This policy outlines the way we at Firefly Zipline (ABN 43651402710) collect, hold, use and disclose personal information. We may collect personal information of adult and children clients.
WHAT PERSONAL INFORMATION WE COLLECT & HOW AND WHY WE COLLECT IT?
What personal information do we collect?
The personal information we collect is generally limited to:
- credit card or direct debit details;
- date of birth;
- drivers licence;
- name and contact details;
- any communications we have.
However, we may also collect:
- sensitive information from you with your consent, such as where we ask for information about your health information; and
- information about how you use our website, via third parties.
How do we collect your personal information?
The main way we collect information is when you give it to us, for example, via our website sign up or other forms, via phone, email, when you submit comments or feedback or via social media.
However, we may also collect personal information from your parent/ guardian.
Why do we collect your personal information?
We need your personal information to:
- communicate with you in relation to your enquiry;
- verify your identity for security purposes;
- send you news if you have signed up (you can unsubscribe at any time);
- conduct our business, and enable your use of our website, products and services; and
- in some cases to comply with our legal obligations, such as record keeping (currently the law requires us to keep adult records for 7 years and children's records until they turn 25 years of age).
We also collect personal information to analyse and enhance our business operations and improve your experience with our business. This is used as statistical information to analyse traffic to our website, and to customise content and advertising we provide.
You can opt out of the collection and use of this information by changing your privacy settings or opting out. To opt out you can go here: https://tools.google.com/dlpag...
To change your Facebook ad preferences you can go here:
Where we collect your financial information, we use it to help you pay for our products and services. Only the staff that need to know this information have access to it, and we only keep it as long as it is necessary. We use SSL certificates to verify your identity, and encrypt any data you give us. All financial information is encrypted on our servers and we do not keep all your data (to prevent unauthorised and duplicated transactions). We do not keep any details of your direct debit, and all information is sent to our bank for processing.
WHEN DO WE DISCLOSE PERSONAL INFORMATION & HOW YOU CAN ACCESS IT?
When do we disclose your personal information?
We will take reasonable precautions to protect your personal information, including against loss, unauthorised access, disclosure, misuse or modification. It is kept securely and accessible only to authorised personnel. Information is kept in accordance with our legal record keeping obligations and then destroyed appropriately. We generally will not disclose your personal information unless:
- you consent;
- it is required or authorised by law*; or
- it is reasonably necessary for one of the purposes for which we collect it.
* This can include where we are of the reasonable belief that there is a serious risk to life, health or safety of you or another person. For example, if there is evidence of clear danger of harm to self and/or others, we may be legally required to report this information to the authorities responsible for ensuring safety. This includes if there is a strong suspicion of physical or sexual abuse or emotional, or neglect or exposure to family violence of any person under 18 years of age. A court order could also require the us to release information contained in records.
However, we do disclose your personal information where it is necessary to obtain third party services, such as analytics, data storage, payment service providers or marketing and advertising services. To protect your personal information we endeavour to ensure that our third party service providers also comply with the Australian Privacy Principles, but some third parties we use may collect, hold and process personal information overseas. You can opt out of the collection and use of this information by changing your privacy settings or opting out.
How can you access or delete your information?
If you want access to your information to correct or have it deleted please email us at firstname.lastname@example.org. Except where we are permitted or required by law to withhold it, we will help you. If you consider that we have breached any privacy laws please also email us at email@example.com. You can make a complaint with the Office of the Australian Information Commissioner phone on 1300 363 992, online at http://www.oaic.gov.au/privacy/making-a-privacy-complaint or post to: Office of the Australian Information Commissioner, GPO Box 5218, Sydney, NSW 2001.