The Aerial Body (ABN 48 381 859 804)
Lauren Veronica Mason trading as “The Aerial Body” (ABN 48 381 859 804) (“we” and or “us”) recognises the importance of your privacy and understands your concerns about the security of the personal information you provide to us.
In the course of interacting with you, the collection of personal information in some instances is necessary or unavoidable. We are committed to protecting the privacy of all personal information that we collect and ensuring that your personal information is handled correctly.
All personal information collected by us will be treated in accordance with:
(a) the Australian Privacy Principles (“APPs”) as contained in the Privacy Act 1988 (Cth) (“Privacy Act”); and
(b) the General Data Protection Regulations that are in force in the European Union (“GDPR”).
Both the APPs and GDPR detail how personal information may be collected, used, disclosed, stored and destroyed, and how an individual may gain access to or make complaints about the personal information held about them.
This policy (“Privacy Policy”) details the type of personal information we may collect from you, how we manage personal information about you, with whom we may share it and the choices available to you regarding our use of the information. We also describe the measures we take to safeguard your personal information and tell you how to contact us regarding our privacy practices.
1. PERSONAL INFORMATION
1.1 “Personal Information” is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not, and whether recorded in a material form or not. Information where we have removed any reference to a person, so that the person cannot be reasonably identifiable from the information, is not personal information.
2. WHAT TYPES OF PERSONAL INFORMATION DO WE COLLECT AND HOLD?
2.1 The kinds of personal information that we collect and hold from you may include:
(a) contact information, such as your name, contact number, postal address and e-mail address (among other similar items of information);
(b) bank account and credit card information; and
(c) any other personal information, including your date of birth.
2.2 We do not collect sensitive information (such as relating to your ethnic origin, religious or philosophical beliefs, membership of a political or trade association), and would not do so without your consent.
2.3 You have the right to remain anonymous or use a pseudonym when dealing with us, unless:
(a) the use of your true identity is a legal requirement; or
(b) it is impracticable for us to deal with you on such basis.
3. HOW DO WE COLLECT AND HOLD PERSONAL INFORMATION?
3.1 We aim to collect personal information only directly from you, unless it is unreasonable or impracticable for us to do so. For example, we may collect personal information about you from:
(a) information you provide to us when you make an enquiry;
(b) information derived from direct communications between us and you; and
(c) information you submit to us via our website(s).
3.2 In some circumstances, it may be necessary for us to collect personal information through other lawful means such as from third parties or from a source of publicly available information.
3.3 If we receive personal information that we have not requested (unsolicited information) and we determine that we could not have collected that information under the APPs or GDPR if we had requested it, then we will destroy or de-identify the information if it is lawful and reasonable to do so.
4. PURPOSES FOR WHICH WE COLLECT, HOLD, USE AND DISCLOSE PERSONAL INFORMATION
4.1 We collect, hold, use and disclose personal information from you or about you where it is reasonably necessary for us in order to provide our services to you, to carry out our business functions or for such other purposes as specified at the time of collection, or for related purposes that you would reasonably expect.
4.2 The legal basis we rely upon to legally permit us to process your personal information is:
(a) you have given us consent for the processing of your information for the provision of services by us to you; and
(b) processing is necessary for compliance with a legal obligation to which we are subject.
4.3 Generally, we will only use and disclose your personal information:
(a) to provide you with services; or
(b) to provide you with such information as requested by you or to answer your enquiries.
4.4 We respect the privacy of your personal information and will take reasonable steps to keep it strictly confidential. We will only disclose personal information to third parties if it is necessary for the primary purpose of collecting the information, or for a related secondary purpose that could be reasonably expected. Where such a disclosure is necessary, we will require that the third party undertake to treat the personal information in accordance with the APPs and the GDPR.
4.5 It may be necessary for us to disclose personal information to overseas recipients from time-to-time. However, we will protect that information as described in this Privacy Policy and will also require that any overseas recipient undertakes to treat the personal information in accordance with the APPs and the GDPR.
4.6 We will only disclose your personal information to third parties without your consent if the disclosure is:
(a) necessary to protect or enforce our legal rights or interests or to defend any claims;
(b) necessary to prevent or lessen a serious threat to a person’s health or safety;
(c) required or authorised by law; or
(d) permitted by another exception in the Privacy Act or GDPR.
4.7 Where we use or disclose your personal information for other purposes, we will first obtain your consent.
5. HOW DO WE SECURE AND PROTECT YOUR PERSONAL INFORMATION?
5.1 We will take reasonable steps to keep secure any personal information which we hold and to keep this information accurate and up to date.
5.2 Your personal information is held and stored on paper, by electronic means, or both. We have physical, electronic and procedural safeguards in place for personal information and take reasonable steps to ensure that your personal information is protected from misuse, interference, loss and unauthorised access, modification and disclosure. We use industry accepted and compliant technology and security so that we are satisfied that your information is transmitted safely to us through the internet or other electronic means. We do this in the following ways:
(a) information held and stored on paper is stored in lockable offices and in secure premises;
(b) information held and stored electronically is protected by internal and external firewalls, limited access via file passwords, and files designated read-only or no access;
(c) information held and stored “in the cloud” is protected by internal and external firewalls, limited access via file passwords and files designated read-only or no access. We also require our IT contractors and other third parties to implement privacy safeguards; and
(d) where we disclose personal information to third parties (including contractors and affiliated businesses located locally and overseas), our contractual arrangements with them include specific privacy requirements.
6. DESTRUCTION AND DE-IDENTIFICATION
6.1 We will retain your personal information whilst it is required for the purpose for which it was collected, for our business functions, or for any other lawful purpose.
6.2 We use secure methods to destroy or to permanently de-identify your personal information when it is no longer needed. For example, paper records are shredded or destroyed securely and electronic records are deleted from all locations, to the best of our ability, or encrypted and/or placed beyond use.
7. PRIVACY POLICY OF THIRD-PARTY WEBSITES
7.1 While our website(s) may contain links to other websites owned by third parties, those websites are not subject to our privacy standards, policies and procedures. We recommend that you make your own enquires as to the privacy policies of these third parties and we are in no way responsible for the privacy practices of these third parties.
8. REQUESTS FOR ACCESS AND CORRECTION
8.1 You have a right to request access to, and correction of, personal information held about you. We have procedures in place for dealing with and responding to requests for access to, and correction of, the personal information held about you.
8.2 To request access to or correction of personal information held about you, please send a written request to us. Our contact details can be found below.
8.3 Your written request should include:
(a) if it is a request for access to personal information, details regarding which information is requested to be produced; or
(b) if it is a request to correct personal information, details of the misrepresented information and the corrections to be made.
8.4 In most cases, we expect that we will be able to comply with your request. Notwithstanding this, if we do not agree to provide you access or to correct the information as requested, we will give you written reasons why. For example, a request to access personal information may be rejected if:
(a) the request is frivolous or vexatious;
(b) providing access would have an unreasonable impact on the privacy of another person;
(c) providing access would pose a serious and imminent threat to the life or health of any person;
(d) providing access would prejudice our legal rights; or
(e) there are other legal grounds to deny the request.
8.5 To assist us to keep our records up-to-date, please notify us of any changes to your personal information.
9. COMPLAINTS AND CONCERNS
9.1 We have procedures in place for dealing with complaints and concerns about our practices in relation to the GDPR and the APPs. We will respond to your complaint in accordance with the relevant provisions of the GDPR and APPs. Any complaints should be directed to us at our contact details below.
10. CHANGES TO THIS PRIVACY POLICY
10.1 It may be necessary for us to review and revise our Privacy Policy from time to time. An amended version will be posted on our website at www.theaerialbody.com.au. We suggest that you visit our website regularly to keep up to date with any changes.
11. CONTACT
11.1 If you would like any further information, or have any queries, problems or complaints in relation to this Privacy Policy or our information handling practices in general, please contact on the details below:
11.2 If you are unsatisfied with the outcome of our internal dispute resolution process, you may refer the complaint to the Office of the Australian Information Commissioner (“OAIC”). OAIC is the regulator responsible for privacy in Australia.
Lauren Mason
Privacy Officer,
The Aerial Body,
11.2 If you are unsatisfied with the outcome of our internal dispute resolution process, you may refer the complaint to the Office of the Australian Information Commissioner (“OAIC”). OAIC is the regulator responsible for privacy in Australia.
You can contact OAIC as follows:
(a) by visiting www.oaic.gov.au;
(b) by phoning 1300 363 992; or
(c) by writing to OAIC at GPO Box 5218, Sydney, New South Wales 2001