The Concept Commitment to our Members
The Concept Pty Ltd (The Concept, we, us and our) is firmly committed to ensuring the privacy of our members, employees and other individuals we come in contact with. The Concept’s management and staff are aware of the importance of protecting the personal information we collect in the course of our business.
We are bound by the 13 Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth). The APPs set out the way in which organisations can collect, use, keep, secure and disclose personal and sensitive information. The APPs also give individuals the right to know what information an organisation holds about them and the right to correct that information if it is wrong. Further information on the APPs is available from the Office of the Australian Information Commissioner (www.oaic.gov.au).
‘Personal information’ is information or an opinion whether true or not and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
What Kinds of Personal Information Does The Concept Collect and Hold?
The personal information we may collect and hold varies according to how you interact with us. Details can include but are not limited to:
- Date of Birth
- Current and Previous Address (including postal address)
- Photo Identification
- Membership Card ID Photo
- Health Information
- Occupation an Employer
- Contact Details; including telephone numbers
- E-mail Address
- Bank Account Details and/or Credit Card Details
- Payment History
- Images of You from Surveillance Camera Footage
- Your Objectives and Interests
The above information is collected and recorded about individuals who interact with us such as:
- Our members, potential members and their representatives;
- Parents and guardians of our members and potential members and their representatives;
- Our suppliers and their representatives;
- Contractors and their representatives providing goods and services to us;
- Our employees past and present, including applicants;
- Any other person who comes into contact with The Concept.
In most cases, if we do not collect the information we require, then we may be unable to9 undertake certain activities, such as providing you with the requested information, goods and/or service.
The Privacy Act provides an exemption for employee records. That is, information about an individual, if that information directly relates to the act or practice of a current or former employment relationship between the employer and the individual. That exemption apply to The Concept in relation to the information held by The Concept about its employees. Please contact our Privacy Officer for more details.
How Does The Concept Collect Personal Information?
Generally, when providing goods and services to our clients or obtaining goods and services from our suppliers or contractors, we collect personal information directly from the individuals where reasonable and practical.
We may collect personal information directly from you when you:
- Provide information to us in any way (including completing an application form);
- Visit our website or premises form which we operate;
- Acquire goods from us or use our services;
- Request information about us, our products or our services;
- Provide feedback;
- Fill in a form on our website;
- Where we are required or authorised by law to do so.
We may also collect information about you form our other sources such as:
- Any of our contractors, including our personal trainers;
- Our related or associated entities;
- Other entities with that we do business with who we believe are of common interest to our members.
We will only collect your personal information from third parties if it is unreasonable or impractical to collect the necessary information directly from you or if we are otherwise permitted to do so.
How Does The Concept Handle Sensitive Information?
The Privacy Act describes ‘sensitive information’ as information relating to a person’s racial or ethnic origin, political opinions, religion, trade inion or other professional or trade association membership, sexual orientation, criminal record, and health information about an individual.
Occasionally, it may be necessary for us to collect sensitive information about you (such as any pre-existing or new medical conditions, medical certification and reports). These collections are consistent with our terms and conditions. We collect health 8infotmaiton about you to the extent that it is required to assess your reediness for physical exercise. If you or third parties provide us with sensitive information, we will as a matter of policy only use and disclose the information for the purpose for which it was provided or another directly related purpose, unless you agree otherwise, or where required by law.
Where practical and reasonable, we will only collect sensitive information with your consent.
Personal Information from Children
We will not collect the personal information from members, or potential members, under 18 years of age without the permission of a parent or guardian. As a parent or guardian, please do not allow your children to submit personal information without your permission.
Why Does The Concept Collect Personal Information?
The Concept is committed to providing quality customer service to out internal and external clients and to operate its businesses within the statutory requirements and comply with its legal obligations.
We collect and hold personal information in order to operate our businesses effectively as well as to provide and market our products and/or services for the benefit of our members.
We collect, hold and use your personal information to:
- Identify and communicate with you;
- Administer your membership and manage our relationship with you;
- Assist you with queries and to facilitate bookings of classes and appointments;
- Assess your general health, wellbeing and your readiness for physical exercise;
- Enable us to provide requested goods and services;
- Collect payments;
- Place insurance policies;
- Process any job application submitted to you;
- Help us to manage and enhance goods and services we provide to you;
- Help us to manage and enhance goods and service we purchase from our suppliers;
- Notify and assess insurance claims, pay settlements, finalise claims and determine liability;
- Develop and tell you about goods and services that we consider may be of interest, unless you advise us not to do so;
- Protect you and us from fraud;
- Secure out premises, personnel and members;
- Assist any police, insurance or health and safety investigation;
- Support our business, including maintenance, backup and audit;
- Comply with our statutory and legal obligations;
- Produce electronic and paper marketing material (including newsletters and promotions) and to allow us to provide advertising material to you regarding us, our clients and other business partners;
- Respond to any queries or complaints you may have.
When Does The Concept Disclose Your Personal Information?
Depending on the product or service we are providing to you, we may disclose your personal information to third parties where it is necessary to enable us to provide a product or service or to other third parties (such as your referee in connection with a job application you have submitted). We may disclose your personal information to third parties for the purpose set our above.
We may disclose your personal information to:
- Our subcontracted personal trainers;
- Your nominated representatives;
- Your parents or guardians (in the case of members who are under 18 years of age);
- Insurers, brokers, auditors, nosiness consultants and IT service providers;
- Other companies or individuals who assist us in providing products and services to you;
- Professional service providers and advisors who perform functions on our behalf, such as lawyers;
- Medical providers including medical and rehabilitation practitioners for assessing insurance claims;
- Government., regulatory authorities and other organisations as required or authorised by caw (such as Centrelink or the Police).
To manage and provide cost effective services, we outsource various administrative functions to third parties that provide mailing services, invoice and statement printing services, archiving functions, marketing services, and other services and functions as deemed necessary by management from time to time We may also disclose your personal information to our website host or software application providers in certain ,limited circumstances, for example when our website experiences a technical problem or to ensure that it operates in an effective and secure manner.
Organisations providing professional services to us are required to keep those dealings ad personal information provided by us as confidential unless required to disclose such information by statute or law.
In general, we do not send your personal information to any overseas recipient. However, we, one of our third-party providers may disclose your personal information to overseas recipients i8ncluding insurers, IT service providers, auditors and medical providers if:
- Related entities are overseas:
- We outsource certain activities to an offshore entity:
- Transactions, services or products have an overseas connection.
We do not otherwise disclose your personal information without your permission, unless the disclosure is:
- Required or authorised by law, including without limitation the APPs;
- Made with your consent.
Your consent to us using your personal information to send you information, including promotional material, about us or our products and services, as well as the products and services of our related entities, our associated entities and third parties, now and in the future. All our promotional material s related to your membership at The Concept, your fitness objectives and interests.
You also consent us sending you such information by means of mail, email, SMS and MMS messages. You can contact us using the contact details specified below if you do not want to receive marketing information from us.
How Does The Concept Manage Data Security?
We take reasonable steps to protect the security of your personal information by ensuring it is protected from misuse, loss, interference and from unauthorised access, modification or disclosure.
Our personnel are required to request the confidentiality of your personal information and the privacy of individuals. We m maintain strict standards and security procedures to prevent unauthorised access to the personal information whether it is an electronic or paper format, and to ensure the correct sue of this information. Personal information is stored in a central datable that is password protected with access available only to authorised persons (such as The Concept employees or our external database administrator) or otherwise your personal information is securely held within The Concept’s offices and only available to authorised persons.
Where we no longer require your personal information, we will take reasonable steps to delete, de-indented or destroy all record of the information held.
You Can Access and Update Your Personal Information
You are generally entitled under the Privacy Act to access the personal information that we hold about you (in the manner you request if that request is reasonable and pract8ical). You may contact our Privacy Officer using the details below.
If The Concept cannot provide access to your information, it will provide you with the reasons why. Depending on the nature of the request, The Concept may charge for providing access to this information, however such charge will not be excessive.
If the information The Concept holds about you is inaccurate, incomplete or not u to date you may request that The Concept corrects this information by contacting our Privacy Officer.
If you establish that the personal information, we hold about you is not accurate, complete and up to date, we will take reasonable steps to correct the information so that it is accurate, complete and up to date. If we cannot take reasonable steps to correct the information because such coercion is not technically possible or would be impracticable for us to perform, we may be unable to continue to provide services tr you. In these cases, we will provide reasons for denial of correction.
How Does The Concept Deal with Complaints?
It would assist us to respond to your complaint promptly if it is made in writing. Please detail information relevant to your complaint and those parties involved in the alleged breach.
If you feel that we have not satisfactorily address your complaint, you may also make a complaint to the Office of the Australian Information Commissioner by visiting www.oaic.gov.au or by writing to GPO Box 5218 Sydney NSW 2001 or GPO Box 2999 Canberra ACT 2601.
Email Address: firstname.lastname@example.org
Mailing Address: The Privacy Officer, 16 George Street Highfields
Phone: 02 4989 2719
This policy was last updated on 13/03/2016. I you have any general comments on this policy, please feel free to contact our Privacy Officer