Privacy Policy
It’s Giving Nutrition
2 Pemberton St, Botany, NSW 2019
ABN: 33 452 287 082
At It’s Giving Nutrition, we respect your right to privacy.
This Privacy Policy describes how we collect and use your personal information and your rights in relation to that information. “Personal information” means information that identifies you as an individual or is capable of identifying you as an individual.
For the purposes of applicable data protection laws, including the Australian Privacy Act 1988 and the General Data Protection Regulation (“GDPR”), the data controller is It’s Giving Nutrition, with email address itsgivingnutrition@gmail.com.
Please note that we use the It’s Giving Nutrition app to provide our digital services. When we refer to “our app” in this document, we are talking about the It’s Giving Nutrition app, which is developed and owned by It’s Giving Nutrition.
- INFORMATION COVERED BY THIS PRIVACY POLICY
This Privacy Policy covers all personal information collected and used by us.
This includes your name, age, postal address, email address, phone number, credit card number, details of the preferences you express to us, your comments and questions, as well as technical information from the devices you use to access our website. It also includes information on your body and well-being, including height, weight, body statistics, workouts, mood, meals, nutrition, and general health and wellbeing that you decide to disclose to us on this website or through the use of our app, as well as any pictures that you choose to share with us.
- INFORMATION COLLECTED BY US
2.1. We (and our service providers) collect this personal information from you when you:
- Purchase products or services from us, including a coaching subscription.
- Submit information through our site.
- Create an account with us or otherwise sign up for our Services.
- Choose to receive marketing from us or our representatives.
- Choose to participate in customer satisfaction surveys.
- Communicate with us through third-party social media websites.
- Contact us, correspond with us, or otherwise provide information to us.
2.2. We also work closely with third parties (such as business partners and analytics providers) and may receive other personal information about you from those third parties, which we may combine with the information you have provided to us. We process all data we obtain from such third parties in accordance with this Privacy Policy.
2.3. When you visit our website, we (and our service providers) may use cookies and other technologies to automatically collect the following information:
- Technical information, including your IP address, login information, browser type and version, device identifier, location and time zone setting, browser plugin types and versions, operating system and platform.
- Information about your visit, including the websites you visit before and after our website and products you have viewed or searched for.
- Length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
- HOW WE USE THE INFORMATION COLLECTED
3.1. We use the personal information we collect from and about you for the following purposes:
- To set up and manage your online account.
- To provide our services to you, which may include:
- Designing tailored meal and workout plans.
- Monitoring changes or adaptations in your body to improve your coaching process, as well as to combine information we receive and collect to provide you with a more personalized experience and make informed decisions about future coaching to facilitate your progress in the best possible way. This additionally gives us important statistics that we use to better understand the effect of different approaches to dieting and training.
- To provide you with information about our products and services (provided you have either consented to this or we are otherwise permitted to contact you for marketing purposes).
- To process your payments.
- To notify you of any changes to our Services that may affect you.
- To comply with our legal obligations for bookkeeping.
3.2. The lawful means of processing that we use to collect, use, transfer or disclose your ordinary personal information include:
- Performance of our contractual obligations to you (pursuant to Art. 6 (1) (b) GDPR).
- Our legitimate interests (pursuant to Art. 6 (1) (f) GDPR), which include: improving our offers and services; personalizing our services and interactions with you to better meet your needs as a customer; and fraud detection and prevention.
- Compliance with our legal obligations (pursuant to Art. 6 (1) (c) GDPR).
3.3. To the extent we send you information about our products and services for marketing purposes, we will either ask for your consent (in accordance with Art. 6 (1) (a) GDPR) before we process your data in this way, or process the data based on our legitimate interests (in accordance with Art. 6 (1) (f) GDPR).
3.4. Images that you choose to share with us are processed by us solely to track your progress and will only be shared on our website and social media if you wish and expressly consent to this.
- USE OF CONSENT FOR THE PROCESSING OF HEALTH DATA
4.1. In order to be able to provide tailored diet and exercise plans to you, we may process certain health data provided by you, including information about allergens, information that may reveal obesity or specific injuries, or other relevant information related to your physical or mental health status. The legal basis for our processing of your health data is the Australian Privacy Act 1988 and Article 9(2)(a) cf. Article 6(1)(b) GDPR, which means that we will ask for your explicit consent to allow us to process your health data before you become a client of ours.
4.2. You can withdraw your consent to us processing your health data at any time. However, you should be aware that if we are prevented from processing relevant personal data, including information about allergens, information that may reveal obesity or specific injuries, or other relevant information related to your physical or mental health status, we will not be able to provide our services (customized meal and exercise plans based on your unique needs).
- PROCESSING OF DATA BY THIRD PARTIES, INCLUDING APP DEVELOPERS
5.1. The security of your data is extremely important to us. We do not sell your personal information to third parties, and we will never do that.
5.2. Access to your personal information is only granted to carefully selected third parties, including:
- Our service providers who help us provide our services to you, such as our infrastructure and IT service providers. These include [Insert relevant service providers], which support our business by providing technical infrastructure services, analyzing product performance, providing technical assistance, and facilitating payments.
- Our regulators or other organizations to which we are required to disclose your personal information by law.
- Third parties in connection with corporate transfers, such as in connection with a reorganization, restructuring, merger, acquisition or transfer of assets, provided that the receiving party agrees to process your personal information in a manner consistent with this Privacy Policy.
5.3. Our website may from time to time contain links to and from our business partners’ or affiliated websites. If you follow a link to one of these sites, please note that these sites have their own privacy policies and that we have no control over how they may use your personal information. You should check the privacy policies of third-party websites before submitting any personal information to them.
- HOW LONG DO WE KEEP YOUR PERSONAL DATA?
Your personal data will only be stored for as long as necessary for the purposes for which it was collected and only to the extent permitted by applicable laws. When we no longer need your information, we remove it from our systems and records and/or take steps to immediately anonymize it so that you can no longer be identified from it (unless we need to retain your information to comply with legal or regulatory obligations to which we are subject).
We adhere to the retention periods listed in the table below. As a general rule, we delete or anonymize your personal data according to these time frames, unless it is necessary for us to continue to store it.
| Processing purposes | Retention period |
|---|---|
| Managing your account | 12 months after your last activity |
| Providing coaching services | 12 months after your last activity |
| Marketing purposes | 12 months after your last activity |
| Payments | 60 months after your last activity |
| Emails to/from you | 6 months after your last activity |
| Mandatory record keeping | 60 months after your last activity |
- SUMMARY OVERVIEW
Please see the summary table below with the purposes, legal basis and applicable retention periods for the various processing activities as described in the sections above.
| Processing purposes | Legal basis | Retention period |
|---|---|---|
| Managing your account | GDPR Article 6(1)(b) | 12 months after your last activity |
| Providing coaching services | GDPR Article 6(1)(b) and for health data Article 9(2)(a) cf. Article 6(1)(b) GDPR | 12 months after your last activity |
| Marketing purposes | GDPR Article 6(1)(a) | 12 months after your last activity |
| Payments | GDPR Article 6(1)(b) | 60 months after your last activity |
| Emails to/from you | GDPR Article 6(1)(b) | 6 months after your last activity |
| Mandatory record keeping | GDPR Article 6(1)(c), as we are obliged to store e.g. bookkeeping material (which may contain personal data) | 60 months after your last activity |
- DATA TRANSFERS TO THIRD COUNTRIES
8.1. The personal information we collect from you may be transferred to and stored at a destination outside the European Economic Area (“EEA”). It may also be processed by staff working outside the EEA who work for us or for one of our service providers.
8.2. We will take all steps reasonably necessary to ensure that your personal information is processed securely and in accordance with this Privacy Policy and applicable data protection laws, including, where relevant, entering into EU Standard Contractual Clauses (or equivalent measures) with the party outside the EEA receiving the personal information.
- PROTECTION OF YOUR INFORMATION
We have implemented technical and organizational security measures in an effort to safeguard personal data in our custody and control. Such measures include restricting access to personal information to employees and authorized service providers who need to know such information for the purposes described in this Privacy Policy, as well as other technical, administrative and physical safeguards.
While we endeavour to always protect our systems, sites, operations and information against unauthorized access, use, modification and disclosure, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others, such as hackers.
To provide you with increased security, certain personal information stored in your online account is only accessible via your username and password. You are responsible for maintaining the confidentiality of your online account information, and we strongly recommend that you do not disclose your username or password to anyone. We will never ask you for your password in any unsolicited communication. Please notify us immediately of any unauthorized use of your online account information or any other suspected breach of security.
- YOUR RIGHTS
10.1. You have various rights in connection with our processing of your personal data:
a) Access: You have the right to request a copy of the personal data we process about you, which we will provide to you in electronic form.
b) Rectification: You have the right to have incomplete or inaccurate personal information that we process about you rectified.
c) Erasure: You have the right to request that we delete personal information that we process about you, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
d) Restriction: You have the right to restrict our processing of your personal information where you believe such data to be inaccurate, our processing is unlawful or that we no longer need to process such data for a particular purpose. Where we are not able to delete the data due to a legal or other obligation, or because you do not wish for us to delete it, we would mark stored personal information with the aim of limiting particular processing for particular purposes in accordance with your request, or otherwise restrict its processing.
e) Objection: Where the legal justification for our processing of your personal information is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defense of a legal claim.
f) Withdrawing Consent: Where we process certain personal information on the basis of your consent, you have the right to withdraw your consent, including with regard to direct marketing. Regarding the consequences of your withdrawal of consent for us to process your health data, see “Use of consent for the processing of health data” above.
10.2. If you wish to exercise one or more of the above rights, please contact us with your request at itsgivingnutrition@gmail.com and include your name, email and postal address, as well as your specific request and any other information we may need to accommodate your request.
10.3. In certain situations, we may refuse to act or may impose limitations on your rights, as permitted by law. Before we can provide you with any information or correct any inaccuracies, we may ask you to verify your identity and/or provide other details to help us respond to your request. For the exercise of your rights, please contact us using the contact information provided in the “Contact Us” section below.
10.4. In all cases, you have the right to lodge a complaint with a data protection authority if you believe that we have not complied with applicable data protection laws. If you are based in Australia, you can contact the Office of the Australian Information Commissioner (OAIC) through their website at https://www.oaic.gov.au/.
- CONTACT US
If you have any questions regarding this privacy policy, please contact us at:
It’s Giving Nutrition
Email: itsgivingnutrition@gmail.com