1. What is personal information
Sensitive information includes, for example, information or an opinion about your racial or ethnic origin, your sexual orientation, your religious beliefs or your membership of a professional association, trade association or trade union. Sensitive information also includes your health information, genetic information and biometric information.
2. How the company collects your personal information
The Company collects your Personal Information primarily as a result of your use of the Services, including (but not limited to) the information you provide when completing your initial health assessment (which may be conducted, for example in person or via Skype), your registration to participate in any associated program (such as the Total Wellbeing Diet program, the DNA Diet Plan and Clickfit), during the coaching sessions, feedback provided by you or the posting of material in the social network forum, and any other correspondence between you and the Company.
We may also collect your Personal Information from third parties, such as your health insurer, your health practitioner where you have provided consent to them to disclose your Personal Information to the Company.
In the event of a complaint, we may also receive Personal Information about you from other parties or from other users of this Services or third parties who may communicate information to us in relation to that complaint.
You do not have to provide your Personal Information to visit the Website; however, you do need to provide us with personal information to access and use various Services provided by Digital Wellness in their Weight Management Programs, such as to complete an initial health assessment, participate in the coaching sessions, subscribe to our newsletter or to participate in programs such as the CSIRO Total Wellbeing Diet, DNA Diet Plan or Clickfit.
From time to time, the Company may receive information relating to you that we have not requested (“Unsolicited Information”). In the event that the Company does receive Unsolicited Information, we will check whether it’s reasonably necessary for us to keep it. If it is, the Company will treat the Unsolicited Information in the same way as other information that we request you to provide to us. If the Company determines that it is not reasonably necessary for us to keep it, we will, as soon as practicable, destroy or de-identify the relevant Unsolicited Information.
A cookie is a piece of data temporarily stored on the user's hard drive containing information about the user. The cookie helps the user to save time. For instance, by setting a cookie on this Website, the user would not have to log in a password more than once, thereby saving time while on this Website. Web browsers can be set to reject cookies. If a user rejects the cookie, they may still use this Website, but may not be able to take advantage of certain features.
Cookies help us evaluate your use of this Website, such as what kind of information you want to see and what kind you will never read. Cookie technology allows websites to ask for your registration and preference questions only once. The next time you return to this Website, you will not necessarily need to "sign in" again. Remember that cookies are "non-executable" pieces of code; that is, they are incapable of doing anything to your hard drive.
Cookies are easy to delete from your hard drive; talk to your systems administrator or your Internet provider for detailed instructions.
If you would like to opt out of third party cookies, please disable or delete the cookies in your browser or use the www.aboutads.info/choices service.
4. Kinds of personal information that the company holds about you
The Personal Information generally held by the Company includes your name, address, date of birth, contact details (including both or either postal and/or email addresses), marital status, employment status, occupation, records of correspondence and information relating to your use of the Services. Information that you provide in your initial health assessment may include sensitive Personal Information, such as information about your personal and family medical history and status, dietary requirements, previous illnesses or injuries or current or expected state of health (such as information about your height, weight and age). We may also collect sensitive Personal Information if you have a consultation with one of our allied health practitioners, for example, at the end of your treatment program so that a final report on your progress can be prepared. However, the Company will only hold this information if it has been collected with your express consent.
The Company will take reasonable steps to ensure that the Personal Information we hold about you is accurate, up to date and complete. However, if your contact details change, for example, please let us know so that we may update our records.
5. How the company holds your personal information
Depending on the circumstances, the Company may hold your Personal Information in either hard copy or electronic form, or both. Generally, a copy of all written correspondence is held in hard copy and the Company’s client database and email correspondence is held in electronic format.
The Company will take reasonable steps to destroy or de-identify your Personal Information once it is no longer needed, unless we are required by Australian law, or a court or tribunal order to retain it.
All Personal Information in electronic form is held on servers in Australia and USA depending on the location of the sale.
6. How the company uses your personal information
The Company uses your Personal Information:
- to provide you with the Services including, for example, conducting an initial health assessment, providing you with a treatment program and a final report at the end of your participation in a program;
- to register, set up and manage your account;
- to conduct Dietitian Coaching Sessions;
- to contact you regarding your program or respond to any feedback you request from us and for providing other customer services;
- to liaise with your health practitioner and/or health insurer (where you have provided consent);
- for internal purposes such as procedural assessments, risk management, product and service reviews;
- to provide you with information about our programs, services, promotions and competitions either by way of communications directly from us (for example by email, mail or sms) or through communications via social media platforms;
- the prevention of fraud and/or identifying and investigating any suspicious use of our Website or our Services;
- for our internal business and management processes, for example accounting or auditing purposes;
- for any other purpose to allow the Company to comply with its obligations under law; and
- for any purpose that would be reasonably expected by you.
We also use IP addresses in order to analyse trends, administer this Website, track users’ movements and gather broad demographic information. IP addresses are not linked to Personal Information. We also use de-identified Personal Information to analyse results of our programs, and disseminate these findings as publications or reports, conference abstracts or presentations.
7. Sharing of your personal information
The Company may disclose Personal Information where it is permitted under the Privacy Act 1988 (Cth). For example:
- if you give your consent, for example, your Personal Information may be shared with your healthcare practitioner, your carer and/or your health insurer;
- where the Company is legally required to do so, including pursuant to court or tribunal orders, taxation laws;
- if there is a serious threat to an individual’s health or safety, for example, an individual’s Personal Information may be shared with their doctor, the police or other emergency service providers if there are serious concerns regarding the individual’s health or wellbeing;
- where there is reasonable suspicion of unlawful activity;
- for the conduct of surveillance and intelligence gathering by an enforcement body or
- to assist in locating a missing person.
The Company may disclose your Personal Information to operators of social media platforms for the purposes of enabling us to provide you with information about our products and services to you or others through the relevant social media platform. Third parties may unlawfully intercept or access transmissions or private communications. As a result, while we strive to protect your Personal Information, we cannot ensure or warrant, and do not warrant, the security, privacy or confidentiality of any information, including Personal Information that you transmit to us, and you do so at your own risk.
In the unlikely event that we need to investigate or resolve problems or enquiries, we can (and you authorise us to do so) disclose any Personal Information about you to law enforcement or other government officials as we, in our discretion or as may be required under law, believe necessary or appropriate.
De-identified information will also be provided to the CSIRO and the Glycemic Index Foundation in connection with evaluating the use of the Website, the tools made available on the Website and the effectiveness of the Total Wellbeing Diet program. For example, information may be provided about the number of unique users who visit the Website, the demographic breakdown of the users of the Website, the activities that visitors to the Website engage in while on the Website, food diary information, exercise logs and weigh-in details. De-identified information means data that is identified by a code and not by a person’s name or other personal details.
The Company may also provide de-identified information to the CSIRO so that the CSIRO can use that information to analyse the results of participants in the CSIRO Total Wellbeing Diet program, conduct research and disseminate these findings as publications or reports, conference abstracts or presentations.
We may engage independent contractors, vendors and suppliers (collectively, "Outside Contractors") to provide specific services and products related to this Website or online products, such as hosting and maintaining our social network forums and developing applications for this Website and email services. These Outside Contractors may sometimes have limited access to information collected on this Website, including your Personal Information, in the course of providing products or services to us. Access to your Personal Information by these Outside Contractors is limited to the information reasonably necessary in order for the Outside Contractors to perform their limited function for us. We also require that these Outside Contractors:
- not use or disclose your Personal Information for any purpose, other than providing us with the products or services for which we contract.
Please keep in mind that:
- whenever you voluntarily disclose Personal Information online – such as in discussion forums, sharing information in our social network forum – that Personal Information can be collected and used by others, without your prior consent or knowledge. If you disclose any Personal Information that is accessible to the public, you may receive unsolicited messages from parties who have used that Personal Information; and
- you are solely responsible for maintaining the security of your passwords and/or any account information. Accordingly, please be careful and responsible with your Personal Information, whenever you are online.
Please note that, if you provide any Personal Information to parties who provide services to this Website or any other websites you encounter on the Internet (even if these websites are branded with our branding), different rules may apply to their use or disclosure of the Personal Information you disclose to them. We encourage you to investigate and ask questions before disclosing Personal Information to any of those third parties.
8. How the company secures your personal information
The Company holds all hard copy and electronic records of Personal Information in a secure manner to ensure that they are protected from unauthorised access, modification or disclosure. The Company’s staff follow strict information handling procedures and the Company only permits those staff whose tasks require use of your Personal Information to access it. The Company uses multiple security measures to protect personal information, e.g. Secure Socket Layer (SSL) technology, encryption when data is being transferred, encrypted payment gateways, firewalls, etc.
The Company destroys your Personal Information once it is no longer needed by the Company or required to be kept by law, for example, by shredding hardcopy records and degaussing (demagnetising) electronic records.
9. Third Party links
10. Your right to lodge a complaint
You may lodge a complaint with the Company’s Privacy Officer either by mail to PO Box 1971, North Sydney NSW 2059, by telephone on (02) 8294-9126, by facsimile on (02) 9923 8223 or by email to [email protected]. The Company will inform you who will handle your complaint and you may contact the Company’s Privacy Officer to enquire about the progress of the complaint at any time.
If you are not satisfied with how the Company has handled your Personal Information, you are entitled to lodge a complaint with the Office of the Australian Information Commissioner. Information regarding how to lodge a complaint is available from the Commissioner's website at www.oaic.gov.au or by ringing the Commissioner's information line on 1300 363 992. However, before investigating a complaint, the Commissioner is legally required to be satisfied that you have first expressed your concern to the Company to afford it an opportunity to resolve the complaint directly, unless it is inappropriate for you to do so.
11. Your right of access
You may request access to your Personal Information at any time by sending a written request to the Company’s Privacy Officer by mail to PO Box 1971, North Sydney NSW 2059, by telephone on (02) 8294-9126, by facsimile on (02) 9923 8223 or by email to [email protected]. In your request, please state how you would like to obtain access. For example, you may like to inspect the Company’s records of your Personal Information at the Company’s premises or you may prefer to be sent a photocopy or an electronic version of your Personal Information. You do not need to provide a reason for your request. Once the Company’s Privacy Officer has verified your identity, your request will be forwarded to the Company’s information systems manager who will acknowledge receipt of your request within 14 days and arrange for access to be provided to you in an appropriate manner within a reasonable time, usually within 30 days of receipt of your request. The Company may charge a reasonable fee for providing access if a significant amount of time is required to locate your Personal Information or to collate or present it in an appropriate form. The Company will notify you in advance of any likely charges (or the basis for their calculation) for providing access to your information. If your account is held in conjunction with another individual, the Company will provide each person named on the account with access to Personal Information held about each account holder. In rare circumstances, and only where it is permitted under the Privacy Act 1988 (Cth), the Company may not be able to provide you with access to your Personal Information; for example, where it will have an unreasonable impact on the privacy of others, where it relates to legal proceedings between the Company and you through which the Personal Information would not otherwise be available, where it would be prejudicial to negotiations the Company is holding with you, where the Company is required by law to withhold the Personal Information, where it would reveal information relating to the Company’s commercially sensitive decision making processes; where it’s subject to a court or tribunal order, or if it would be a serious threat to public health and safety. If the Company is unable to provide you with the requested access, the Company will state why this is so and consider whether the use of an intermediary would be appropriate to provide you with an explanation of the Company’s position.
12. You may correct your personal information
If your Personal Information is out-of-date or incorrect, you may inform the Company of this and the Company will correct it for you. In the unlikely event that the Company disagrees about the accuracy of the Personal Information provided and is unable or unwilling to change it, you may provide the Company with a statement indicating that you dispute its accuracy and the Company will associate that statement with your Personal Information in such a manner that it will be brought to the attention of each person who uses the Personal Information.
If the Company is unable to correct your information, we will provide to you within a reasonable period a written notice setting out the reason(s), and the complaint mechanisms available to you.
13. Transfer of your personal information overseas
The Company only transfers your Personal Information overseas if the transfer is to you, or to one of your authorised representatives, or it is with your express consent, or the transfer is necessary for the provision of contracted products or services to you. For example, we may store your Personal Information in a cloud or other type of networked electronic storage which uses data storage facilities outside of Australia. Countries to which we may transfer your Personal Information include the United States of America.
The Company will not send your Personal Information outside of Australia in any other circumstances. Where the Company does send your Personal Information overseas, it will ensure reasonable steps are taken so that the overseas recipient does not breach the Australian Privacy Principles in relation to that information, or adheres to laws substantially similar to the Australian Privacy Principles. The Company will also take reasonable steps to prevent unauthorised access and reduce the risk of disclosure to unknown entities.
15. Further personal information
The Company will, upon receipt of your request, provide you with further Personal Information regarding your privacy. If you have any queries or requests in this respect, please contact the Company’s Privacy Officer either by mail to PO Box 1971, North Sydney NSW 2059, by telephone on (02) 8294-9126, by facsimile on (02) 9923 8223 or by email to: [email protected].
This Policy shall be available to access on our Website at all times. Let the Company know if you would like a hard-copy of this Policy sent to you.