GCA Privacy Policy


Sep 26, 2024 11:07 PM


APPLICATION:

GC All Stars Pty Ltd and its associated entities (together ‘GCA, ‘we’ or ‘our’) are committed to protecting your privacy, in compliance with all local privacy laws including the Privacy Act 1988 (Cth) and the General Data Protection Regulation (“GDPR”). This GCA Privacy Policy (‘Policy’) applies to all individuals we collect personal information about including but not limited to parents/guardians, athletes, prospective athletes, visitors, employees, volunteers and users of our website (‘you’, ‘your’).

YOUR PRIVACY IS IMPORTANT TO US:

GCA respects your privacy and we are committed to being transparent about our privacy practices and security. This Policy explains how we handle your personal information by setting out:

- why we need to collect personal information;
- how we collect it;
- what we do with it;
- how it is stored and protected; and
- who we might share it with.

The Policy also describes how you can access or correct information we hold about you, how you can ask further questions or make a complaint, and information about our websites and online activities.
In this policy, personal information also includes ‘personal data’ under GDPR and refers to any information relating to an identified or identifiable natural person such as a name, identification number, location data, online identifier or information specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

THE INFORMATION WE COLLECT:

It is necessary for GCA to collect personal information in order to register athletes for classes and continue our business operations. The types of personal information GCA usually collects includes:
- Name;
- Personal details (gender, DOB, allergies, learning and behavioral information)
- Personal contact details;

The types of personal information we may collect will vary depending on the capacity in which we are dealing with you and/or your child. We limit our collection of personal information to those details we identify as reasonably necessary for the lawful purposes of our business. By providing personal information to us, you consent to the collection, use and disclosure of your personal information in accordance with this Policy and any other arrangements that apply between us. We may change our Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current Policy.

SENSITIVE INFORMATION:

Generally, we do not collect sensitive information unless required by law or where you consent for us to do so (and in any event only where it is relevant to your product). We will not collect sensitive information about you where this is expressly prohibited by local law. Sensitive information includes information relating to:

- racial or ethnic origin;
- political opinions;
- religious or philosophical beliefs;
- biometric and health information; and

As a general rule, the only type of sensitive data we hold is in relation to an athletes health information.

WHY WE COLLECT PERSONAL INFORMATION:

We collect personal information about you which is reasonably necessary to:

- administer and manage our services (including monitoring, auditing, and evaluating those services);
- facilitate credit and payment arrangements;
- maintain athlete relationships;
- communicate with you and deal with any enquiries;
- conduct marketing and social functions.

We will inform you at or before the time of collection (or as soon as possible afterwards) of the purposes for collection, to whom your data might be disclosed and any other relevant details that will help you to ensure we are protecting your privacy. In some instances, we may direct you to this Policy for this information. It is at your discretion whether you provide GCA with this information, however, failure to supply relevant information may mean we are unable to maintain or provide our services to you.

DISCLOSURE OF PERSONAL INFORMATION:

At GCA, personal information is strictly confidential. Subject in all cases to local law, we may disclose personal information outside GCA:

- where it is required or authorised by law;
- to law enforcement or government agencies, including where necessary to meet our statutory obligations;
- to our insurers and insurance brokers;
- to numerous event providers;
- to third parties who perform services for us.

We do not sell personal information for marketing purposes to other organisations. We may from time to time disclose your personal information to third party suppliers and service providers located overseas
(including providers for the operation of our websites and/or our business or in connection with providing our products and services to you). We will not send your personal information outside Australia unless it is authorised by law and we can be satisfied that the recipient of the personal information has adequate data protection arrangements in place. Recipients outside the jurisdictions set out in this Policy may also be subject to a foreign law that could compel the disclosure of personal information to a third party, such as an overseas authority. Any data sharing will be in compliance with the local privacy laws and governed by our strict standards and policies, and where appropriate, confidentiality and other agreements to ensure your information is secure and treated with the utmost care and respect. By consenting and providing your personal information to GCA, you agree to this processing.

STORAGE OF INFORMATION:

We protect personal information with appropriate safeguards and security measures and restrict access to those who have a legitimate business purpose and reason for accessing it. Personal information is only retained for as long as it is necessary for the identified purposes or as required by law. Examples of the steps GCA takes to protect the security of the personal information we hold include:

- robust physical security of places where data is kept such as deadbolts, alarms and video recording devices
- sophisticated system security including:
- Electronic firewalls, Anti-Virus, Web Application Firewall and secure network design
- Advanced password protection controls coupled with strength and reuse rules.
- comprehensive business procedures for staff and education on privacy topics such as data governance, cyber-security, data breaches and phishing scenario testing
- ongoing monitoring and oversight on IT systems
- destroying information when no longer required.

If other organisations provide support services, we require them to take appropriate technical and organisational measures to secure the privacy of the information provided to them.

LINKS:

Our website may contain links to websites operated by third parties. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, or security of those linked websites, and have no control over or rights in those linked websites. The privacy policies that apply to those other websites may differ substantially from this Policy, so we encourage individuals to read them before using those websites.

INFORMATION ACCESS AND CORRECTION:

At GCA, decisions and actions may be taken or made on the basis of personal information in our possession and we take reasonable steps to keep personal information as accurate, complete, and up-to-date as is necessary. Should you, want to exercise your right to access, modify, correct, or restrict your personal data, we may ask you to put such a request in writing. We may require identification to ensure the person requesting access is entitled to such access. If you are denied access to your information, we shall provide reasons for the denial. If we are reasonably satisfied our records need correcting, we will make the correction as soon as possible. If we do not agree our records need correcting, we will inform you of the reason(s) and you may require us to keep a statement on our records that you believe the information is inaccurate, incomplete, misleading, irrelevant or not up-to-date. In the event you would like GCA to delete, stop processing, or withdraw consent for, your personal information to the extend you are entitled to under applicable law, you can make such a request in writing.

OPTING OUT OF COMMUNICATIONS:

If you receive marketing communications from us, you may easily request not to receive such communications from us by:

- following the instructions on the communication to opt-out or unsubscribe from further communications;
- contacting management at info@goldcoastallstars.com.au

RESOLVING ENQUIRIES OR COMPLAINTS:

If you have any questions, concerns or complaints about the treatment of your personal information, the first step is to discuss the issue with your usual GCA contact. If your concerns are not resolved to your satisfaction, you may be able to escalate your complaint to the Office of the Australian Information Commissioner on 1300 363 992 or by email on enquiries@oaic.gov.au. You can also visit their website at www.oaic.gov.au.