Cosmetic Skin Therapies handles your personal information in accordance with its obligations under the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (Privacy Act).
1. Personal information
Personal information is defined in s 6(1) of the Privacy Act as information or an opinion (whether it is true or not) about an identified individual, or an individual who is reasonably identifiable.
2. How personal information is collected
Cosmetic Skin Therapies websites – any customer-directed websites operated by Cosmetic Skin Therapies, including Cosmetic Skin Therapies owned websites and websites that we run on third party social networks such as Facebook (e.g. Facebook fan page), Twitter and/or Instagram.
Cosmetic Skin Therapies mobile sites/apps – any customer-directed mobile sites or applications operated by Cosmetic Skin Therapies, including our Smartphone apps (e.g., iPhone apps).
Cosmetic Skin Therapies text messaging programs – any customer-directed text messaging programs operated by Cosmetic Skin Therapies which may be advertised on one of our websites or applications or in a print ad.
Hardcopy forms – including hardcopy registration cards or competition entry forms that we may collect from individuals via post, in-store demos, or other events.
Customer Services call centre – any personal information that we may collect from customers through our Customer Services call centre, for example if you call us with a question or comment or to sign up for marketing communications over the phone.
Social networking sites – any personal information that we may collect when you interact with third party social networking features such as “Facebook Connect” or “Facebook Like”. These features may be integrated in our sites or applications. If you use these features, we may have the ability to obtain certain information about you from your social networking profile.
Data from third parties – in most instances, Cosmetic Skin Therapies collects personal information directly from you. However, Cosmetic Skin Therapies may obtain personal information about you from other sources such as third party data aggregators engaged to provide us with additional information about our existing customers or from third parties with whom we may occasionally partner with to run promotions. We may also receive information about individuals when we acquire other companies.
3. Kinds of personal information held by Cosmetic Skin Therapies
Cosmetic Skin Therapies only collects personal information that is reasonably necessary for one or more of its business functions. We may combine personal information that we collect via one method (e.g., a website) with personal information that we collect via another method (e.g., an offline event). We do this to get a more complete view of our customers, which, in turn, allows us to serve you better and with greater customisation. Personal information collected includes the following:
Personal contact information – any information that would allow us to personally contact you, such as your name, home or mailing address, phone number or email address. We may also take before and after photographs of you, write file notes about your skin, your treatments, medical conditions and your leisure activities.
Potential Franchisee Information – We may also collect this information for potential franchisee opportunities. This can include information relating to your current employment – your position, length of employment and experience.
Demographic information – any information that describes your demographic or psychographic characteristics, such as your, age or age range, gender, geographic location (e.g., post code, city and state, mobile location), favourite products, hobbies and interests, and household or lifestyle information.
Technical computer information – any information about a computer system or other technological device that you may be using to access one of our websites or applications.
Website usage information – any information about how you use and navigate our websites and applications, including which links you click on, which pages or content you view and for how long, and other similar information and statistics about your interactions with a Cosmetic Skin Therapies website or application (e.g., date and time of visit, which site you came from, and site activities, etc.).
Customer feedback – any information that you voluntarily share with us about your experience in using our products and services, including our websites and applications. Examples may include unsolicited comments and suggestions, testimonials, or other questions or feedback related to our products.
Customer-generated content – any content that you create and then share with us and perhaps others, by uploading it to one of our websites or applications, including one of our Facebook sites.
Social network information – any information that is part of your profile on a third party social network (such as Facebook) and that you allow the third party social network to share with us (examples: name, email address, gender, birthday, profile picture and any other information you allow to be shared). We may use this information to match information with a social network for advertising purposes.
Payment information – any information that you use to make a purchase, such as your credit card details (cardholder name, card number, expiration date, etc.) or other forms of payment (if such are made available).
4. The purposes for which personal information is collected
Cosmetic Skin Therapies may collect and use your personal information for some or all of the following purposes. Please note that not all of the uses below will be relevant to every individual.
Marketing communications – Where you have opted-into receiving marketing communications about Cosmetic Skin Therapies we may collect and use your personal information to keep you up to date with the latest news, events, special offers and promotions of our brands as follows:
- General marketing communications – to send you communications such as emails, SMS text messages and postal mailings.
- Targeted advertising – to show you marketing communications on other websites, including on social media sites where you are a member (such as Facebook), by matching activities or information collected on our websites with those collected on third party sites (i.e. data-matching).
You can always opt-out from receiving marketing communications by following the unsubscribe instructions provided in each such communication or by contacting us at firstname.lastname@example.org.
You may also visit social media sites where you are a member to explore opt-out options they may provide for targeted advertising. Please note that even if you opt-out from receiving marketing communications from us, you may still receive administrative communications from us (such as order confirmations, notifications about your account activities) . You will also still see generic ads on other websites, including on social media sites where you are a member.
Account maintenance – We may collect and use your personal information to maintain your accounts with us, including administering any customer loyalty or rewards programs that are associated with your account.
Customer service – We may collect and use your personal information to provide you with customer service, including responses to your inquiries, complaints and general feedback about our products. Customer service may be provided through various forms of communication, including via email, telephone and online chat features.
Product improvement and customisation – We may collect and use your personal information so we can constantly improve our treatment menus, tailor them to your needs, and come up with new treatment options and inform you of any changes to our treatments.
Consumer engagement – We may collect and use your personal information to get you more actively engaged with our treatments and services (including our websites and applications), thereby increasing overall brand engagement and awareness. This mostly involves the collection, use, and publication of customer-generated content.
Promotions and competitions – We may collect and use your personal information for promotions, giveaways, competitions, or other similar marketing campaigns. These events typically require the collection and use of personal information (for eligibility, prize fulfilment etc.) To comply with legal requirements, we may publish or share a limited amount of personal information (such as name and city of residence) about the winners of a particular promotion. For more information about our contests and other promotions, please see the official terms and conditions applicable to each promotion.
Website improvement and personalisation – We may collect and use your information to improve and personalise your experience on our websites and applications. This is typically done through automated tracking technologies (such as cookies) that collect and remember certain account login information, technical information and website usage information.
Other general purposes (e.g., website security, internal research, surveys) – We may collect and use your personal information for other general business purposes, such as to maintain the day -to-day operation and security of our websites and applications and to conduct internal marketing, demographic studies and contact you for consumer research.
5. Disclosure of personal information
Cosmetic Skin Therapies will not disclose your personal information with any third party that intends to use it for direct marketing purposes unless we have specifically informed you and you have given us specific permission to do this.
Cosmetic Skin Therapies may also share your personal information with other third parties, but only in the following circumstances:
Service Providers, Agents and Contractors – We may use third parties, like service providers, agents or contractors to provide support for our business functions (such as internal operations of our websites and applications, database or website hosting, including cloud infrastructure, handling houses, promotions agencies etc). Your personal information may be accessed by Cosmetic Skin Therapies’ service providers located outside of Australia in countries including New Zealand or be stored by them in such countries.
Partners and Joint Promotions – From time to time, we may run a joint or co- sponsored program or promotion on our website or application with another company, and, as part of this event, collect and process personal information. Your personal information will only be shared with a third party if you have consented to opt-in to receive information directly from that third party company.
Legal requirements and business transfers – We may also disclose your personal information if we are required to do so by law, or if in our good faith judgment, such action is reasonably necessary to comply with legal processes, to respond to any claims, or to protect the safety or rights of Cosmetic Skin Therapies, its customers, or the public.
In the event of a merger or acquisition of all or part of Cosmetic Skin Therapies by another company, or in the event that Cosmetic Skin Therapies were to sell or dispose of all or a part of the Cosmetic Skin Therapies business, the acquirer would have access to the information maintained by that Cosmetic Skin Therapies business, which could include personal information.
6. Data storage and security
We take all reasonable technical and organisational measures to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse.
We will only keep your personal information for as long as it is reasonably necessary taking into consideration our need to answer queries or resolve problems, provide improved and new services and comply with legal requirements under applicable laws. This means that we may retain your personal information for a reasonable period after you stop using Cosmetic Skin Therapies services or stop using our websites or applications. When the personal information that we collect is no longer required, we destroy or delete it in a secure manner, in accordance with best practice for document and data destruction.
Third party data security – Where Cosmetic Skin Therapies does disclose personal information to a third party as specified in point 5 above, any such third party must at all times provide the same levels of security for your personal information as Cosmetic Skin Therapies does, and, where required, are bound by a legal agreement to keep your personal information private, secure and to process it only on the specific instructions of Cosmetic Skin Therapies.
7. How you may access your personal information and seek its correction
You can request access to the personal information Cosmetic Skin Therapies holds about you by contacting the Cosmetic Skin Therapies Privacy Officer in writing at email@example.com. If Cosmetic Skin Therapies cannot provide access to your personal information, it will provide you with the reasons why. Depending on the nature of the request, Cosmetic Skin Therapies may charge for providing access to your personal information, however such charge will not be excessive.
If the personal information Cosmetic Skin Therapies holds about you is inaccurate, incomplete or not up to date you may request that Cosmetic Skin Therapies correct the information at firstname.lastname@example.org.
8. How to make a complaint and how complaints will be handled
If you are concerned about a possible interference with your privacy or misuse of your personal information by Cosmetic Skin Therapies, please contact the Cosmetic Skin Therapies Chief Operations Officer at email@example.com.
It is Cosmetic Skin Therapies’ policy to handle complaints in a timely, effective, fair and consistent manner. On making a privacy complaint to Cosmetic Skin Therapies, you will receive an acknowledgment letter or email within 5 business days. This communication will set out the name of the person responsible for handling your complaint and the expected response time to the complaint. Cosmetic Skin Therapies endeavours to make a decision on all written complaints within 20 business days after a complaint is received. If we need more time to respond to your complaint we will notify you as to the delay, the reasons for it and seek your agreement to a longer period. For more information about your right to privacy please visit the Office of the Australian Information Commissioner’s website at www.oaic.gov.au.