Privacy Policy
Alimba Movement Privacy Policy
Introduction
Limba Movement Pty Ltd ACN 660 568 178 (Alimba Movement, we, us or our) operates the Limba Movement website [insert website URL] and online members software service (the Platform) which offers a fitness program to subscribers (the Service).
We are committed to respecting and protecting the privacy of your personal information.
This privacy policy (Privacy Policy) explains how we will collect, use, disclose, store, and protect personal information collected from you. This Privacy Policy also describes the way in which you may access or correct your personal information that we hold, and how to contact us if you have any complaints in relation to your privacy.
We will handle your personal information in accordance with applicable privacy and health records laws, including the Privacy Act 1988 (Cth) (Privacy Act) and its Australian Privacy Principles (APPs).
What is 'personal information’?
‘Personal information’ includes information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether or not the information is true and whether or not the information is recorded in a material form. For example, this may include your name, age, gender, postcode and contact details.
Personal information includes ‘sensitive information’, which is a special subset of personal information. Sensitive information includes identifying health information about you (eg: details of your health and medical history). Sensitive information also includes information about racial or ethnic origin, political opinions or associations, religious or philosophical beliefs, and sexual orientation or practices.
Why we collect your personal information
We may collect personal information from you so that you can access our Platform and use our Services.
When you subscribe to our Platform, when you make an inquiry, or you otherwise contact us, we collect the personal information that you give us such as your name, your telephone number, your address and email address and your date of birth. We do this so that we can provide you with our Services. We also keep personal information so that we can respond to queries and provide support to you in your use of the Platform.
We may collect 'sensitive information' from you. However, if we do, we will ask for specific consent for the collection and use of such.
If we do collect sensitive information, it would be in respect of health information and fitness history you have given us so that we can help with your fitness journey. We also do not seek out or collect information about your racial or ethnic origin, political opinions or associations, religious beliefs, or your sexual orientation or practices.
You are not required to disclose your personal information to us. However, if you do not provide the information requested, you may not be able to receive the full benefit of our Platform and Services.
What types of personal information do we collect?
We may collect the following personal information when you access our Platform or use our Services:
When you contact us, subscribe to our Platform or email list, or sign up for a free trial, we will often collect some or all of the following information from you:
your name, home address, email address and phone number;
your age, date of birth and gender;
your log in details and password used to sign in to your account on our Platform;
your banking, payment and billing details;
your health information and fitness history that you choose to give to us, such as your height, weight, any medical conditions, any injuries or ailments, and whether or not you are pregnant;
your fitness/lifestyle activity data generated through your use of the Platform and Services;
any information you voluntarily share with us when you interact with us via phone, email, social media or other form of communication;
your marketing preferences such as whether you wish to receive communications from us; and
any other information you share with us as part of your subscription.
We also collect your personal information through cookies as explained in this Privacy Policy below.
How do we collect your personal information?
We collect your personal information in a lawful and fair way and in a manner that is not unreasonably intrusive.
We collect your personal information when:
you provide us with personal information and/or sensitive information when you contact us, during the sign-up process for the Platform, for a subscription or for a free trial;
you visit our Platform;
you access or use our Services;
you submit any forms or surveys via the Platform;
you interact with us via phone, email, social media or any other form of communication;
we collect your billing and payment information; and
you agree to receive marketing or newsletter communications from us.
How do we use your personal information?
We collect information primarily to allow you to use our Services and enjoy the benefits of our Platform.
Some of the reasons we collect and store your information include:
to create and set up your account with our Platform;
to allow you to access our Platform and use our Services;
to provide information about our Services including updates, competitions, promotions and marketing messages;
to obtain feedback from you so we can continually enhance the experience of our Platform;
to record data and analytics for statistical and market analysis which allows us to improve our Platform and offerings of Services;
to respond to data requests from you and to fulfil our commitments to data storage and freedom of information under relevant governing agreements and regulations; and
to allow us to effectively respond to your complaints and enquiries.
In addition, we may from time to time use some of your personal information for other purposes such as:
to verify your information and identity and to protect against fraud and other unlawful activities;
to confirm your identity in order to allow you to join community chats or notice boards that we maintain or moderate;
to detect and prevent abuse of our goods and services (including by confirming your membership details and your use of our Services);
to continually improve the relevance of our marketing materials;
to fulfil our reporting obligations to any relevant tax and regulatory bodies; and
to share certain information with relevant third parties in order to provide services and marketing messages.
We may also use your personal information for purposes which are permitted under the applicable privacy laws, which include:
where we use your information for purposes which are directly related to the main purpose for which we collected it, in circumstances where you would reasonably expect us to use your information for these purposes; or
where we reasonably believe that use of your information is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety, and it is unreasonable or impracticable to obtain your consent.
Do we disclose your personal information to others?
We respect the privacy of your personal information and we take reasonable steps to keep it confidential and protected.
The Platform is integrated with third-party software and systems (third-party vendors) and, to provide the Services, we will need to disclose personal information to these third-party providers to the limited extent required to enable and support these integrated functions and to support the Services. We will endeavour to only disclose personal information to third parties with privacy policies in place that are committed to personal information security and complying with privacy laws.
We will not otherwise disclose your personal information to third parties unless it is consistent with the purpose for which we collected it, you have consented, or we are otherwise permitted or required to do so by law. This may include disclosure of your personal information in the following circumstances:
disclosure to our consultants and trainers in order to provide you with the Services (including the content making up the Services);
disclosure to comply with our legal obligations, including, but not limited to, where we are required to provide information under a subpoena or Court order or other mandatory reporting requirements under law;
to communicate with the Office of the Australian Information Commissioner if you make a privacy complaint or that body makes an inquiry of us; or
where this is reasonably necessary for the establishment, exercise or defence of any legal claim.
Where personal information is transferred or disclosed to such third parties, their access, storage and use will be subject to their own privacy policies. To the full extent permitted at law, we are not liable for any loss, damage or claim arising out of a third party’s access, storage or use of your personal information where we have transferred or disclosed the personal information to such third party in a manner consistent with this Privacy Policy, we were authorised by you or by law to provide that third party with your personal information.
Payment
We use a third party platform, U Screen, to display our Platform and to provide you with the Services. U Screen is integrated with Stripe, a third party payment gateway provider, to process your payment.
When you make a payment to us via Stripe or PayPal, you will be required to submit your banking and card information. This data is held by the provider and used by the provider in accordance with its own privacy policy.
For more insight, please refer to:
U Screen’s privacy policy at https://www.uscreen.tv/privacy-policy/
Stripe’s privacy policy at https://stripe.com/au/privacy
PayPal's privacy hub at https://www.paypal.com/myaccount/privacy/privacyhub
Will we transfer your personal information overseas?
As a rule of thumb, we generally do not transfer personal information overseas however we will do so where our suppliers require it (our cloud provider has data storage overseas or our payment provider has servers overseas).
In the event that we need to disclose personal information overseas, we will comply with the requirements of the Privacy Act when disclosing personal information overseas.
We will only disclose your personal information overseas if:
our service providers have platforms or databases based overseas;
you have provided your prior consent;
the receiving person or organisation (such as a supplier described above) is subject to a law, binding scheme or binding contract that provides substantially similar protection to the APPs which you can access and enforce; or
if the disclosure is otherwise required or authorised by law.
We will in all cases take reasonable steps to ensure that any such recipient of your personal information does not breach the APPs.
European Union General Data Protection Regulation (GDPR) and United Kingdom GDPR
If you are a resident of the European Economic Area you are protected by specific rights set out in the GDPR, including the following:
the right to access your personal information at any time and make enquiries as to what information we are holding about you;
the right to rectify or change your personal information at any time;
the right to request deletion of your personal data at any time unless we are required to hold your data for legal or regulatory reasons;
the right to restrict whatever personal information we hold about you;
the right to request the transfer of your data to a relevant third party;
the right to object to your personal information being used in a way that you do not like and request that we stop doing so. We will fulfil your request unless there is a legal or regulatory reason not to; and
the right to make a privacy complaint if you feel we are misusing your data. We will respond in the same way as we will for residents of any other country as set out in this privacy policy.
If you are in the United Kingdom, post "Brexit", the United Kingdom implements the "UK GDPR" with the same key principles, rights and obligations as the GDPR.
Direct marketing
If we intend to engage in any marketing communications, we may send you such communications in accordance with any previous consent you have provided or any marketing communication preferences that you have notified to us, and in accordance with the requirements under the Privacy Act and the Spam Act 2003 (Cth).
If you have previously agreed or consented to receiving marketing communications, but no longer wish to receive such marketing communications you can contact us using our contact details set out below to modify your preferences, or you can simply opt-out of such communications using the instructions or opt-out link provided in the marketing communication sent to you.
When you unsubscribe from our marketing communications, we will no longer contact you with marketing messages. However, this will not remove your personal information from our systems and will not result in you not receiving any communications from us. We will still have the right to communicate with you regarding operational and administrative matters in respect of the Platform and the Services (eg: we may contact you in respect of payment information, your member account or to require you to update your computer settings in order to receive the Service). If you would like for us to completely remove your personal information, you can contact us using our contact details set out below however we are not required to delete your personal information if we have a regulatory, operational or administrative requirement to keep it.
In no instance will we:
sell or transfer your personal information to a third party for their marketing purposes; or
use your sensitive health information for marketing purposes.
Quality of the personal information we hold
We take reasonable steps to ensure that the personal information we collect, use and disclose is accurate, up-to-date, complete, relevant and not misleading. You can assist us in keeping your personal information accurate by informing us of any updates to your personal information using our contact details below (when you interact with us and when you hold an account with us, you have an obligation to keep your details accurate and up-to-date).
How can you access and correct your personal information?
You have a right to seek access to, and correction of the personal information we hold about you.
If you are a subscribers to our Platform, including if you are on a free trial, you can log into your account and access the personal information and update it..
You can also request access to the personal information that we hold about you using our contact details set out below.
In certain circumstances, we may refuse to allow you access to your personal information where this is authorised by the law, such as where providing access would have an unreasonable impact on the privacy of other individuals, providing access would pose a serious threat to the life or health of any person or to public health or safety, or giving access would be unlawful.
If you believe that the personal information we hold about you requires correction (for example, because the information is inaccurate, out-of-date, incomplete, irrelevant or misleading), you may request that the information be corrected using our contact details set out below.
If we refuse your request for access or correction, we will provide you with reasons for the refusal in writing, and details about how you may complain about the decision.
How do we protect your personal information?
We take reasonable steps to protect personal information we hold about you from misuse, interference and loss, and from unauthorised access, modification, disclosure and destruction.
We use physical and technological security measures to protect the personal information we hold. We endeavour to work with suppliers and providers who work to keep data secure.
We may hold your personal information in a number of ways (including electronically and in physical format). When we store information electronically, this may be on our computer systems, databases, software programs, third party clouds, internet servers and hosted internet solutions, which are protected through necessary security systems including firewalls, security systems and passwords.
We use a third-party platform with cloud storage provider with servers located in Australia which uses industry standard security measures.
When your personal information is no longer required to be retained under law or retained for our operational or administrative purposes (including account keeping and compliance purposes), we will take steps to securely destroy the information or to ensure that the information is permanently de-identified. Where a third party provider holds your personal information, their retention is subject to their own privacy policy (eg: a payment service may be required by law to retain certain account and financial information).
Data breaches
We are committed to complying with the mandatory ‘notifiable data breach’ scheme (the NDB scheme) under the Privacy Act. The NDB scheme applies when an ‘eligible data breach’ of personal information occurs.
An ‘eligible data breach’ occurs when:
there is unauthorised access to or unauthorised disclosure of personal information, or a loss of personal information, that an organisation holds;
this is likely to result in serious harm to one or more individuals; and
the organisation has not been able to prevent the likely risk of serious harm with remedial action.
An organisation may take remedial steps to prevent the likelihood of serious harm occurring for any affected individuals after a data breach has occurred, in which case, the data breach is not an ‘eligible data breach’.
Where we have reasonable grounds to believe that we have experienced an eligible data breach (and remedial action cannot be used), we will promptly notify affected individuals and the Office of the Australian Information Commissioner about the breach in accordance with the Privacy Act.
Our website and cookies
Where you upload information via our website or the Platform, including via the "Contact Us" contact form, by the very act of your upload you consent to us keeping your personal information for the purposes of dealing with your inquiries and our supply of Services to you.
We will deal with any personal information collected via our website in accordance with this Policy and the law.
We also collect data through our use of ‘cookies’, 'beacons' and other internet technologies.
Cookies are small data files which are stored on your device’s browser. Cookies are stored in order for your internet browser to navigate a website. Cookies will not identify you, but they do identify your internet service provider, browser type and browsing habits.
A web beacon is a technique used on web pages and emails to unobtrusively check that a user has accessed some content.
We will not use cookies or beacons to collect your identifying personal information. They may collect statistical information about your visit to our website or Platform (such as the pages you visit on the website) in order to remember your preferences and allow you to navigate the website or Platform more easily.
The default setting of most internet browsers is to accept cookies automatically, but you can choose whether to allow cookies through your browser settings. Please note that if you deactivate your cookies, you may have difficulty accessing or using the website, Platform or the Services.
We also collect your IP address to create an audit trail of events that take place on our website and Platform, and to track and aggregate non-identifiable information, your referring website addresses, browser type and access times.
Links
If we provide links through our website or Platform to third-party websites, add-ins, plug-ins and applications, those links are provided for convenience and may not remain current or be maintained.
Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, add-ins, plug-ins or applications, and have no control over or rights in those linked websites, add-ins, plug-ins or applications. The privacy policies that apply to those other websites, add-ins, plug-ins or applications may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites, add-ins, plug-ins or applications.
Privacy related questions and complaints
We respect your privacy and we take all feedback, input, complaints and concerns regarding privacy very seriously.
If you have any questions about privacy-related issues, you would like to request access to or correction of your personal information, you would like further information about this Privacy Policy, or you have a concern or complaint your privacy or the handling of your personal information by us, you may lodge your question, concern or complaint in writing to us at:
Contact Us: [insert Contact Us URL]; or
Telephone number: XXXXXXXX; or
Email: [insert email address].
Where you contact us, we will respond to you as soon as possible, but no later than 30 days from receipt of your question or complaint.
If you are not satisfied with our response, or if you do not wish to raise a question or complaint with us directly, you may wish to contact the Office of the Australian Information Commissioner at www.oaic.gov.au.
Updates to this Policy
We may update this Privacy Policy from time to time. We will make the most current version of this Policy available on our website at [insert website URL].
Effective: [Insert date]