Privacy Policy

January 2024

 

ABOUT THIS POLICY

Core Value Fitness Pty Ltd is an entity bound by, and committed to, the Australian Privacy Principles (APPs).  The specific legal obligations we have when collecting and handling your personal or sensitive information are found in the Privacy Act 1988 (Cth) (Privacy Act), and in the APP’s found in the Privacy Act.  This Privacy Policy outlines the manner in which we handle personal or sensitive information in order to comply with the APP’s. 

We are committed to treating the personal or sensitive information we collect and handle in accordance with the APPs in the Privacy Act.  This policy sets out how we handle personal or sensitive information. This privacy policy does not apply to personal or sensitive information collected by us that is exempted under the Privacy Act, for example employee records.

Our privacy policy will be reviewed regularly to take account of changes in legislation, technology, and our operations and practices. We aim to ensure the policy is appropriate to the changing environment.  Any changes we make to this privacy policy will be updated and published on our Website as necessary.

Our privacy policy is based on openness about how we use and protect your information.

COLLECTION OF YOUR PERSONAL OR SENSITIVE INFORMATION

At all times we will endeavour to only collect personal or sensitive information we need for a particular activity or function we are undertaking.

Purposes for which we collects, holds, uses and discloses personal or sensitive information

We only collect, hold, use and/or disclose personal or sensitive information which is reasonably necessary to ensure that we are able to provide you with the products and services that are appropriate to your needs, to identify you, to verify billing transactions for security, to contact you about your membership and account and to keep you informed about our product and service offerings which we think you may find useful.

When you engage with us, we will outline the purposes for which we will collect, hold, use and disclose your personal or sensitive information.

Kinds of personal information we collect

Due to the nature of the products and services we provide, and the requirements of legislation and regulations, we ask for a range of personal or sensitive information from our clients or individuals.

The types of personal or sensitive information we may collect can include details such as:

a)     Name, home address, work address, telephone numbers, email address and other such contact details;

b)     Date of birth and gender;

c)     Information in identification documents (e.g. driver’s licence, Medicare card, pensioner concession card, business name);

d)     Financial information such as credit card details, bank details; or

e)     Emergency contact details.

Collection of sensitive information

It may be necessary in some circumstances for us to collect sensitive information about you in order to provide specific services. The types of sensitive information we may collect include information about:

a)     your health;

b)     your weight and body measurements;

c)     your medical history;

d)     whether you smoke, drink alcohol, take medication or are pregnant;

e)     medical practitioner referrer details (such as physiotherapist, GP or specialist information); and

f)       other such health information.

Indirect Collection

In the course of performing one of our functions, we may collect personal or sensitive information about you indirectly, including from generally available public sources or from third parties, such as your authorised representatives or agents.

Anonymity

You have a right to refuse to provide us with your personal or sensitive information or to anonymity or the use of a pseudonym. However, for most of our functions and activities we will need your name and contact information to enable us to provide the services required.  Therefore, if you do refuse to provide such information, or request the use of anonymity or a pseudonym, we may be unable to complete or fulfil the purpose for which such information was collected, including providing you or our clients with the services we were engaged to perform.

Methods of collection

We use a variety of formats for the collection of personal or sensitive information. These include:

a)     Requiring you to complete a membership application, profile, questionnaire or other forms;

b)     Receipt of emails, letters and other correspondence;

c)     Telephone calls;

d)     Appointments in person;

e)     Publicly available records;

f)       Medical referrers; or

g)     Through use of our Website, such as via contact mailboxes or online enquiry forms, or through the registration process.

In every circumstance we will attempt to obtain such personal or sensitive information directly from you. If that is unreasonable or impracticable, we will attempt to obtain such information from other sources in accordance with this Privacy Policy.

Collection through our website

We use the public website www.corevaluefitness.com.au (Website). There are a number of ways that we collect information through the use of our Website.  The purpose of collecting information in this way is to improve the experience of users of our Website. 

Analytics

Our Website uses Google Analytics to analyse aggregate user behaviour.  Google Analytics is used to collect data relating to your interaction with our Website. The types of data we collect includes:

a)     Your devices IP address;

b)     Device type, operating system and browser information;

c)     Geographical information;

d)     Search terms and pages visited;

e)     Referring domain; and

f)       Date and time the Website was accessed.

Cookies

Cookies are data files placed onto devices by websites for record-keeping purposes and to enhance the functionality of the user experience on the Website.

Google Analytics uses first party cookies, which are text or data files placed on your computer for the purpose of anonymously identifying your session. These cookies are not used to grant us access to your personally identifiable information. Non-identifiable information (such as the pages you visit) may be tracked.

Most browsers allow you to direct whether cookies are received or not.  If you do not wish to have cookies placed on your device, you should set your browser to reject or block all cookies before accessing our Website.

If cookies have not been blocked, you can still direct your browser to delete your cookies, and this data will be erased.

Your information may be aggregated with information from other users for the purpose of improving our Website and offerings. We will not associate any data gathered from our Website with any personally identifiable information, unless you explicitly submit that information (e.g. your email address) via our online information form. Any links to third party websites on our Website are not covered by our privacy policy, and you should separately consider the privacy policy of the specific website you are taken to.

 

Electronic forms

If you submit a form using our Website, it will be stored in a secure server located in Australia.

Collection generally

We will use our best endeavours to ensure that the collection, holding, use and disclosure of personal or sensitive information by us is only done through lawful and fair means.

We will obtain your consent when reasonably able, relating to the collection, holding, use and disclose of your personal or sensitive information. However, we are not required to obtain your consent to collect, hold, use or disclose your personal or sensitive information if it is required or authorised by or under an Australian law or a court/tribunal order.

There are also other exceptions to the requirement of obtaining your consent in accordance with the APP’s. If you would like more information on these requirements, please contact our Privacy Officer.

Collection of someone else’s personal or sensitive information

You should only provide us with someone else’s personal or sensitive information where you have their express consent to do so and it is for the purpose of us providing services to you. Matters in this Privacy Policy should be communicated to any person whose information you collect and provide to us.

There may be circumstances where we are provided with personal or sensitive information which we did not actively seek. An example may be misdirected mail, or an excess of documents provided to us by clients. In such situations, our Privacy Officer will make a determination on whether we could have obtained the information lawfully in accordance with the APPs. If the information was not, or could not have been, lawfully obtained it will be destroyed or de-identified.

We will use reasonable endeavours to notify the relevant person, whose information has been mistakenly received, if this situation arises.

DISCLOSURE OF YOUR PERSONAL OR SENSITIVE INFORMATION

Generally, we will not disclose your personal or sensitive information to third parties unless we have your consent to do so, it is a situation which you would reasonably expect your information to be shared for such purpose, or the purpose for disclosing the information relates to the primary purpose for which we collected the information.

There are situations in which we may disclose personal or sensitive information, which are detailed below.

Providing the Services

We will only use and disclose the personal or sensitive information we may collect from you to provide you with the services you have requested.  This means we will make our staff aware of your health and any relevant medical information so that they can properly advise you and provide you with the services.

Data Breach Notification

We may be required by law to disclose personal or sensitive information relating to you to the Office of the Australian Information Commissioner in the event of a data breach.  This will include information we are obliged to include in a Mandatory Breach Notification System now prescribed under the Privacy Act.

 

 

Disclosure of personal or sensitive information overseas

We will take all reasonable steps to ensure that any overseas recipient of any personal or sensitive information conforms with the APP’s in the receipt, handling and use of your personal or sensitive information.

Information relating to use of the Website is disclosed to Google Analytics when you visit our Website.  We understand that Google stores information it collects in multiple countries other than Australia.

If you communicate with us through one of our social networks, such as Facebook or Instagram that social network provider may collect and hold any personal or sensitive information overseas.

Some of your personal information may be stored, used or processed overseas by us or third party service providers in the course of providing you with our products or services or contacting you in relation to such products or services.  In particular, your personal information may be disclosed to third parties which may store your personal information in the Netherlands and the USA and such other countries in which the third party’s servers may be located from time to time.

On collection of your personal or sensitive information, we will use reasonable endeavours to inform you whether it is likely we will disclose the information to any overseas recipient other than recipients within our network and, if so, where those recipients are likely to be located.

Direct marketing

We may engage in direct marketing to you from time to time.

When required, your personal or sensitive information will only be used or disclosed for the purposes of direct marketing where the information is not sensitive information, has been collected directly from you and there is an easy means to opt out of such marketing (and such an opt out request has not been made) in the following circumstances:

a)     Where you would expect us to use or disclose the information for direct marketing purposes; or

b)     You have consented to the use or disclosure of the information for direct marketing purposes.

There will always be a simple means by which you may easily request not to receive direct marketing communications from us.  For example, if you receive direct marketing by email or SMS text, that email or SMS text will contain an opt-out function or link.

QUALITY OF INFORMATION

Our procedures to ensure the accuracy of the information collected, and that it is up to date, include:

a)     Information is generally recorded in a format that is consistent;

 

b)     If information is collected from a third party or from a public document or source, we will endeavour to confirm the accuracy of that information;

 

c)     Records are updated upon the receipt of new and additional information;

STORAGE AND SECURITY

We hold personal or sensitive information in a combination of secure computer storage facilities and paper based files and takes steps to protect the personal or sensitive information we hold from misuse, loss, interference, unauthorised access, modification or disclosure.  We train our employees carefully on handling personal or sensitive information and confidentiality of such information.  We conduct regular audits of our processes, to ensure our staff, agents and contractors, are complying with security procedures.

Once we have no purpose for holding your personal or sensitive information, we will take all reasonable steps to destroy or de-identify the information.

ACCESSING AND CORRECTING YOUR PERSONAL OR SENSITIVE INFORMATION

Access to personal or sensitive information

You have the right to access any personal or sensitive information regarding you that we hold and ask that we correct that personal or sensitive information.

We will always ask you to verify your identity before you are given access to your information. If you are unable to verify your identity no access to the information will be given.

This is subject to some limited exceptions, which the Privacy Officer can provide further information on. Such requests should be made in writing to the Privacy Officer. We will acknowledge your request within 14 days and respond to it within a reasonable time.

We may charge a fee only to cover the cost of locating, retrieving, reviewing and copying any material requested.

We will not charge any fee to make the request or for us to give effect to the request. If your request is approved, we will provide you with access to the information in the manner requested if it is reasonable and practicable to do so.

Correction of personal or sensitive information

We will endeavour to ensure that the personal or sensitive information it holds is accurate and up-to-date.

You are able to make a request to correct your personal or sensitive information by contacting our Privacy Officer, or by telephoning or emailing us with your corrected information.

We will always ask you to verify your identity before your information is corrected. If you are unable to verify your identity no correction will be made to the information.

In some limited circumstances your request may be refused or partially refused. 

Procedure if your request to access or correct is refused

There may be limited circumstances where your request is refused or partially refused. If this occurs, we will give you a written notice that sets out:

a)     The reasons for the refusal, including the reasons why access cannot be granted in an alternative way (except where it would be unreasonable to provide those reasons);

b)     How to make a complaint about the refusal; and

c)     Any other matter as prescribed by the regulations. If your request to correct your personal or sensitive information is refused you have the option of submitting a statement associated with your personal or sensitive information. For more information contact our Privacy Officer.

HOW TO MAKE A COMPLAINT

If you consider that any action or failure of us breaches this Privacy Policy or the APPs, you are able to make a complaint.  Your complaint should be made in writing and addressed to our Privacy Officer.

Once we have received your complaint, it will be assessed, and we will determine what action, if any, needs to be taken to address your complaint.  Any complaint will be acted upon within a reasonable time, and you will generally receive our response within 30 days.

If you are not satisfied with our response to your complaint, you may contact the Office of the Australian Information Commissioner (OAIC).  The OAIC public website is at www.oaic.gov.au.

REQUESTING A COPY OF THE PRIVACY POLICY

On request, we may be able to provide you with a copy of the policy in an alternate format. If you have any enquiries or would like to make a request for a copy of the policy, please contact our Privacy Officer (refer to contact details below).

HOW TO CONTACT US

You can contact us through our Privacy Officer by:

Email - admin@corevaluefitness.com.au

Telephone - 08 8584 6757

Post - 15 East Terrace, Loxton SA 5333