- The terms:
- “the Company,” “we,” “us,” “our,” and “ours” means collectively FITASFX related entity as defined in the Corporations Act 2001 (Cth) their successors in title and assigns; and
- “you,” “your,” and “yours” refer to the user or viewer of the Website or user of our Services.
- As an Australian company we handle personal information principally in accordance with the Privacy Act 1988(Cth) (Act) and other applicable Australian State and Commonwealth laws. However, different data protection laws may apply where we obtain personal information from people outside of Australia and we seek to comply with those laws when applicable.
COLLECTION OF INFORMATION
- Reasons why we may collect and process your personal information and data.
- Personal information and data are only used and processed to the extent necessary to achieve the purpose for which it was intended. The personal information we may collect depends on how you use our Services as well as the type of relationship we have with you and may include:
- name and date of birth;
- address (for correspondence and address for legal service and may include your home address);
- contact details, such as email address and telephone numbers;
- financial information such as bank account, credit card details;
- medical history,
- professional sports medical reports;
- passport details.
- We do not collect information that is sensitive personal information (a particular type of personal information under the Act), unless it is relevant to our functions and activities. Sensitive personal information includes information about a person’s race, ethnic origin, political opinions, health, religious or philosophical beliefs and criminal history. If we request sensitive personal information we are subject to strict requirements in relation to it including to only collect and use sensitive information with consent and for the purposes for which it was collected or otherwise in accordance with applicable law, such as the Act.
PERSONAL INFORMATION HANDLING PRACTICES?
How is personal information collected?
- We collect personal information via:
- our website including through online portals, noticeboards, email enquiries and postings;
- other electronic and paper correspondence;
- face to face meetings; and
- our social media channels and accounts.
Collection of personal information from you
- Where possible, we will collect your personal information directly from you, your authorised representative or third parties you have authorised us to contact.
- There may be instances where we receive your personal information from third parties such as:
- contracted service providers, who have collected your information on our behalf; or
- member organisations or social media operators who you have authorised to share your personal information with other third parties such as us.
- If we receive your personal information from another party we will contact you, if we have enough information to do so and it is reasonable in the circumstances. Some exceptions to advising you may arise where:
- you have provided consent or reasonably expect the collection to occur;
- the collection is required or authorised by or under law;
- the collection is for the purposes of an investigation or personnel issues; or
- the collection is for the purposes of litigation or legal advice.
WHY WE MAY COLLECT, HOLD, USE AND DISCLOSE PERSONAL INFORMATION?
- We collect personal information to perform our functions, undertake our activities and provide the Services to you and for related secondary purposes.
Examples of how we may use personal information include:
- client and business relationship management;
- complying with legislative and regulatory requirements;
- performing administrative functions, including accounting, risk management, record keeping, archiving, systems development and staff training;
- managing our rights and obligations in relation to external payment systems;
- conducting market or customer satisfaction research;
- developing, establishing and administering alliances and other arrangements with other organisations in relation to the promotion, administration and use of our respective products and services;
- developing and identifying products and services that may interest you; or
- providing you with information about other products and services but only where this is permitted and whilst you are registered with us.
- If we request personal information and you choose not to or you cannot provide us with that information, we may be unable to provide you with the relevant Services you have requested or need.
- From time to time we will use the personal information we collect from you to inform you of products and services that we consider may be of interest to you.
If you elect to follow or link-in with any our affiliated official web pages or opt to follow or link-in with any employee of the Company on LinkedIn, Twitter, Facebook or other social media or networking platforms, we will infer you are open to receiving direct marketing through these mediums.
If you do not wish to receive direct marketing information you can tell us at any time by contacting us using the details set out in the ‘How to Contact Us’ section or using the unsubscribe function in the relevant electronic communication.
In addition to meeting privacy obligations we endeavour to comply with relevant anti-spam laws which may apply if we market directly to you.
- We can, and usually will, disclose personal information where:
- you have consented to the disclosure;
- you would reasonably expect that your information will be disclosed; or
- the disclosure is authorised or required by or under law, including circumstances where we are under a contractual or lawful duty of care to disclose information.
- However, we don’t sell or rent your personal information or data to any third parties for any purpose. The only uses of your personal information or data are those highlighted in this policy. Users are the only owner of their personal information or data and can request modification or deletion at any time.
Third Party Service Providers
- We need to share your personal information and data with third parties to meet legal and regulatory obligations and provide our Services and fulfil our contractual promises to you. Whenever personal information or data is provided to these parties it remains our property and is only used for the specific purpose for which it is supplied, or a purpose related to that specific purpose as permitted under the Act or applicable law.
Examples of third parties to whom we may disclose personal information you provide include:
- I.T. contractors and database designers and service internet service suppliers;
- credit reporting agencies and financial institutions;
- background checking and screening agents;
- our agents, suppliers, contractors and external advisers whom we engage from time to time to carry out, or advise on, our functions and activities;
- regulatory bodies, government agencies, law enforcement bodies and courts;
- other organisations with whom we have alliances or arrangements for promoting our respective products and services, and any agents used by us and our business partners in administering such an arrangement or alliance;
- external payment systems operators;
- any person to the extent necessary, in our view, to carry out any instruction you give to us;
- your agents and contractors, including your legal adviser and your financial adviser;
- your executor, administrator, trustee, guardian or attorney; or
- your referees.
- If we need to disclose your information to recipients or organisations based outside of Australia to provide Services to you, then wherever possible, we deal with such third parties who are bound by the provisions of the Act and Australian Privacy Principles (APPs). If this is not possible we will make every reasonable effort to verify that they would otherwise comply with the APPs or we reasonably believe they are subject to laws or contractual obligations which effectively uphold the principles for the handling of personal information that are substantially like the APPs.
It is not practicable to list all countries we may disclose this information to, however, if you would like further information on this, please contact us.
STORAGE, DATA SECURITY & RETENTION
- Collected personal information is held securely in our electronic and paper recordkeeping systems.
We have controls in place to protect against interference with personal information by way of unauthorised access, misuse, loss, modification, or disclosure including in the following ways:
- access to information collected from individuals is limited to authorised persons with a need-to know;
- our internal network, electronic records management system, and databases are protected using firewall, intrusion detection and prevention, antivirus, user authentication complexity and other IT security technologies and protocols;
- web transactions are conducted in accordance with PCI DSS standards;
- our web services are vulnerability tested against intrusion;
- we regularly conduct system audits and staff training to ensure we adhere to our established protective and IT security compliance and best practices; and
- aftercare measures are taken to support the removal of access to personal information when no longer required.
We take reasonable steps to destroy or permanently de-identify personal information when it is no longer required for any purpose for which it may be used or disclosed. However, it is not always practicable to destroy or de-identify electronic data. Where it is not reasonable to destroy or permanently de-identify personal information in electronic form, we will take reasonable steps to prevent inadvertent access to it.
REMAINING ANONYMOUS OR USING A PSEUDONYM
- You have the right to contact us anonymously or using a pseudonym unless there is a legal requirement that prevents this.
- Where you wish to make an enquiry or give us feedback, you may have the option of not identifying yourself. For example, you may sign up for our news services using a pseudonymous email address.
- You should be aware, however, that there may be instances where we cannot respond to you or properly investigate a complaint if you do not provide contact details or sufficient information.
COPY OF THIS POLICY
- If you wish to access this policy in hard copy it can be downloaded and printed from the Website or if you require an alternative format, please contact us.
We will provide the policy to you at no cost, together with hard copies or any documents referred to in this policy and maintained by us.
ACCESSING AND CORRECTION OF PERSONAL INFORMATION
How to access and correct personal information we hold about you
- You may request access to personal information we hold about you. We will provide you with access as requested, if it is reasonable and practicable to do so. There may be a moderate charge for us to provide access and there may be instances where we refuse your request such as:
- providing access would pose a serious and imminent threat to the life or health of any individual;
- providing access would have unreasonable impact on the privacy of other individuals;
- the request for access is frivolous or vexatious;
- the information sought relates to existing or anticipated legal proceedings between you and us and that information would not be accessible by the process of discovery in those proceedings;
- providing access would be unlawful;
- denying access is required or authorised by or under law; or
- providing access would be likely to prejudice an investigation of possible unlawful activity.
- If we deny your request for access, we will, where permitted by law, provide you with reasons for that denial.
- You may request corrections to any of your personal information that we hold to ensure the information is accurate, up to date, complete, relevant and not misleading.
- We must be satisfied that you are seeking access to or correction of your own personal information. We may ask you to provide verification of your identity. This process is free of charge.
Request to access or correct information
- If you wish to access or correct personal information we hold about you please contact us. Details of how to contact us are in the ‘ How to Contact Us ’ section.
LINKS TO OTHER WEBSITES
- FITASFX may provide links to websites outside of our website. These linked sites are not under the control of FITASFX, and FITASFX is not responsible for the conduct of companies linked to the FITASFX website, nor for the performance or otherwise of any content and/or software contained in such external websites.
COMPLAINTS ABOUT PRIVACY
- If you wish to inquire or make a complaint about the way we have handled your personal information, you may contact us are in the ‘How to Contact Us’ section.
- We are committed to quick and fair resolution of customer complaints and will ensure any privacy complaint is taken seriously. You will always be treated professionally and respectfully.
- If you are dissatisfied with the way we handle a privacy complaint, you may contact the Office of the Australian Information Commissioner (OAIC):
You may also make a complaint directly to the Information Commissioner, however, the Commissioner may recommend you try to resolve the complaint with us first.
HOW TO CONTACT US
- Contact us if you want to:
- obtain access to your personal information held by us;
- request correction of your personal information held by us;
- make an enquiry or complaint about our compliance with the APPs; or
- We will acknowledge your requests or enquiries within 5 business days.
- Provided you have given us your contact details we will endeavour to provide you with a written response within 30 calendar days after receiving your request by:
- providing access to documents;
- advising you of our decision to refuse access to or correction of documents; or
- advising you of any difficulties we have encountered in actioning your request, in which case we will provide you with an expected timeframe for finalising your request.
ELECTRONIC DATA COLLECTION
- This section explains how we collect information from our Website and the technologies used during electronic transactions and communications with us.
- It is important that you understand that there are risks associated with use of the internet and you should take all appropriate steps to protect your personal information.
- When an individual looks at our Website, our internet service provider, Aussie Broadband, makes a record of the visit and logs (in server logs) the following information for statistical purposes:
- the individual’s server address;
- the individual’s top-level domain name (for example .com, .gov, .org, .au, etc);
- the pages the individual accessed, and documents downloaded;
- the previous site the individual visited; and
- the type of browser being used.
- We do not identify users or their browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect the internet service provider’s server logs.
- By themselves Cookies do not identify you personally, but they may link back to a database record about you. If you register on our site, we will then link your Cookie back to your personal information details.
- Cookies are necessary to enable data analysis on our Website, but if you do not wish us to retain any information about your visit to our site you could delete the Cookies on your browser and change the settings on your web browser program.
How to provide or withdraw consent to the installation of Cookies
- In addition to what is specified in this document, you can manage preferences for Cookies directly from within their own browser and prevent – for example – third parties from installing Cookies.
Through browser preferences, it is also possible to delete Cookies installed in the past, including the Cookies that may have saved the initial consent for the installation of Cookies by this Website.
- Our technology systems log emails received and sent and may include voting and read and receipt notifications to enable tracking.
- When your email address is received by us because you send us a message, the email address will only be used or disclosed for the purpose for which you have provided it and it will not be added to a mailing list or used or disclosed for any other purpose without your consent other than as may be permitted or required by law.
- Additional information on technologies impacting on privacy can be found at:
- Australia: – https://www.oaic.gov.au/