Thrivhers ABN 19166530651(we, us, our, or Thrivhers) recognises and values the protection of your personal information.
Personal Information and Sensitive Information
Personal information is defined in the Privacy Act as:
Information or an opinion about an identified individual, or an individual who is reasonably identifiable:
(a) whether the information or opinion is true or not; and
(b) whether the information or opinion is recorded in a material form or not,
Sensitive information includes things such as race, sexual orientation, political opinions, members of a trade association or trade union, criminal record or health information (Sensitive Information).
INFORMATION WE COLLECT AND HOLD
Our company website Thrivhers.com is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
When you sign up to become a Thrivhers member via our website, which is located at www.thrivhers.com (the Website), we will usually only ask for the following information:
professional profile information; and
We may ask you to nominate a User Name, a Display Name and a Password. We will not collect Personal Information unless the information is reasonably necessary to establish an account for you and provide our services to you.
From time to time, we may ask you to supply personal information such as your name, address, date of birth, telephone number or e-mail address. However, under no circumstances will we request any information from you that may disclose your:
political, religious or philosophical opinions, beliefs, associations or affiliations;
health and sexuality;
racial or ethnic origin;
membership of a trade union, or a professional or trade association; or
We may also conduct surveys or market research and may seek other information from you on a periodic basis. These surveys will provide us with information that allows improvement in the types and quality of services offered to you, and the manner in which those services are offered to you.
We may from time to time run competitions or offer additional benefits to you and we may ask you to provide us with your Personal Information for these purposes. Providing us with this information is optional to you. However, if you do not provide your Personal Information to us we may not be able to contact you or give you access to the additional benefits.
You may opt out of these additional communications at any time and can do so by emailing us at firstname.lastname@example.org
We will not collect Personal Information about you from third parties unless:
you consent to the collection of the information from someone else; or
it is unreasonable or impracticable to collect the information from you.
If we collect Personal Information from a third party, we will inform you that Personal Information has been collected and the circumstances of such collection.
Personal information via the Website
Most commercial websites use ‘cookies’, which are pieces of information that websites send to the browser and are stored in the computer hard-drive.
Cookies make using the Website easier by storing information about matters such as your preferences on the Website. This allows the Website to be tailored to you for any of your return visits. Cookies will not be used to identify you personally.
If you would prefer not to receive cookies, you can alter your security settings on your web browser to disable cookies or to warn you when cookies are being used. However, by disabling the cookie function in your web browser you may impede your ability to use parts of the Website.
Your option not to provide your Personal Information
Unsolicited Personal Information
Where we receive unsolicited Personal Information about you, we will check whether that information is reasonably necessary for our functions or activities. If it is, we will handle this information the same way we do with other information we seek from you. If not, we will destroy or de-identify it.
Children and minor’s privacy
We also ensure that our Website and marketing is not aimed at and does not target children under 13 years of age and will not intentionally collect data from them. If you believe that we might have any information from or about a child under 13, please contact our Privacy Officer at email@example.com.
Use and disclosure of your Personal Information
We are the data controller of the Personal Information we collect from you. We take appropriate measures to ensure that all processing of your Personal Information by us, or by our service providers, is lawful. The lawful basis for the processing of your Personal Information will depend on the purposes for which we process your information.
Much of the personal information we collect from you is necessary for us to provide our products and services to you. This includes most of the information you provide to us when setting up a membership account.
Some of the processing we conduct is necessary in pursuit of our legitimate interests in developing our Website and services and ensuring that they deliver relevant and focused content to you.
Your Personal Information, including your email address, will be used, either on its own or as part of aggregated data, for the following primary purpose:
providing you with news and information about our services and functions;
purposes necessary or incidental to the provision of our services and functions;
to ensure the proper functioning of our Website including customising and improving your online experience with us;
to ensure the proper functioning of the Thrivhers business;
personalising your experience with our products and services, for example through connectivity with social media services;
to assist Thrivhers with our marketing, planning, workshop development and research requirements; and
sending you marketing and promotional material that we believe you may be interested in and otherwise communicating with you about our products and services.
We will not use or disclose (or permit the use or disclosure of) Personal Information that could be used to identify an individual member in any circumstances except:
to ensure the proper functioning of our business and the Website;
to communicate promotional offers and special events to you;
where applicable law requires, or authorises, us or a company holding data on our behalf to do so; or
where you have given express consent to us for a prescribed purpose.
Only with your express consent will we use or disclose Personal Information (including Sensitive Information) about you for the purposes of direct marketing.
If we are compelled by law to disclose your Personal Information to a third party, we will take reasonable steps to notify you of this in advance, wherever it is lawful and reasonable for us to do so. We will not sell your Personal Information.
Public Personal Information
Any Personal Information you choose to make publicly available on our Website, for example, by posting comments on any of our pages, will be available to others. If you remove information that you have made public on our Website, other users may have already saved or downloaded that information, and copies may remain viewable in cached and archived pages of our Website.
Security of Personal Information
In our business, Personal Information may be stored both electronically and in hardcopy form. We are committed to keeping your Personal Information secure regardless of the format in which we hold it and we take all reasonable steps to protect your information from misuse, interference, loss, and unauthorised access, modification or disclosure. However, your use of the Website is at your own risk and we accept no responsibility, whether we are deemed to have been negligent or not, in the event of a breach of your privacy. In the event that Personal Information is compromised as a breach of security, we will promptly notify those affected in compliance with applicable law.
Note that no information transmitted over the internet can be guaranteed to be completely secure. However, we will endeavour to protect your Personal Information as best as possible but we cannot guarantee the security of any information that you transmit to us, or receive from us. The transmission and exchange of information is carried out at your own risk.
The protective steps we take from misuse, interference, loss, unauthorised access, modification and disclosure of your Personal Information include:
confidentiality requirements of our employees;
document storage security policies;
security measures for access to our systems; and
only providing access to Personal Information to a person who is verified to be able to receive that information.
We use an outside platform, and a third party credit card processing company, to bill you if you purchase services, including but not limited to, the online purchase of a Thrivhers membership. These companies do not retain, share, store or use personally identifiable information for any purposes other than billing.
Access to your Personal Information
In most cases, you have the right to access the Personal Information that we hold about you. If you wish to access your Personal Information or obtain more information about how we process it, please contact our Privacy Officer at firstname.lastname@example.org.
We will deal with all requests for access to Personal Information as quickly as possible. Requests for a large amount of information, or information that is not currently in use, may require further time before a response can be given.
We may charge you a fee to recover the reasonable costs incurred by us in retrieving your information, but in no case will we charge you a fee for your application for access. In some cases, we will refuse to give you access to Personal Information we hold about you. This includes, but is not limited to, circumstances where giving you access would be unlawful; have an unreasonable impact on other people’s privacy; prejudice an investigation of unlawful activity; reveal our intentions in relation to negotiations with you so as to prejudice those negotiations; prejudice enforcement related activities conducted by, or on behalf of, an enforcement body; reveal evaluative information generated within the Thrivhers organisation in connection with a commercially sensitive decision-making process.
We will also refuse access where the Personal Information relates to existing or anticipated legal proceedings, and the information would not be accessible by the process of discovery in those proceedings. Further, we will refuse access where your request is frivolous or vexatious, and where we reasonably believe that: giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety; unlawful activity, or misconduct of a serious nature, is being or may be engaged in against Thrivhers and giving access would be likely to prejudice the taking of appropriate action in relation to that matter.
If we refuse to give you access we will provide you with reasons for our refusal, unless doing so would be unreasonable in the circumstances. We will also take reasonable steps to give you access in a way that meets your needs without giving rise to the reasons of our refusal. Further, we will provide details of how you may make a complaint about our decision.
The right to move, copy, transfer or restrict use of your Personal Information
You have the right to ask us for a copy of your Personal Information; to correct, delete or restrict (stop any active) processing of your Personal Information; and to obtain the Personal Information you have provided to us in a structured, machine readable format, and to ask us to share (port) this data to another controller. If you would like to do any of these things, please contact our Privacy Officer at email@example.com. We will deal with these requests in the same manner as described above regarding access to your Personal Information.
The right to correction and removal of your Personal Information
The accuracy of the Personal Information we have requested from you is important to us. We will take all such steps as are reasonable in the circumstances to ensure that all information requested from you is kept accurate, up to date and complete. However, we cannot undertake to ensure that such data, even where it includes Personal Information, is kept accurate, up to date and complete.
Should you suspect, or become aware of, that Personal Information we hold about you is inaccurate, out of date, incomplete or misleading, or if you would like your information deleted entirely, please contact our Privacy Officer at firstname.lastname@example.org.
We will deal with all requests for correction and removal of Personal Information as quickly as possible. Requests relating to a large amount of information, or information which is not currently in use, may require further time before a response can be given. If we refuse to change or delete the Personal Information as you request, we will provide you with reasons for our refusal, unless doing so would be unreasonable in the circumstances. We will also provide details of how you may make a complaint about our decision. Further, in case of our refusal, you may request that we take reasonable steps to associate, with the relevant information, a statement that you view it as inaccurate, out of date, incomplete or misleading.
Where we have corrected or deleted Personal Information about you, you may request that we take reasonable steps to give notice of the correction to any third party to which we have disclosed the inaccurate, out of date, incomplete or misleading Personal Information.
Retention of your personal information
If you have a membership with Thrivhers, or are signed up to receive our communications, we will retain your Personal Information for as long as your account is active, or as needed to provide you with our services. We will also retain and use your Personal Information for as long as someone could bring a claim against us, and as necessary to comply with all other legal obligations and regulatory requirements, to resolve disputes and to enforce our agreements.
Cross-border disclosure of personal information
To provide you with the best service possible, we may use ‘cloud’ based technology services to hold your data, including your Personal Information. As a consequence, your data, including your Personal Information (and if you have provided such information, your sensitive Personal Information) may be held in the data centres used by a provider of such ‘cloud’ based technology services.
It is important to note that, by becoming a Thrivhers member or by using the Website, you consent to your data, including your Personal Information (and where applicable, your sensitive personal information) being transferred to data centres located outside of Australia. Your decision to become a Thrivhers member or to use the Website also signals your consent to this technical arrangement under which Thrivhers does not exercise any direct control over the management of your data in those data centres.
Disposal of personal information no longer required
If we hold personal information about you, and we no longer need that information for any purpose for which the information may be used or disclosed, we will take reasonable steps to destroy or de-identify that information unless we are prevented from doing so by law.
Unsubscribing from our email database
To unsubscribe from our email database, please do so via any link or function contained in an email, via the Website or send an e-mail to email@example.com with “UNSUBSCRIBE” typed into the subject line of the email. Note that, while you maintain a Thrivhers membership, you are unable to unsubscribe from certain types of e-mails, such as important updates (including information about your account, security concerns and technical issues). Please de-activate your membership if you would like to unsubscribe from that correspondence.
Links to other websites
If you consider that your complaint has not been adequately dealt with by us, you can make a further complaint to the Office of the Australian Information Commissioner, which has complaint handling responsibilities under the Privacy Act.
For further information about privacy in general, please refer to the Office of the Australian Information Commissioner’s website: http://www.oaic.gov.au.