Under the GDPR, we are the controller and processor of the personal information we collect about you.
Contacting us about your privacy
|Our business:||Georgina May Sleep ABN 49 629 306 174|
|Contact person:||Privacy Officer|
If you have any questions, have a complaint, or wish to make a request to exercise any of your rights in relation to your personal information, please contact us using the contact details above. We will usually respond to you within 30 days and take action, within reason, as quickly as possible.
If you are not happy with how we manage your concerns, you can contact your local data protection supervisory office. For example, in Australia this would be the Office of the Australian Information Commissioner [www.oaic.gov.au]. In the EU this would be the European Data Protection Supervisor [https://edps.europa.eu/]. In the UK this would be the Information Commissioner’s Office [https://ico.org.uk/]. There is no federal regulator in the United States.
What is personal information?
‘Personal information’ or ‘personal data’ is information that directly identifies you, such as your name and email address, or data that could be used, on its own or in combination with other data, to identify you. It does not include anonymized data.
‘Sensitive personal information’ is information about you that requires additional protection such as health information, criminal history, ethnicity and religious beliefs or sexual preferences. We do not intentionally collect sensitive personal information about you and request that you do not unintentionally share it with us. You may provide sensitive personal information such as health conditions relating to your child while participating in our programs. We will take steps to appropriately protect any sensitive information that we do receive.
You can browse our website anonymously, although cookies may be used to collect information.
You will not be able to access our products or services anonymously, which may require you to become a member with us. Once you access our services, we will begin collecting your personal information in accordance with this policy.
Collection of data of minors
Our website is not intended to be used by minors and we do not intentionally collect the personal data of persons under the age of 18. If you are the guardian of a minor and suspect they may have provided us with their personal information, please contact us and request to have the minor’s personal information destroyed.
How we collect personal data
We collect personal data about you when you give it to us. This generally occurs when you sign up as a member through our website, interact with us on social media (eg. our private Facebook group), or when you communicate with us via email, phone, or any other means.
We collect your personal data for our business purposes including to provide you with our products and services and marketing purposes. We collect and process the minimum amount of information required for these purposes, such as:
- your first and last name
- your address
- your phone number
- your email address
- payment details (although these are only processed by our payment platform)
- your IP address
- any other information you supply to us or make available via our website
We may receive information about you from third-party sites (for example, social sites such as Facebook, Instagram or LinkedIn). We may process this data for our legitimate business interest to properly administer our business and website. You should be aware that personal information you disclose on social media sites is publicly available, and when you make information available on public areas, we can no longer keep the information private.
Summary of the categories of personal information we collect
We may collect and process the following categories of personal data about you:
Communication Data – this includes any communication that you send to us whether that be through the contact/subscriber form on our website, email, phone, text, social media messaging, social media posting or any other method of communication. Our lawful ground for processing this data is our legitimate interests to respond to communications sent to us, to keep records and to establish, pursue or defend legal claims.
Customer Data – this includes data relating to any payments you make for our products and services such as your name, title, billing address, email address, phone number, and payment details. We process this data to provide the products and services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and or taking steps at your request to enter into such a contract.
User Data – this includes data about how you use our website together with any data that you upload onto our website. Our lawful ground for processing this data is our legitimate interests to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain backups of our website and or databases and to enable us to properly administer our website and our business.
Technical Data – this includes data about your use of our website such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and business, and to grow our business and decide our marketing strategy.
Marketing Data – this includes data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to send you our newsletters, enable you to partake in our promotions (if any), to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising. Our lawful ground for this processing is our legitimate interests which in this case are to study how users use our services, develop our services, grow our business and decide our marketing strategy.
How we use personal data
We may use your personal information to provide you with our products and services, contact you, or answer your enquiries. With your permission, we may use your email address to send you emails about our activities. You may always withdraw your consent and unsubscribe from these emails by clicking on the unsubscribe link or by contacting us using the information set out above.
We also may share your personal information when required to do so by law, with third parties who provide services to us, or with our professional advisers to obtain advice. We use your personal information in this manner to ensure the legitimate functioning of our business and to meet our legal obligations.
Links to other websites
Our website may contain links to other websites such as Facebook. These sites have their own privacy policies and may collect your personal information and handle it for their own purposes. We are not responsible for the privacy policies or privacy practices of any third-party sites.
Storage of data
We aim to store your personal data for no longer than is necessary to provide you with our products and services, comply with our legal obligations, resolve disputes, enforce our agreements and rights, or longer if it is not reasonably feasible to remove it from where it is stored.
After that time, we may still retain your personal information, however, if we do so, it will be in a form where personal details are de-identified. This means the data is made anonymous and you will not be able to be identified.
Security of data
We recognize the importance of keeping your information secure. We have put in place security measures to help protect your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. We use third party hosting and storage providers with industry standard security. We do not keep hard copy records, and we restrict access to our electronic records to our employees, contractors and service providers who need to know the information to operate, develop or improve our services.
We have procedures in place to deal with any suspected personal data breach and will notify any applicable regulator of a breach if we are legally required to.
DISCLAIMER: While we do our best to ensure the security of your data, no storage or transmission over the internet is 100% secure. Despite our efforts, we cannot guarantee the security of your data. If you feel this is not sufficient, please do not use our website or provide us with your personal information. If you have already provided personal information, please contact us and we will securely destroy it.
We use a variety of third-party providers to host and manage our website. Your personal information is stored through their data storage, databases and their general platforms.
CROSS-BORDER TRANSFER: Depending on your location, your personal information may cross international borders and may be stored in a jurisdiction with different privacy laws to where you live. By agreeing to this policy, you agree to such a transfer.
Where we collect your data within the European Economic Area (EEA), it is transferred for processing in other countries (for example, Australia and the US). We have certain safeguards in place to ensure a similar degree of security for your personal data including:
- transferring your personal data to countries that the European Commission has approved as providing an adequate level of protection for personal data;
- if we use US-based providers that are part of the EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place; or
- using specific contracts, codes of conduct or certification mechanisms approved by the European Commission which aim to give personal data the same protection it has in the EEA.
If none of the above safeguards are available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
Data rights where you are an EEA resident
This part applies if you are an individual located within the EEA.
Under the GDPR you have rights in relation to your personal data, including:
- The right to request access
You have the right to ask us whether we are processing your personal data and if so, to provide you a copy of that personal data.
- The right to correction
If your personal data is inaccurate or incomplete, you have the right to request that it be corrected or completed. If we have shared your personal data with third parties (for example, third-party service providers processing data on our behalf), we will tell them about the correction where possible.
- The right to erasure
You have the right to request that we delete or remove your personal data from our records. We will do so in some circumstances, such as where we no longer need it. If we have shared your personal data with third parties, we will tell them about the erasure where possible.
However, your personal data may not be removed from our backups as we are unable to isolate individual data files from our backup. In this instance, your data will disappear on the next scheduled back up update.
- The right to restrict processing
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as where you contest the accuracy of that personal data or object to us processing it. If we have shared your personal data with others, we will tell them about the restriction where possible.
- The right to object to processing
You have the right to ask us to stop processing your personal data in certain circumstances. We will do so if we are processing your personal data for direct marketing.
- The right to data portability
You have the right to request that we transfer your personal data that we have collected to another organization, or directly to you, under certain conditions.
If data we have collected about you is processed using automated means, you have the right to receive that data in a structured, machine-readable format and to transmit it to another data controller without hindrance.
- The right in relation to automated decision-making and profiling
You have the right not to be subject to decisions based solely on automated processing of your personal data, including profiling, unless you provide your explicit consent to such processing.
- The right to withdraw consent
If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on your prior consent.
If you wish to exercise any of the rights set out above, please contact us using our contact details at the top. We try to respond to all legitimate requests within 30 days. Occasionally it may take us longer than that period if your request is particularly complex or if you have made a number of requests. If this is the case, we will notify you.
You will not have to pay a fee to access your personal data or to exercise any of the other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We may refuse to comply with your request in some circumstances however we will let you know if this is the case.
We will request specific information from you to help us confirm your identity and ensure your right to exercise any of your rights above. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you and ask for further information in relation to your request.
Data rights where you are not an EEA resident
You may request copies of the information we hold about you, which will only be provided electronically. Our contact details are listed near the top of this policy.
You may make a request to amend or correct that information. If we do not agree with your requested change, we will keep a copy of your request with our information and will let you know our reasons.
What is a cookie?
Cookies are small text files a website may put on your device when you first visit a site or page. Cookies help a website recognize your device the next time you visit. Web beacons or other similar files do the same thing. We use the term ‘cookies’ to refer to all files that collect information in this way.
Cookies can serve many functions. For example, they may help us remember your username and preferences, analyse how well our website is performing, or even allow us to recommend content we believe will be most relevant to you.
Certain cookies store personal information. For example, if you select ‘remember me’ when logging in, a cookie will store your username. Most cookies won’t collect information that identifies you personally and will instead collect more general information such as how you arrive at and use our website or your general location.
Cookies are either first party cookies set directly by us, or third-party cookies set by third-party service providers we use.
- Strictly necessary cookies: Some cookies are essential for the operation of our website and cannot be turned off. For example, some cookies allow us to identify a user and ensure they can access certain features of our website. If you choose to disable these cookies, you will not be able to access all our services including the services you have subscribed to.
- Performance cookies: We use other cookies to analyse how our visitors use our website and to monitor website performance. This allows us to provide a high-quality experience by customizing our offerings and quickly identifying and fixing any issues that arise. For example, they allow us to count visits, identify traffic sources and see which parts of the website are most popular. We might also use these cookies to highlight some site services that we think will be of interest to you based on your use of our website.
- Functionality cookies: These cookies allow our website to remember your preferences. For instance, these cookies save you the trouble of typing in your username every time you access our website, and they recall your customization preferences so that we may provide you job alerts most relevant to your industry and experiences. We also use functionality cookies to provide you with our services such as allowing you to upload information onto your profiles or message a user.
Cookies can be:
- Session cookies: These are only stored on your computer during your web session and are automatically deleted when you close your browser. They usually store an anonymous session ID allowing you to browse a website without having to log in to each page, but they do not collect any personal data from your computer; or
- Persistent cookies: A persistent cookie is stored as a file on your device and remains there when you close your web browser. For example, when we use a cookie to remember your log in information. The cookie is set by our website when you indicate you would like your user information remembered and is read by our website the next time you visit our website.
If you are based in the European Union and would like to learn more about how advertisers use these types of cookies or how to choose not to receive them, please visit www.youronlinechoices.eu.
Please note that third parties who advertise on our website (if any) may use their own cookies to provide you with targeted advertising, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.
To find out how to opt-out of tailored advertising please check the options available here – http://www.networkadvertising.org/choices/.