We participate in and comply with the Australian Privacy Principles (or APP) as set forth in the Privacy Act 1988 (Cth).
1. Privacy Statement
1.3 Personal information is defined in the Privacy Act 1988 (Cth) and includes information or an opinion about an identified individual, or an individual who is reasonably identifiable. For example, this may include your name, age, gender, postcode and contact details. It may also include financial information, including your credit card information.
2. Collection of Personal Information
What kinds of personal information do we collect?
2.1 The personal information that we collect about individuals may include, but is not limited to:
(a) your name;
(b) your contact details including your email, home address, telephone number and billing address;
(c) your payment details;
(d) credit card information;
(e) other personal information that we collect in the course of a transaction or that you provide to us when you contact us;
(f) details of the services we have provided to you or that you have enquired about, including any additional information necessary to deliver those services and respond to your enquiries;
(g) any additional information relating to you that you provide to us directly through our website or indirectly through your use of our website or online presence or through other websites or accounts from which you permit us to collect information; or
(h) any other personal information that may be required in order to facilitate your dealings with us.
2.2 We may collect these types of personal information either directly from you, or from third parties. We may collect this information when:
(a) you register or subscribe to our website;
(b) you complete a transaction with us;
(c) a transaction is completed on your behalf; or
(d) you contact us.
2.3 We may collect personal information from individuals who are not customers of our business but whose personal information is given to us by those individuals via our website or in the course of a transaction
2.4 Where reasonably practicable, we attempt to collect information directly from individuals. When we collect information, we will generally explain to the individual why we are collecting it, who we give it to and how we will use or disclose it or, alternatively, those matters will be obvious from the circumstances.
2.5 If we collect information about an individual from someone else, we will take reasonable steps to ensure that the individual is made aware of the matters listed in clause 2.4.
2.6 We will collect personal information from you by lawful and fair means and not in an unreasonably intrusive way.
Why do we collect, use and disclose personal information?
2.7 We may collect, hold, use and disclose your personal information for the following purposes:
(a) to enable you to access and use our website;
(b) to operate, protect, improve and optimise our website, business and our users’ experience, such as to perform analytics, conduct research and for advertising and marketing;
(c) to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
(d) to send you marketing and promotional messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting;
(e) to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
(f) to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties; and
Using our website and cookies
(a) your computer's operating system;
(b) your computer's browser type and capabilities;
(c) your computer's Internet Protocol (IP) address and geolocation;
(d) web pages visited, including how you were referred to each web page; and
(e) web page usage statistics, including the time spent on each web page.
Google's use of advertising cookies enables it and its partners to serve ads to your users based on their visit to your sites and/or other sites on the Internet.
Cookies can be managed by accessing the individual settings in your browser.
2.9 We will not identify users or their browsing activities, except where required by law or in accordance with our Terms and Conditions of Use and Sale.
3. Using and Disclosing Your Personal Information
3.1 We will generally use or disclose your personal information only for the primary purpose for which it was collected; or for a related secondary purpose where you would reasonably expect us to use or disclose the personal information for that secondary purpose. We may otherwise use and disclose your personal information if you have given us consent for the use or disclosure or it is required or authorised by law.
3.2 Generally, we use and disclose your personal information for the purpose of providing you with the goods or services that you have requested, or otherwise to enable us to carry out our business as an online retailer of goods and services.
3.3 If those purposes for which we have collected the information involve providing personal information about an individual to any third party, we will take appropriate and reasonable steps to ensure any personal information is protected.
3.4 We will generally only use personal information for marketing if you have given express or implied consent or it is impracticable to seek consent before this use.
3.5 When registering with us, you consent to us using your personal information, such as your email address, for direct marketing purposes. This includes sending you deal emails. You may opt out of receiving these direct marketing communications at any time. Our electronic marketing activities will comply with the requirements of the Spam Act 2003 (Cth).
3.6 During purchase, you have the option to opt in/out of receiving communication from us for direct marketing purposes. This includes sending you deal emails. You may opt out of receiving these direct marketing communications at any time. Our electronic marketing activities will comply with the requirements of the Spam Act 2003 (Cth).
To whom do we disclose your personal information?
(a) our employees and related bodies corporate;
(b) third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you, including payment gateway, marketing, logistics and technology support services);
(c) professional advisers;
(d) payment systems operators (eg merchants receiving card payments);
(e) our existing or potential business partners or partners;
(f) our sponsors or promoters of any competition that we conduct via our services;
(g) anyone to whom our assets or businesses (or any part of them) are transferred;
(h) specific third parties authorised by you to receive information held by us; and/or
(i) other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.
3.9 In addition, we allow vendors to use our email and SMS tools to contact customers for their current, past and future classes, so you may receive emails and/or SMS messages from our system that originate with such vendors and that we send on their behalf. If you registered for a class via WeTeachMe, your email address and contact number will be available to that vendor. The vendor and not WeTeachMe is responsible for sending these emails and/or SMS messages.
3.10 We are not in the business of selling your personal data. We consider this information to be a vital part of our relationship with you. Therefore, we will not sell your personal data to third parties, including third party advertisers. There are, however, certain circumstances in which we may disclose, transfer or share your personal data with certain third parties without further notice to you.
3.13 We may share your personal data with our contractors and service providers who process personal data on behalf of WeTeachMe to perform certain business-related functions. These companies include our marketing agencies, database service providers, backup and disaster recovery service providers, email service providers and others. When we engage another company to perform such functions, we may provide them with information, including personal data, in connection with their performance of such functions.
3.14 When you purchase tickets to or register for a class, or through a related fundraising page on WeTeachMe, we provide the personal data entered on the applicable event or related fundraising page to the vendor of such class or related fundraising page. For fundraising pages, we may provide your personal data both to the organiser of the fundraising page and the vendor of the class to which the fundraising page is linked. In some instances, a vendor may appoint a third party, which may or may not be affiliated with the vendor, to create an event or fundraising page on its behalf (we call these third parties ("third party organisers"). For example, and without limitation, a coffee school (the vendor, in this case) may allow third party promoters or supply companies companies (the third party organisers) to create events that will be hosted at the vendor's venue using its WeTeachMe account. In that case, we may provide your personal data to the third party organisers on behalf of the vendors. We are not responsible for the actions of these vendors, or their third party organisers, with respect to your personal data. It is important that you review the applicable policies of the vendor, and if applicable and available, their appointed third party organisers, of a class (and the related fundraising page, if applicable) before providing personal data or other information in connection with that class or related fundraising page. Similarly, if you are a member of an vendor's organisation within WeTeachMe, your personal data will be available to the vendor and shared with those third party organisers granted permission by the vendor to view all members of the vendor's organisation.
Disclosure of personal information outside Australia
3.15 We may disclose personal information to third party suppliers that are located outside of Australia including in the USA, UK, Hong Kong, the Philippines and the EU.
3.16 When you provide your personal information to us, you consent to the disclosure of your information outside of Australia and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with Australian Privacy Law (and where appropriate the GDPR). We will, however, take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Australian Privacy Principles (and where appropriate the GDPR).
Payments using third party payment processors - Stripe and and Pin Payments and PayPal and Split Payments
3.17 We use third party payment processors to assist in securely processing your personally identifiable payment information. Payments are currently processed and managed using Stripe and Pin Payments and PayPal and Split Payments.
3.19 If you choose a direct payment gateway to complete your purchase, Stripe and Pin Payments stores your credit card data. Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction or where you elect, your periodic purchase transactions. After that is complete, your purchase transaction information is deleted.
3.20 Where you elect for periodic purchase transactions:
(a) you will have requested we make automatic periodic payments (ie more than one transaction) using the payment details you provided us during an initial relevant transaction;
(b) your credit card data will be stored by our third party payment processors and used by them periodically to process payments; and
(c) we will use reasonable endeavours to remind of your request for periodic payments prior to those payments being processed.
By way of example, you may wish to attend music classes which are held on a fortnightly basis. Instead of paying for a month of classes in advance, you may request to be billed for these classes on a fortnightly basis. Your request to be billed in this way is a request for periodic purchase transactions.
3.21 All transactions are processed over an industry standard SSL/TLS connection, with a minimum of 128-bit encryption. All transactions are encrypted through the Payment Card Industry Data Security Standard (PCI-DSS).
3.22 All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
3.23 PCI-DSS requirements help ensure the secure handling of credit card information by our website and its service providers.
4. Security of Your Personal Information
4.1 We may hold your personal information in either electronic or hard copy form.
4.2 We take reasonable steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse and we use a number of physical, administrative, personnel and technical measures to protect your personal information. However, we do not guarantee the security of your personal information.
5. Access to Your Personal Information and Complaints Procedure
5.1 Under the Privacy Act 1988 (Cth), you have certain rights to access the personal information we collect and hold about you.
5.2 Generally, subject to the exceptions of APP 12.3, we will allow an individual access to the personal information we hold about them within a reasonable time after it is requested. When requesting such access please identify the precise type/s of information requested.
You may make a request by writing to us by email at firstname.lastname@example.org.
5.3 We take those steps reasonable in the circumstances to ensure that the personal information that we collect, use and disclose is accurate, up to date and complete. Where an individual requests to correct information, we will take reasonable steps to correct the information, having regard to the purpose for which it is held. You may lodge a request to correct personal information in the manner outlined in clause 5.2 above.
5.4 To make a complaint about a breach of the Australian Privacy Principles and where required, the provisions of the GDPR, which includes how we handle your personal information, you may contact us at the addresses provided in clause 5.2 above. We will endeavour to respond to your complaint within a reasonable time after it is received. If you are not satisfied by our response, you may acquire further information regarding privacy from the Office of the Australian Information Commissioner.
6. Contact us
7. European Union
If you are a resident of the European Union for the purposes of the General Data Protection Regulation, being Regulation 2016/679 of the European Parliament and of the Council (the GDPR), then in addition to what is set out above, the following applies to you.
In providing its services to you, WeTeachMe may make use of a number of automated processes using your Personal Data, in order to provide more tailored and relevant services to you such as providing recommended classes to you through email communication, and on our website.
In addition to your rights set out above, you may:
- update or rectify any of the Personal Data that we hold about you, in the manner described in the clause 5 above.
- withdraw your consent to WeTeachMe’s use of your Personal Information as described in this Privacy Statement by deleting your account. This will also delete all the Personal Data about you which we hold. This can be done by accessing the website, logging in to your account and accessing the ‘Account’ section.
- request that WeTeachMe:
- provides you with a copy of the Personal Data WeTeachMe holds about you in a portable and machine readable form; or
- share your Personal Data with a nominated third party.
you may request that from us by contacting us using any of the methods set out in clause 6 above.