PRIVACY POLICY

PRIVACY POLICY

Welcome to Mariah and Co Online Studio!

Mariah and Co is a modern, all-in-one online studio keeping it real + simple with short, to the point classes so multitasking women can move anytime, anywhere. We provide high quality classes including; Pilates, Yoga, Pilates Flow, Cardio, Pre and Postnatal, Stretch and Meditation. We love bringing together a community around the world continuing or beginning their health and wellness journey. Our online studio is not directed toward people under 18 years of age. 

We are committed to providing quality services to you and in the course of providing you with our services we will collect and process information that is commonly known as “Personal Data”.

This Privacy Policy does the following

  1. describes how we collect, use, share, retain and safeguard Personal Data

  2. Policy sets out your individual rights; we explain these later in the Policy but in summary these rights include your right to know what data is held about            you, how this data is processed and how you can place restrictions on the use of your data,

  3.outlines our ongoing obligations to you in respect of how we manage your Personal Data, and

  4.explains what kind of information we collect in connection with our services, the purposes for which we use the information and how we may share this         information.

This Policy applies when you may share personal data in contact with us via our website, online forms, email, social media accounts, the telephone, when writing to us directly or where we provide you with paper based forms for completion or we complete a form in conjunction with you.

To provide a high standard to our client’s personal data and privacy, we adopted and aim to comply with the SELECT LAWS ADOPTED WHICH CAN BE MORE THAN ONE:

  the Privacy Act 1988 (Cth, Australia);
  the Privacy Act 1993 (New Zealand);
  the Personal Data Protection and Electronic Documents Act, SC 2000, c5 (federal, Canada); the Personal Data Protection Act (Alberta, Canada);
  the Personal Data Protection Act (British Columbia, Canada);

  the General Data Protection Regulation (EU); the Data Protection Act 2018 (UK);

  all applicable United States federal and state privacy laws, including, but not limited to, the California

  Online Privacy Protection Act (CalOPPA), Early Learning Personal Data Protection Act (ELPIPA);

  Brazilian General Data Protection Law (Lei Geral de Proteção de Dados Pessoais) (Law No. 13,709/2018)

  ("LGPD"),

  any other applicable privacy legislation (collectively the “Data Acts”).

The Data Acts govern the way that we collect, use, disclose, store, secure and dispose of your Personal Data.

A data ‘controller’ means the individual or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data. A data ‘processor’ means the individual or organisation which processes personal data on behalf of the controller. We are the controller of any personal data gathered by your use of our website and services. Where we use third parties to process your data. We have a contract with these third parties for the provision of these services. NSW, Australia is identified as the named territory where the processing of personal data takes place.

WHAT IS PERSONAL DATA?

Personal Data is information relating to an identified or identifiable natural person. Examples include an individual’s name, age, address, date of birth, gender and contact details. Sensitive Personal Data may contain information which is known as special categories of personal data. This may be information relating to and not limited to, an individual’s health, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, or data relating to sexual orientation. We are legally required to comply with specific data processing requirements for Personal and Sensitive Data.

WHAT PERSONAL DATA MAY BE COLLECTED BY US?

As a provider of services, we will process the following categories of data:

a) Personal Data

  • Your Name

  • Contact details such as email , address, phone number

b) Sensitive Personal Data

  • Current health details or historic injuries or illnesses

  • Photographs, audio and visual,

  • Associations, beliefs and memberships,

  • Aspects of your health that may affect your participation or our provision of services to you

If you object to the collection, sharing and use of your personal data we may be unable to provide you with our services.

LIVESTREAM ONLINE CLASS OR FILMING CLASSES: We may record your communications with us when our team. We may collect information about your visits to us to help us personalise your experience with us. By providing this information to us you are consenting our use in the manner set out in this policy.

WHY DO WE COLLECT PERSONAL DATA?

We will collect your Personal Data where you request information about our services, via our website, provide information in communications with us via in person, telephone, texts, social media, events, promotions, campaigns, from cookies and third parties. We may collect information about your visits to us to help us personalise your experience with us. By providing this information to us you are consenting our in the manner set out in this Policy.

Our primary purpose for collecting and processing this Personal Data about you is to provide and administer our services to you, our clients and marketing. If you object to the collection, sharing and use of your personal data we may be unable to provide you with our services.

When we collect Personal Data we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it. Please ask if you do not understand.

THIRD PARTY SUPPLIERS

Where reasonable and practicable to do so, we will collect your Personal Data only from you. However, in some circumstances we may be provided with information by third parties. We may use third party suppliers for management of specific services e.g. payment processing, and they may store some of your Personal Data to provide such service to you. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party or that you can access your account to check this information directly yourself.

We use third party software to securely store your data to perform specific functions to support our services Wix, Vimeo OTT and Stripe. Third party suppliers have access to personal information needed to perform their functions but may not use it for other purposes. Their privacy policy is linked below as to how they handle data as part of the service we use. With all of the third-party suppliers you can ask us to review your stored data to ensure that it is accurate and best serves you. 

We do not sell or pass your personal information onto third parties.

COOKIES

Cookies are small text files that can be used by websites to make a user's experience more efficient. They are widely used to remember you and your preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”). The NSW, AUSTRALIA law states that we can store cookies on your device if they are strictly necessary for the operation of this Website. For all other types of cookies, we need your permission. This Website uses different types of cookies. Some cookies are placed by third party services that appear on our Website pages. You can at any time change or withdraw your consent from the cookies on our website. A session cookie is temporary and expires when you close the web browser. Persistent cookies are used to remember your preferences within our Website and remain on your desktop or mobile device, even after you close the browser or restart your computer. They ensure a consistent and efficient experience for you whilst visiting our Website and using our services.

Cookies can be set by the Website (“first-party cookies”) or by third parties, such as those that serve content or provide advertising or analytics services on the Website (“third party cookies”). These third parties can recognise you when you visit our Website and also when you visit certain other websites.

If you do not like the idea of cookies or certain types of cookies, you can change your browser’s settings to deleted cookies that already been set and not accept new cookies. To learn more about this and cookies, visit https://www.internetcookies.org/

Please note that if you delete or do not accept cookies, you might not be able to use all of the features and services of our Website. You can find out more about how to change the cookies for your browser at https://www.internetcookies.org/disable-cookies/

We reserve the right to update, amend and modify this Cookie Policy relating to the Website at any time, effective upon posting an updated version of this Cookie Policy on the Website. We shall post a notification on the main page of our Website. Continued use of the Website after any such changes shall constitute your consent to such changes.

You acknowledge that you have read this Cookie Policy and agree to all its terms and conditions. By using the Website and our Services you agree to be bound by this Cookie Policy. If you do not agree, then you are not authorised to use this Website.

If you have any queries or complaints about our Cookie Policy, please contact us.

DATA MANAGEMENT

We use the following third-party providers for our service to you. Their privacy policy is linked within as to how they handle data as part of the service we use. With all of the below suppliers you can ask us to review your stored data to ensure that it is accurate and best serves you.

It is an important to us that your Personal Data is up to date. We will take reasonable steps to make sure that your Personal Data is accurate, complete and up to date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.

PAYMENT ONLINE

If you pay using an online transaction such as credit card we use Stripe through Vimeo OTT for online studio subscriptions. These third-party payment facilitators are PCI DSS v 3.2.1 compliant to ensure your financial data is secure and we can never access your full payment details.

We may promote our services to you using the information you provide to us, including email or text. If you wish to receive promotional offers, please opt in by specify steps to sign up for marketing communications.

MAILING LIST: If you opt in to receive our emails, you will receive monthly updates from us. Frequency of these emails are subject to change. You can unsubscribe from this at any time from within one of these emails or contacting us. Our email/messaging supplier, MailChimp, may store information that you have submitted.

SOCIAL MEDIA: If you follow us on any social media platforms, your privacy settings in your social media account control what you share with others. Please be aware that our settings are where you leave reviews, comments and we will tag you where appropriate as part of our Page settings are to public. Please check this if you are concerned about your privacy on any social media platform. Please let us know if you do not wish to be tagged in any of our posts.

PHOTOS/ VIDEOS OF CLASSES: Where appropriate, during our classes, workshops and other services we may take photographs and/or videos of you and may be used on social media and marketing of our services. Please contact us at any time should you wish to change or amend any posts on social media by us or be removed from recordings.

DATA RETENTION/DISCLOSURE OF DATA

We may release personal data where we believe that it is appropriate in a number of circumstances, including the following:

  a) Third parties where you consent to the use or disclosure;

  b) Where required or authorised by law;
  c) To enforce or apply our agreements with you;
  d) To protect the rights, property or safety of us, our clients or others; and e) With your consent following specific notice or request from us.

This includes fraud protection, but not selling, sharing or otherwise disclosing personally identifiable information from clients for commercial purposes in a way that is contrary to this Privacy Policy.

VIDEOS OF CLIENTS: We may store videos and audio files for longer where relevant for business development, marketing and advertising of our services. 

PRIVACY POLICY (GDPR COMPLIANT)

ADULT ONLY SERVICES: We do not knowingly accept information or attendance of anyone under the age of 18 years old.

MINORS IN SERVICES If you are under 18 years of age you will need your parent or guardian to agree to this Privacy Policy and terms for you. They are responsible to ensure that you fully understand what you are sharing with us and why.

We take and keep notes on paper/online that contain Personal Data and may include Sensitive Data during your appointments. We store this safely to ensure that it is safe and secure. All electronic files are encrypted, and password protected for security. 

WEBSITE

 

Our Website is hosted by Wix and Vimeo OTT. Wix and Vimeo OTT use cookies to provide the website and ensure necessary function of our services. To learn more about the cookies on our website, please read our Cookies Policy. This includes details about collection of your unique online electronic identifier; this is commonly known as an IP address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.

If you contact us via our website, you may provide us with personal data when completing online health or contact forms. This form is hosted by Wix. 

Our services may include links to third party websites. When you click on this link you have left our website and services. We do not have control over what cookies or beacons or other technology these sites may use to track activity into their website, and do not have control over what data they may collect or their privacy policy. Use of their websites and clicking on those links is at your sole risk. We are not responsible for the protection and privacy of any information that you provide whilst visiting such sites and these sites are not governed by this Privacy Policy. We suggest that you read their privacy statement before using the website.

IF NO AFFILIATE LINKS: We do not provide any personally identifiable customer information to these sites.

AFFILIATE LINKS: We place a cookie on your device to track movement between our site and our affiliates to ensure we receive the commission from your purchase/click. Please read our Cookie Policy to check details. 

If you have received service with us we will store your data from your last appointment/ with us, for any potential claims.

When your Personal Data is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Data. However, most of the Personal Data or will be stored in client files which will be kept by us for the Duration Period.

YOUR RIGHTS

You have legal rights about your personal data. You grant use of your data under the contract and terms herein through your active conduct and use of our services. At any time you have the right to know what personal data relates to you that is held by us, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to its processing, to have the data corrected if inaccurate, to take copies of the data and to place restrictions on its processing. You can also request the deletion of their personal data, but this may be denied on the exception for the establishment, exercise or defence of legal claims. Please see the Information Commissioners Office in Europe guidance on this exception: See Link. 

You may request the following at any time about your data held by us with regards to the services that we provide:

  1. a)  The right to be informed about the personal data being processed

  2. b)  The right to rectification of your personal data

  3. c)  The right to erasure of your personal data

  4. d)  The right to restrict processing of your personal data

  5. e)  The right to data portability (to receive an electronic copy of your personal data)

  6. f)  The right to object to the processing of your personal data

  7. g)  The right to access your personal data

You may request a copy of all data that we store about you for a $200 AUD administration fee by contacting us. In order to protect your Personal Data, we may require identification from you before releasing the requested information. Repeated, unfounded or excessive requests may be challenged by us. There are some limited circumstances that may limit the information that we can provide to you in a request, for example, public interest, law enforcement, legal and or health related matters. Please also bear in mind that we rely on third parties for some of your information in the flow of data. It may take us the full calendar month permitted to provide a full response to your request. If you require further information on your Individual Rights or you wish to exercise your Individual Rights, please contact us.

It is an important to us that your Personal Data is up to date. We will take reasonable steps to make sure that your Personal Data is accurate, complete and up to date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.

We transfer your data outside the European Economic Area/home country to fulfil our services to you. 

Please contact us for further information on the measures undertaken to safeguard your data.

POLICY UPDATES

We reserve the right to update and amend this Privacy Policy at any time, effective upon posting an updated version on the Website. We will publish such updates on our website and may email notifications to you. Continued use of the Website after any such changes shall constitute your consent to such changes.

ENQUIRES AND COMPLAINTS

If you have any queries or complaints about our Privacy Policy, please contact us first.