Skip to main content

Fitness Passport is strongly committed to protecting your privacy and your personal information. In this policy (our “Privacy Policy”), “FP”, “we”, “us” and “our” refers to Fitness Passport Pty Ltd (ACN 118 246 029); Fitness Passport NZ Ltd (NZBN 9429047591288) and its related companies and “you” refers to any individual about whom we collect personal information.

This Privacy Policy explains how we collect, store, use, disclose and otherwise handle the personal information you may supply to us or we may collect from you through your dealings with us, including via access to any system or website maintained by us, such as our websites and our mobile applications. This Privacy Policy also sets out the measures and processes we have put in place to ensure the adequate protection of your personal information, as well as your rights under applicable privacy laws, including the Privacy Act 1988 (Cth) in Australia, and the Privacy Act 2020 in New Zealand (the “Privacy Laws”).

In this Privacy Policy, “personal information” has the meaning given in the Privacy Laws and includes information or an opinion about an identified person, or a person who is reasonably identifiable (whether or not the information or opinion is true and whether or not the information or opinion is recorded in a material form).

In some cases, exemptions under these laws may apply, in which case we may rely on those exemptions. For example, the Privacy Act in Australia includes an exemption for the handling of employee records in some circumstances.

This Privacy Policy is in addition to any other terms and conditions applicable to our dealings with you.

Collection of personal information

1. We collect personal information about you when that is reasonably necessary for one or more of our functions or activities. We collect information knowingly and voluntarily submitted by you to us.

2. We may also collect personal information from third parties such as another member, where you are not the primary account holder, your employer or, to the extent permitted by law, from other publicly available sources (such as Google or social media sites). We may collect or have access to personal information obtained by any of our related companies to fulfil the purpose for which the personal information was collected, a related purpose that you reasonably expect or another purpose permitted under this Privacy Policy or the Privacy Laws.

3. The type of personal information that we may collect and hold includes:

  • your name, address, contact details such as address, telephone numbers and email addresses.
  • your gender and date of birth;
  • your job title, employment status, employment address, employer and identification documents (such as an employee ID or work email);
  • information contained in identification documents;
  • your photograph (for inclusion on your membership card);
  • bank account details, which is processed by our third party payment provider;
  • personal information about your spouse, dependants or others on an account that you are linked to;
  • details you provide to us if you contact our support team or send us an inquiry;
  • details about your use of our services, including the fitness partners and facilities you use, time and date of use, and your use of our applications and website (including as set out below);
  • administrative and operational information, including details in your application form, billing and payment details;
  • where you apply for a job with us, your qualifications, experience, curriculum vitae, education, reference check information and employment history;
  • when you work for us your superannuation or Kiwi Saver information; and
  • your sensitive information (including health information), with your consent as set out under the ‘Sensitive Information heading below.

4. Where it is reasonable and practical to do so, we will only collect personal information about you from you. You have no obligation to provide any information requested by us, however if you choose to withhold personal information from us it may prevent us from being able to provide you with services.

5. Depending on which services you are attempting to access, you may be able interact with us anonymously or using a pseudonym. However, this will mean that we may not be able to provide you with certain services.

IP Addresses, Cookies and Applets

6. If information is gathered by our website/portal or online systems, we may gather your IP address to assist with the diagnosis of problems or support issues with our services. This information is gathered in aggregate only and cannot be traced to an individual user.

7. We may use cookies to provide you with a better experience when using our website or application. A cookie is a piece of information that allows our system to identify and interact more effectively with your browser. These cookies allow us to increase your security by storing your session ID and are a way of monitoring single user access. This aggregate, non-personal information is collated and provided to us to assist in analysing the usage of the site. You can configure your web browser software to reject cookies however some parts of our website or application may not have full functionality in that case. If you do not agree to the use of cookies, please disable them by following the instructions for your browser or use the automated disabling tool where available. However, you may experience a drop in the performance of our website or application if certain cookies are disabled.

Sensitive Information

8. In this Privacy Policy, “sensitive information” includes personal information about yourself, and/or your family, provided to us by you as described within this policy. We acknowledge our obligations that we must comply with under the respective Privacy Laws when we collect, use and handle sensitive information.

9. We collect sensitive information about you, such as your health information, when you sign up to receive our services. This health information will only be collected knowingly and voluntarily from you, except where it is provided by the primary account holder, when they submit information on your behalf of and you are linked to their account. We will only collect this information when you have provided your consent, or the primary account holder has confirmed your consent has been given.

10. The health information we collect about you may include details of medical conditions and medical history (as required by our fitness partners to attend their facilities), and will be used only in order to provide services to you.

Provision of personal information about another person

11. Sometimes you will have the option to provide personal information about another person, including where you are the primary account holder and submit information on behalf of someone else linked to your account. If you provide us with someone else’s personal information, you should only do so if you have that person’s authority or consent to provide us with their personal information.

12. When an individual under 18 years of age is signed up to our services as a dependant, we will also collect their personal and sensitive information in order to provide them with the services, in accordance with this Privacy Policy. Where you provide us with sensitive information about an individual under 18 years of age, you confirm that you have their consent and are able to provide that consent as their parent or guardian, for us to collect that information for the purposes described in this Privacy Policy.

13. You should also take reasonable steps to ensure that anyone else whose personal information you provide to us, is informed of the existence of, and the matters set out in, this Privacy Policy.

Use and disclosure of personal information

14. Personal information and sensitive information collected from you may be used or disclosed for the following purposes:

  • to provide you with our products and services;
  • to provide tailored product and service information and improve service delivery;
  • to process payments, discounts and refunds where required;
  • to manage your accounts with us;
  • to cross check with and confirm your personal information that we may already hold and correct any errors as appropriate;
  • to communicate with you regarding our products and services and to inform you of other relevant products and services we provide, where permitted in accordance with direct marketing laws;
  • to develop and expand our operations base and plan for future commitments;
  • to comply with law, including a court order, or the requests of law enforcement or government agencies;
  • where required in order to respond to a threat to the safety of an individual or the public; and
  • administrative and security purposes, including your identity and the security and access of our websites and applications, for fraud and crime prevention and detection purposes, to recover any payments due to us and in connection with the acquisition, merger or sale of any part of our business.

15. We may use and disclose your personal information for the primary purpose for which we collected that information (listed above), for related (or directly related, for sensitive information) secondary purposes within your reasonable expectations, where permitted under the Privacy Laws and where otherwise required or authorised by law.

Direct marketing

16. We may also use your personal information for the purpose of marketing our services. You may receive marketing communications in various forms, including notifications from your employer (via your workplace intranet, email or hard copy). You may receive direct marketing from us via email, mail, SMS and telephone, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth) in Australia, and the Unsolicited Electronic Messages Act 2007 in New Zealand. If you do not want to receive marketing material from us, you can contact us as detailed below:

  • For electronic communications, you can click on the unsubscribe function in the communication
  • For hard copy communications, you can email us at [email protected]

17. Please note that even if you request not to receive further direct marketing communications, we may continue to provide certain non-marketing information to you, such as changes to our terms and conditions, as permitted under applicable laws.

18. We will not use your sensitive information for direct marketing.

Third party disclosures

19. We will not disclose your personal information or sensitive information unless the disclosure is for a purpose set out above (under ‘Use or disclosure of personal information’), or you have consented to that disclosure. Your consent may be expressed or implied.

20. Your personal information may be disclosed to the following third parties:

  • your employer, fitness partners, financial institutions, our merchant and payment organisations
  • public authorities (such as a government agency), where it is required by law or court order
  • third party companies and/or individuals that we engage to facilitate our service, to provide services on our behalf or to perform services to assist us to provide services to you (these third parties have access to your personal information to only perform these tasks on our behalf and are obligated not to disclose or use it for another purpose); and
  • our related companies, to provide services on our behalf or to perform services to assist us to provide services to you.

Offshore access and disclosure of personal information

21. We, including our service providers, may hold electronic records of your personal information using cloud technology, on our systems, by other electronic means, or in paper form. These means of holding personal information may include offshore disclosure of personal information. Personal information may be shared outside of your country, including as part of the use by our service providers.

22. Our website and application hosting infrastructure is provided by Amazon Web Services within Australian data centres. Your personal information may be routed through, and stored on, these environments. If the location changes in the future, we will update this Privacy Policy.

23. Our related entities and other third parties or service providers described above may be located in Australia, New Zealand, Fiji, the Philippines, USA and Sri Lanka. If the locations of any of our related entities or service providers changes in the future, we will update this Privacy Policy.

24. We will use reasonable endeavours to protect and safeguard your personal information in accordance with the Privacy Laws, including where it is disclosed outside of Australia or New Zealand. For information subject to the New Zealand Privacy Act, we will take steps reasonably necessary to ensure that your personal information is protected in a way that, overall, provides comparable safeguards to those provided under that Act. If you have any concerns with anything listed within this Privacy Policy, you should not provide us with your personal information or use our services.

Security

25. We strive to ensure the security, integrity and privacy of personal information collected and held by us, and we review and update our security measures considering current technologies. We hold personal information electronically and in hard copy form (for our own employees), both at our own premises and with the assistance of our service providers. We implement a range of measures to protect the security of personal information. Depending on the circumstances, these may include firewalls, encryption, passwords and locked areas.

26. We will endeavour to take all reasonable steps to protect the personal information we collect from you from misuse, interference, loss and unauthorised access, modification, or disclosure, however given the nature of internet-based services, we cannot guarantee that these measures are totally secure.

27. In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.

28. We may retain your personal information for such period as is reasonably necessary having regard to the purposes for which we are permitted to handle that personal information and any legal or regulatory requirements. We may retain de-personalised statistical information for longer periods where no individuals are reasonably identifiable from that data. Where the personal information is no longer required for the purpose for which it was collected (or a permitted secondary purpose) we will take reasonable steps to destroy the information, or de-identify the information.

Third party websites

29. Our website may contain links to third parties’ websites or services. Those other websites are not subject to this Privacy Policy and are not governed, managed, or controlled by us. We do not control the security or privacy practices of these third parties, and you are responsible for your use of third party websites. You should familiarise yourself and ensure you are comfortable with any privacy policies governing the use of those websites or services prior to such use.

Access and correction

30. We will take reasonable steps to ensure that the personal information which we collect remains accurate, up to date and complete. If, at any time, you discover that information held about you is incorrect, you may contact us to have the information corrected. Further you may also request access to any of your personal information we hold.

31. You can exercise these rights by contacting us using the details at the end of this Privacy Policy. We may need to verify your identity before actioning your request, and, if we deny your request, we will provide our reasons.

Correction

32. If you consider that the information which we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please let us know. We will take reasonable steps to correct that information as soon as practicable after receiving your notification of any error or inaccuracy, consistent with our obligations under the Privacy Laws and other applicable laws.

Access

33. There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others, or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal. There is no charge for requesting access to your personal information, but in some circumstances we may require you to meet our reasonable costs in actually providing you with access.

Complaints

34. If you wish to make a complaint regarding any aspect of the collection, access to, use or storage of personal information by us, please contact us in writing using the details at the end of this Privacy Policy. We will consider your complaint promptly and contact you to seek to resolve the matter. When we contact you, we may ask for further information and we will let you know how we will try to resolve your complaint, and how long that may take.

35. We may need to engage or consult with other parties in order to investigate and deal with your complaint, and we will keep records of your complaint and any resolution.

36. If you remain unsatisfied with the way in which we have handled a privacy issue, we suggest you approach an independent advisor or contact the following for guidance on alternative courses of action which may be available:

  • For Australia: the Office of the Australian Information Commissioner. The Office of the Australian Information Commissioner can be contacted at www.oaic.gov.au or by calling 1300 363 992
  • For New Zealand, the Privacy Commissioner. The Privacy Commissioner can be contacted at https://www.privacy.org.nz/ or by calling 0800 803 909

Updates to this Privacy Policy

37. We reserve the right, at our discretion, to modify, add to or remove portions of this Privacy Policy at any time in order to maintain our compliance with applicable law and regulation or following an update to our internal practices.

38. You may not be directly notified of such a change so you should review this Privacy Policy periodically on our website so that you are updated on any changes. You may obtain a copy of our current policy from our website or by contacting us via the details at the end of this Privacy Policy.

Contact Us

If you have any queries regarding this policy please contact us via email: [email protected]

 

This Privacy Policy was last updated: August 2022