Privacy Policy

1. Introduction

1.1 BJ CUSH PTY LIMITED (ACN 130 055 855) as trustee for BJ Cush Family Trust trading as Bondi  Icebergs Gym (we, us, our) recognises the importance of protecting the privacy and the  rights of individuals in relation to their personal information.  

1.2 This Privacy Policy sets out our commitment to protecting the privacy of your personal  information and how it is collected whether through our website (Site), directly from you or  otherwise. 

1.3 We respect your rights to privacy under the Privacy Act 1988 (Cth) (Privacy Act) and the  Australian Privacy Principles, and we manage the collection and disclosure of your personal  information in accordance with these requirements. 

1.4 We also uphold your rights to privacy if you are based in the European Union, in accordance  with the General Data Protection Regulation (EU) (GDPR). Your rights under the GDPR are  listed in clause 12.  

1.5 If you do not wish to provide personal information to us, then you do not have to do so.  However, this may affect your use of this Site or any products and services offered on it. 

2. What is your personal information? 

2.1 When used in this Privacy Policy, the term “personal information” has the meaning given to it  under the Privacy Act and GDPR.  

2.2 In general terms, it is any information that can be used to personally identify you. This may  include your name, address, telephone number, email addres, profession or occupation and  medical information.  

2.3 If the information we collect personally identifies you, or you are reasonably identifiable  from it, the information will be considered personal information.  

2.4 We may also collect some information that is not personal information because it does not  identify you or anyone else. For example, we may collect anonymous answers to surveys or  aggregated information about how users operate on our Site. 

2.5 Your personal information will not be shared, sold, rented or disclosed other than as  described in this Privacy Policy.  

3. What information we may collect from you 

3.1 We may collect the following personal information from you: 

a. names;  

b. email address;

c. telephone number; 

d. business management information;  

e. billing, mailing, business and/or residential address; 

f. business or company numbers and names; 

g. banking, credit card, or other online payment details to process purchases;

h. website and social media information; 

i. date of birth; 

j. gender; 

k. various forms of identification; 

l. profession or occupation; 

m. employment status; 

n. medical and other health information; 

o. emergency contact details, including next of kin; 

p. marital status; 

q. number of dependents; 

r. photographs; and 

s. general information in relation to the provision of our services to you.  

3.2 We may collect personal information about you so that we can perform our business  activities and functions and to provide best possible quality of customer service. We collect,  hold, use and disclose your personal information for the following purposes: 

a. to provide our services to you;  

b. to allow us to conduct our business functions; 

c. to conduct internal record keeping; 

d. to identify and understand user needs; 

e. to enable us to process your personal data; 

f. to send communications requested by you; 

g. to answer enquiries and provide information or advice about existing and new  services; 

h. to conduct market research, business development and marketing activities (including  direct marketing); 

i. to send you promotional information about our products and services and about third  parties that we think you may find interesting; 

j. to comply with any law, rule, regulation, lawful and binding determination, decision or  direction of a regulator, or in cooperation with any governmental authority; 

k. to contact you; 

l. to book appointments; 

m. to personalize and customize your experience on our Site; and 

n. for our internal administrative, marketing and planning requirements.


4. How do we collect your personal information? 

4.1 We collect your personal information directly from you unless it is unreasonable or  impracticable to do so. When collecting personal information from you, we may collect in  ways including: 

a. when you make an enquiry about our services;  

b. when you fill in any of our online forms, or make any online enquires;  

c. through your access and use of our Site, including when you register as a member; d. during conversations between you and our representatives or through any other  means or platforms, including social media;  

e. when you ask to be placed on one of our subscription/mailing lists;  

f. when you become a member of ours or otherwise use our services;  

g. when you use or access our social media pages, which may be collected through use of  web analytics tools, 'cookies' or other similar tracking technologies that allow us to  track and analyse your Services usage; 

h. when you visit any links shared via our social media posts, emails or other landing  pages; and 

i. during any and all calls between you and our representatives. 


5. What happens if we can’t collect your personal information? 

5.1 If you do not provide us with the personal information described above, some or all of the  following may happen: 

a. we may not be able to provide our products or services to you, either to the same  standard or at all; 

b. we may not be able to provide you with information about services that you may want,  including information about special promotions; or 

c. we may be unable to tailor the content of our Site to your preferences and your  experience of our Site may not be as enjoyable or useful. 


6. Our Site 

Site User Tracking Experience  

6.1 We may use tracking software to review and improve your experience of our Site, Surveys  and landing pages. In particular, we may use Facebook Pixel, Mindbody, Mailchimp, Squarespace, Google Analytics, YouTube, etc. 

6.2 When visiting our Site, the site server makes a record of the visit and logs the following  information for statistical and administrative purposes: 

a. the user’s server address – to consider the users who use the site regularly and tailor  the site to their interests and requirements; 

b. the date and time of the visit to the site – this is important for identifying the Site’s  busy times and ensuring maintenance on the site is conducted outside these periods;

c. duration of the visit – this indicates to us how interesting and informative the our site  is to users;  

d. the type of browser used – this is important for browser specific coding; and e. in order to optimize our Site and better understand it’s usage, we collect the visiting  domain name or IP address, Computer Operating System, Browser Type and Screen  Resolution. 

6.3 We may use advertising products, such as Remarketing with Facebook, Google Analytics and  Google Analytics Demographics and Interest Reporting. Google Analytics collects data about  our Site traffic via Google Advertising cookies and anonymous identifiers.  

6.4 Data collected via these Google products is not linked with any personally identifiable  information you submit while on our Site. If you wish to opt out of the Google Analytics data  collection, you may do so on Google's Site at tools.google.com/dlpage/gaoptout

Cookies 

6.5 When you access our Site, we may send a “cookie” (which is a small summary file containing  a unique ID number) to your computer. This enables us to recognise your computer and greet  you each time you visit our Site without bothering you with a request to register. It also  enables us to keep track of services you view so that, if you consent, we can send you news  about those services.  

6.6 We also use cookies to measure traffic patterns, to determine which areas of our Site have  been visited and to measure transaction patterns in the aggregate.  

6.7 We use this to research our users’ habits so that we can improve our online services. Our  cookies do not collect personal information. If you do not wish to receive cookies, you can set  your browser so that your computer does not accept them. We may log IP addresses (that is,  the electronic addresses of computers connected to the Internet) to analyse trends,  administer the Site, track users’ movements, and gather broad demographic information.  

6.8 The Site may contain content and sharing tools embedded from various social networks, such  as Facebook. These suppliers may use and place cookies on your device. We do not have  access to, and cannot control, these cookies or the personal data and information that they  may collect. You therefore need to check the websites of these suppliers to get further  information on how they manage cookies and what information their cookies collect. 

Security 

6.9 As our Site is linked to the Internet, and the Internet is inherently insecure, we cannot  provide any assurance regarding the security of transmission of information you  communicate to us online.  

6.10 We also cannot guarantee that the information you supply will not be intercepted while  being transmitted over the Internet. Accordingly, any personal information or other  information which you transmit to us online is transmitted at your own risk.

Links 

6.11 We provide links to websites outside of our Site, as well as to third party websites. These linked websites are not under our control, and we cannot accept responsibility for the  conduct of any companies, businesses, affiliates, advertisers and sponsors, linked to our Site.  

6.12 Before disclosing your personal information on any other website or to any third party, we  advise you to examine the terms and conditions of using that website and its privacy policy.  Third party websites are responsible for informing you about their own privacy practices.  

7. Who do we disclose your information to? 

7.1 We will disclose your personal information to: 

a. our directors, employees, affiliates, independent contractors, representatives or  service providers, including, without limitation, consultants web hosting providers, IT  systems administrators, mailing houses, couriers, payment processors, data entry  service providers, electronic network administrators, debt collectors, and professional  advisors such as accountants, solicitors, business advisors, for the purposes of  

operating our Site or our business, fulfilling requests by you, and to otherwise provide  services to you; 

b. suppliers and other third parties with whom we have commercial relationships, for  business, marketing, and related purposes, which may include overseas parties;  

c. credit reporting agencies and courts, tribunals, regulatory authorities where customers  fail to pay for goods or services provided by us to them, and other law enforcement  officers as required by Law;  

d. Bondi Icebergs Club to provide you access with the pool and sauna; and 

e. any other organisation for any authorised purpose with your express consent. 

7.2 If there is any change or potential change to the control of our business pursuant to the sale,  assignment or transfer of the business, or business assets, its assets and/or liabilities, we  reserve the right to sell, assign and/or transfer our user databases, together with any  personal information and non-personal information contained in those databases to the  extent permitted by law. In that event, your personal information may be disclosed to a  potential purchaser, assignee or transferee, however any disclosures will only be made in  good faith and where confidentiality is maintained. 


8. Direct marketing materials  

8.1 We may send you direct marketing communications and information about our services that  we consider may be of interest to you. These communications may be sent in various forms,  including mail, SMS and email, in accordance with applicable marketing laws, such as the  Spam Act 2003 (Cth). 

8.2 If you indicate a preference for a method of communication, we will endeavour to use that  method whenever practical to do so.  

8.3 In addition, at any time you may opt-out of receiving marketing communications from us by  contacting us (see the details below) or by using opt-out facilities provided in the marketing  communications and we will then ensure that your name is removed from our  

subscription/mailing list.  

8.4 We do not provide your personal information to other organisations for the purposes of  direct marketing.  


9. Security and data quality 

9.1 We take reasonable steps to ensure your personal information is protected from misuse and  loss and from unauthorised access, modification or disclosure. 

9.2 We strive to ensure the security, integrity and privacy of personal information that you  submit to us through our Site. Unfortunately, no data transmission over the Internet can be  guaranteed to be totally secure.  

9.3 We endeavour to take all reasonable steps to protect the personal information you may  transmit to us or from our online products and services. Once we do receive your  transmission, we will also make our best efforts to ensure its security on our systems. 

9.4 In addition, our employees and the contractors who provide services related to our  information systems are obliged to respect the confidentiality of any personal information  held by us.  

9.5 We may hold your information in either electronic or hard copy form. Personal information is  destroyed or de-identified when no longer needed or when we are no longer required by Law  to retain it (whichever is the latter). 

9.6 Should a data breach involving personal information occur: 

a. We will take positive steps to address the breach in a timely manner and take remedial  action such that the data breach does not result in serious harm. 

b. We will undertake reasonable and expeditious assessment to determine if it is an  ‘eligible data breach’, that is a breach likely to result in serious harm to any individual  affected. 

9.7 In compliance with Privacy Amendment (Notifiable Data Breaches) Act 2017, we agree that if  we become aware of reasonable grounds to believe an eligible data breach has occurred, we will promptly notify the Office of the Australian Information Commissioner (Commissioner),  the Association of Market and Social Research Organisations (AMSRO) and the affected  individuals at likely risk of serious harm.


10. How long do we retain your personal data? 

10.1 We will only keep your personal data for as long as necessary to fulfil the purposes we  collected it for, including for the purposes of satisfying any legal, accounting, or reporting  requirements. 

10.2 To determine the appropriate retention period for personal data, we consider the amount,  nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use  or disclosure of your personal data, the purposes for which we process your personal data  and whether we can achieve those purposes through other means, and the applicable legal  requirements. 

10.3 By Law, we must keep basic information about our customers (including contact, identity,  financial and transaction data) for five years for Australian tax law purposes. 

10.4 In some circumstances, you can ask us to delete your data; see your legal rights below for  further information.  

10.5 In some circumstances we may anonymise your personal data (so that it can no longer be  associated with you) for research or statistical purposes in which case we may use this  information indefinitely without further notice to you. 

11. If I am based in the EU, what are my legal rights under the GDPR?  

11.1 If the General Data Protection Regulation applies to you because you are in the European  Union, you have rights under data protection laws in relation to your personal data: 

a. The right to be informed – that’s an obligation on us to inform you how we use your  personal data; 

b. The right of access – that’s a right to make what’s known as a ‘data subject access  request’ for copy of the personal data we hold about you; 

c. The right to rectification – that’s a right to make us correct personal data about you  that may be incomplete or inaccurate; 

d. The right to erasure – that’s also known as the ‘right to be forgotten’ where in certain  circumstances you can ask us to delete the personal data we have about you (unless  there’s an overriding legal reason we need to keep it); 

e. The right to restrict processing – that’s a right for you in certain circumstances to ask  us to suspend processing personal data; 

f. The right to data portability – that’s a right for you to ask us for a copy of your personal  data in a common format (for example, a .csv file); 

g. The right to object – that’s a right for you to object to us processing your personal data  (for example, if you object to us processing your data for direct marketing); and

h. Rights in relation to automated decision making and profiling – that’s a right you have  for us to be transparent about any profiling we do, or any automated decision making. 

11.2 These rights are subject to certain rules around when you can exercise them. 

11.3 If you wish to exercise any of the rights set out above, please contact us at hello@bondiicebergsgym.com. 

12. How can you access and correct your personal information? 

12.1 You may request access to any personal information we hold about you at any time by  contacting us (see the details below).  

12.2 Where we hold information that you are entitled to access, we will try to provide you with  suitable means of accessing it (for example, by mailing or emailing it to you).  

12.3 We may charge you a reasonable fee to cover our administrative and other reasonable costs  in providing the information to you.  

12.4 We will not charge for simply making the request and will not charge for making any  corrections to your personal information. 

12.5 There may be instances where we cannot grant you access to the personal information we  hold. For example, we may need to refuse access if granting access would interfere with the  privacy of others or if it would result in a breach of confidentiality. If that happens, we will  give you written reasons for any refusal. 

12.6 If you believe that personal information we hold about you is incorrect, incomplete or  inaccurate, then you may request us to amend it. We will consider if the information requires  correction. If we do not agree that there are grounds for correction, then we will add a note  to the personal information stating that you disagree with it.  

13. How can you withdraw your consent to this Privacy Policy? 

13.1 You may withdraw your consent to this Privacy Policy at any point. If you wish to withdraw  your consent to our collection and retention of your data, please contact our Data Protection  Officer at hello@bondiicebergsgym.com and we can arrange for your data to be deleted,  destroyed or returned to the extent we are permitted by law. However, this may affect your  use of this Site or any products and services offered on it. 

13.2 You may choose to restrict the collection or use of your personal information. If you have  previously agreed to us using your personal information for direct marketing purposes, you  may change your mind at any time by contacting us at the email address listed in this Privacy  Policy. 

13.3 To unsubscribe from our e-mail database, or opt out of any communications, please contact  us at the email address listed at the start of the Privacy Policy, with “Unsubscribe” in the  subject line of the e-mail. 

14. What is the process for complaining about a breach of privacy? 

14.1 If you believe that your privacy has been breached, please contact us using the contact  information below and provide details of the incident so that we can investigate it.  

14.2 We will treat your complaint confidentially, investigate your complaint and aim to ensure  that we contact you and your complaint is resolved within a reasonable time (and in any  event within the time required by the Privacy Act and/or the GDPR, if applicable).  

15. Contacting us 

15.1 If you have any questions about this Privacy Policy, any concerns or a complaint regarding the  treatment of your privacy or a possible breach of your privacy, please contact us at hello@bondiicebergsgym.com.  

15.2 We will treat your requests or complaints confidentially.  

15.3 Our representative will contact you within a reasonable time after receipt of your complaint  to discuss your concerns and outline options regarding how they may be resolved.  

15.4 We will aim to ensure that your complaint is resolved in timely and appropriate manner.

16. Changes to our Privacy Policy 

16.1 All Personal Information held by us will be governed by our most recent Privacy Policy,  posted on our Site, where the Privacy Policy will be located.  

16.2 Any changes to this Privacy Policy may be advised to you by updating this page on our Site.  We encourage you to check this page from time to time for any changes. © Progressive Legal  Pty Ltd (ACN 607 068 708) trading as Progressive Legal (2022). All Rights Reserved. This  Privacy Policy was last updated on 8 July 2022.