe for finalising your request.
ELECTRONIC DATA COLLECTION
This section explains in more detail how we collect information from our Website and the technologies used during electronic transactions and communications with us.
It is important that you understand that there are risks associated with use of the internet and you should take all appropriate steps to protect your personal information.
When an individual looks at our Website, our internet service provider, Aussie Broadband, makes a record of the visit and logs (in server logs) the following information for statistical purposes:
the individual’s server address;
the individual’s top-level domain name (for example .com, .gov, .org, .au, etc);
the pages the individual accessed, and documents downloaded;
the previous site the individual visited; and
the type of browser being used.
We do not identify users or their browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect the internet service provider's server logs.
By themselves Cookies do not identify you personally, but they may link back to a database record about you. If you register on our site, we will then link your Cookie back to your personal information details.
Cookies are necessary to enable data analysis on our Website, but if you do not wish us to retain any information about your visit to our site you could delete the Cookies on your browser and change the settings on your web browser program.
HOW TO PROVIDE OR WITHDRAW CONSENT TO THE INSTALLATION OF COOKIES
In addition to what is specified in this document, you can manage preferences for Cookies directly from within their own browser and prevent – for example – third parties from installing Cookies.
Through browser preferences, it is also possible to delete Cookies installed in the past, including the Cookies that may have saved the initial consent for the installation of Cookies by this Website.
Notwithstanding the above, we advise you may follow the instructions provided on the subsequently linked initiatives by the EDAA (EU), Network Advertising Initiative (US) and the Digital Advertising Alliance (US), DAAC (Canada), DDAI (Japan) or other similar services. Such initiatives allow you to select your tracking preferences for most advertising tools.
We recommend you make use of these resources in addition to the information provided in this document.
If we use web bugs we will display a clearly visible icon on the page. The icon will include the name of the company collecting information and will be labelled as a tracking device.
The Web bug will be linked to a page disclosing what data is collected, how it is used, and which companies receive the data.
Web visitors will be able to opt out of data collection by Web bugs. Web bugs will not be used to collect sensitive information.
Our technology systems log emails received and sent and may include voting and read and receipt notifications to enable tracking.
When your email address is received by us because you send us a message, the email address will only be used or disclosed for the purpose for which you have provided it and it will not be added to a mailing list or used or disclosed for any other purpose without your consent other than as may be permitted or required by law.
CALL AND MESSAGE LOGS
Our telephone technology (systems and mobile phones) logs telephone calls and messages received and sent and enables call number display.
When your call number is received by us because you phone us or send us a message, the number will only be used or disclosed for the purpose for which you have provided it and it will not be added to a phone list or used or disclosed for any other purpose without your consent other than as may be permitted or required by law.
Additional information on technologies impacting on privacy can be found at:
Australia: - https://www.oaic.gov.au/
New Zealand: https://privacy.org.nz/