Last updated: May 15, 2018
This Policy applies to the activities of Downsize Me (“DM”). It explains how DM handles personal information and complies with the requirements of the following Acts, Laws and Guidelines in Australia; Privacy Act 1988, the related National Privacy Principles 2001, the Health Records and Information Privacy Act 2002 No. 71, the Privacy and Personal Information Protection Act 1988 No. 133, and the General Data Protection Regulation (“GDPR”) in the European Union (“EU”).
DM understands the importance of protecting individual privacy. This policy describes the key features of how we protect your personal information.
- Information we collect
DM collects personal information from customers, prospective customers, suppliers, contractors and allied health professionals. The main types of information that DM collects are contact details such as email address, name, address, date of birth; gender, and information about your family health history and personal health including but not limited to; personal measurements, personal habits, lifestyle traits, and psychological information related to your motivation and habits.
We collect most of this information directly from individuals prior to, or at the time of consultation. We only collect information that is needed for a specific purpose. If you contact us to lodge an enquiry, we may keep a record of that contact.
- Our use and disclosure of your personal information
DM relies on your personal information in the daily running of the business such as in:
- processing payment for services;
- referring customers to complementary health professionals (subject to the customer’s consent);
- facilitating the delivery of services to you via DM Licensees; and
- our internal management of Licensees, staff and contractors.
We will only disclose your personal information to a third party when we have your consent to do so. DM generally does not otherwise use or disclose personal information unless:
- required by law; or
- to protect the rights, property or personal safety of another DM customer, another DM employee or any member of the public; or if
- if the assets and operations of the business are transferred to another party as a going concern.
If you provide your personal information to us, we will give you the choice as to whether or not you wish to receive further information about special offers, promotions, and changes to our products and services. If you indicate that you do not wish to receive these, we will not contact you further for these purposes. Please allow 28 days for your request to be processed.
- Your access to the information we keep about you
If at any time you want to know exactly what personal information we hold about you, you are welcome to access your record by e-mailing us at info[at]downsizeme.net.au.
Your personal information file will usually be made available to you within 30 days of receipt of your request.
- Your request to change or delete the information we keep about you
If at any time you wish to change personal information that is inaccurate or out of date, please contact us by emailing us at info[at]downsizeme.net.au and we will amend this record. If you wish to have your personal information deleted, please let us know in the same manner as referred to above, and we will take all reasonable steps to delete it unless we need to keep it for legal reasons (i.e. to avoid breaching the Public Records Act 1973).
If you wish to opt-out of email communication from us, you may click the unsubscribe link on an email you received from us, or contact us on info[at]downsizeme.net.au.
- Our storage and security of your personal information
DM will endeavour to take all reasonable steps to keep secure any information which we hold about you, and to keep this information accurate and up to date. Your electronic information is stored on a secure server that is protected in controlled facilities, and your hard copy information is stored in a locked filing cabinet. We respect the confidentiality of any personal information held by DM.
- DM Licensee storage and security of your personal information
- Your rights under the general data protection regulation (GDPR) – EU visitors
The GDPR is a European Union law. This law applies to any relationship or transaction where one of the parties is in the EU. If you are in the EU, these principles apply:
- Data shall be processed lawfully, fairly and in an transparent matter
- Data shall be collected by specified, explicit and legitimate purposes (as indicated on data collection pages and forms on our website)
- Data processing shall be limited to what is necessary for the purpose
- Data shall be accurate, kept up to date and corrected
- Data shall be kept so it identifies a person no longer than is necessary
- Data shall be processed in a manner that ensures appropriate security.
- What to do if you have a problem or question
- Future changes