YOUR PRIVACY IS IMPORTANT TO US
- RIGHTS TO ACCESS, RECTIFICATION OR ERASURE, RESTRICTION AND OBJECTION, OF PROCESSING
4.1. You have the right to access, rectification, opposition, erasure (“right to be forgotten”), and right to restriction of processing of your personal data by directing any such requests to The NECKspert™ Pty Ltd, PO Box 71, Bondi LPO, Bondi 2026, NSW Australia. You may also direct such requests to firstname.lastname@example.org .
- PERSONAL INFORMATION ABOUT USERS
5.1 As a User, we collect and store information relating to you and your use of our Services. We collect this information through a variety of ways including:
Information we collect directly from the User
a) Registration information: information provided to us when a User registers for an account, including email address and name. We need this information to provide you with our Services, for example, to confirm your identity and contact you. Name and email are needed to allow Users to access our Services for processes such as processing enrolments, authentication, or otherwise administering our Service. This information is given on a voluntary basis when a User accesses our Services, for example, visits our site, enrolls in a course, or fills in a form.
b) Payment and Billing info: if you subscribe to a paid plan or purchase a course, we require you to provide your billing details. When transactions between you and our website involve payment by credit card, debit card and/or third-party online payment services, we will collect information related to the transaction as part of the course of doing business with you, including billing address, telephone number, and other information related to the transaction.
Information we collect about the User indirectly or passively when interacting with us
a) Usage data: The NECKspert™ collects usage data about Users whenever they interact with our services, including information they have elected to make publicly available. We collect data about how and when you access your account in order to give you access and at the same time improve our Services. As a User progresses through our course(s) we collect information about how they interact with the course, including but not limited to, their progress through the course, quiz scores, survey results, discussion or forum contributions and other student activities.
b) Device and application data: The NECKspert™ collects data from the device and application the User uses to access our services, such as the IP address and browser type. We may also infer the geographic location based on the User IP address.
c) Referral data: if the User arrives at The NECKspert™ website from an external source (such as a link on another website or in an email), we record information about the source that referred the User to us.
d) Information from cookies and page tags: The NECKspert™ uses third party tracking services that employ cookies and page tags (also known as web beacons or web bugs) to collect aggregated and anonymized data about visitors to our websites. This data may include usage and User statistics.
5.2 The NECKspert™ undertakes to fulfil the following obligations to keep User’s data safe:
a) To treat the personal data only to carry out the provision of the contracted Services (unless there is a legal rule that requires complementary processing).
b) To maintain the duty of secrecy with respect to the personal data, even after the termination of the contractual relationship, and to ensure that our employees have committed in writing to maintain the confidentiality of the personal data processed.
c) To ensure, taking into account the available technology, the costs of implementation, and the nature, scope, context and purposes of the processing, as well as the risks of varying probability and severity for the rights and freedoms of natural persons, that we will apply adequate technical and organizational measures to ensure a level of security appropriate to the risk, including, where appropriate, among other things:
i) The pseudonymisation and encryption of personal data;
ii)The ability of ensuring the continued confidentiality, integrity, availability and resilience of the systems and services;
iii)The ability of restoring the availability and access to personal data quickly in the event of a physical or technical incident;
iv) A process of regular verification, evaluation and assessment of the effectiveness of the technical and organizational measures in order to ensure the safety of the processing. When evaluating the adequacy of the security level, special account shall be taken of the risks presented by the data processing, in particular as a consequence of the destruction, loss or accidental or unlawful alteration of the personal data transmitted, stored or otherwise processed, or the communication or unauthorized access to such data. In the event that the implementation of specific and concrete security measures is needed, those measures will be added to this Agreement by means of an Annex.
d) To keep under our control and custody the personal data to which we have access in relation with the provision of the Service, and to not disclose them, neither transfer or otherwise communicate them, not even for their preservation, to personsunrelated with the provision of the Service covered by this Agreement.
e) To delete or return to the User, at their choice, all personal data to which we have had access in order to provide the Service. Likewise, The NECKspert™ undertakes to delete the existing copies, unless there is a legal rule that requires the preservation of the personal data. However, employees and other personnel working for The NECKspert™ are entitled to access Users data as required to carry out our obligations under the terms of the contract.
f) To notify the User, without undue delay, of any personal data security breaches of which The NECKspert™ is aware and, if applicable, to the interested parties of the security breaches that occur.
g) To bring, in writing, a record of all categories of processing activities performed.
h) To cooperate with the OAIC or with other Control Authority, at its request, in the fulfilment of its power.
i) To follow industry standards on information security management to safeguard sensitive information, such as financial information, intellectual property, employee details and any other Personal Information entrusted to us. Our information security systems apply to people, processes, and information technology systems on a risk management basis.
j) We exclusively process payments through PCI DSS Level 1 payment providers, which is the highest level of compliance available.
5.3 The NECKspert™ is an Australian company and we provide services to customers, and our technology processes data, from users around the world. Accordingly, The NECKspert™ may transmit and store your personal information outside of the country, state, or province in which you are located.
- PURPOSES AND LEGITIMATE BASIS OF THE USE AND SHARING INFORMATION PURPOSES OF PROCESSING
6.2. We also use your information to review, investigate and analyze how to improve the services provided. We may also collect and analyze your data to monitor, maintain and improve our services and features.
6.3. We may internally perform statistical and other analysis on information we collect (technical and meta data) to analyze and measure user behavior and trends, to understand how people use our services, in order to. Improve and optimize our performance of such services, and to monitor, troubleshoot and improve our services, including to help us evaluate or devise new features.
6.4. We may use your information for internal purposes designed to keep our services secure and operational, such as testing purposes, troubleshooting, to prevent abusive activity (i.e. fraud, spam, phishing activities), and for service improvement, research and development purposes.
6.5. If you connect your The NECKspert™ account with your account on a Social Media or third party platform, we may use the information that you make available through the applicable Social Media or third party platform and that the applicable Social Media or third party platform has made available to The NECKspert™, in accordance with the privacy or other settings that are applicable to your Social Media or third party platform account.
6.6. We may send you The NECKspert™ reminders, tips and updates by any means, including email and similar means of electronic communication like personalised advertisements as part of providing relevant content helpful to use our services effectively. In order to customize such information and commercial communications as much as possible, The NECKspert™ may use statistical techniques that allow the creation of user profiles and data segmentation.
6.8. Your data is not disclosed to any third party except (i) for providing the services you requested and for whichThe NECKspert™ collaborates with third parties, (ii) when we have your permission, (iii) when it is required by a competent authority in the exercise of its duties (for example in order to investigate, prevent or take action regarding illegal activities) or (iv) as otherwise required by law.
6.10 If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.
- LEGITIMATE BASIS OF PROCESSING
The NECKspert™ use of your data for the purposes described above is based on the following legitimate basis:
7.1 User Data
If you are a User, we are entitled to use your data in order to fulfil our contractual obligations with you and, if you are acting on behalf of a legal person, we have a legitimate interest to use your data in order to maintain the relation with your company as a The NECKspert™ client. In addition, we are entitled by law to use your data for direct marketing purposes, in order to send you commercial communications related with The NECKspert™ products or services which are similar to the Services, since legislation on data privacy recognizes direct marketing to clients as a legitimate interest of use of personal data, and legislation on information society services expressly allows The NECKspert™ to send you commercial communications by electronic means, provided that they are related with products or services which are similar to the Services. In any case, you are entitled to ask us, now or at any moment, not to send you any commercial communications. If you don’t want us to send you commercial communications, you can do it, now or at any moment, by changing the communication preferences in your account settings page.
8.1 A cookie is a small string of information that the website you visit transfers to your computer for identification purposes. Cookies can be used to follow your activity throughout the The NECKspert™ Service and that information helps us to understand your preferences and improve your experience.
8.2 Cookies may also be used to customize our website content for you as an individual. If you are using one of the common Internet web browsers, you can set up your browser to either let you know when you receive a cookie or to deny cookie access to your computer.
- CANCELING YOUR ACCOUNT, OPTING OUT OF EMAIL, AND MODIFYING PERSONAL INFORMATION
9.1 You may cancel your account and you may opt out of receiving any emails from The NECKspert™ at any time by changing the settings in your account settings page. We will respond to any such request, and any appropriate request to access, correct, update or delete your personal information within the time period specified by law (if applicable) or without excessive delay. We will promptly fulfill requests to delete personal data unless the request is not technically feasible or such data is required to be retained by law (in which case we will block access to such data, if required by law).
9.2 You may modify your personal information by logging in and visiting your settings at “My Account” page or emailing us at email@example.com.
9.3 We encourage you promptly to update your personal information when it changes. Information concerning your past behavior with the Service may be retained by The NECKspert™ as long as necessary for the purposes set out in Section 10.
9.4 We will continue to store archived copies of your Personal Information for legitimate business purposes and to comply with the law.
9.5 We will continue to store anonymous or anonymized information, such as website visits, without identifiers, in order to improve our Services.
- RETENTION OF YOUR INFORMATION
- 11. USER NAMES AND PASSWORDS
11.1 The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a username and password for access to certain parts of our website, you are responsible for keeping the username and password confidential. Do not give your password to anyone. If you enter a section of our website that requires a password, you should log out when you leave. As a safety precaution, you should also close out of your web browser completely and reopen it before viewing other parts of the Internet.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website, including the illegal acts of third parties (such as criminal hacking).
- HOW TO CONTACT US
Send a request via https://www.neckspert.com.au/contact.
If you consider that any use of your data might breach any of your rights, you can lodge a complaint at any time by emailing us at firstname.lastname@example.org or, alternatively, by filing a complaint before the OAIC at https://www.oaic.gov.au/privacy/privacy-complaints/