James Smith Academy Pty Ltd ACN 621 129 511 (James Smith Academy, us, our, and/or we) is committed to protecting and respecting your privacy.
Please be aware that except to the extent required by law, or when it is deemed impracticable to do so, you have the option of remaining anonymous, or using a pseudonym, when dealing with us in relation to a particular matter.
This Policy applies to all information or opinion about an identified individual or an individual who is reasonably identifiable (you), whether the information or opinion is true or not, and whether the information is recorded in a material form or not (Personal Information) that is collected, stored, used and disclosed by James Smith Academy.
In this policy, we explain the kinds of Personal Information we collect, how and why we collect and use it, and what controls you have over our use of it.
Please read the following carefully to understand our practices regarding the collection and use of your Personal Information.
The Personal Information collected, held, used and disclosed by us includes, but is not limited to, the following information about you:
Some of the above information may also be classified as “health information” under the Act. Please see section 3 below for details about how we might collect, hold, use or disclose health information about you.
Given the nature of our business as provider of online fitness resources, we may also collect some sensitive information about you, for example, information about your health, which is afforded a higher level of privacy protection.
The Act includes the following information as “health information”:
Under the Act, a “health service” includes (among other things) any activity intended or claimed to assess, maintain or improve an individual’s health, or to record the individual’s health for the improving or managing the individual’s health.
Health Information which we might collect about you includes, but is not limited to:
We will not collect, use or disclose any of your Health Information except to the extent necessary to provide a health service to you through our programs, and will ensure that any Health Information is collected, used and disclosed only in accordance with rules established by other competent health or medical bodies (where applicable) that deal with obligations of professional confidentiality.
We will only collect Personal Information from you directly, unless it is unreasonable and impractical to do so.
We may collect Personal Information from you directly in the following ways:
In a situation where it is unreasonable or impractical to obtain Personal Information from you directly, you may be asked to consent to our collection of your Personal Information from a third-party.
We will always notify you after any of your Personal Information has been collected by us from a third party.
James Smith Academy holds Personal Information in databases hosted on servers based in the United States (including on servers through Heroku, Amazon Web Services (AWS), Google and Uploadcare). None of these servers are based in Australia.
We take reasonable steps to:
Some security measures that we have in place to protect your Personal Information include the following:
In the case that any of the Personal Information held by James Smith Academy is lost, or subjected to unauthorised access, modification, disclosure or other misuse or interference, we will notify you immediately and advise you of the steps you should take in response to the breach. Additionally, if we receive any unsolicited Personal Information (i.e. we inadvertently obtain information about you that we did not request) we will determine whether we would have been able to obtain the information by the methods described in this section 4. If not, we will, as soon as practicable, destroy the information and ensure that the information is de-identified.
Personal Information which is collected by James Smith Academy will be held, used and disclosed by us for the primary purpose of providing training and fitness regimes to our customers including:
James Smith Academy does not sell any of your Personal Information to third parties.
As set out in section 4 above, your Personal Information is stored on servers hosted in the United States through third-party hosting services Heroku, AWS, Google and Uploadcare.
We will not distribute the Personal Information you provide to another foreign entity unless we are required to do so by law or you provide your express consent to such a disclosure. Before disclosing any of your Personal Information to a foreign entity, we would also take reasonable steps to ensure that the entity to whom we disclose the information does not breach any of the Australian Privacy Principles.
You do not have to provide us with any Personal Information. However, if you choose to withhold any requested information, you may not be able to utilise our full offering, access special promotions or we may not be able to provide you with personalised support that is dependent upon the collection of such information.
We will only retain your Personal Information for as long as necessary to provide our services (as described in section 5 above) to you.
You have a right to request access to your Personal Information and to request its correction, by emailing us at firstname.lastname@example.org or by otherwise sending your request to the address specified in section 10 below. Upon receipt of a written request from you, we will give you access to the Personal Information we hold about you within 30 days of receiving your request unless an exception to access applies under the Privacy Act.
Upon receipt of a written request from you we will comply with our obligations under the Privacy Act to correct, amend, delete or cease to deal with any Personal Information we hold about you if it proves to be factually inaccurate, incomplete, or irrelevant to the purpose(s) for which it is being held within 30 days.
If you have a complaint about the way we have dealt with your Personal Information please make a complaint in writing to our Customer Support Manager, whose details are included in section 11 below. We will respond to all complaints within 30 days.
Please note that you may lodge your complaint anonymously. However, this may limit our ability to deal with your complaint and implement a satisfactory remedy.
If you do not receive a response from us within the specified period, or are dissatisfied with our response, you may then lodge your complaint with the Office of the Australian Information Commissioner (OAIC). To lodge a complaint with the OAIC you can either submit a Privacy Complaint Form online or submit the form to the OAIC by mail, fax or email. The Privacy Complaint Form and further details on how to lodge a complaint with the OAIC can be accessed via the OAIC website at: https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint.
The Privacy Officer
James Smith Academy Holdings Pty Ltd
11 Wembley Road
Moss Vale NSW 2577