Second Stitch ABN 65 005 924 381 (“Second Stitch”) (“us”, “we”, “our”), complies with the Privacy Act 1988 (Cth) (“Privacy Act”) and the applicable Privacy Principles in the Privacy Act when handling personal information, together with the General Data Protection Regulation (GDPR) to the extent it applies.
We take the protection of your personal information seriously. Personal Information includes personal data (as defined in the GDPR) and means any information or opinion, whether true or not, about a person who is identified or whose identity can reasonably be established or any information relating to an identified or identifiable natural person (“Personal Information”).
We collect Personal Information for the purposes of delivering our products and services (“Services”). We may collect information through our website www.secondstitch.org.au (“Website”), or in the course of providing our Services via the Website, email, in person, verbally or by any other means at any time from time-to-time.
We collect Personal Information:
from our clients – when they register an enquiry, request an appointment for the purposes of obtaining our Services, purchase a program or plan or associated package, purchase a product, or otherwise in the course of providing our Services at any other time from time-to-time;
when we receive enquiries through the Website and when the Website is otherwise accessed or used;
when we receive enquiries via email; and
from third party service providers – when they are engaged to supply services to us (such as professional services), provide information to us or invoice us for the provision of services.
The kind of Personal Information we may collect will depend on who you are (e.g. a client or third party service provider) and the nature of your interaction with us, and may include your full name, email address, postal or residential address, work history, personal goals and preferences, billing information and other Personal Information as may be disclosed by you in the course of the provision of our Services. If you do not provide us with all the information we request, we may not be able to deliver our Services.
We may use Personal Information collected to provide our Services, operate our Website, send you our newsletter, respond to feedback and complaints, communicate with third party service providers, develop new Services, or if needed to enforce our Client Agreement with you.
If you are a third-party service provider, we will use your Personal Information to email you to accept your offer to provide Services, correspond with you in relation to the provision of Services and to pay your invoices.
In all cases, unless you have opted out, you consent to us using your Personal Information for direct marketing purposes by us alone in order to tell you about our Services. We may contact you by mail, telephone, email or SMS to market our products and Services. We will always give you the opportunity to opt out of receiving any future direct marketing correspondence.
You may authorise to stop processing your Personal Information at any time.
Data security, protection and quality
We will take reasonable steps to protect the Personal Information we collect and hold from misuse, loss and interference and from unauthorised access and modification, and to make sure it is accurate, complete and up-to-date when we collect, use or disclose it.
We have procedures of monitoring the security and safety of data as well as procedures in place for dealing with any data breaches, and the associated requirements of notifying you and appropriate authorities where that data security of your Personal Information is breached.
To assist us, please ensure you provide us with your correct details, and let us know if you believe the information we have about you is inaccurate, incomplete, out of date or misleading (and we will take reasonable steps to correct the information). We may take steps to destroy or permanently de-identify information when it is no longer needed for any purpose for which it may be used or disclosed.
Your right to erasure
The right to erasure (which encompasses the ‘right to be forgotten’) gives you a right to require us to delete your Personal Information in certain circumstances, and/or to return it to you including, but not limited to where your Personal Information is no longer necessary for the purpose for which it was collected, or where you withdraw your consent and there is no other legal ground for processing your data. If you wish to have your Personal Information erased and/or returned to you please notify us at email@example.com.
You can modify your browser to prevent cookie use – but if you do this our Service (and our Website) may not work properly. The information stored in the cookie is used to identify you. This enables us to operate an efficient service and to track the patterns of users of our Website.
Access, correction and complaints
You can request, and we will provide you with access to, and a copy of any Personal Information we hold about (subject to any applicable legal exceptions). Please also let us know if you have any concerns or complaints about the way we are handling your Personal Information so we can address them. Requests should be submitted by email to firstname.lastname@example.org. Where our records are found to be inaccurate, or if you wish to modify the Personal Information we hold about you, we will promptly make these changes on the basis of the further information you provide.
Transfer in certain circumstances
For further information on your privacy rights go to: www.privacy.gov.au
For further information on the GDPR, go to: https://ec.europa.eu/info/law/law-topic/data-protection_en