We are committed to ensuring your privacy. This is the Privacy Policy and Consent Information (Policy) for Team Thrive Pty Ltd ACN 637 676 496 referred to in this Policy as âweâ or âusâ or âThridayâ. Â This Policy sets out how we collect, use and disclose your âpersonal informationâ. Â Under the law, âpersonal informationâ has a broad definition, however, it really means âinformation that is not generally available and from which you can be identifiedâ. Â In Australia, âpersonal informationâ includes âcredit informationâ. If you use our website or apply for one of our products or services you agree to be bound by the Policy and agree that we can collect, disclose and use your personal information as set out in this document. Â If you do not provide the âpersonal informationâ requested by us, we may not be able to provide you with our products and services. Â This Policy will be reviewed and updated from time to time. Any âpersonal informationâ we hold about you will be governed by our most current version of the Policy. You should check our website regularly and review this Policy for any changes. Â This Policy was last updated 10 January 2020.
Â
The regulations that protect your âpersonal informationâ
If you are in Australia or are a resident of Australia when you give us your âpersonal informationâ, your âpersonal informationâ is protected under the Australian Privacy Act (including the Australian Privacy Principles (APPs)) and any applicable APP Code. Â
Â
If you are a resident of the European Economic Area (EEA) when you give us your âpersonal informationâ we will protect it in accordance with the General Data Protection Regulation (GDPR). We will also comply with the GDPR if we process your âpersonal informationâ in the EEA. For GDPR purposes, we are the âcontrollerâ of your information.
Â
The kind of âpersonal informationâ that we collect
In this document, if we use the words âpersonal informationâ, we mean âpersonal informationâ (including âcredit informationâ and âsensitive informationâ) under Australian law as well as âpersonal dataâ and other information under the GDPR. The kinds of âpersonal informationâ that we collect may include your name, date of birth, address, telephone number, email address, and employment history. Â
Â
Generally, we do not collect âsensitive informationâ about you. Â We will only collect sensitive information about you with express your consent.
Â
Why do we collect your âpersonal informationâ?
We collect âpersonal informationâ about you so that we can provide you with our products and services. Â This includes:
¡ providing you with access to our website;
¡ providing you with relevant information about Thriday;
¡ answering your questions; and
¡ dealing with any complaints or concerns you may have; and
¡ providing you with our products and services.
We also collect your âpersonal informationâ so that we can contact you and provide you with information about products and services that may be of interest to you. Â
Â
Who can give us âpersonal informationâ about you?
Where reasonable and practical we will only collect your âpersonal informationâ directly from you. However, we may also collect information about you from third parties, such as a partner or spouse who contacts us on your behalf, from our contractors who supply services to us, from advisers such as accountants or lawyers or from other organisations authorised by you. Â
Â
We may also collect âcredit informationâ about you from credit-reporting bodies when authorised by you to do so. Â
Â
If you provide personal information to us about someone else, you must ensure that you are entitled to disclose that information to us and that we can collect, use and disclose that information asset out in this document without having to take any further steps required under law (such as obtain that personâs consent). Â This means that if you provide us with âpersonal information about someone elseâ, you must make sure that the individual concerned understands the matters set out in this Policy and has provided their consent to be bound by this document.
Â
How do we collect your âpersonal informationâ?
We collect your âpersonal informationâ in many ways. These can include:
¡ when you contact us by telephone, email or via our website;
¡ when you create or update a user profile that includes personal information such as your name and contact details;
¡ when you apply for one of our products or services; or
¡ when you apply for employment with us. Â
Â
When you access our website, we may collect âpersonal informationâ about you using âcookiesâ. Â âCookiesâ are files that are implanted in your hard drive or device to collect, store and receive identifiers and information about your usage of our website as well as information about where you are located at the time you access our website (using GPS, Bluetooth, or WiFi signals, depending on the permissions that you have granted). By using âcookiesâ we are able to enhance and personalise our website to better suit your needs. Â
Â
How do we use your âpersonal informationâ?
We will only use your âpersonal informationâ for the purpose for which it has been provided, for reasonably related secondary purposes, any other purpose you have consented to and any other purpose permitted under the Privacy Act.
Â
The ways that we use your âpersonal informationâ may include:
¡ to improve and personalise our website for you;
¡ to develop new features, products and services;
¡ to notify you about new features and products;
¡ to provide you with information about our products and services;
¡ to conduct research for our own internal purposes; and
¡ to handle any complaints that you may have. Â
Â
We may also aggregate the âpersonal informationâ that we collect for reporting and statistical purposes and to help us improve our website and keep and/or provide to third parties. If we disclose any aggregated information to a third party, the information will be de-identified and will not contain any personally identifiable information. You agree that we may use your âpersonal informationâ for any of these purposes.
Â
To whom can we disclose your âpersonal informationâ?
We may disclose your âpersonal informationâ to:
¡ if we provide any credit services in the future, participants in the payments system and other financial institutions for the purpose of resolving disputes, errors or other matters arising from our products and services;
¡ organisations that provide products or services used or marketed by us, including, credit providers, funders, lenders, valuers, trustee companies, financial institutions and securitisers, mortgage insurers, title insurers, surveyors, credit reporting agencies, rating agencies and debt collectors;
¡ companies and contractors who we retain to provide services for us, such as IT contractors, âsoftware as a service providersâ (such as email engines and contract management service providers), data aggregation and data analytics platform providers, call centres, stationery printing houses, mail houses, storage facilities, lawyers, accountants and auditors;
¡ and other individuals or companies authorised by you.
Â
You consent to us disclosing your information to such entities (and allowing such entities to use your personal information to provide their services) without obtaining your consent on a case by case basis.
Â
Sometimes we are required or authorised by law to disclose your âpersonal informationâ. For example, we may disclose your âpersonal informationâ to a Court, Tribunal or law enforcement agency in response to a request or subpoena or to the Australian Taxation Office.
Â
Sending your âpersonal informationâ offshore
We use several outsourced service providers that are ordinarily part of providing our services to you. Some of these third-party suppliers such as the marketing automation, email marketing and customer service platforms we use are located in countries outside of Australia or the EU. Â Some of the services provided by our third-party suppliers may also be located in the cloud. Â
Â
We only use highly reputable third-party suppliers and we take all reasonable steps to ensure that our suppliers abide by the high standards that protect âpersonal informationâ disclosed to us in Australia and the EU. Our contracts with these third parties generally include an obligation for them to comply with Australian privacy law and with this Policy and generally, we will maintain control of any data that is released to these third-party service providers. This means that even though we may send your âpersonal informationâ to a third-party provider, that provider cannot see your âpersonal informationâ and cannot use your âpersonal informationâ for their own purposes. Not all countries have the same high standards for the protection of your âpersonal informationâ as Australia and the EU and by using our website or by asking us to provide you with one of our products or services, you specifically consent to us sending your data out of Australia and the EU to countries located in the Americas, Asia or Europe and to the cloud.
Â
Will we use your âpersonal informationâ to send you information about our products and servicesâ?
We may use your âpersonal informationâ to send you information about our products, services and special offers, new products or services we are introducing or about changes to our organisation. By providing us with your âpersonal informationâ, you consent to us using your âpersonal informationâ to contact you on an ongoing basis for this purpose, including by SMS, social media, email, telephone or mail. Â If you do not want us to send you marketing information, you can contact our customer support team on the details in this Policy to âopt outâ of receiving this type of information. Â There is no charge if you elect to âopt outâ of receiving these types of updates and we will take all reasonable steps to ensure that you stop receiving them as soon as possible. Â
Â
How can you access and correct the âpersonal informationâ that we hold about you? Â
We want to ensure that your âpersonal informationâ is always accurate, complete and up to date. Please help us to do this by contacting our customer support on the details set out in this Policy if any of the personal details you have given us have changed or if you believe that the âpersonal informationâ that we hold about you is inaccurate.
Â
You can ask us to provide you with access to the âpersonal informationâ that we hold about you at any time. We will get back to you as soon as possible, however, for your protection, we will need to verify your identity before we give you access to your âpersonal informationâ. Â
Â
There are situations where we cannot give you to access to your âpersonal informationâ or may refuse to correct your âpersonal informationâ. Â For example, in some situations it may be unlawful for us to do so. We will advise you of any such situations if they arise.
Â
If you reside in the EEU you also have additional rights to access and correct your âpersonal informationâ. Â Â
Â
What additional access rights apply if you give us âpersonal informationâ in the EEU? Â
If you reside in the EEA, you may have additional rights to request us to correct, amend, delete, or limit the use of your âpersonal informationâ and you can contact us about any of the following additional rights:
Â
¡ your right to request that we delete the âpersonal informationâ we hold about you;
¡ your right to object to our processing of the âpersonal informationâ we hold about you;
¡ your right to request that we restrict the processing of âpersonal informationâ we hold about you;
¡ your right to have us transfer, where technically feasible, the âpersonal informationâ we hold about you to another controller; and
¡ your right to withdraw consent to allow us to process âpersonal informationâ we hold about you (unless we have compelling and legitimate grounds for continuing processing).
Â
We will use our best endeavours to comply with your request where we have no need to keep your personal information, however, any action which we take is subject to our obligations under Australian law. Â
Â
If you have any questions about these rights, or you would like to exercise any of them, please contact us on the customer support details in this Policy.
Â
For your protection, we may need to verify your identity before we give you access to your âpersonal informationâ. Â
Â
For how long will we hold your âpersonal informationâ? Â
We will only keep âpersonal information âthat we hold about you while we need it or while we are required by law to keep it. Â Once we no longer need your âpersonal informationâ, we will take all reasonable steps to destroy it or to de-identify it. Â
Â
At any time we hold your âpersonal informationâ, we will only use and disclose as set out in this Policy. Â
Â
Is the âpersonal informationâ that we hold about you secure? Â
While we hold âpersonal informationâ, about you, we will take all reasonable precautions to protect it from misuse, interference, loss, unauthorised access, modification or disclosure.
Â
However, although we endeavour to provide a secure online environment, there are inherent risks associated with the transmission of information via the internet and no data transmission over the internet can be guaranteed to be completely secure. We therefore cannot guarantee the security of any âpersonal informationâ that you provide to us over the internet and you do so at your own risk.
Â
We encourage you to help us to keep your âpersonal informationâ secure by selecting a secure password and maintaining the confidentiality of that password. It is your responsibility to maintain confidentiality of your password and we will not be liable for any damage, loss or expense suffered because you have disclosed it or made it available to someone else. Â
Â
What happens if you click on a link to a third partyâs website that is contained in our website? Â
Our website may contain links to third party websites and social media features that are hosted by a third-party. A link to another website does not mean that we sponsor, endorse or approve the information found on that website. Â We are not responsible for the privacy policies or practices of third-party websites or social media features and you use of those websites and features are governed by the privacy policies and practices of the hosting entities.
Â
Can you get a copy of this Policy in a different format?
If you would prefer to receive a copy of this Policy (including Section 9 about âNotifiable Mattersâ) in a different form (for example in hard copy or via email) please contact our Privacy Officer on the details in section 17 of this Policy. We will be pleased to comply with your request. Â
Â
Contact customer support Â
If you have any questions or complaints about this Policy or our treatment of your âpersonal informationâ, or if you would like to access or correct your âpersonal informationâ, please contact the Thrive Privacy Officer with an email setting out your query or complaint to:
Â
¡ Email: wecare@thriday.com.au
Â
We will try to provide an initial response to your query or complaint within 48 hours; and resolve your query or complaint within 10 business days. Â If you are still not satisfied, you can contact the Australian Privacy Commissioner (see http://www.oaic.gov.au/about-us/contact-us-page or call 1300 363 992).