- “Applicable Laws” means the Privacy Act 1998 (Cth) and its respective subsidiary legislations and regulations, as amended from time to time;
- “Personal Data” means any data, whether true or not, which is (a) about an individual who can be reasonably identified (i) from that data; or (ii) from that data and other information to which we have or are likely to have access and would include data in our records as may be updated from time to time, or (b) defined as “personal data” or “personal information” under any Applicable Laws;
- “Platforms” means collectively CostFit's Social Media and Website, and any other websites or applications which we may own or operate from time to time;
- “Social Media” means CostFit's pages and accounts on third-party social media platforms such as Instagram, Facebook, Twitter, Pinterest and Google+’
- “CostFit, we, us, or our” means Australian Trade Enterprises Pty Ltd (ABN 32 154 923 323), and includes any subsidiary entities in existence from time to time; and
- “Website” means the CostFit website and associated services accessed at the following address: https://www.costfit.com.au.
During our relationship with you, we may collect Personal Data from you. Examples of the types of Personal Data we may collect includes your name, contact details, mailing and delivery addresses, email address, birthday, facial image, your shopping or browsing behaviours, voice recording (from customer service calls) and any other personally identifiable information that you have provided us in any form you may have submitted to us, or in the course of any other forms of interaction between you and us. Where such information pertains to an identified individual - Personal Data may also include network and device data such as IP address and device or advertising identifiers and information we obtain using cookies or other tracking technologies. We may also collect information about you from third-party sources and platforms (including data validation services, authentication service providers, social networking sites, online marketing and segmentation providers and ad targeting companies) to supplement the information we collect directly from you.
If you provide us with Personal Data relating to a third-party by submitting such Personal Data to us, you represent to us that you have obtained the consent of the third-party to provide us with their Personal Data for the respective purposes.
HOW DO WE COLLECT YOUR PERSONAL DATA?
We collect Personal Data from you when:
- You register an account on the Website;
- You use any of our related services, such as subscribing to our newsletter or product notifications;
- You browse our products and services or otherwise interact with our Website;
- You accept our cookies and other tracking technologies on your device;
- You interact with our customer service team or other representatives, for example, via our webform, chat, emails, telephone calls, letters, or face-to-face meetings;
- You interact with us on our Social Media, such as liking our posts, commenting on our posts, private messaging us on our Social Media;
- You sign up to our affiliate marketing partner network;
- You sign up to be a vendor selling to CostFit, including via CostFit Marketplace;
- You purchase a gift card for redemption on CostFit;
- You participate in our promotions and giveaways, initiatives or any request for additional Personal Data such as customer surveys;
- We consult publicly available sources of information, or receive references or referrals from marketing and business partners, Related Companies, and third parties, for example, where they referred you to us to enjoy the benefits of a joint promotion or collaboration or to redeem a voucher you purchased through them;
- Your authorised representative submits your Personal Data to us for any purpose reasonably authorised by you, for example if such representative is purchasing our product or service to be delivered to you or as a gift;
- Our third-party analytics and other service providers, business or commercial partners provide your Personal Data to us, which was collected and processed by them and disclosed to us pursuant to their separate privacy policies; or
- You voluntarily submit your Personal Data to us for any reason.
HOW WILL YOUR DATA BE USED?
We may use and disclose your Personal Data for purposes necessary to provide you with our products as services, including to:
- provide, maintain, protect and improve our technology, products and services, and monitor their effectiveness;
- register and maintain your user account and to verify your identity or age;
- process your order for our products or services, process or collect your payment for the order;
- deliver or perform the products or services you purchased, including couriers calling or messaging you to obtain your delivery instructions;
- facilitate you transacting via alternative payment methods (such as PayPal or Afterpay);
- process your returns or refunds in accordance with our Terms and Conditions;
- provide you with supporting services and functions related to your user account, such as saved items in cart, wish-list, brand or product and browser notifications;
- personalise and improve your customer experience when you visit the Website, for example by prioritising products and services appearing in your search results or feed, or in communications we send you;
- monitor and enforce compliance with our Terms and Conditions, including dispute resolution;
- to carry out administration, marketing, planning, fraud detection and loss prevention activities, procurement, product and service development, quality control and research to improve the way we provide products and services to you;
- comply with (i) internal risk controls, (ii) the terms of our access to payment processing, financial or banking services such as credit card disputes, fraud, billing errors, or (iii) any applicable law, regulation or regulator’s directive; and
- ensure our Website functions properly and to improve their performance, by carrying out activities such as debugging, statistical analyses for optimising our Website.
(collectively, the "Purposes")
In addition, we may use and disclose your Personal Data for the following purposes, to:
- send you marketing communications in relation to our sales, products, services, promotions or the Platforms;
- send you marketing communications in relation to the sales, products, services or promotions of business partners, including promotional mail together with your order;
- deliver ads that are related to our products and services that are targeted and personalised to your interests, attributes, preferences and experiences on the Platforms or other websites, or online networks;
- enable businesses to deliver ads which are related to their products and services which may be of interest to you;
- provide you with any add-on or premium services;
- invite you to our private customer events;
- process your participation in our promotions and giveaways (including contacting you if you win, displaying your details online, publishing your name in relevant newspapers or disclosing details of winners to relevant authorities, if required by law), initiatives or any request for additional Personal Data such as customer surveys;
- process your participation in our business partners’ loyalty or point redemption programs;
- conduct market and customer research, analysis or tracking;
- promote our products and services on our Platforms;
- manage the administrative and business operations of CostFit and complying with internal policies and procedures;
- improve your customer experience across all touchpoints and training our customer experience team, such as by recording and monitoring phone calls;
- any specific purpose in relation to a particular product or service, which we may separately notify you on the product or service page; and
- as part of or in anticipation of a business sale, merger, consolidation, investment, change in control, transfer of substantial corporate assets, reorganisation, liquidation, or similar business transaction or corporate event.
(collectively, the “Additional Purposes”)
We may also use or disclose your Personal Data for secondary purposes in accordance with Applicable Laws, or with your further consent.
Finally, we may we also collect information about you in an aggregated and anonymous basis - in order to conduct internal analysis of traffic patterns within our Website. This information is used by us to administer and improve our education and training products and services.
WHO WILL YOUR PERSONAL DATA BE SHARED WITH?
In relation to our use of your Personal Data for the Purposes or Additional Purposes, we may disclose your Personal Data to:
- our employees, consultants, temporary workers or other representatives;
- CostFit Marketplace sellers, who supply and deliver the products or services you ordered through the Website;
- payment processors, who process your payment on the Website;
- logistics providers, such as courier, fulfilment or parcel-pickup services which will deliver your order to you, and parcel return partners;
- business partners who separately maintain an account with you for loyalty or point redemption programs;
- business partners or vendors in connection with the processing of any promotion, event or service organised by us;
- our professional advisers, bankers and auditors;
- agents, contractors or service providers who provide operational services to us or who help provide our services to you, such as online cloud storage and processing, fraud detection and monitoring, marketing optimisation, information technology, telecommunications, market research, customer analysis or tracking, security or other relevant services which requires that entity’s collection, use or disclosure of your Personal Data; and
any other party whom you authorise us to disclose your Personal Data to.
We do our best to minimise the disclosure of your Personal Data to the information necessary to perform the related Purpose or Additional Purpose. However, we may also disclose your Personal Data for secondary purposes if the secondary purpose is related to the Purpose or Additional Purpose and you would reasonably expect us to use or disclose the information for the secondary purpose, otherwise in accordance with Applicable Laws, or with your further consent.
You acknowledge and agree that, should we sell, merge, or otherwise change control of our business, our company, or the Website to a third-party:
- we shall be permitted to disclose the Personal Data and other information that we have collected from you to the third-party, without giving notice or seeking prior consent from you; and
- we shall be entitled to assign the benefit of any agreements we have with you to the third-party.
For Personal Data that cannot be corrected by you by logging in to your user account on the Website, you may request to access and correct such Personal Data by submitting a written request to us via the contact form on our Website footer or by emailing our privacy team here. We may need to request additional information from you to confirm your identity before providing the access or making corrections.
We will do our best to respond to Personal Data access and correction requests within 30 days. Where we are unable to meet this timeline, we will update you with the soonest possible time within we can provide the information or make the correction. Please note that certain types of Personal Data access and correction requests may be exempt under Applicable Laws, and we may charge you a reasonable fee for the handling and processing of your Personal Data access request, if permitted by Applicable Laws.
While CostFit makes reasonable efforts to provide our users with access to their Personal Data, there may be circumstances in which we are unable to provide such access, including but not limited to: where the information in question is legally privileged, would compromise the privacy or other legitimate rights of other persons, where the burden or expense of providing access would be disproportionate to the risks to your privacy, where the request is clearly excessive or unfounded, or where the information requested comprises proprietary business information.
If you have said we can, we will send you marketing messages by email or SMS, to keep you aware of what we’re up to and to help you see and find our products.
ADMINISTRATION AND MANAGEMENT OF PERSONAL DATA
You should ensure that all Personal Data you submit to us is complete, accurate, up-to-date, and correct. Failure to do so may result in our inability to provide you with the products and services you have requested. You should keep us updated of any relevant changes to your Personal Data. We will not be responsible for relying on inaccurate or incomplete Personal Data if you have not updated us of such changes.
We will make reasonable efforts to ensure Personal Data likely to be used by us or disclosed by us to another organisation is accurate, up-to-date, and correct.
We will also put in place reasonable security arrangements to ensure that your Personal Data is adequately protected and secured and to prevent any unauthorised access, collection, use, disclosure, copying, modification, leakage, loss, damage or alteration of your Personal Data. However, we will not be responsible for any unauthorised use of Personal Data by third parties which is attributable to factors beyond our control. Further, given that no data transmission over the internet can be guaranteed as completely secure, we cannot guarantee 100% the security of any (personal or other) information you transmit to us; and as such we will not be liable for any breach of security or unintended loss or disclosure of information due to our Platforms being linked to the Internet.
DATA RETENTION AND DESTRUCTION
When Personal Data in our possession is (i) no longer required for any reason connected to the purpose it was originally collected or (ii) retention by us is no longer necessary for any other legal or business purposes, we will exercise measures to ensure such Personal Data is either destroyed or anonymised. If this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.
and other countries or jurisdictions depending on the nature of the services those recipients provide to us.
THIRD-PARTY COOKIES AND TRACKING TECHNOLOGIES
CostFit uses the services of third-party vendors, who may implement one or more persistent “Tracking Technologies” (such as cookies, eTags, pixels, web beacons/ GIFs, local storage, or other identifiers on your device and browser settings) in order to recognise you and your device each time you visit our Website. We use these technologies for a number of purposes to enhance your online experience, such as for preference setting, offer selection, analytics, conversion attribution and fraud reduction. We use both session and persistent tracking technologies.
Advertisements or other services on the Website may be provided by third-party agencies. These advertisements may also include Tracking Technologies. The collection, use, and disclosure of information, including Personal Data, collected by such third-party Tracking Technologies are subject to the privacy and data protection policies of the third-party vendors and are not under our control. For more information on third-party advertising-related cookies and how to opt-out of them, please visit Your Online Choices.
You may reject first party and third-party Tracking Technologies through the settings on your browser. Note that this may result in the loss of Website functionality, restrict your use of the Website, or delay or affect the way in which the Website operates.
We may use third-party service providers to monitor and analyse the use of our Website. The primary service providers we use are:
GOOGLE ANALYTICS AND GOOGLE OPTIMIZE
CostFit uses certain Google Analytics functions. Please see this link for how your data is collected and this link for instructions on how to opt-out of any Google Analytics data tracking.
CostFit may use Google Analytics features based on Display Advertising, including but not restricted to the following: Google Optimize, Remarketing, Google Display Network Impression Reporting, DoubleClick Campaign Manager Integration, and Google Analytics Demographics and Interest Reporting. Using the Google Ads Settings, you can opt-out of Google Analytics for Display Advertising and Google Optimize and customise Google Display Network ads.
CostFit also uses Remarketing with Google Analytics to advertise online; third-party vendors, including Google, may show CostFit ads on sites across the internet. CostFit and third-party vendors, including Google, use first-party Tracking Technologies (such as the Google Analytics cookie) and third-party Tracking Technologies (such as the DoubleClick cookie) together to inform, optimise, and serve ads based on visitors’ past visits to CostFit, as well as report how ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to visits to CostFit.
When you log on to the CostFit website, CostFit with the help of Google Analytics may use your browsing behaviour to connect it with any other data that has previously been provided by you, in accordance with this policy.
FACEBOOK ANALYTICS AND FACEBOOK INSIGHTS
Facebook Insights is a tool which tracks user interaction on the CostFit's Facebook page, allowing page admins to track usage and improve page performance.
Facebook Analytics is a behavioural analytics solution that helps to track, measure, better understand, and optimise products and customer experience and provides audience information and unifies analytics across devices and channels.
Emails and letters should clearly state that you are making a data protection query, request, or complaint in the subject line to ensure the matter is dealt with expediently. We will strive to deal with any query, request, or complaint promptly and fairly.
You can find more information about privacy and the protection of your Personal Data on the website of the OAIC at https://www.oaic.gov.au/.
UPDATES ON DATA PROTECTION POLICY
Last updated: 20/08/20