1.1 This Policy applies in relation to all information that We collect from you and is kept strictly confidential and is only for use by Us to any third parties as authorised by You by your continue use of our Website and Mobile App. The Products and Services are not directed or intended for children under the age of 16. We may however collect Personal Data about children below the age of 16 years of age with a parent or guardians’ explicit consent.
1.2 We will alert you about any changes by updating the “Last Updated” date of this Policy.
1.3 We are bound by the Australian Privacy Principles and the Privacy Act. We follow the Australian Privacy Principles Guidelines of the Office of the Australian Information Commissioner and the EU Data Protection Laws in the collection, handling, use and disclosure of Personal Data.
1.4 The purpose of the Policy is to:
a) clearly communicate Our handling of information;
b) enhance transparency; and
c) give individuals a better and more complete understanding of the Personal Data collected and the way We handle that information.
1.5 This Policy applies to all persons who use Our Site.
2.1 Unless otherwise defined herein capitalised terms and expressions shall have the following meaning:
“Complaint Handler” means Angelina Badri;
“Complaint Handler Email Address” means firstname.lastname@example.org or email@example.com to stop spam;
“Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of the Site. The Data Controller, unless otherwise specified, is always Us.
Data Processors means the natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Controller, as described in this Policy.
“Data Protection Laws” means the Privacy Act, Australian Privacy Principles, EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
“EU” means the European Union.
“GDPR “means General Data Protection Regulation 2016/679;
“Personal Data” has the meaning detailed in Clause 3.1(a) of this Policy;
“Privacy Act” means the Privacy Act 1988 (Cth);
“Products” means the Products contained on our Site from time to time
“Us, Our, We” means Universal Safety Wellness Pty Ltd ACN 632 886 189;
“Services” means the services detailed in our Scope of Works; and
“Site” means Universal Safety Wellness Members Portal.
“UK” means the United Kingdom
3.0 COLLECTION OF PERSONAL INFORMATION
3.1 We only collect Personal Data for the purpose of Our Products and Services and We may collect and store personal information about you. The manner in which We will collect your Personal Data will depend on the manner in which you engage with Us through the Site and includes:
a) Personal Data – Personally identifiable information, such as your name, address, email address, and telephone number, and demographic information, such as your age, gender, hometown, and interests, that you voluntarily give to Us when you choose to participate in various activities related to Us and Our Products and Services including online chat and message boards. You are under no obligation to provide Us with personal information of any kind.
b) Derivative Data – Information Our servers automatically collect when you access the Site, such as your IP address, your browser type, your operating system, your access times, and the pages you have viewed directly before and after accessing the Site.
4.0 USE OF YOUR INFORMATION
4.2 Having accurate information about you permits Us to provide you with a smooth, efficient, and customised experience.
4.3 We take steps to protect Personal Data We hold against loss, unauthorised access, use, modification, or disclosure, and against other misuse.
4.4 We take appropriate security measures to prevent unauthorised access, disclosure, modification, or unauthorised destruction of Personal Data. All Personal Data processing is carried out using computers and/or IT enabled tools, following organisational procedures and modes strictly related to the purposes indicated. In addition Personal Data may be accessible to certain types of persons in charge, involved with the operation of the Site (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, payment service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by Us. The updated list of these parties may be requested from Us in writing at any time.
4.5 We may share information We have collected about you in certain situations. Your information may be disclosed as follows:
a) By Law or to Protect Rights – If We believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of
Our policies, or to protect the rights, property, and safety of others, We may share your information as permitted or required by any applicable law, rule, or regulation. This includes exchanging information with other entities for fraud protection and credit risk reduction.
b) Third-Party Service Providers – We may share your information with third parties that perform services for Us or on Our behalf, including background checking, data analysis, email delivery, hosting services, customer service, and marketing assistance.
c) Marketing Communications – With your consent, and with an opportunity for you to withdraw consent, We may share your information with third parties for marketing purposes, as permitted by law.
d) Interactions with Other Users – If you interact with other users of the Site, those users may see your name, profile photo, and descriptions of your activity, including sending invitations to other users, chatting with other users, liking posts, following blogs.
e) Online Postings – When you post comments, contributions or other content to the Site, your posts may be viewed by all users and may be publicly distributed outside the Site in perpetuity.
f) Third-Party Advertisers – We may use third-party advertising companies to serve ads when you visit the Site. These companies may use information about your visits to the Site and other websites that are contained in Web cookies in order to provide advertisements about goods and services of interest to you.
g) Affiliates – We may share your information with Our affiliates, in which case We will require those affiliates to honour this Policy. Affiliates include Our parent company and any subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
h) Business Partners – We may share your information with Our business partners to offer you certain products, services or promotions.
i) Other Third Parties – We may share your information with advertisers and investors for the purpose of conducting general business analysis. We may also share your information with such third parties for marketing purposes, as permitted by law.
j) Payment information. We may request your Personal Data for authorisation for payment of Services or Products by Us or third parties engaged by US, including a fraud monitoring and prevention service.
4.6 Specifically, you authorise Us to use any Personal Data collected by Us about you to:
a) compile anonymous statistical and health data and analysis for use internally or with third parties;
b) deliver targeted advertising, coupons, newsletters, and other information regarding promotions and the Site to you;
c) email you;
d) enable user-to-use communications;
e) generate a personal profile about you to make future visits to the Site more personalised;
f) background checking;
g) increase the efficiency and operation of the Site;
h) monitor and analyse usage and trends to improve your experience with the Site;
i) notify you of updates to the Site;
j) offer new products, services, mobile applications and/or recommendations to you;
k) perform other business activities as needed;
l) prevent fraudulent transactions, monitor against theft, and protect against criminal activity;
m) request feedback and contact you about your use of the Site;
n) resolve disputes and troubleshoot problems;
o) send you a newsletter;
p) solicit support for Us, Our Products and Our Services.
4.8 We are assisted by a variety of third parties to deliver the Services We offer. These third parties change from time to time and include technology service providers for internet, app services, cloud services, publishing, payment services and printing services. These third parties may be located in Australia or overseas locations. You consent to share your Personal Data with persons outside the country in which you reside.
4.9 Our Site may include links to other third-party websites, social media tools, widgets or plug-ins, permitting sharing web content including IP address, with third parties and social media providers. These social media providers may learn of your visit even if you are not logged in to your social media account or if you do not have an account with them. To the extent any linked websites or features you visit or use are not owned or controlled by Us, we suggest that you review their own privacy notices or policies.
4.10 Wherever possible, We impose contractual restrictions equivalent to those imposed in the relevant Data Protection Laws in respect of collection and use of personal information by those third parties. We will obtain an individual’s specific consent prior to disclosing information for the purposes of direct marketing of other Services. An individual will be able to opt-out of direct marketing at any time if they so choose. Under no circumstances will We sell or receive payment for licensing or disclosing an individual’s personal information.
4.11 We are not responsible for the actions of third parties with whom you share personal or sensitive data, and We have no authority to manage or control third-party solicitations. If you no longer wish to receive correspondence, emails or other communications from third parties, you are responsible for contacting the third party directly.
4.12 There are inherent risks in transmitting information across the internet and We do not have the ability to control the security of information collected and stored on third party platforms. In relation to Our own servers, We take all reasonable steps to manage data stored on Our servers to ensure data security.
5.0 DATA QUALITY
5.1 We take steps to ensure that the personal information We collect is accurate, up to date and complete. These steps include maintaining and updating personal information when We are advised by individuals that their personal information has changed, and at other times as necessary.
6.0 OUR RESPONSIBILITIES UNDER THE GDPR
6.1 If you are a resident of the European Union (EU) or United Kingdom (UK) you have certain rights and protections under the GDPR regarding the processing of your Personal Data.
6.2 We collect, use and store your Personal Data to enable Us to provide you with Our Products or Services and information about them. We rely on the following lawful means of processing your Personal Data:
a) Where it is necessary to fulfil a contract with you. This includes where We collect your Personal Data to enable Us to send you Our Products or provide you with Our Services.
b) Where you have given Us valid consent to use your Personal Data. We will rely on that consent and only use the Personal Data for the specific purpose for which you have given consent. This includes where We email newsletters or send mobile phone notifications.
c) We may also process your Personal Data where it is to further Our legitimate interests which could include usage statistics, analytics and internal analysis so We can improve Our Services to you.
6.3 Personal Data will be stored for as long as required by the purpose they have been collected for. Therefore:
a) Personal Data collected for purposes relating to the Services shall be retained until the Services have been fully performed;
b) Personal Data collected for the purpose of Our legitimate interest shall be retained as long as needed to fulfill such purpose. You may find specific information regarding the legitimate interest by requesting such information in writing from Us.
6.4 Once the retention period has finished or upon cancellation of your consent, the Personal Data will be deleted, and you will be unable to access or request this information.
7.0 YOUR RIGHTS AS AN EU OR UK RESIDENT
7.1 If you are a resident of the EU or UK you have various rights including the:
a) Right to be informed;
b) Right of access;
c) Right to rectification;
d) Right to object;
e) Right to restriction of processing;
f) Right to erasure or to be forgotten;
g) Right to data portability; and
h) Right not to be subject to automated processing.
7.2 If you want to access your Personal Data or ask for the information to be corrected, please contact Us. In some circumstances, you also have a right to object to or ask that We restrict certain processing activities or delete your Personal Data. If you would like to limit or request deletion of your Personal Data or exercise any other rights you can do so by contacting Us.
8.0 ACCESS TO PERSONAL INFORMATION
8.1 You may access the Personal Data that We hold about you, and can ask Us to correct the Personal Data We hold about You. We will take reasonable steps to make appropriate corrections to your Personal Data so that it is accurate, complete and up-to-date unless We consider that there is a sound reason under the Privacy Act or other relevant law to withhold the information, or not make the changes.
9.0 WITHDRAWING YOUR CONSENT
9.1 You can withdraw your consent to Our collection or processing of your Personal Data. You can do so by contacting Us or by opting out of email newsletter communications by following the instructions in those emails or by clicking unsubscribe. If you withdraw Your consent to the use of your Personal Data, you may not have access to Our Products and Services and We might not be able to provide you with Our Products and Services. In some circumstances, where We have a legal basis to do so, We may continue to process your information after you have withdrawn consent. For example, if it is necessary to comply with an independent legal obligation or if it is necessary to do so to protect Our legitimate interest in keeping Our Services secure.
10.0 OUR COMPLIANCE
10.1 We comply with the Privacy Act and GDPR protection directives set out by the EU and UK regarding the collection, use and retention of Personal Data from EU member countries and the UK. All Personal Data stored on Our platform is treated as confidential. It is stored securely and is only accessed by authorised personnel. Our collection is limited in relation to what is necessary, for the purpose for which the Personal Data is processed, and kept only for so long as is necessary for the purpose for which the Personal Data was collected. We implement and maintain appropriate technical, security and organisational measures to protect Personal Data against unauthorised or unlawful processing or use, and against accidental loss, destruction, damage, theft or disclosure. We ensure the encryption and pseudonymisation of Personal Data and We have adequate cyber security measures in place.
11.0 YOUR ACKNOWLEDGEMENT
11.1 By providing Us with Your Personal Data, you consent to Us disclosing it to third parties including those who reside outside the EU or UK. We will ensure that those third parties are GDPR compliant.
12.0 COMPLIANT HANDLING
12.1 You may complain about the way We handle your personal information. A complaint should be made in writing to our Complaint Handler Email Address. On receipt, the complaint is referred to the Complaint Handler.
12.2 You can make a compliant regarding the misuse of your Personal Information at the relevant Statutory body that applies to the country in which you reside. For Australian residents, complaints can be made to the Office of the Australian Information Commissioner about the handling of their personal information by private sector organisations covered by the Privacy Act.