Sheppard Cycles Australia Pty Ltd (Trading as "My Ride", "we", "our" and "us") are committed to supporting the Australian Privacy Principles ("APPs") contained in the Privacy Act 1988 (Cth) ("Act") which set clear standards for the collection, access, storage, use and disclosure of the personal information we obtain as part of our businesses operations.
Protecting your right to privacy of your personal information is of paramount importance to us and we have in place policies and procedures to ensure all your personal information, no matter how it has been obtained, is handled respectfully, sensitively, securely and in compliance with the APPs.
In this policy:
This policy explains:
Australia’s privacy laws restrict us to only collecting personal information (including sensitive information) where such information is necessary for one or more of our functions or activities and we can only collect personal information in a lawful and not unreasonably intrusive manner. We will only collect information from individuals when it is reasonably necessary for the performance of our functions and activities, and all such collection will be subject to this policy.
What type of personal information do we collect?
The range of information we collect includes your name, address, telephone number, email address, age, gender, marital status, banking details, credit card details, Date of Birth, Driver’s Licence number, photographs, doctor’s reports, financial information (including statements of assets and liabilities) and credit information).
If you make a complaint regarding our products or services, we may ask you for details (including proof of purchase) of the products or services you purchased and when and where you purchased them.
We may also collect information about you from your access to our website for statistical purposes. This information is usually anonymous and we do not use it to identify individuals. However, due to the nature of internet protocols, such information might contain details that identify you, such as your IP address, internet service provider, the web page directing you and your activity on our website.
How do we collect your personal information?
We may collect your personal information from a variety of sources, includ
We have a general policy to collect personal information about you directly from you, unless it is unreasonable or impracticable to do so. This may include the collection of personal information about you from your employer when your employer is applying for us to provide goods and/or services and third parties (including credit reporting bodies, the Australian Securities & Investments Commission (“ ASIC ”) and land title offices) in relation to credit checks, property searches and company extracts.
We collect data from our website using various technologies, including “cookies”. Put simply, a “cookie” is a text file that our website sends to your browser which is stored on your computer as an anonymous tag identifying your computer (but not you) to us. You can set your browser to disable cookies. However, some parts of our website may not function properly (or at all) if cookies are disabled.
We generally use your personal information to provide our products and services to you. We may also use your personal information to:
If we intend to engage in direct marketing using or enclosing information collected indirectly about you or from you and you would not reasonably expect us to use or disclose the information for such purposes, then we must first obtain your consent, unless an exception applies.
Please note that we will also comply with other laws that are relevant to marketing, including the Spam Act 2003 (Cth), the Do Not Call Register Act 2006 (Cth) and the Competition and Consumer Act 2010 (Cth).
If we collect information about you and you would reasonably expect us to use or disclose the information for the purpose of marketing, we will use an opt-out procedure in all our marketing communications. Similarly, all subsequent direct marketing you receive from us will include an opt-out procedure.
Generally, we will only disclose your personal information for the primary purpose for which it was collected and purposes related to that primary purpose, with your consent or as permitted by the Act or the APPs.
We may disclose your personal information to third parties, such as My Ride dealers, credit reporting agencies, banks, professional advisers, courts, tribunals, regulatory authorities, other companies and individuals for the purpose of:
They will have access to your personal information required to perform these services, but we will not authorise them to use your information for any other purpose.
We also disclose your information to our business partners, such as auditors, financial services or insurance companies, for them to offer products and services to you. This information may include scrambled credit card details; although these will only be used with your consent for any transactions with them.
In addition, we may provide statistics (with personal identifiers removed) about our customers, readers, sales, traffic patterns and related site functions to reputable third parties primarily for the purpose of assisting us to improve our service offering.
You have the right to tell us that you do not wish us to send information to you other than for the primary purpose for which we collect your personal information. We will always attempt to ensure our disclosure of personal information to other organisations is carried out in a manner which does not personally identify individuals.
We may also disclose your personal information to our affiliates in New Zealand, overseas suppliers and our technology infrastructure may make use of cloud infrastructure or servers located in New Zealand
This means that we may disclose and store your personal information outside Australia, taking such steps as are reasonable in the circumstances, to ensure the overseas recipient does not breach the Act or APPs in respect of your personal information.
Wherever reasonably practicable, we will first seek your consent to such cross-border disclosure. Please note that where you consent to such cross-border disclosure, we will be exempt from the requirements of the Act in relation to such disclosed information. Where it is not reasonably practicable for us to obtain your consent we will otherwise comply with the requirements of the Act.
We store personal information in client and administrative files, both in material and electronic form, at our premises or at secure archive storage facilities and take steps to protect the personal information we hold against loss, misuse, unauthorised access, modification or disclosure. These steps include password protection for accessing our electronic IT systems, securing paper files in locked cabinets and physical access restrictions.
There are always inherent risks in transmitting information via the internet and we do not have the ability to control the security of information collected and stored on third party servers. However, in relation to our own servers, we take all reasonable steps to ensure data security.
We take reasonable measures to destroy or permanently de-identify personal information when it is no longer required.
Access to and correction of personal information
We encourage individuals to contact us if the information held is incorrect or notify us if information has changed. You may access, correct or update any of your personal information we hold by contacting our Privacy Officer (see details below).
A written request from you will be required to access your information. Access will be provided unless the request is unreasonable or the Act or APPs permit or require us to decline that request.
Generally, access to or correction of personal information will be provided free of charge; however, we may request payment of our reasonable costs in enabling such access or correction.
If we disclose your personal information to any third party and such information (or any part of it) is later corrected then we will, or else you may ask us to, notify the recipient that received the incorrect information about that correction. Should we refuse to correct the information we will explain the reasons for refusal. If you wish to lodge a formal complaint about our refusal you may do so using the procedure below.
If you wish to make a complaint about a breach of your privacy or a breach of the APPs, the complaint should be made in writing and directed to our Privacy Officer.
Receipt of your complaint will be acknowledged and we will endeavour to deal with your complaint and provide you a response within 30 days of our receipt of your complaint. Where a matter requires a more detailed investigation it may take longer to resolve. We will provide you with progress updates if this is the case and may seek further information from you.
Where required by the Act, we will provide written acknowledgment of your complaint and information on how we will deal with your complaint. Further, where we are required to do so by the Act, we will provide you in writing our determination on your complaint.
We may refuse to investigate and deal with a complaint if it is considered to be vexatious.
If you are dissatisfied with the outcome of your complaint, you may seek internal review of the decision. Internal review will be conducted by an officer of My Ride who has not previously been involved in your complaint.
If you are still dissatisfied with the outcome of your complaint, you are also able to take your complaint to an external dispute resolution provider (in the case of a complaint in relation to credit-related personal information) that applies to us and/or the Office of the Australian Information Commissioner for resolution.