1. Collection of Your Personal Information and Anonymity
1.1 Type of Information
Your personal information is only collected when it is reasonably necessary to do so, or directly related to, one or more of our functions or activities and is usually collected through information provided by you on your client information cards, on our website and/or through promotions, competitions and consumer queries.
This information may include:
• your name, postal address, contact number(s) and email address;
* age, date of birth and gender;
* username and password;
• information about your preference for products or services we offer from time to time;
• information on any health conditions you may have;
• payment information such as your credit card details for products, services and cancellation fees (if applicable);
• information on the products and services we have provided to you;
• details of any prizes you may have won;
• a record of any queries you have made;
* information provided to us by social networks or mobile applications when you visit our social media platforms or use one of our social networking or mobile applications (such as your name, profile picture, likes, location, friend list and other information described in the social networking application sign-up page), or your geo-location details when using one of our mobile applications. Most mobile applications allow you to turn off location services; and
• other information you have provided to us.
We will only collect other personal information, including sensitive information, in accordance with the Privacy Act 1988. We do not collect health information about you without your consent. Where it is lawful and practicable to do so, customers may transact business with us without providing personal information or by providing such information under a pseudonym.
We may use ‘cookies’ on our website. Cookies are an industry standard and most major websites use them. A cookie is a small text file that our website may place on your computer. Usually, cookies are used as a means for our website to remember your preferences. As such, cookies are designed to improve your experience of our website.
In some circumstances, cookies may collect and store personal information about you.
We extend the same privacy protection to your personal information, whether gathered via cookies or from other sources. Most internet browsers are pre-set to accept cookies; however, you can adjust your internet browser to disable cookies or to warn you when cookies are being used. Please note that if you disable cookies, you may not be able to access certain areas of our website or take advantage of the improved website experience that cookies often offer.
2. Use and Disclosure
We collect personal information directly from you wherever possible. However, sometimes we may collect personal information about you from a third party, e.g. a friend who has provided your details to us so we can send you a voucher, or a friend who has entered your name and email address as part of a competition.
This information is used for the following purposes:
* to contact you directly about our brand, its products, special offers, samples, social networking or mobile applications and other promotions;
* to reward you for being our loyal customer;
* to approve transactions you wish to make;
* to confirm your identity;
* to process your payment card transactions;
* to create and manage your online account;
* to analyse and improve the services offered;
* to provide you with products and services you have requested;
* to follow up or pursue any queries you make;
* to conduct consumer research;
* to notify you of the outcome of competitions or other promotions;
and for such other purposes relating to your relationship with us (collectively the Primary Purpose).
We will not use or disclose any personal information for a purpose other than the Primary Purpose for which it was collected.
2.2 Disclosure and Use of Information by Third Parties
Except where you are otherwise notified and you have not objected to such, we do not sell, rent or otherwise make available any personal information to third parties.
We do however outsource certain business functions to third party organisations from time to time and solely for the purpose of such organisations providing services to us, Personal information may be transferred to or handled by the following parties as required:
* our related companies;
* organisations which provide services to us, such as mailing houses, promotion and advertising agencies and consumer research agencies;
* credit reference agencies or other credit providers; and
* government or statutory authorities.
We will notify you in writing before we transfer your personal information.
These parties may directly contact you on our behalf and may also store your personal information on their computer servers or databases on our behalf as part of the services rendered to us.
2.3 Third Party Sites
3. Data Quality
We take all reasonable precautions to ensure that the personal information we collect, use and disclose is accurate, complete, up-to date and relevant to the Primary Purpose for which the information is collected. However, the accuracy of that information depends to a large extent on the information you provide.
You can access, review, update and delete your information, including your name, address, profile information and other personal information that we retain by logging onto endotaspa.com.au. If you would like to transfer your personal information or have any other related questions, then please contact our Privacy Officer and let us know the nature of your query.
To make a written request to the Privacy Officer regarding your personal information please contact our Privacy Officer at:
endota (No. 1) Pty Ltd Att: Privacy Officer 1/475 Moorooduc Highway, Moorooduc, Victoria 3933
4. Data Security
We are dedicated to keeping personal information secure and protected from misuse, loss, unauthorised access, modification, disclosure and interference. This includes physical security, computer and network security, communications security and personnel security. We only retain your credit card or account information to secure your appointment booking for spa treatments authorised by you.
Once we no longer require your personal information for the Primary Purpose for which it was collected, we will take all reasonable steps to destroy or de-identify the personal information.
We comply with permission based direct marketing requirements under the Act and the Spam Act 2003. When collecting your personal information, we must request your permission to use that information to send you information on products and promotions or have our associates send you marketing material. We must also give you the opportunity to “opt out” of receiving such marketing material on all such marketing communications. Where you indicate your consent, we may enter your details into a database for the purpose of contacting you directly about our brand, products, special offers, samples, consumer research and other promotions.
6. Competitions and Trade Promotions
The most frequent methods by which we collect your personal information are via bookings for spa treatments, details that you provide to us on our website, your client card which is completed at your first spa visit, and through competitions or other trade promotions. For the purposes of competitions and trade promotions, the following special conditions apply to the collection, use and disclosure of your personal information: All entries become our property (and any third parties conducting joint promotions with us);
winners’ details and a description of the prizes will be entered on a database to comply with record-keeping requirements of relevant Australian State and Territory trade promotion legislation; and
your personal information may also be published in a newspaper or other media in accordance with the terms and conditions of each promotion.
7. Openness, Access and Correction
You can request more specific information from us about the sort of personal information we hold on you, for what purposes we hold it and how we collect, hold, use and disclose your personal information, by sending us a written request addressed to the Privacy Officer or to the Spa Director of the individual endota Spa which has collected your information.
If the information held is inaccurate, incomplete or not up to date you may access, review, update and delete your information, including your name, address, profile information and other personal information that we retain by logging onto endotaspa.com.au or you may request us to correct the information. We may refuse to grant you access to the information if the Act permits or requires such refusal.
You can also advise us directly if you would prefer not to be contacted by us by sending us a written request addressed to the Privacy Officer or to the Spa Director of the individual endota Spa which has collected your personal information.
To make a written request to the Privacy Officer as detailed above or if you are concerned about a possible interference with your privacy, please contact the endota Privacy Officer at:
endota (No. 1) Pty Ltd Att: Privacy Officer 1/475 Moorooduc Highway, Moorooduc Victoria 3933 Email: email@example.com
8. How Long Do We Retain Your Personal Information
9. Transborder Data Flows
If you have any concerns or complaints regarding the handling of your personal information by us or a breach of the APPs by us, please contact the endota Privacy Officer at: endota (No. 1) Pty Ltd Att: Privacy Officer 1/475 Moorooduc Highway, Moorooduc, Victoria 3933 Email: firstname.lastname@example.org
11. Our Plan in Case of a Data Breach
We maintain a data breach response plan in case personal information is lost or subject to unauthorised access, modification, use or disclosure or other misuse.
12. Additional Information
Further information on privacy is available at the website of the Office of the Australian Information Commissioner https://www.oaic.gov.au