Avidity Rewards, in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs) is dedicated to protecting and maintaining the privacy and confidentiality of everyone that we represent.
The only information that is collected by us is to enable Avidity Rewards to be able to perform the functional duties that is required of us and to deliver the highest level of excellence possible
How Avidity Rewards collects, uses, manages, maintains, stores and discloses your personal information is in accordance with the following principles and shows our dedication to you as our client and visitors to our website.
2. INFORMATION COLLECTED
Avidity Rewards collects personal information from you directly when you have completed and submitted a registration or application form or input any other data on our site which relates to you. We may also collect information directly from you or through platform on the website itself.
2.1 INFORMATION FLOW
Once your personal information has been collected we may:
- Check that it is reasonably necessary for our functions or activities;
- Check that it is current, complete and accurate. This will sometimes mean that we have to cross check the information that we collect from you with third parties;
- Record and hold your information in our Information Record System. Some information may be disclosed to overseas recipients but only if necessary as part of our activities as a rewards platform;
- Retrieve your information when we need to use or disclose it for our functions and activities as a rewards platform. At that time, we may check that it is current, complete, accurate and relevant. This will sometimes mean that we have to cross check the information that we collect from you with third parties once again – especially if some time has passed since we last checked;
- Subject to some exceptions, permit you to access your personal information in accordance with Australian Privacy Principles;
- Correct or attach associated statements to your personal information in accordance with Australian Privacy Principles;
- Share it with our related companies and organisations so that we can inform you of other products we (or our related companies) provide which may be relevant to you;
- Destroy or de-identify your personal information when it is no longer needed for any purpose for which it may be used or disclosed provided that it is lawful for us to do so;
- Use it for any other purpose reasonably considered necessary or desirable in relation to the operation of our business.
3. CATEGORIES & PURPOSES OF INFORMATION THAT WE COLLECT AND HOLD
The personal information that we collect and hold is utilised for us to reasonably deliver proper performance of our functions and activities and maintain a high level of excellence as a rewards platform.
The information that is collected is likely to differ depending on whether you are a:
- User; or
The following sections are also relevant to our use and disclosure of your personal information (among others):
- General Disclosures;
- Our Policy on Direct Marketing;
- Overseas Disclosures.
3.1 WHAT IS YOUR PERSONAL INFORMATION?
Personal information is any information that can be used to identify you. This includes any personal information or opinions about you, whether true or not, no matter how the information or opinions are recorded. Personal information held by us may include (but not be limited to) your:
- name and date of birth;
- residential and business postal addresses, telephone/mobile/fax numbers and email addresses;
- bank account and/or credit card details for agreed billing purposes;
- any information that you provided to us during your account creation process or added to your user profile;
- preferences and password for using this site and your computer and connection information; and
- any information that you otherwise share with us.
Sensitive information is a special category of personal information and includes information about your health, race or ethnic origin, political or religious beliefs, membership of a trade union or association, sexual preferences or criminal record. We will not disclose your sensitive information without your consent unless there is a need to disclose such information in accordance with relevant laws and privacy acts.
A User is someone who has accessed the website, is seeking membership or has obtained membership with Avidity Rewards.
The type of information that we typically collect and hold about Users is necessary to provide the rewards services, which may involve determining which of our rewards partners may be relevant to you.
Information collected in relation to Users includes but is not limited to:
- Information about interests and spending preferences;
- Information about the business of the User (if applicable);
- Information about purchases;
- Information about your comments and messages;
- Information which may assist the platform in providing relevant information to you regarding deals and partner promotions;
- Information which may pre-qualify or exclude you from certain partner offerings.
Information that is collected, held and disclosed about User is typically utilised for many purposes, including (but not limited to):
- assisting us to ensure that the partners engaged on the platform will be relevant to you;
- assisting you to place orders through this site;
- processing any purchases of services that you may make through this site, including charging, billing and collecting debts;
- making changes to your account;
- responding to any queries or feedback that you may have;
- conducting appropriate checks for credit-worthiness and for fraud;
- preventing and detecting any misuse of, or fraudulent activities involving, this site;
- conducting research and development in respect of our services;
- gaining an understanding of your information and communication needs or obtaining your feedback or views about our services in order for us to improve them;
- maintaining and developing our business systems and infrastructure, including testing and upgrading of these systems,
- marketing services to you; but only where this is permitted and whilst you are registered with us;
- statistical purposes and statutory compliance requirements.
- obtaining new partnerships and deals to increase the positive experience for users on the platform; and
- matching a User with rewards and deals which may be relevant to them;
and for any other purpose reasonably considered necessary or desirable by us in relation to the operation of our business.
A Partner is someone (including an organisation) who is looking to offer deals, promotions and other rewards on the platform.
Information that we typically collect and hold about Partners is necessary to help us list, promote, advertise and connect Partners with Users.
Information collected in relation to Partners includes but is not limited to:
- Information about the Partner’s business;
- Information about the pricing of the Partner’s products;
- Information about which Users show interest in the products of the Partner;
- Personal details and other business information;
- Metrics on offerings, promotions and advertisements of the Partner; and
- any other information necessary to ensure that Partners can properly utilise the platform.
Information that is collected, held and disclosed about Partners is typically utilised in a similar manner to that listed in clause 3.2 above, and also to ensure that the platform can offer an effective outlet for the Partners to promote their services and products.
3.4 DIRECT MARKETING POLICY
We may use your personal information for the purposes of direct marketing except where you have specifically requested we don’t. We market to Users and Partners using a variety of methods including email alerts, phone, SMS and print.
We provide Users and Partners the option to opt out of receiving marketing material from us. Upon receipt of this request their marketing preferences are updated on our systems.
If you do not wish to have your personal information used for direct marketing purposes, you may contact us and request not to receive direct marketing communications from us, at which time your marketing preferences will be updated on our systems.
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include Partners and other trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.
We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
4. HOW YOUR PERSONAL INFORMATION IS COLLECTED
The means by which we will generally collect your personal information are likely to differ depending on whether you are a:
- User; or
We may sometimes collect information from third parties and publicly available sources when it is necessary for a specific purpose such as checking information that you have given us or where you have consented or would reasonably expect us to collect your personal information in this way.
Personal information will be collected from you directly when you fill out and submit one of our application forms or any other information in connection with your application to receive membership in Avidity Rewards.
Personal information is also collected when:
- You provide us with any additional information about you; and
- Electronically through our telecommunications and technology systems.
Personal information about you may be collected:
- When you provide it to us for business or business related purposes;
- In setting up your promotions or providing us details of your business to ensure your promotions are offered correctly within the platform;
- When you complete any ‘sign-up’ forms or sign other contracts with us from time to time; and
- In your use of the platform ‘back-end’.
4.3 PHOTOS & IMAGES
We may request proof of identification from you including copies of your passport, visa and or driver’s license and will only do so for the performance of our functions and activities as a rewards platform.
We will not request that you supply photographs, scan photo ID, or capture and retain video image data of you in cases where simply sighting photographs or proof of identity documents would be sufficient in the circumstances.
This site uses “cookies” to help personalise your online experience. A cookie is a text file or a packet of information that is placed on your hard disk by a web page server to identify and interact more effectively with your computer. There are two types of cookies that may be used at this site: a persistent cookie and a session cookie. A persistent cookie is entered by your web browser into the “Cookies” folder on your computer and remains in that folder after you close your browser, and may be used by your browser on subsequent visits to this site. A session cookie is held temporarily in your computer’s memory and disappears after you close your browser or shut down your computer. Cookies cannot be used to run programs. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. In some cases, cookies may collect and store personal information about you. The Company extends the same privacy protection to your personal information, whether gathered via cookies or from other sources.
You can configure your internet browser to accept all cookies, reject all cookies or notify you when a cookie is sent. Please refer to your internet browser’s instructions to learn more about these functions. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of this site.
- remember your preferences for using this site;
- manage the signup process when you create an account with us;
- recognise you as logged in while you remain so. This avoids your having to log in again every time you visit a new page;
- facilitate e-commerce transactions, to ensure that your order is remembered between pages during the checkout process;
- show relevant notifications to you (eg, notifications that are relevant only to users who have, or have not, created an account or subscribed to newsletters or email or other subscription services); and
- remember details of data that you choose to submit to us (eg, through online contact forms or by way of comments, forum posts, chat room messages, reviews, ratings, etc).
Many of these cookies are removed or cleared when you log out but some may remain so that your preferences are remembered for future sessions.
Third party cookies
In some cases, third parties may place cookies through this site. For example:
4.5 ELECTRONIC TRANSACTIONS
“Electronic transactions” is the term that we utilise to describe and explain how we handle personal information collected from our website and by other technology.
It is important that you understand that there are risks associated with use of the Internet and you should take all appropriate steps to protect your personal information.
It is important that you:
- Be careful what information you share on the Internet;
- Use privacy tools on the site – control access to your search listing and profile;
- Implement all reasonable and ‘industry standard’ security measures from time to time; and
- Make sure your anti-virus and data protection software is up-to-date.
Please contact us by phone or mail if you have concerns about making contact via the Internet.
Sometimes, we collect personal information that individuals choose to give us via online forms or by email. For example, when individuals:
- Ask to be on an email list;
- Register as a User;
- Make a written online enquiry or email us through our website;
- Submit a request by email or through our website;
- Follow and communicate with us via social media such as LinkedIn, Facebook, Instagram and Twitter.
4.5.1 INTERNET BROWSING
When browsing the Avidity Rewards website, our website host makes a record of the visit and logs the following information for statistical purposes such as Google Analytics. The information that is recorded in server logs are;
- Your server address;
- Your top level domain name (for example .com, .gov, .org, .au, etc);
- The pages you accessed and documents downloaded;
- The previous site you visited and;
- The type of browser being used.
We do not identify users or their browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect the Internet service provider’s server logs.
4.5.2 CLOUD SERVICES
In cases where we utilise cloud services we will take reasonable measures to ensure that:
- Disclosure of your personal information to the cloud service provider is consistent with our disclosure obligations under the Australian Privacy Principles;
- Disclosure is consistent with any other legal obligations;
Our integrated technology systems are designed to log emails received and sent and may include read and receipt notifications to enable tracking.
4.5.4 CALL & MESSAGE LOGS
Our integrated telephone technology (systems and mobile phones) logs telephone calls, messages received and sent and enables call number display, which may include your profile picture if you have provided it.
4.5.5 TELECONFERNCES & VIDEOCONFERENCES
Teleconferences and videoconferences may be recorded with your consent. In cases where it is proposed that they be recorded, we will tell you first the purpose for which they are to be used and retained.
We use a cloud-based database to log and record certain information. This database contains the information and documentation you have provided us.
This database operates from servers that permit disclosure to cross-border recipients. As far as we can reasonably control, your information will only be used or disclosed as reasonably necessary for the performance of our functions and activities as a rewards program operator.
4.5.8 MOBILE TECHNOLOGY & ACCESS
Avidity Rewards staff use laptops, tablets, phones and other portable electronic devices that allow them to access, retrieve and store your personal information.
4.5.9 PAPERLESS & ENVIRONMENTALLY CONSCIOUS
Recognising the environmental advantages and efficiencies it provides, Avidity Rewards operate a predominantly paperless office and try and minimise our environmentally damaging footprint.
As a result, your paper-based communications with us may be digitised and retained in digital format.
The paper-based communications may be culled.
It is therefore important that, except where specifically requested, you do not send us originals of any paper based document and that you retain copies for your own records.
Where we do request original paper based documents we will return them to you once they are no longer required by us for the purpose for which they may be used or disclosed.
4.6 LINKS TO EXTERNAL SITES
We provide links to websites outside of our own, as well as to third party sites. The content of these linked sites are not under our control, and we cannot accept responsibility for the conduct of companies linked from our website.
5. HOW YOUR PERSONAL INFORMATION IS STORED
When your personal information is collected it may be held in our Information Storing System until it is no longer needed for any reasonable purpose for which it may be used or disclosed, at which time it will be de-identified or destroyed provided that it is lawful for us to do so.
5.1 AVIDITY REWARDS’ INFORMATION STORING SYSTEM
Information you provide to Avidity Rewards is stored in our secure cloud-based database and document storage system, which is restricted and accessible by staff through the use of individual login credentials.
Information may also be securely stored in hard copy in a lockable filing system until such time as it is digitised and that information filed in our cloud-based document storage system. When this occurs, the hard copy document/s are subsequently destroyed.
5.2 SECURITY OF INFORMATION
Avidity Rewards takes all reasonable measures to ensure the information you provide us remains secure and confidential and is only used for the performance of our activities or functions as a rewards program.
We take a range of measures to protect your personal information from misuse, interference and loss, unauthorised access, modification or disclosure. These measures include:
- Staff training;
- Password-protection of cloud-based database and document storage system;
- “Clean desk” procedures;
- Secure office premises with restricted access;
- Policies on laptop, mobile phone and portable storage device security;
- Document culling procedures including shredding and secure disposal.
In the unlikely event that Avidity Rewards experiences and identifies a data security breach, affected parties will be notified, however we expressly exclude all liability in relation to such an eventuality.
Personal Information that is held about you is only disclosed for the primary and related purposes for which it was collected.
6.1 GENERAL DISCLOSURES
Avidity Rewards may disclose your personal information for any of the primary purposes for which it is held for or any related purpose where it is lawfully permissible.
We may disclose your personal information where we are legally obligated to do so, including circumstances where we are under a contractual duty to disclose information.
Disclosure will usually be but not limited to:
- Avidity Rewards staff and to our related entities;
- Our Partners;
- Regulatory Bodies (e.g. AHPRA)
In addition to disclosures for general purposes, we may also disclose your personal information for a range of related purposes.
6.2 DISCLOSURES FOR RELATED PURPOSES
Avidity Rewards outsources a number of services to third party contracted service providers (CSPs) from time to time so we can maintain a high level of operational funtionality. Our CSPs may see some of your personal information. Typically our CSPs would include but not limited to:
- Software solutions providers;
- T. contractors;
- Database designers and Internet service suppliers;
- Legal and other professional advisors;
- Insurance brokers, loss assessors and underwriters;
- Background checking and screening agents.
We take reasonable steps to ensure that terms of service with our CSPs recognise that we are bound by obligations to protect the privacy of your personal information and that they do not do anything that would cause us to breach those obligations.
6.3 CROSS-BORDER DISCLOSURES
Some of your personal information may be accessed or disclosed to overseas recipients. Although Avidity Rewards is an Australian Organisation, there may be situations requiring us to disclose your information to overseas recipients. Avidity Rewards will take reasonable measures in these circumstances to ensure that the overseas recipient does not breach the Australian Privacy Principles, however we cannot guarantee that any recipient of your personal information will protect it to the standard to which it ought to be protected.
7. ACCESSING & CORRECTING PERSONAL INFORMATION
Under the Australian Privacy Principles, you have the right to access and correct any personal information.
7.1 ACCESSING PERSONAL INFORMATION
Subject to some exceptions that are set out in privacy law, you are able to gain access to your personal information that is held by Avidity Rewards.
In some cases, we may refuse to give you access to personal information that we hold about you. This may include circumstances where giving you access would:
- be unlawful (eg, where a record that contains personal information about you is subject to a claim for legal professional privilege by one of our contractual counterparties);
- have an unreasonable impact on another person’s privacy;
- be in breach of our obligations under a Technical Assistance Notice (TAN), Technical Capability Notice (TCN) or Computer Access Warrant (CAW) from an Australian Government agency; or
- prejudice an investigation of unlawful activity.
We may also refuse access where the personal information relates to existing or anticipated legal proceedings, and the information would not be accessible by the process of discovery in those proceedings.
If we refuse to give you access, we will provide you with reasons for our refusal. In the case of a request which contains data captured by an active TAN or TCN, we may be unable to provide you with any reasons for refusal other than that we are unable to meet your request.
We may also refuse access if it breaches any confidentiality that attaches to that information or if it would interfere with the privacy rights of other people. In many cases evaluative material contained in references that we obtain will be collected under obligations of confidentiality that we make and which the communicator of that information is entitled to expect will be observed.
If you wish to obtain access to your personal information you should contact our Privacy Officer or our offices via [email protected] You will need to be in a position to verify your identity.
We might impose a moderate charge in providing access, which our Privacy Officer will discuss with you.
You should also anticipate that it may take some time to process your application for access as there may be a need to retrieve information from storage and review information in order to determine what information may be provided. We will generally respond to your request for access within twenty (20) working days.
If we refuse to give access to the personal information or to give access in the manner requested by you, we will give you a written notice that outlines:
- The reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; and
- The mechanisms available to complain about the refusal.
7.2 CORRECTING PERSONAL INFORMATION
If you find that personal information that we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to correct it by contacting us.
Avidity Rewards will take reasonable steps in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
If we have disclosed personal information about you that is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to notify the third parties to whom we made the disclosure and we will take such steps (if any) as are reasonable in the circumstances to give that notification unless it is impracticable or unlawful to do so.
You should also anticipate that it may take a little time to process your application for correction as there may be a need to retrieve information from storage and review information in order to determine what information may be corrected. We will generally respond to your request for access within twenty (20) working days.
There is no charge to correct information.
In some cases we may not agree that the information should be changed.
If we refuse to correct your personal information as requested by you, we will give you a written notice that sets out:
- The reasons for the refusal except to the extent that it would be unreasonable to do so; and
- The mechanisms available to complain about the refusal.
You may also ask us to associate a statement that the information is contested as being inaccurate, out of date, incomplete, irrelevant or misleading and we will take such steps as are reasonable to do so.
Avidity Rewards relies on you to ensure that all information that is provided to us is correct, complete, up to date and not misleading. This allows us to be able to provide the best service possible for you.
7.3 IF YOU DO NOT WANT TO PROVIDE YOUR PERSONAL INFORMATION
If you don’t provide your personal information to us, we may not be able to:
- Provide you with the product or service you want;
- Verify your identity or protect against fraud; and
- Manage or administer your product or service.
We welcome the General Data Protection Regulation (“GDPR”) of the European Union (“EU”) as an important step forward in streamlining data protection globally. Although we do not operate an establishment within the EU and do not target any offering of services towards clients in the EU specifically, we intend to comply with the data handling regime laid out in the GDPR in respect of any personal information of data subjects in the EU that we may obtain.
The requirements of the GDPR are broadly similar to those set out in the Privacy Act and include the following rights:
- you are entitled to request details of the information that we hold about you and how we process it. For EU residents, we will provide this information for no fee;
- you may also have a right to:
- have that information rectified or deleted;
- restrict our processing of that information;
- stop unauthorised transfers of your personal information to a third party;
- in some circumstances, have that information transferred to another organisation; and
- lodge a complaint in relation to our processing of your personal information with a local supervisory authority; and
- where we rely upon your consent as our legal basis for collecting and processing your data, you may withdraw that consent at any time.
If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. However, please be aware that:
- such objection or withdrawal of consent could mean that we are unable to provide our services to you, and could unduly prevent us from legitimately providing our services to other clients subject to appropriate confidentiality protections; and
- even after you have chosen to withdraw your consent, we may be able to continue to keep and process your personal information to the extent required or otherwise permitted by law, in particular:
- to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and which does not materially impact on your rights, freedoms or interests; and
- in exercising and defending our legal rights and meeting our legal and regulatory obligations.
7.5 Compliance with Australian Assistance and Access Legislation
The laws have recently changed here in Australia to compel companies to share data with Australian intelligence agencies or build in data sharing mechanisms which may report directly to these agencies. While we endeavour to protect your data and our technology from vulnerabilities wherever possible, we can’t break the law, nor can we inform you when we’ve been issued with a notice under the new legislation.
By using our platform or website, you expressly exclude us from any liability which arises from sharing data or building data sharing mechanisms (including ‘back-doors’ and vulnerabilities) into our technology at the direction of Australian Government and its agencies, including where those mechanisms are later exploited by a third party.
You have the right to raise grievances about the handling of your personal information if you believe that we have interfered with your privacy.
8.1 HOW TO LODGE A COMPLAINT
If you wish to lodge a complaint about the handling of your personal information, it should first be made to us in writing.
You can make your lodgement to our Privacy Officer at [email protected].
8.2 HOW YOUR LODGMENT WILL BE PROCESSED
On receipt of your complaint:
- We will take steps to confirm the authenticity of the complaint and the contact details provided to us to ensure that we are responding to you or to a person whom you have authorised to receive information about your complaint;
- Upon confirmation we will write to you to acknowledge receipt and to confirm that we are handling your complaint in accordance with our policy.
- We may ask for clarification of certain aspects of the complaint and for further detail;
- We will consider the complaint and may make inquiries of people who can assist us to established what has happened and why;
- We will require a reasonable time (usually 60 days) to respond;
- If the complaint can be resolved by procedures for access and correction we will suggest these to you as possible solutions;
- If we believe that your complaint may be capable of some other solution we will suggest that solution to you, on a confidential and without prejudice basis in our response.
Occasionally Avidity Rewards will request service delivery feedback via an electronic questionnaire linked from emails and our website. This information becomes the property of Avidity Rewards, but is not personally identified. We utilise this feedback to improve our services, capabilities and for marketing purposes.
Feedback may be collected by other means (such as phone or email), and used to improve service delivery. We will always obtain your permission prior to using the information (such as success stories or endorsements) for marketing or other purposes.
11. HOW TO CONTACT US
If you wish to contact us about your personal information; contact Avidity Rewards during normal office hours which are 8:30am – 5:30pm AEST Monday – Friday. Our contact details are available on our website https://avidityrewards.com.au/contact-us/