The specific legal obligations of Coach’s Companion when collecting and handling your personal information are outlined in:
- The Privacy Act 1988 (Privacy Act) and in particular in the Australian Privacy Principles found in that Act.
- The New Zealand Privacy Act 2020.
- The General Data Protection Regulation EU 2016/679 (EUGDPR) of the European Union and European Economic Area and
- The UK General Data Protection Regulation tailored by the Data Protection Act 2018 (UKGDPR).
For the purposes of the EUGDPR and UKGDPR, Coach’s Companion is the “Controller” and “Processor” for the personal information you provide, unless otherwise stated.
Coach’s Companion are not required to have a Data Protection Officer, so any enquiries about our use of your personal data should be sent by email to firstname.lastname@example.org or by writing to P O Box 688, Mooloolaba, Queensland, 4557, Australia.
We may revise this Policy from time to time by updating this Policy. The revised Policy will take immediate effect when it is posted on our website or distributed through our email lists.
Coach’s Companion collects, holds, uses, controls, processes and discloses personal information to carry out Coach’s Companion activities, services and functions under the Privacy Act, NZPA, EUGDPR and UKGDPR.
These functions, services or activities include, but may not limited to the provision of a cloud technology platform that allows “you”, “your”, “user”, “registered user” to:
|1.||Create your user profile and log in credentials to access learning, personal development, career and messaging information.|
|2.||Maintain your personal details for example name, address, contact numbers, email address, password and other details associated with your user profile.|
|3.||Upload, download and delete documents stored against your user profile.|
|4.||De-activate your user profile and|
|5.||Establish and maintain your privacy settings.|
Coach’s Companion also collects personal information through our website and social networking services such as Facebook, Instagram, Linkedin and Twitter.
Coach’s Companion uses this information to improve our website and to receive feedback from the community.
WHAT IS PERSONAL INFORMATION?
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
|1.||Whether the information or opinion is true or not; and|
|2.||Whether the information or opinion is recorded in a material form or not.|
WHO’S PERSONAL INFORMATION DO WE COLLECT?
We collect personal information from individuals who are connected to Coach’s Companion’s operations and activities – including, but not limited to employees, clients, users and service providers.
HOW DO WE COLLECT YOUR PERSONAL INFORMATION?
Where possible, we will collect your personal information directly from you. This may be in person (for example, where you attend a meeting or an event), on the telephone or via email (for example, if you contact Coach’s Companion by phone or email) or online when you register and interact with the Coach’s Companion cloud technology platform or via our website www.coachsompanion.com.
We may also obtain personal information from third parties such as contractors and list vendors. If we collect personal information about you from a third party and it is unclear that you have consented to the disclosure of your personal information to us, we will take reasonable steps to contact you and ensure that you are aware of the circumstances surrounding the collection and purposes for which we collected your personal information.
WHY DO WE COLLECT YOUR PERSONAL INFORMATION?
We collect your personal information for a number of purposes, including, but not limited to:
|1.||Marketing||Communicate with you about our products, services, campaigns and events.|
|2.||Support||Provide you with information and support services, and to report on these services and|
|3.||Other||Communicate with you in relation to our operations, activities and objectives, to verify your identity, to improve and evaluate our programs, services and marketing and to comply with relevant laws.|
Where we collect your personal information for a specific purpose not outlined above, we will endeavor to provide you with a collection notice which explains the primary purpose and any related secondary purposes for which we are collecting your personal information.
OTHER SENSITIVE INFORMATION
As part of administering our services, we may collect other information and other sensitive information. Sensitive information includes the following type of information: racial or ethnic origin; political opinions; membership of a political association; religious beliefs or associations; philosophical beliefs; memberships; sexual orientation; genetic information; biometric information; biometric templates.
We will limit the collection of sensitive information to the minimum amount required to perform our services and when collecting you will be required to provide us with your “explicit consent”.
WHAT HAPPENS IF YOU DON’T PROVIDE ALL THIS INFORMATION?
If you do not provide some or all of the personal information requested, we may not be able to offer you our services or provide you with information about our causes, events, programs, projects, products or services.
USING A PSEUDONYM OR ENGAGING WITH US ANONYMOUSLY
Where practicable, you will be given the opportunity to engage with us on an anonymous basis or using a pseudonym.
WEBSITE USAGE INFORMATION AND HTTP COOKIES
A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies.
Strictly Necessary Cookies
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
|CurrentUserDateTime||CurrentUserDateTime for calander etc||N/A|
|TimeZoneOffset||Store user’s date time offset for calander etc||N/A|
|__RequestVerificationToken||this is an anti-forgery token (prevent CSRF attack). It guarantees that the poster is the one who gets the form.|
It prevents from anybody to forge a link and have it activated by a powered user.
|ASP.NET_SessionId||This is a cookie which is used to identify the users session on the server. The session being an area on the server which can be used to store data in between http requests.||N/A|
|.ASPXAUTH||Is a cookie to identify if the user is authenticated (that is, has their identity been verified). For example, a controller action may determine if the user has provided the correct login credentials and if so, issue an authentication cookie||N/A|
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.
|_ga||This Google Analytics cookie collects information on how visitors use our site. We use this information to understand how our visitors use the site, and how we can improve the website and user experience.||https://policies.google.com/technologies/cookies?hl=en|
|_gid||This Google Analytics cookie collects information on how visitors use our site. We use this information to understand how our visitors use the site, and how we can improve the website and user experience.||https://policies.google.com/technologies/cookies?hl=en|
|_gat||This Google Analytics cookie collects information on how visitors use our site. We use this information to understand how our visitors use the site, and how we can improve the website and user experience.||https://policies.google.com/technologies/cookies?hl=en|
|1P_JAR||This Google Analytics cookie is used by Google to gather website statistics and is hosted on the .gstatic.com domain.||https://policies.google.com/technologies/cookies?hl=en|
|em_cdn_uid||We use Embedly to embed rich content into our web site. This cookie measures the number of times an embedded element from a third party service has been used. Expires after 1 year.||http://embed.ly/legal/privacy|
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Coach’s Companion has enabled plug-in technology that enables you to manage all bar Strictly Necessary cookie preferences.
Why we collect information from you
We collect information from you to:
- Provide, operate, optimise and maintain our website, system administration and security.
- Handle enquiries and requests and provide you with information and access to our services or resources.
- Process the registration form that you submitted via our website.
- Schedule a meeting.
- Negotiate and execute contractual documents.
- Carry out our obligations arising from contracts entered in to between us and our clients.
- Perform our role as Data Controller and Processor of the EUGDP and UKGDPR.
- Perform administrative duties.
- Seek your views or comments on the services we provide.
- Compile aggregated statistics about the usage of our website and better understand the preferences of our clients and contacts.
- Carry out research and development to improve our services.
- Notify you of changes to our services.
- Provide you with our e-newsletter.
- Send information for marketing purposes.
- Carry out other legitimate business purposes, as well as other lawful purposes about which we will notify contacts, visitors, and clients.
Legal basis for processing
Our legal basis for processing the Personal Data described above will depend on the Personal Data concerned and on the specific context in which we process it. We primarily rely on four legal bases to process your Personal Data:
- Where you have given us valid consent to use your Personal Data in certain ways, we will rely on your consent. This includes situations where we will obtain your consent prior to sending your information for the purposes of handling your requests regarding the use of your Personal Data.
- We process Personal Data when it is necessary for us to do so in order to provide our services, pursuant to their instructions and in accordance our Stand Terms of Service.
- In certain cases, we may process your Personal Data where it is necessary in our legitimate interests, where those legitimate interests are not overridden by your rights and freedoms. This includes direct marketing, usage statistics and analytics to better understand how to use our website so that we can improve our services.
- In some cases, we may also have a legal obligation to process your Personal Data. If we ask you to provide Personal Data to comply with a legal requirement, we will make this clear at the relevant time and inform you on whether the provision of your Personal Data is mandatory or not (as well as of the possible consequences if you do not provide your Personal Data).
How long we keep your information
We review our retention periods for Personal Data on a regular basis. We will hold your Personal Data in our systems only for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract, after which time it will be destroyed, unless we are legally required to hold some types of information to fulfil our statutory obligations.
Who has access to your information?
We will not share your Personal Data with any third parties for the purposes of direct marketing or otherwise sell or rent your Personal Data to third parties.
- With your consent or pursuant to your instructions.
- To consultants, subcontractors and other service providers who need access to such information to carry out work on our behalf or to assist us in the provision of our website and other business-related functions such as website analytics.
- As part of a duty to disclose or share your Personal Data in order to comply with a legal obligation, for example, by a court order, or for the purposes of prevention of fraud or other crime, or to enforce or apply our Terms and Conditions or to protect the rights, property or safety of our clients.
When we use third party service providers, we only disclose the Personal Data that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and to keep it for no longer than necessary for the purposes of completing the tasks and providing the services to you on our behalf.
Your rights in relation to your Personal Data
You have the following rights:
- Right to withdraw your consent
If we have asked for your consent to process your Personal Data, you may withdraw that consent at any time.
- Right of access
You can ask us what information we hold about you, and you can ask for copies of your Personal Data.
- Right to Rectification
You can ask us to correct your Personal Data if it is inaccurate or to complete if it is incomplete.
- Right of erasure
You have the right to ask us to delete your Personal Data in certain circumstances (for example, if we no longer need your Personal Data, if you initially consented to the use of your Personal Data but have now withdrawn your consent, if you have objected to the use of your Personal Data and your interests outweigh our interests)
- Right to restrict the processing
In certain circumstances, you have the right to ask us to stop using your Personal Data for a period of time (for example, if you believe we are not doing so lawfully).
- Right to object to the processing
You have a right to object to the processing of your Personal Data where we rely on our legitimate interests to process your Personal Data.
- Right to data portability
You have the right to ask that we transfer the Personal Data that you shared with us to another provider or that we give you a copy in a machine-readable format so that you can transfer it to another provider.
How you can access and update your information
The accuracy of your information is important to us. If you change your e-mail address, or if any of the other information we hold is inaccurate or out of date, please send us an e-mail at email@example.com or write to us at P O Box 688, Mooloolaba, Queensland, 4557, Australia.
Security precautions in place to protect the loss, misuse or alteration of your information
When you provide us with Personal Data, we take steps to ensure that it’s treated securely.
Non-sensitive details (such as, for example, your e-mail address, etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your Personal Data, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
Transferring your information outside of Australia and the European Economic Area
As part of our services, the information that you provide us with may be transferred to countries outside of Australia and the European Economic Area (EEA), which includes all EU countries and non-EU countries Iceland, Liechtenstein and Norway. By way of example, this may happen for purposes related to your requests to exercise your rights under the EUGDPR and UKGDPR. These countries may not have equivalent data protection laws to the EU/ UK or benefit from an adequacy decision by the EU/ UK Commission. By submitting your Personal Data, you’re agreeing to this transfer and processing. If we transfer your information outside of the EEA in this way, we will take necessary steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.
Coach’s Companion services are not directed at children under the age of 16. We do not knowingly solicit or collect personal information from children under the age of 16.
If a child under the age of 16 wants to register on our cloud technology platform the parent/ guardian of that child must provide us with written authority and their proof of identity.
OPTING OUT OF DIRECT MARKETING COMMUNICATIONS
Where we use your personal information to send you marketing and promotional information by for example post, email or telephone, we will provide you with an opportunity to opt-out of receiving such information. By electing not to opt-out, we will assume we have your implied consent to receive similar information and communications in the future. We will always ensure that our opt-out notices are clear, conspicuous and easy to initiate.
WHO DOES COACH’S COMPANION DISCLOSE YOUR PERSONAL INFORMATION TO?
We may need to disclose your personal information to other parties or associated group companies in order to carry out our activities. This may include:
|1.||Business Providers||Professionals and/or businesses that provide support services to us.|
|2.||Researchers||To conduct research.|
|3.||Third Parties for Marketing||We may provide your contact details to contact you with information that may be of interest to you. From time to time, we may participate in data collectives where we share your personal information (other than sensitive information) with other organisations.|
|4.||Contractors and Service Providers||Who perform services on our behalf, such as mailing houses, printers, information technology services providers (including offshore cloud hosting/ computing service providers), database contractors and telemarketing agencies.|
Wherever we propose to disclose your personal information to a third party not outlined above, we will endeavor to provide you with a collection notice which explains the circumstances in which we might disclose your personal information.
CROSS-BORDER DISCLOSURES OF YOUR INFORMATION
We use cloud data hosting facilities and third party service providers to assist us with providing our goods and services. As a result, your personal information may be transferred to, and stored at, a destination outside Australia, New Zealand, the EU, UK and EEA, including but not limited to New Zealand, Netherlands, China, Singapore, Hong Kong, Ireland, Canada, United States of America and the United Kingdom.
Personal information may also be processed by staff or by other third parties operating outside Australia who work for us or for one of our suppliers, agents or partners. We take such steps as are necessary in the circumstances to ensure that any overseas third-party service providers we engage are aware of the Privacy Act and Australian Privacy Principles, NZ Privacy Act, EUGDPR and UK GDPR including through contractual arrangements where this is possible.
If your personal information is collected using our services, you have as a result consented to the disclosure, transfer, storing or processing of your personal information outside of Australia. You also acknowledge and understand that by providing such consent that we will not be required to take such steps as are reasonable in the circumstances to ensure such third parties comply with the Privacy Act and the Australian Privacy Principles.
WHERE IS YOUR PERSONAL INFORMATION STORED?
We take reasonable steps to protect all of the personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure. Your personal information will be stored on a password protected electronic database, which may be on our database, a database maintained by a cloud hosting service provider or other third party database storage or server provider. Backups of electronic information are written to drives which are stored with our hosting partner of choice.
Hard copy information is generally stored in our office(s), which are secured to prevent entry by unauthorised people. Any personal information not actively being used is archived, usually after 5 years, with a third party provider of secure archiving services.
Where personal information is stored with a third party, we have arrangements which require those third parties to maintain the security of the information. We take reasonable steps to protect the privacy and security of that information, but we are not liable for any unauthorised access or use of that information. Your personal information will stay on the database indefinitely until you advise you would like it removed, unless we de-identify it or destroy it earlier in accordance with privacy law requirements.
ACCESS TO YOUR PERSONAL INFORMATION
We will, upon your written request, and subject to applicable privacy laws, provide you with access to your personal information that is held by us. However, we request that you identify, as clearly as possible, the type(s) of information requested.
We will deal with your request in writing to provide access to your personal information within 30 days and you agree we may charge you our reasonable costs incurred in supplying you with access to this information.
Your rights to access personal information are not absolute and privacy laws dictate that we are not required to grant access in certain circumstances such as where:
|1.||Access would pose a serious threat to the life, safety or health of any individual or to public health or public safety.|
|2.||Access would have an unreasonable impact on the privacy of other individuals.|
|3.||The request is frivolous or vexatious.|
|4.||Denying access is required or authorised by a law or a court or tribunal order.|
|5.||Access would be unlawful, or|
|6.||Access may prejudice commercial negotiations, legal proceedings, enforcement activities or appropriate action being taken in respect of a suspected unlawful activity or serious misconduct.|
If we refuse to grant you access to your personal information, we will provide you with reasons for that decision (unless it is unreasonable to do so) and the avenues available for you to complain about the refusal.
UPDATING YOUR PERSONAL INFORMATION
You may ask us to update, correct or delete the personal information we hold about you at any time. We will take reasonable steps to verify your identity before granting access or making any corrections to or deletion of your information.
We have obligations to take reasonable steps to correct the personal information we hold when we are satisfied that it is inaccurate, out- of-date, incomplete, irrelevant or misleading for the purpose for which it is held.
If you require access to, or wish to update your personal information, please contact our Privacy Champion.
|P O Box 688, Mooloolaba, Queensland, 4557, Australia|
YOUR DEBIT OR CREDIT CARDS
We do not store credit card or debit card numbers on our websites or in our data base. Coach’s Companion is integrated to “STRIPE”, who store all card details and provide card payment processing services.
EUROPEAN and UNITED KINGDOM UNION GENERAL DATA PROTECTION REGULATIONS
If you are a resident of the European Union or United Kingdom for the purposes of the EUGDPR and UKGDPR the following applies to you.
In providing its services to you, Coach’s Companion may make use of a number of automated processes using your Personal Data and your activity on our Site as tracked by us, in order to provide more tailored and relevant services to you such as providing recommended to you through email communication, and on the Site or within our Apps.
Coach’s Companion may also use such data in automated processes aimed at providing more tailored and relevant services to Advertisers, such as:
- an approachability signal which indicates you being approachable or amenable to being approached about a particular service opportunity.
In addition to your rights set out above, you may:
- update or rectify any of the Personal Data that we hold about you, in the manner described in the “Updating Your Information” paragraph above.
- deactivate your account by navigating to your setting page.
- request that Coach’s Companion:
- provides you with a copy of the Personal Data Coach’s Companion holds about you in a portable and machine readable form; or.
- share your Personal Data with a nominated third party;
You may request that from us by contacting us using any of the methods set out in the “Contact Us” paragraph below.
Should you have any concerns in relation to Coach’s Companion collection and/or processing of your Personal Data, then in addition to the process set out in the “Complaints and Contact Us” about privacy and the Coach’s Companion website“ set out above (including the right to complain to the Office of the Australian Information Commissioner), you have the right to complain to a supervisory authority (within the meaning of the UKGDPR and UKGDPR).
General Data Protection Regulation (EUGDPR) – European Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Sunshade Capital Pty Limited has appointed European Data Protection Office (EDPO) as its EU GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:
– by using EDPO’s online request form: https://edpo.com/gdpr-data-request/
– by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium.
General Data Protection Regulation (UKGDPR) – United Kingdom Representative
Pursuant to the UKGDPR, Sunshade Capital Pty Ltd has appointed EDPO UK Ltd as its UKGDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
-by using EDPO UK’s online request form: https://edpo.com/uk-gdpr-data-request/
-by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom
COMPLAINTS & CONTACT US
If you want to contact us, have any queries or would like to make a complaint in relation to our Policy or the manner in which we handle your personal information, please contact our Privacy Champion at.
|P O Box 688, Mooloolaba, Queensland, 4557, Australia|
We endeavor to respond to complaints and queries within thirty days of their receipt.
If you are dissatisfied with our response, you may refer the matter to the Australian Information Privacy Commissioner (see www.oaic.gov.au).
If you are an EU or UK individual, then in addition to above, you have the right to complain direct to our EU or UK representative or direct to the EU or UK Supervisory Authority.
If you are New Zealand individual, then in addition to above, you have the right to complain direct the New Zealand Privacy Commissioner.