Last updated on 14 September 2023
We are committed to managing personal information in accordance with the UK Data Protect Act (DPA) and any other applicable privacy laws.
In addition, if you are located in the European Union (EU) (including the European Economic Area (EEA)), the section ‘European residents’ below provides further information about our processing of your personal information we collect and your additional data subject rights in relation to the processing of your personal information (or personal data) under the General Data Protection Regulation (2016/679) (GDPR).
In providing our services to you we may collect and process personal information as outlined below. Emily Ann Coaching Ltd will be a data controller for the purposes of the GDPR and this policy includes information that must be provided to you when we collect your personal information.
This Policy sets out how we collect, use, disclose, store and dispose of personal information about our customers, employees and any other people we interact with. It should be read together with any terms and conditions governing your use of our products or services, website or app and any location specific legal notice.
In this Policy,
- personal information means any information about an identified individual or an individual who is reasonably identifiable or as otherwise defined by applicable data protection law.
- services means any services we offer, including but not limited to fitness coaching services or programs, workout guides, or health and nutrition advice.
- you refers to any individual about whom we collect personal information.
- Fitness/lifestyle activity data means fitness activity or health information of an individual, including weight, height, measurements, step count, exercise activities, accelerometer readings, barometer readings, location sensor readings that include GPS coordinates, timestamps, elevation, speed and bearing.
1. What information do we collect about you?
We only collect personal information where it is necessary for our functions or activities. The kinds of personal information we collect will depend on the capacity in which you are dealing with us. You can always decline to give us any personal information we request, but that may mean we cannot provide you with some or all of the services you have requested.
Customers and potential customers (via our website and/or app)
When you enquire about our products or services or sign up for our updates through our website, we will typically collect your name, e-mail address and any other contact details required for us to respond to that enquiry.
When you sign up to our app, we will typically collect your name, e-mail address and any other contact details required from time to time.
If you become a customer of ours via our website, and/or purchase programs via our app, we may also collect:
- your age and any other details needed so you can participate in our services;
- some sensitive information, being health information related to your physical health and future goals;
- statistics on your participation rates and milestones;
- with your consent, your photo or video for promotional purposes;
- fitness/lifestyle activity data provided by you or generated via your use of the app, including the activity data generated by any devices or services that you choose to connect to the app (e.g. smart watches, Google Fit, or other third-party fitness tracker); and
- any additional personal information you provide to us, or authorise us to collect.
The purpose of collecting sensitive information about you (being health information), including fitness/lifestyle activity data provided by you through other devices or services, is so we can measure your health and achievements in our fitness activities. We only use your sensitive information for this purpose and no other purpose.
The types of sensitive information we collect may include your weight, height, measurements, step count, exercise activities, accelerometer readings, barometer readings, location sensor readings that include GPS coordinates, timestamps, elevation, speed and bearing, whether you smoke or are pregnant and other relevant health related information. We will obtain your express consent in circumstances where it is necessary for us to collect sensitive information.
We may collect personal information as part of our recruitment activities, such as your name, contact details, qualifications and work history. Generally, we will collect this information directly from you.
We may also collect personal information from third parties in ways which you would expect (for example, from recruitment agencies or referees you have nominated). Before offering you a position, we may collect additional details such as your tax file number and superannuation information and other information necessary to conduct background checks to determine your suitability for certain positions.
We may collect personal information from other individuals who are not customers or employees. This includes our individual service providers and contractors and other individuals who interact with us on a commercial basis. Generally, it would include your name, contact details, identification details, any required background checks or relevant business experience, and any other information relevant for our interactions and transactions with you.
Visitors to our websites
The way in which we handle the personal information of visitors to our websites is discussed below.
2. How do we collect your personal information?
We generally collect personal information directly from you. We may collect and update your personal information by email, via our website, or in person. We may sometimes collect personal information about you from other sources, for example our third-party suppliers and contractors who assist us to operate our business (such as payment gateways like PayPal or Shopify).
Fitness/lifestyle activity data
When using our app, you may also choose to connect a third party service/device (e.g. an Apple Watch or fitness tracker, or Google Fit via API or other integration) and enable that service/device to collect additional data, such as fitness/lifestyle activity data. If you choose to do so, we will import your fitness /lifestyle activity data to our app, so we can measure your health and achievements in our fitness activities and services.
3. Why do we collect and use your personal information?
We collect personal information reasonably necessary to carry out our business, to assess and manage our customers’ needs, and provide fitness programs. We may also collect information to fulfil administrative functions associated with these services.
The purposes for which we usually collect and uses personal information depends on the nature of your interaction with us, but may include:
- providing guidance, support and feedback related to your use of our products or services;
- to process and administer your dealings as a customer, including processing payments and any direct debit requirements or facilitating delivery;
- planning, marketing and administering programs and events;
- researching and developing our products and services, including market research;
- sending you updates on our services, or opportunities or events you may be interested in;
- recruitment processes (including for volunteers, internships and work experience);
- any purpose you have consented to;
- any related secondary purpose we believe you would reasonably expect when we collected your personal information or because of our relationship with you;
- any purpose for which we are required or authorised by applicable law; and
- to respond to and manage inquiries, complaints, feedback and claims, defend our legal interests and investigate and protect against fraud, theft and other illegal activities.
We may use your image or audio-visual recordings which identify you for promotional purposes where you would reasonably expect this to occur, or where you have given us your express or implied consent (for example, your post-workout selfie, where you have won a prize, or where you have tagged us in photo or video on a social media platform).
4. Connecting with Google Fit / Other Third-Party Services and Devices via our app
If you choose to connect your account to a third-party service/device (such as Google Fit) when using our app, we will share your fitness /lifestyle activity data with these parties only for the purposes set out above (i.e. to provide our services and measure your health and achievements in our fitness activities). You will be asked for your consent when you connect to these services/devices, and you may revoke that consent at any time by disconnecting from them.
Our use of information received from Google APIs (including Google Fit APIs) will adhere to Google API Services User Data Policy, Google Fit Developer and User Data Policy, and Limited Use requirements.
5. Data Processing
Personal Data is collected for the following purposes and using the following services:
Apple Store Connect
The Emily Ann Coaching App is distributed on Apple’s App Store, a platform for the distribution of mobile apps, provided by Apple Inc.
App Store Connect enables the Owner to manage Emily Ann Coaching on Apple’s App Store. Depending on the configuration, App Store Connect provides the Owner with analytics data on user engagement and app discovery, marketing campaigns, sales, in-app purchases, and payments to measure the performance of the Emily Ann Coaching App. The Store Connect only collects such data from Users who have agreed to share them with the Owner. Users may find more information on how to opt out via their device settings here.
Personal Data processed: diagnostics; purchase history.
Google Play Store
The Emily Ann Coaching App is distributed on the Google Play Store, a platform for the distribution of mobile apps, provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing.
By virtue of being distributed via this app store, Google collects usage and diagnostics data and share aggregate information with the Owner. Much of this information is processed on an opt-in basis.
Users may opt-out of this analytics feature directly through their device settings. More information on how to manage analysis settings can be found on this page.
Personal Data processed: Usage Data.
Google Analytics 4
Google Analytics 4 is a web analysis service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, (“Google”). Google utilizes the Data collected to track and examine the use of movewithus.com.au, to prepare reports on its activities and share them with other Google services. Google may use the Data collected to contextualize and personalize the ads of its own advertising network. In Google Analytics 4, IP addresses are used at collection time and then discarded before Data is logged in any data center or server. Users can learn more by consulting Google’s official documentation.
Personal Data processed: Trackers.
Remarketing with Google Analytics
Remarketing with Google Analytics is a remarketing and behavioral targeting service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, that connects the tracking activity performed by Google Analytics and its Trackers with the Google Ads advertising network and the Doubleclick Cookie.
Personal Data processed: Trackers; Usage Data.
Emily Ann Coaching uses Google Signals, a feature of Google Analytics, which will associate the visitation information that it collects from emilyanncoaching.com with Google information from accounts of signed-in Google-account users who have consented to this association for the purpose of ads personalization. This Google information may include User location, search history, YouTube history and Data from sites that partner with Google – and is used to provide aggregated and anonymized insights into Users’ cross device behaviors.
If a User falls under the described association, they may access and/or delete such Data via My Activity provided by Google.
Personal Data processed: Trackers; Usage Data.
Google Ads Remarketing
Google Ads Remarketing is a remarketing and behavioral targeting service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, that connects the activity of emilyanncoaching.com with the Google Ads advertising network and the DoubleClick Cookie. In order to understand Google’s use of Data, consult Google’s partner policy.
Users can opt out of Google’s use of Trackers for ads personalization by visiting Google’s Ads Settings.
Personal Data processed: Trackers; Usage Data.
Meta Custom Audience
Meta Custom Audience is a remarketing and behavioral targeting service provided by Meta Platforms, Inc. that connects the activity of movewithus.com.au with the Meta Audience Network.
Users can opt out of Meta’s use of Trackers for ads personalization by visiting this opt-out page.
Personal Data processed: email address; Trackers.
Active Campaign is an email address and SMS management and message sending service
To take advantage of the service provided by Active Campaign, the Owner typically shares information about (purchasing) Users, such as for example contact details and shopping histories. Check the indication at “Personal Data processed“ below for an explanation of the extent of the sharing.
Personal Data processed: country; email address; first name; last name; phone number; purchase history; state; Usage Data; various types of Data.
Google Ads Conversion Tracking
Google Ads conversion tracking is an analytics service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, that connects data from the Google Ads advertising network with actions performed on movewithus.com.au.
Personal Data processed: Trackers; Usage Data.
Meta Ads Conversion Tracking
Meta ads conversion tracking (Meta pixel) is an analytics service provided by Meta Platforms, Inc. that connects data from the Meta Audience Network with actions performed on emilyanncoaching.com. The Meta pixel tracks conversions that can be attributed to ads on Facebook, Instagram and Meta Audience Network.
Personal Data processed: Trackers; Usage Data.
Meta Events Manager
Meta Events Manager is an analytics service provided by Meta Platforms Ireland Limited or by Meta Platforms, Inc., depending on how the Owner manages the Data processing. By integrating the Meta pixel, Meta Events Manager can give the Owner insights into the traffic and interactions on movewithus.com.au.
Personal Data processed: Trackers; Usage Data.
TikTok Conversion Tracking
TikTok conversion tracking is an analytics and behavioral targeting service provided by TikTok Inc. that connects data from the TikTok advertising network with actions performed on movewithus.com.au. The TikTok pixel tracks conversions that can be attributed to TikTok ads and enables to target groups of Users on the base of their past use of movewithus.com.au.
Personal Data processed: device information; Trackers; Usage Data.
Google Tag Manager
Google Tag Manager is a tag management service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing.
Personal Data processed: Trackers.
Pinterest Ads is an advertising service provided by Pinterest, Inc. that allows the Owner to run advertising campaigns on the Pinterest advertising network.
Users may opt out of behavioral advertising features through their device settings, their Pinterest personalization settings.
Personal Data processed: device information; Trackers.
HealthKit is an activity data handling service provided by Apple Inc. that enables the Owner to access or store activity data.
Personal Data processed: body measurements & indexes; general activity data.
6. How do we interact with you via the internet?
7. How do we interact with you via our app?
8. Can you deal with us anonymously?
We will provide individuals with the opportunity of remaining anonymous or using a pseudonym in their dealings with us where it is lawful and practicable (for example, when making a general enquiry). If we do not collect personal information about you, you may be unable to use our full range of services or participate in programs or activities we deliver.
9. How do we hold and secure information?
We store information using digital or cloud based platforms in secure databases (including trusted third-party storage providers based in Australia and overseas). Personal information may be collected in paper-based documents and converted to electronic form for use or storage (with the original documents securely destroyed). We take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure.
We also maintain network security, for example firewalls and other security systems such as user identifiers and passwords to control access to our computer systems.
Our websites and app do not necessarily use encryption or other technologies to ensure the secure transmission of information via the internet. Users of our websites are encouraged to exercise care in sending personal information via the internet.
We take steps to securely destroy or de-identify information that we no longer require.
10. Do we use or disclose your personal information for digital or direct marketing?
We may use or disclose your personal information for the purpose of informing you about our services, upcoming promotions and events, or other opportunities that may interest you. If you do not want to receive direct marketing communications, you can opt-out at any time by contacting us using the contact details below or the unsubscribe facility in all emails we send to you.
If you opt-out of receiving marketing material from us, we may still contact you for the purposes of facilitating other dealings with you (such as the order of products or services).
We may occasionally engage other companies to provide marketing or advertising services on our behalf. Those companies will be permitted to obtain only the personal information they need to deliver the service. If we provide those companies with any of your personal information, it is to provide you with a better or more relevant and personalised experience and to improve the quality of those services.
11. How do we disclose personal information?
We will not sell, distribute or disclose your information or personal details onto any third parties, other than in accordance with this Policy, and to those who are contracted to us to keep your information or personal details confidential.
We may disclose personal information:
- to our suppliers, consultants, contractors or agents we engage in order to provide our services, including for payment processing and debt recovery, shipping, data processing, data analysis, customer satisfaction surveys, information technology services and support, website maintenance, development or hosting, archiving, marketing and market research;
- via our social media pages for promoting us and our services;
- if we merge with or are acquired by another entity, to that entity as a part of the merger or acquisition;
- to relevant government authorities for the purpose of investigating an incident, for example a workplace health and safety matter or security incident;
- when conveying information to a responsible person (e.g. parent, guardian, spouse) if you are injured, incapable or cannot communicate, unless you have requested otherwise;
- for other administrative and operational purposes, such as risk management and management of legal liabilities and claims (for example, liaising with insurers and legal representatives).
We may use and disclose your personal information for other purposes explained at the time of collection, that you have consented to or otherwise as set out in this Policy.
12. Do we disclose your personal information overseas?
Unless we have your consent, or an exception under the APPs applies, we will only disclose your personal information to overseas recipients where we have taken reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to your personal information.
The reason for disclosure to an overseas recipient depends on the nature of the services those recipients provide to us (for example storing data via a cloud service, or where our customer relationship management system is hosted on servers located overseas).
13. How can you access or seek correction of your personal information?
You are entitled to access your personal information we hold about you upon request. You can do this by contacting us using the contact details set out below.
You will not be charged for making a request to access your personal information but you may be charged for the reasonable time and expense incurred in compiling information in response to your request.
We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up-to-date. You can help us to do this by letting us know if you notice errors or discrepancies in information we hold about you and letting us know if your personal details change.
If you consider any personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading you are entitled to request correction of the information. After receiving a request from you, we will take reasonable steps to correct your information.
We may decline your request to access or correct your personal information in certain circumstances in accordance with the APPs. If we do refuse your request, we will provide you with a reason for our decision and, in the case of a request for correction, we will include a statement with your personal information about the requested correction.
14. Data breaches
Under the APPs, we may be required to notify you about ‘eligible data breaches’. An eligible data breach occurs when:
- there is unauthorised access to or disclosure of personal information we hold (or information is lost in circumstances where unauthorised access or disclosure is likely to occur);
- the access, disclosure or loss is likely to result in serious harm to you; and
- we are unable to prevent the likely risk of serious harm with remedial action.
If it is not clear whether a suspected data breach meets these criteria, we will investigate and assess the breach further. This is to ensure you are notified if your personal information is involved in a data breach that is likely to result in serious harm. Even if the criteria are not met, we may decide it appropriate to notify you anyway as part of our commitment to taking privacy seriously.
15. European residents
If you are an individual customer based in Europe and we offer or provide our products or services to you, our processing of your personal information will be subject to the GDPR and the following additional information applies.
Our Legal grounds for processing: We rely on the following legal grounds to process your personal information:
- contract performance – we need to collect and process your personal information to enter into a contract with you when you purchase our products or to perform our obligations under a contract with you when you request and we provide you with our products and services;
- if it is necessary to pursue our legitimate interests and does not override your rights and interests – this is the usual basis on which we carry our business for the purposes set out above and includes when we carry out research, conduct direct marketing or otherwise communicate with you; and
- with your consent– we need your consent to collect and use your sensitive information such as your health information or to send you direct marketing.
- to comply with laws or regulations that apply to us including exercising our rights.
Transfer of information outside Europe: If we or our service providers or one of our related entities transfers your personal information outside Europe or onwards to a third country from Australia, we will ensure that it is protected and transferred in a manner consistent with legal requirements applicable to the information. We will do this by one of the following:
- sending it to a country approved by the European Commission as having adequate privacy protections;
- the recipient has signed a contract based on standard “model contractual clauses” approved by the European Commission, requiring them to protect your personal information) (see http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm; or
- if the recipient is located in the US, it may be a certified member of the EU-US Privacy Shield scheme (https://www.privacyshield.gov/welcome) or another valid scheme; or
- meeting the requirements of an applicable derogation such as obtaining your consent;
How long do we retain your personal information?
We retain your personal information for as long as necessary to provide our services and products that you have requested, to comply with our legal obligations, resolve disputes, and enforcing our rights and policies. Unless we have an ongoing relationship with you (e.g. you are a frequent customer) or otherwise required, we will retain your personal information for no longer than 2 years.
Your additional rights and choices: You can –
- ask us to erase your personal information without undue delay in certain circumstances such as if you withdraw your consent and we otherwise have no legal reason to retain it.
- object to, and ask us to restrict, our processing of your personal information in certain circumstances, such as while we verify your assertion the information is inaccurate or if we are processing your information for our legitimate interests or for direct marketing purposes (we may be legally entitled to refuse that request).
- in some circumstances such as where we are processing your information with your consent, receive some personal information you have given us in a structured, commonly used and machine-readable format and/or ask us to transmit it to someone else if technically possible feasible.
- withdraw your consent (but we may be able to continue processing without your consent if there is another legitimate reason to do so).
- lodge a complaint with the relevant European data protection authority if you think that any of your rights have been infringed by us – we can, on request, tell you the relevant authority for the processing of your personal information.
16. What should you do if you have a complaint about the handling of your personal information?
You may contact us at any time if you have any questions or concerns about this Policy or about the way in which your personal information has been handled. You may make a complaint to us using the contact details set out below.
In most cases, we will investigate and respond to a complaint within 30 days of receipt of the complaint. If the matter is more complex or our investigation may take longer, we will let you know.
If Emily Ann Coaching Ltd (trading as Emily Ann Coaching) has processed or is processing your personal data, you may be entitled to exercise your rights under GDPR in respect of that personal data. For more details on the rights you have in respect of your personal data, please refer to the European Commission (https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en) or the national Data Protection Authority in your country.
We may amend this Policy from time to time, with or without notice to you. We recommend that you visit our website or app regularly to keep up to date with any changes.
18. How can you contact us?
EU Website Customers Only:
If you want to raise a question to Emily Ann Coaching or otherwise exercise your rights in respect of your personal data, you may do so by:
- contacting us on our online webform PLEASE NOTE: when mailing enquiries, it is ESSENTIAL that you mark your letters for ‘DataRep’ or your inquiry may not reach us. In receiving your correspondence, Emily Ann Coaching is likely to request evidence of your identity, to ensure your personal data and information connected with it is not provided to anyone other than you.