Last updated: July 2021
1. What is “personal information”?
- The Privacy Act currently defines “personal information” as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
2. What information do we collect?
The kind of personal information that we collect from you will depend on how you use the Website. The personal information which we collect and hold about you may include:
(a) Personal information you voluntarily provide to us:
This includes personal information provided by the user directly (whether face-to-face, by telephone, email, online forms, post, through social media or by communicating with us in any way), when you make an enquiry through our Website or over the phone or when you enter into a transaction with us by purchasing a product you are voluntarily giving us the personal information that we collect.
Categories of personal information: The personal information we may collect includes your name, date and place of birth, medical history, physical address, email address, phone number, billing information, details of products and services we have provided to you and/or that you have enquired about, additional personal information that you provide to us, directly or indirectly, through your use of our Website, and/or accounts from which you permit us to collect information; and any other personal information requested by us and/or provided by you or a third party, and our response to you and feedback on the Service.
(b) Our email marketing list: If you elect to sign up to our email marketing list, we may collect your name, email address, and email marketing preferences.
(c) Personal information we collect automatically: When you use our Service or browse our Website, we may collect information about your usage and web browsing. We may collect the personal information as log files, or through cookies or other tracking technologies (see the “Cookies and tracking” below for more information), store it, and link it to the other personal information we hold about you.
Categories of personal information: The personal information we may collect includes your IP address, your operating system, your browser ID, time, date, your browsing activity, your interaction with the Service.
(d) Statistical information: We may collect statistical (non-personal) information about your use of the Website and the Service to improve the features and overall user experience. This may include statistical information such as pages accessed on the Website and the Service, search terms, links that are clicked on, Website and Service visit times, browsers and operating systems, IP address, and cookies.
The Website does not currently recognize Do Not Track (DNT) signals sent by our users’ web browsers.
If we are not able to collect information about you, we may not be able to provide you with products services and assistance to the extent that they require us to collect, use of disclosed personal information.
3. How we collect your personal information
- We may collect personal information from you whenever you input such information into the Website.
4. Purpose of collection
We collect your personal information for the primary purpose of;
(a) Providing a personalised experience in provision our services to you through the Website.
(b) To respond to enquiries, feedbacks and complaints.
(c) To perform authorised financial transactions in the provision of service.
(d) Advertising and marketing, including to send you promotional information about our products and services and information about third parties that we consider may be of interest to you.
(e) To comply with our legal obligations and resolve any disputes that we may have.
(f) We may also use your personal information for secondary purposes such as our service providers who assist us in operating the Website or analytics, market research and business development, including to improve our Website. Your personal information may also be exposed from time to time to maintenance and support personnel acting in the normal course of their duties.
5. Sensitive Information
- Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s, sexual orientation or practices, racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information, genetic information, biometric information.
- Sensitive information will be used by us only:
- For the primary purpose for which it was obtained
- With your consent; or where required or authorised by law
6. Disclosure of Personal information
Your personal information shall not be used or disclosed except:
- where your consent is obtained expressly or impliedly;
- where required in the delivery of personalized services, which may include to:
- disclose personal information to third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, web-hosting and server providers, debt collectors, maintenance or problem-solving providers, marketing or advertising providers, professional advisors and payment systems operators; and
- our employees, contractors and/or related entities; and
- our existing or potential agents or business partners;
- anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;
- credit reporting agencies, courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
- third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing to you. This may include parties located, or that store data, outside of Australia;
- third parties to collect and process data, such as [Google Analytics or other relevant businesses]. This may include parties that store data outside of Australia.
- as authorized by the law to courts, tribunals, regulatory authorities and law enforcement officers, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights.
7. Security of Personal Information
Except to the extent liability cannot be excluded due to the operation of the statute, AIOMC excludes all liability (including in negligence) for the consequences of any unauthorised access to your personal information. Please notify us immediately if you become aware of any breach of security.
Your personal information will be deidentified once it is no longer needed for the purpose for which it was collected.
8. Access and correction
You may access your personal information to correct and/or update in certain circumstances as required by the Australian Privacy Principles. If you would like to obtain such access, please contact us.
To ensure confidentiality, details of your personal information will be passed on to you only if we are satisfied that the information relates to you. A fee will not be charged for an access request, but you may be charged the reasonable expense we incur (such as search and copying costs). If we refuse to provide you with access or correct the personal information held about you by us (in accordance with the Privacy Act), then we will provide reasons for such refusal.
9. Overseas transfer
- In some circumstances, the European Union General Data Protection Regulation (GDPR) provides additional protection to individuals located in Europe. The fact that you may be located in Europe does not, however, on its own entitle you to protection under the GDPR. Our Website does not specifically target customers located in the European Union and we do not monitor the behaviour of individuals in the European Union.
- We are based in Australia, so some information about users is transferred and /or stored there. In respect of our responsibilities under the GDPR, the appropriate safeguard in place for such a transfer is the existence of an adequacy decision under Article 45 of the GDPR.
- the Privacy Act 1988 (Cth, Australia);
- the Privacy Act 1993 (New Zealand);
- the Personal Data Protection and Electronic Documents Act, SC 2000, c5 (federal, Canada);
- the Personal Data Protection Act (Alberta, Canada);
- the Personal Data Protection Act (British Columbia, Canada);
- all applicable United States federal and state privacy laws, including, but not limited to, the California Online Privacy Protection Act (CalOPPA), Early Learning Personal Data Protection Act (ELPIPA);
- the General Data Protection Regulation (EU);
- the Data Protection Act 2018 (UK);
- any other applicable privacy legislation.
(the above collectively referred to as “Data Protection Laws”)
12. How to contact us about privacy