Privacy Policy
At Five At Heart we are all about Straight Talking. We want to be clear with you about how we collect and handle your Personal Information. It is why we would like to step you through our approach to data privacy, and how it might relate to you.
Our Privacy Policy supports the Australian Privacy Principles contained in the Privacy Act 1988 (Cth). In addition, we are General Data Protection Regulation (GDPR) compliant and meet the various federal laws that govern privacy in the United States of America.
We will never take your privacy for granted and will always take the utmost care in protecting your personal information.
So Who Is This Policy Relevant To?
This policy applies to you if you are currently working with us as a client, contractor, supplier, distributor, one of our employees, if you visit or use our website or social media, subscribe to our newsletters, or if you engage with Five At Heart as a business or in any other capacity.
The Personal Information We Collect
The term Personal Information refers to information or an opinion that identifies you as an individual or relates to you as an individual, for example your IP address. The type of Personal Information we collect will generally depend on the type of relationship we have with you but it will only ever be for legitimate business needs.
If you are one of our clients or potential clients, it is likely that you have shared personal information with us. That might include your name, email, address, occupation and details of other communications we have had with you.
For contractors and staff members, the type of information we have collected might be more detailed. This could include the examples above, as well as recruitment and payroll information, tax file numbers, residency status, your Curriculum Vitae, emergency contacts, bank and superannuation accounts. We will only ever keep this information if it will help us work with you.
If you have checked out our fiveatheart.com website, we might collect information that you have shared with us directly and indirectly. Direct information could include the details you have chosen to share with us when making a contact enquiry or when you sign up to our email newsletter. Indirect information might be data we capture from cookies. This type of information is always anonymous and doesn’t identify you personally.
We may also capture your Personal Information through our other social media channels including LinkedIn, Instagram, Pinterest or Facebook.
For anyone who interacts with us, if you choose to share information that is considered ‘sensitive’, this is entirely up to you. This could include things like racial or ethnic origin, membership of a trade union, criminal record, health information or religious and political opinions.
Usually, the information we collect has been shared directly from you but in some cases, it might be provided by a third party. For example, if you are a potential employee, someone may refer your Curriculum Vitae to us. If a third party shares this type of information with us, we will let you know. It will then be up to you to tell us if you are ok with this or want us to remove this information from our records.
How We Will Use and Disclose Personal Information.
We collect your Personal Information for the primary purpose of understanding your requirements and providing or marketing our products and services to you.
We will only ever use your Personal Information for the purpose you shared it for. This does mean that there will be times when we might have to share your information with a third party to make sure we can meet your needs and do business with you. For example, we may need to send your details to our email campaign platform so you can receive our newsletters or to the payroll company that processes your pay.
Your Personal Information may also be disclosed:
- To third parties where you consent to the use or disclosure; and
- Where required or authorised by law.
You Control the Data You Share with Us.
It is important to us that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up-to-date or is inaccurate, please advise us as soon as practicable.
If you wish to access your Personal Information, please contact us in writing. Five At Heart will not charge any fee for your access request.
You have the right to:
- be forgotten;
- access your data;
- request that your data be erased;
- request for the processing of your data to be restricted;
- data portability.
We therefore will ensure that we are able to easily erase your personal data. We will also store personal information in a format that is easy to extract and provide to our customers upon request.
How We’re Walking the Talk
We will ensure that the privacy notices on our website are visible to our users every time that we collect personal data from them.
Whenever we collect personal data on-line, we will include a “tick to accept” box against the following:
- A Consent Statement (written in plain language) to record a user’s consent to the collection of personal data
- Confirmation that a subscriber is over 16 years old and can consent to the processing of personal data
- Agreement with our Privacy Policy; and if relevant
- Identification of what a subscriber is consenting to receive, for example our newsletter. We will also let you know how often subscribers can expect to receive these email communications.
We will keep evidence of the nature of consent between us and our subscribers.
We will ensure that all our marketing and campaign emails we send include both an “Unsubscribe from this list” link and an “Update your subscription preferences” link in the footer.
We will also ensure our marketing automation platform and CRM system are set to sync automatically to ensure that if a person on our list unsubscribes that they do not continue to receive emails.
Whether it is stored in a physical or digital format, we always work towards making sure Personal Information is safe and secure to protect it from misuse and loss and from unauthorised access, modification and disclosure. Some of our services are outsourced, however, we will ensure that our systems and those that our third party support services use have security software and data protection measures installed.
If there is a data breach, we will inform you about the breach and do everything we can to resolve and mitigate the unauthorised access.
We will review the existing Personal Information that we hold and delete any personal data that we do not need or did not collect as per this policy.
When Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify it. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.
Inquiries and Complaints
If you have any inquiries or complaints please contact us at:
Five At Heart
PO Box 13652, George Street, Brisbane 4003
Phone: 1300 769 332
Email: privacy@fiveatheart.com
We hope to discuss any concerns or complaints you have with our policy personally, but if you are not satisfied with our response you can get in touch with the Office of the Australian Information Commissioner; in the UK the Information Commissioner’s Office; or in the USA the Federal Trade Commission.