James Smith Academy Pty Ltd ACN 621 129 511 (James Smith Academy, us, our, and/or we) is committed to protecting and respecting your privacy.
Please be aware that except to the extent required by law, or when it is deemed impracticable to do so, you have the option of remaining anonymous, or using a pseudonym, when dealing with us in relation to a particular matter.
This Policy applies to all information or opinion about an identified individual or an individual who is reasonably identifiable (you), whether the information or opinion is true or not, and whether the information is recorded in a material form or not (Personal Information) that is collected, stored, used and disclosed by James Smith Academy.
In this policy, we explain the kinds of Personal Information we collect, how and why we collect and use it, and what controls you have over our use of it.
Please read the following carefully to understand our practices regarding the collection and use of your Personal Information.
The Personal Information collected, held, used and disclosed by us includes, but is not limited to, the following information about you:
name and/or username;
date of birth (see section 3 below);
country of residence;
password to your account;
medical/health information (see section 3 below);
a record of pages you visit on our website or app;
information and data about you received from third party services and organisations – including but not limited to the Apple App Store, Google Play Store and Facebook;
information about any complaints you may lodge; and
information about or related to your customised training program, support provided to you by our coaches or any other service we provide you through our website or app.
Some of the above information may also be classified as “health information” under the Act. Please see section 3 below for details about how we might collect, hold, use or disclose health information about you.
Information related to purchasing a subscription, including but not limited to billing address, phone number and payment information such as a credit card number (Financial Information) is processed by our third party processors and we do not collect, store or maintain your Financial Information unless we tell you otherwise at the time of your purchase. For more information about Financial Information please see section 4 below.
Given the nature of our business as provider of online fitness resources, we may also collect some sensitive information about you, for example, information about your health, which is afforded a higher level of privacy protection.
The Act includes the following information as “health information”:
information or an opinion about the health (including illness, disability or injury) of an individual);
the individual’s expressed wishes about the future provisions of health services provided to him or her; or
personal information which is collect as part of providing a “health service”, collectively, ‘Health Information’.
Under the Act, a “health service” includes (among other things) any activity intended or claimed to assess, maintain or improve an individual’s health, or to record the individual’s health for the improving or managing the individual’s health.
Health Information which we might collect about you includes, but is not limited to:
any medical issues (as may be relevant to your use of Coach Support, Training Programs or similar services we provide to you);
your health situation (for example, whether you are injured, pregnant or disabled, to the extent relevant to your use of the Coach Support, Training Programs or other similar services we provide to you);
your current height, weight, BMI and measurements;
what facilities or equipment you use to train;
information and data about you received from third party services and organisations – including but not limited to the Apple Health App, Fitbit and Garmin;
activity data, such as step count, sleep cycle, nutrition and workouts;
progress management – a weekly photo of you, and record of height, weight, measurements and similar information, as you work towards your goals through our program;
progress management – a record of your progress in weekly exercises;
your daily calorie requirements calculated using the calorie calculator on our website or app;
your specific nutritional requirements;
a description of your fitness and nutrition goals; and
any other information required for the provision of our programs to you.
We will not collect, use or disclose any of your Health Information except to the extent necessary to provide a health service to you through our programs, and will ensure that any Health Information is collected, used and disclosed only in accordance with rules established by other competent health or medical bodies (where applicable) that deal with obligations of professional confidentiality.
When you make purchases through our website or app, the Apple App Store, Google Play Store or other third party application, your payments are processed by a third party processor.
In these instances, the third party processor may collect certain Financial Information from you to process a payment on behalf of JSA, including your name, email address, address and other billing information in which case the use and storage of your Financial Information is governed by the third party processor’s terms, conditions and privacy policies.
We will only collect Personal Information from you directly, unless it is unreasonable and impractical to do so.
We may collect Personal Information from you directly in the following ways:
if you subscribe to a membership with James Smith Academy or create an account on our website or app;
if you log into your account using your Apple ID or Facebook account;
if you request assistance or advice from our online coaches;
if you make a request for support online, by the app, by email or by telephone;
if you participate in promotional offers;
if you choose to subscribe to our mailing list;
if you redeem a coupon issued by James Smith Academy;
if you disclose information such as contact details via our website or app.
In a situation where it is unreasonable or impractical to obtain Personal Information from you directly, you may be asked to consent to our collection of your Personal Information from a third-party.
We will always notify you after any of your Personal Information has been collected by us from a third party.
James Smith Academy holds Personal Information in databases hosted on servers based in the United States (including on servers through Heroku, Amazon Web Services (AWS), Google and Uploadcare). None of these servers are based in Australia.
We take reasonable steps to:
protect your Personal Information from misuse, interference and loss and from unauthorised access, modification or disclosure;
ensure that our system is appropriately backed-up to prevent the loss of your Personal Information; and
destroy or de-identify Personal Information when it is no longer required.
Some security measures that we have in place to protect your Personal Information include the following:
access to the database where your personal information is stored is restricted to particular authorised staff members;
the password for database access is changed frequently;
we use well-known and widely used development technology to run and maintain our website; and
our hosting providers manage the server and database protection in accordance with standard web practices.
In the case that any of the Personal Information held by James Smith Academy is lost, or subjected to unauthorised access, modification, disclosure or other misuse or interference, we will notify you immediately and advise you of the steps you should take in response to the breach. Additionally, if we receive any unsolicited Personal Information (i.e. we inadvertently obtain information about you that we did not request) we will determine whether we would have been able to obtain the information by the methods described in this section 4. If not, we will, as soon as practicable, destroy the information and ensure that the information is de-identified.
Personal Information which is collected by James Smith Academy will be held, used and disclosed by us for the primary purpose of providing training and fitness regimes to our customers including:
personalising our fitness regimes to help you achieve your individual fitness goals;
formulating our fitness programs to suit your individual health requirements;
providing you with the tools necessary to determine your nutritional requirements and track your food intake;
notifying you of account activity or update (such as a completed training program, group comment or weekly check-in);
sending you an email to notify you of any account changes or updates to our services (such as coach updates to our user programs, training group comments, or weekly check-ins);
supporting and enhancing our relationship with you (this includes processing your membership subscription, providing you with better support and service and sharing company news and information with you);
to provide insights into the progress and experiences of James Smith Academy members; and
to deal with complaints.
James Smith Academy does not sell any of your Personal Information to third parties.
As set out in section 4 above, your Personal Information is stored on servers hosted in the United States through third-party hosting services Heroku, AWS, Google and Uploadcare.
We will not distribute the Personal Information you provide to another foreign entity unless we are required to do so by law or you provide your express consent to such a disclosure. Before disclosing any of your Personal Information to a foreign entity, we would also take reasonable steps to ensure that the entity to whom we disclose the information does not breach any of the Australian Privacy Principles.
You do not have to provide us with any Personal Information. However, if you choose to withhold any requested information, you may not be able to utilise our full offering, access special promotions or we may not be able to provide you with personalised support that is dependent upon the collection of such information.
We will only retain your Personal Information for as long as necessary to provide our services (as described in section 5 above) to you.
You have a right to request access to your Personal Information and/or Health Information and to request its correction and/or deletion, by emailing us at email@example.com or by otherwise sending your request to the address specified in section 12 below.
Upon receipt of a written request from you, we will:
give you access to the Personal Information and/or Health Information we hold about you within 30 days of receiving your request unless an exception to access applies under the Privacy Act; and
comply with our obligations under the Privacy Act to correct, amend, delete or cease to deal with any Personal Information and/or Health Information we hold about you if it proves to be factually inaccurate, incomplete, or irrelevant to the purpose(s) for which it is being held within 30 days. If a request is made to delete your Personal Information and/or Health Information, we will take all reasonable steps to delete the information except where the information is required for legal reasons.
If you have a complaint about the way we have dealt with your Personal Information please make a complaint in writing to our Customer Support Manager, whose details are included in section 11 below. We will respond to all complaints within 30 days.
Please note that you may lodge your complaint anonymously. However, this may limit our ability to deal with your complaint and implement a satisfactory remedy.
If you do not receive a response from us within the specified period, or are dissatisfied with our response, you may then lodge your complaint with the Office of the Australian Information Commissioner (OAIC). To lodge a complaint with the OAIC you can either submit a Privacy Complaint Form online or submit the form to the OAIC by mail, fax or email. The Privacy Complaint Form and further details on how to lodge a complaint with the OAIC can be accessed via the OAIC website at: https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint.
The Privacy Officer
James Smith Academy Holdings Pty Ltd
11 Wembley Road
Moss Vale NSW 2577