1.1 Keep Fitness Pty Ltd ABN 54 636 435 660 (Keep Fitness, us, we, our) offers a range of fitness services in Australia.
1.3 We are committed to complying with the Privacy Act 1988 (Cth) (Privacy Act) in relation to all personal information we collect. Our commitment is demonstrated in this policy. The Privacy Act incorporates the Australian Privacy Principles (APPs). The APPs set out the way that personal information must be treated.
1.4 This policy applies to any person in relation to whom we currently hold, or may in the future collect, personal information. Broadly, we only collect personal information from current and prospective gym members, employees, subcontractors, suppliers, fitness service providers and agents who perform services or provide goods on our behalf.
1.5 This policy applies to personal information. In broad terms, ‘personal information’ is information or opinions relating to a particular individual who can be identified.
1.6 Information is not personal information where the information cannot be linked to an identifiable individual.
2. HOW DO WE MANAGE THE PERSONAL INFORMATION WE COLLECT?
2.1 We manage the personal information we collect in numerous ways, such as by:
(a) implementing procedures for identifying and managing privacy risks;
(b) implementing security systems for protecting personal information from misuse, interference and loss from unauthorised access, modification or disclosure;
(c) providing staff with training on privacy issues;
(d) appropriately supervising staff who regularly handle personal information;
(e) implementing mechanisms to ensure any agents or contractors who deal with us comply with the APPs;
(f) implementing procedures for identifying and reporting privacy breaches and for receiving and responding to complaints; and
(g) appointing a privacy officer within the business to monitor privacy compliance.
2.2 We will take reasonable steps to destroy or de-identify personal information if that information is no longer needed for the purposes for which we are authorised to use it.
2.3 If you want to use a pseudonym or remain anonymous when dealing with us, you should notify us and we will try to accommodate your request, subject to our ability to perform the services.
3. WHAT KINDS OF INFORMATION DO WE COLLECT AND HOLD?
3.1 The personal information we may collect differs, depending on whether you are a current or prospective gym member, subcontractor, employee, supplier, fitness service provider or agent.
Personal information (current and prospective gym members)
3.2 If you are a gym member, we may collect and hold personal information about you, which may include:
(a) sensitive information (see paragraph 3.4 below);
(b) your contact details;
(c) emergency contact details;
(d) financial information;
(e) date and place of birth; and
(f) any other personal information required to provide the services to you.
Personal information (current and prospective employees, subcontractors, suppliers, fitness service providers and agents)
3.3 If you are a current or prospective employee, subcontractor, supplier, fitness service provider or agent, we may collect and hold personal information about you, which may include:
(a) sensitive information (see paragraph 3.4 below) contact information;
(b) date of birth;
(c) employment arrangements and history;
(d) insurance information and claims history;
(e) licence details;
(f) education details;
(g) banking details; and
(h) any other personal information required to engage you as a supplier, subcontractor, employee, agent or fitness supplier, or to consider offering you such engagement.
3.4 ‘Sensitive information’ is a subset of personal information and includes personal information that may have serious ramifications for the individual concerned if used inappropriately.
3.5 The types of sensitive information we may collect from current and prospective gym members includes information that allows us to provide services regarding health and fitness training. Specifically, we may collect information such as your medical history, what medications you are on, whether you are pregnant and whether you smoke.
3.6 We may collect sensitive information from and about subcontractors, suppliers, fitness service providers, agents and employees, such as:
(a) health information;
(b) criminal history;
(c) membership of professional or trade associations; and
(d) membership of trade unions.
3.7 We will not collect sensitive information without the individual’s consent to which the information relates unless permitted under the Privacy Act.
4. HOW AND WHEN DO WE COLLECT PERSONAL INFORMATION?
4.1 Our usual approach to collecting personal information is to collect it directly from the individual concerned.
4.2 We may also collect personal information in other ways, such as from:
(a) our subcontractors, suppliers, fitness service providers and agents; and
(b) if you are a current or prospective employee, supplier, subcontractor, agent or fitness service provider:
(i) your current and previous employers;
(ii) trade references; and
(iii) insurance providers and brokers.
5. HOW DO WE HOLD PERSONAL INFORMATION?
5.1 Our usual approach to holding personal information includes holding that personal information:
(a) physically, at our premises; and
(b) electronically, on secure servers.
5.2 We secure the personal information we hold in numerous ways, including:
(a) using security systems to limit access to premises outside of business hours;
(b) using secure servers to store personal information;
(c) using unique usernames, passwords and other protections on systems that can access personal information; and
(d) holding certain sensitive documents securely.
6. WHY DO WE COLLECT, HOLD, USE OR DISCLOSE PERSONAL INFORMATION?
6.1 We take reasonable steps to use and disclose personal information for the primary purpose for which we collect it. The primary purpose for which information is collected varies, depending on the particular service being provided or the individual from whom we are collecting the information but is generally as follows:
(a) in the case of current and prospective gym members – to provide you with health and fitness services; or
(b) in the case of prospective employees, subcontractors, fitness services providers, agents and suppliers – to assess suitability for employment or engagement with Keep Fitness.
6.2 Personal information may also be used or disclosed by us for secondary purposes that are within an individual’s reasonable expectations and that are related to the primary purpose of collection.
6.3 We may collect and use gym members’ personal information:
(a) to keep records of transactions to assist in future enquiries and enhance our customer relationship with you; and
(b) to send you special promotional offers in relation to Keep Fitness.
6.4 We may collect and use, subcontractors’, suppliers’, fitness service providers’, agents’ and employees’ personal information:
(a) to conduct checks to ensure that the subcontractor, supplier, fitness service provider, agent and employee can perform and is performing the services to our standards;
(b) for payment purposes.
6.5 We may disclose personal information to:
(a) subcontractors, suppliers, fitness service providers, agents, and our employees;
(b) government bodies (such as WorkCover, Centrelink, the Australian Taxation Office, police departments, workplace health and safety authorities);
(c) insurance providers and brokers;
(d) credit reporting bodies;
(e) emergency medical professionals; and
(f) any third party technology providers we engage from time to time, such as email filter providers.
6.6 With your consent, we may disclose personal information to fitness service providers so that they may provide health and fitness services to you.
6.7 Otherwise, we will only disclose personal information to third parties if permitted by the Privacy Act.
7. WILL WE DISCLOSE PERSONAL INFORMATION OUTSIDE AUSTRALIA?
We generally do not disclose personal information outside of Australia. We take reasonable steps to ensure this personal information is handled in a safe and secure manner.
8. HOW DO YOU MAKE COMPLAINTS OR ACCESS AND CORRECT YOUR PERSONAL?
8.1 It is important that the information we hold about you is up-to-date. You should contact us if your personal information changes.
Access to information and correcting personal information
8.2 You may request access to the personal information held by us or ask us for your personal information to be corrected by using the contact details in this section.
8.3 We will grant you access to your personal information as soon as possible, subject to the request circumstances.
8.4 In keeping with our commitment to protect the privacy of personal information, we may not disclose personal information to you without proof of identity.
8.5 We may deny access to personal information if:
(a) the request is unreasonable;
(b) providing access would have an unreasonable impact on the privacy of another person;
(c) providing access would pose a serious and imminent threat to the life or health of any person; or
(d) there are other legal grounds to deny the request.
8.6 We may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed before it is levied.
8.7 If the personal information we hold is not accurate, complete and up-to-date, we will take reasonable steps to correct it so that it is accurate, complete and up-to-date, where it is appropriate to do so.
8.8 If you want to complain about an interference with your privacy, you must follow the following process:
(a) The complaint must first be made to us in writing, using the contact details in this section. We will have a reasonable time to respond to the complaint.
(b) If the privacy issue cannot be resolved, you may take your complaint to the Office of the Australian Information Commissioner.
Who to contact
8.9 A person may make a complaint or request to access or correct personal information about them held by us. Such a request must be made in writing to the following address:
9. CHANGES TO THE POLICY
9.2 This policy is effective from 1 December 2020. If you have any comments on the policy, please contact our privacy officer using the contact details in section 9 of this policy.