Who We Are
The website and its content is owned by Soul of Gerringong Pty Ltd ABN 77632071008 (SOG, the Company, we, or us). The term ‘you’ refers to the user or viewer of www.soulofgerringong.com.au (‘Website’).
Our Principles of Data Protection
Transparency: We are committed to being open, honest and transparent about Personal Data.
Trust: We agree only to use Personal Data for the purposes we say we will, and for improving the effectiveness and efficiency of our Services.
Safety: We are committed to keeping Personal Data provided to us secure.
Responsibility: We accept the responsibility of handling Personal Data.
What Information Do We Collect?
When you visit our Website or use our Services, we collect Personal Data. The type of personal information we collect will depend on the circumstances of its collection and the nature of your dealing with us. This information may include but is not limited to your name, contact details, date of birth, credit and financial information, bank account details, and preferences and opinion about our Services.
Sensitive information includes information about an individual’s mental health, disability, racial or ethnic origin, criminal convictions, religious affiliation and political affiliation. We will only collect, use or disclose your sensitive information if it is reasonably necessary to carry out our functions or activities, and we have your explicit consent.
The Ways We Collect Your Data
Information you provide to us directly: When you visit or use some parts of our Website and/or Services we might ask you to provide Personal Data to us when you complete an enquiry form, respond to an email offer or to receive a newsletter, participate with us on social media forums, set up an account or enter a competition. Where appropriate, you will be asked to enter your name, e-mail address, mailing address and/or phone number. By doing so, you are giving this information to us voluntarily, and by providing us with this information you are giving us consent to use, collect and process this Personal Data.
Information we collect automatically: We collect some information about you automatically when you visit our Website or use our Services, like your IP address, device ID, computer and connection information, geo-location information and device type. We also collect information when you navigate through our Website and Services, including what pages you looked at and what links you clicked on. This information gives us get a better understanding of how you’re using our Website and Services so that we can continue to provide the best experience possible, for example, by personalising the content you see.
SOG does not set any personally identifiable information in cookies, nor do we employ any data-capture mechanisms on our Website other than cookies. If you prefer, you can choose to disable cookies through your own web browser’s settings or have your computer warn you each time a cookie being sent. Please note disabling this function may cause some of the features on this Website not to work as well as intended; however, you can still place orders for our programs or Services over the telephone.
Information we get from third parties: At times we might collect Personal Data about you from other sources, such as publicly available materials or trusted third parties like our marketing and research partners. We use this information to supplement the Personal Data we already hold about you, in order to better inform, personalise and improve our Services, and to validate the personal data you provide.
Where SOG collects Personal Data, we will only process it to perform a contract with you, make a booking, or where we have legitimate interests to process the Personal Data, and they’re not overridden by your rights, or in accordance with a legal obligation, or where we have provided your consent. If we don’t collect your Personal Data, we may be unable to provide you with all our Services, and some functions and features on our Website may not be available to you.
How We Hold Your Personal Information
We hold your personal information in encrypted electronic forms, in secure databases or cloud-based platforms that we own and operate or that are owned and operated by our service companies. While we take reasonable steps to protect the security of your personal information, data protection and security measures can never be guaranteed. We, therefore, cannot guarantee the security of your personal information.
What Do We Use Your Information For?
We mostly use your Personal Data to operate our Website, provide you with any Services you have requested, and to manage our relationship with you. We also use your Personal Data in the following ways:
To communicate with you: We may provide you with information you have requested from us or information we are required to send to you and to respond to your enquiries, comments, and applications.
SOG may communicate with you about changes to our Website and Services, security updates, or for assistance with using our Website and Services. We may communicate about and administer our products, Services, events, online webinars, podcasts, programs and promotions (such as by sending transactional emails about your purchases).
SOG may send you marketing materials we think you may be legitimately interested in, to ask you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with).
To personalise your experience: Your information helps us to better respond to your individual needs.
To enhance our Website and Services and develop new ones: By carrying out technical analysis or the tracking and monitoring of the use of our Website and Services, we can improve and optimise your user experience.
To support you and improve customer service: Your information helps us to more effectively respond to your customer service requests and support needs.
To provide you with information and materials relevant to our Services.
To administer a contest, promotion, survey or other site feature.
To protect you: So that we can make sure everyone is using our Website in accordance with our permitted uses, and so we can detect and prevent any fraudulent or malicious activity.
To market to you: In addition to marketing communications, we may also use your Personal Data to display targeted advertising to you online. Through our own Website, through third-party websites or through social media platforms, we carry out profiling activities in order to learn more about you and offer you tailored advertising based on your behaviour on our platforms. You can opt-out of Google Analytics® at any time. For more information on opting out of being tracked by Google Analytics® across all websites you use, visit this Google page: https://tools.google.com/dlpage/gaoptout.
To analyse, aggregate and report: We may use the Personal Data we collect about you and other users of our Website and Services (whether obtained directly or from third parties) to produce aggregated and anonymised analytics and reports, which we may share publicly or with third parties.
To send periodic emails: The email address you provide for order processing may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news, updates, related product or service information, etc. If at any time you would like to unsubscribe from receiving future emails, we include detailed instructions on unsubscribing at the bottom of each email.
The legal basis for processing your Personal Data as described above, will typically be one of the following:
(a) your consent;
(b) performance of a contract with you or a relevant party; or
(c) our legitimate business interests or compliance with our legal obligations.
Security: How Do We Protect Your Information?
Security is a priority when it comes to your Personal Data. We are committed to protecting the information you provide us. To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of the information, we have put in place appropriate physical and managerial procedures to safeguard the information we collect.
We use Secure Sockets Layer (SSL) encryption when collecting or transferring sensitive data such as credit card information. SSL encryption is designed to make the information unreadable by anyone but us. This security measure is working when you see either the symbol of an unbroken key or closed lock (depending on your browser) on the bottom of your browser window. However, we cannot guarantee that your Personal Data will always be secure due to technology or security breaches. If we become aware of a high-risk data breach, we will notify you (and the appropriate authority) within seventy-two (72) hours.
How We Can Share Your Data
SOG may share your Personal Data with third parties who we trust, who we are affiliated with and whom we are required to provide it to for the purpose of fulfilling the Services. We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties. However, we may sell, trade or otherwise transfer your Personal Data to third parties who assist us in operating our Website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. For example, third party service companies and partners who assist us with the functionality of the Website or Services, or to deliver, market or promote our goods and services to you.
SOG may use third-party browsers and mobile analytics services like Google Analytics® on the Website. These services use tools to help us analyse your use of our Website including information like the third-party website you arrive from, how often you visit, events within the Platforms, usage and performance data, and purchasing behaviour. We use this data to improve the Website and provide information, products and Services that may be of interest to you.
We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising or other uses.
SOG may be required to provide your Personal Data to regulators, law enforcement bodies, government agencies, courts or other third parties where it is necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure.
Your Personal Data may be shared with an actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business. We will only disclose your Personal Data to other third parties where we have obtained your consent.
Direct marketing means using your personal information to contact you via the phone, SMS or email to promote our services. You acknowledge that by providing us with your personal information, we, our related entities or business partners may contact you to promote and market our respective products and services. You can opt-out from being contacted by us, our related entities or business partners for direct marketing by emailing us at email@example.com at any time to receive a Personal Information Request or Preference Update Form, or you can follow the unsubscribe instructions contained in the email communication.
Data Controller and Data Processors
SOG is the data controller that is collecting and using your Personal Data. We use trusted third parties as our data processors for technical and organisational purposes, including for payments and email marketing. We make all reasonable efforts ensure our data processors are GDPR-compliant.
International Data Transfers
In order for us to provide the products and Services to you, your Personal Data will be stored and processed in Australia. By providing us with your personal information, you consent to us disclosing your Personal Data to third parties located overseas and acknowledge Australian Privacy Principle 8.1 does not apply to any such disclosure. When we share data (to the extent that we do from time to time), it may be transferred to, and processed, in countries other than the country you live.
Where data is shared with third-party data processors in other countries, we put reasonable safeguards in place to ensure your Personal Data remains protected. However, we note that your Personal Data will be captured, transferred, stored, and processed in accordance with their policies, practices and in compliance with their local regulatory laws.
For those in the European Union (EU), this means that your data may be transferred outside of the European Economic Area (EEA). Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria. Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of the data.
Where your Personal Data is transferred outside the EU, it will only be transferred to countries that have been identified as providing adequate protection for EU data or to a third party where we have approved transfer mechanisms in place to protect your Personal Data. If we use US-based companies that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place. If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
SOG will always provide you with the ability to opt-out of our communications by selecting the unsubscribe link at the bottom of all e-mails. We will not share your email address without your consent.
Third Party Websites
We may link to other websites on our Website. We have no responsibility or liability for the content and activities of any other individual, company or entity whose website or materials may be linked to our Website or its content, and thus we cannot be held liable for the privacy of the information on their website or that you voluntarily share with their website. Please review their privacy policies for guidelines as to how they respectively store, use and protect the privacy of your Personal Data.
Children’s Online Privacy Protection Act Compliance and Minors
SOG does not knowingly collect any personally identifiable information from anyone under sixteen (16) years of age in compliance with COPPA (Children’s Online Privacy Protection Act (USA)), the Australian Privacy Act 1988 (Cth) and the GDPR (General Data Protection Regulation of the European Union). If you are under the age of sixteen (16), you must ask your parent or guardian for permission to use this Website.
We will retain your Personal Data for as long as we have a relationship with you, and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we will make sure it’s deleted or is converted to aggregate data.
You have the right to ask us not to send you marketing emails at any time by emailing us at firstname.lastname@example.org to receive a Personal Information Request or Preference Update form, or you can simply follow the unsubscribe instructions contained in the email communication.
You have the right to know what Personal Data we hold about you, and to make sure it’s correct and up to date.
You have the right to request a copy of your Personal Data or ask us to restrict processing your personal data or delete it.
You have the right to object to our processing of your Personal Data.
You have the right to ‘be forgotten’ and request we erase your Personal Data.
You can exercise these rights at any time by sending an email to us at email@example.com and we will respond to within thirty (30) days.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one (1) month. Occasionally it may take us longer than one (1) month if your request is particularly complex or you have made a number of requests. In this case, we will notify you.
If wish to make a complaint you can email us firstname.lastname@example.org. We will review and investigate your complaint and get back to you.
You can also submit a complaint to the Privacy Commissioner or local authorities, which will advise you how to submit a formal complaint.