Privacy Policy

Last updated 10th May 2024

The Australian Institute of Lymphoedema Pty Ltd is serious about protecting your online privacy. It is important to us to be clear about what data we collect, why we collect it and how we use it. This privacy policy explains our views and practices concerning privacy, and how they may apply to you as a user of our website or services.

 

We aim for compliance with the Australian Privacy Principles, New Zealand Privacy legislation and the General Data Protection Regulations (GDPR) that protects residents in the European Economic Area. Under the GDPR, we are the controller and processor of the personal information we collect about you.

 

Our cookie policy, included within this privacy policy, provides information about the types of cookies we use, why we use them and how you can manage their settings.

 

As our website is intended for use by residents from across the globe, please understand that our information handling process may not be compliant with the practises or approaches of where you live and the privacy laws we are bound by may be different to yours.

 

By using our website or services, you are providing your consent to the terms of our privacy policy. If you do not agree with this policy, please stop accessing our website and please do not purchase or subscribe to any of our services.

 

Contacting us about your privacy

 

Please let us know if you have any requests, feedback or concerns regarding the way we manage your personal data. Our contact details are listed below. We will usually respond to you within 7 days and take action, within reason, as quickly as possible.

 

If you are not happy with how we manage your concerns, you can contact your local data protection supervisory office. For example, in Australia this would be the Australian Privacy Commission www.oaic.gov.au and in New Zealand this would be the New Zealand Privacy Commission www.privacy.org.nz. In the EU this would be the European Data Protection Supervisor https://edps.europa.eu/.

 

Our contact details:

Australian Institute of Lymphoedema Pty Ltd
ABN 40 168 456 040
PO Box 166, Broadway NSW 2007
Proudly established 2014
admin@instituteoflymphoedema.com.au

 

Definitions

 

When we talk about ‘us’ ‘we’ or ‘ours’, we mean our company as detailed above, including our officers and employees. When we talk about ‘you’ or ‘yours’, we mean you as a user of our website or purchaser of our services.

 

‘Website’ means collectively www.instituteoflymphoedema.com.au, lymphoedema.thinkific.com, and our social media accounts on Facebook, Instagram, YouTube and LinkedIn.

 

‘Personal data’ or ‘personal information’ is information that directly identifies you, such as your name and email address, or data that could be used, on its own or in combination with other data, to identify you. It does not include anonymized data.

 

‘Sensitive personal data’ is information about you that requires additional protection such as health information, criminal history, ethnicity and religious beliefs or sexual preferences. We do not intentionally collect sensitive personal information about you and request you do not unintentionally share it with us. You should be aware however, that by using our services, being a member in our membership area or joining our Facebook group or using our Facebook pages, you are making public that you are using our services. This may lead others to make assumptions about your health.

 

Staying anonymous 

 

You can browse our website anonymously, although cookies may be used. You will not be able to access our services anonymously. Once you access our services, including for example by joining our mailing list, opening an account on our website or purchasing our services, we will begin collecting your personal information in accordance with this policy.

 

Collection of data of minors

Our website is not intended to be used by minors and we do not intentionally collect the personal data of persons under the age of 18. If you are the guardian of a minor and suspect they may have provided us with their personal information, please contact us and request to have the minor’s personal information destroyed.

 

Collection of personal data

 

We collect personal data about you when you give it to us for an agreed purpose. This generally occurs when you purchase a service, ‘Like’ or follow our social media pages, request information from us, or subscribe to our newsletter or mailing list. We collect your personal data in this manner for our business purposes including marketing and to complete the services you have requested from us.

 

We collect and process the minimum amount of information required to deliver our services to you or to complete a request by you. This information may include:

  • your first and last name
  • your company name and company identifier details (e.g. ABN)
  • your phone number
  • your email address
  • payment details (although these are only processed by our payment platform)
  • you may add your photo to your profile once you are logged into your account. This is optional and you may remove your photo at any time
  • any other information you supply to us or make available via our website

 

When you purchase through our website, we will also store your IP address. We process this information for our legitimate business purpose of matching your IP address with your user information.

 

We may also receive information through third-party sites like Thinkific and we use website hosting services, email integration providers and learning management systems.

 

Unless stated otherwise in this policy, personal information will be held for our business purposes for a period of up to 7 years. After that time, we may still retain your personal information however if we do so, it will be in a form where personal details are de-identified. This means once the data is made anonymous and you will not be able to be identified.

 

If you interact with us on social media sites (eg. Facebook, Instagram, Youtube, LinkedIn), we may receive information about you. We may process this data as a legitimate business interest to properly administer our business and website and our communications with users. You should be aware that personal information you disclose on social media sites, forums or discussion panels, is publicly available and when you make information available on public areas, we can no longer keep the information private.

 

How we use personal data

 

We may use your personal information to contact you about your purchase, answer enquiries, to keep you up-to-date with our activities, or to send you our newsletters (if you have consented to receiving our newsletters).

 

Other than as disclosed in this privacy policy, we never sell, rent or otherwise disclose your personal information to third-parties.

 

With your permission, we may use your email address to send you emails about our activities. These emails may contain links to other information. We process this information based on your consent. You may always withdraw your consent and unsubscribe from these emails by clicking on the unsubscribe link at the bottom of the email or by contacting us using the information set out above. Removing your information from our marketing list will not remove your information from our business database and we may still contact you about your account or any products or services of ours that you use.

 

If our website is acquired by or merged with another company or business, your personal data may be transferred to the new owners so they may continue to support and operate our website and services. Provided the new owners have a privacy policy with protections similar to this policy, by agreeing to this privacy policy, you agree to such a transfer.

 

We also may share your personal information when required to do so by law or with our professional advisers to obtain advice, for instance if there is a breach of the terms and conditions, or to meet our accounting or compliance obligations. We use your personal data in this manner as a requirement for the legitimate functioning of our business and to meet our legal obligations.

 

We may also use your personal information to produce aggregated, anonymised data about users which we may make available to affiliates, sponsors, business partners or supporters including Cancer Associations and Lymphoedema Advocacy groups.

 

We accept payments via our online ecommerce platform via WordPress and WooCommerce which allows us to sell our services to you. The payment platform is STRIPE. We do not take custody of or store your card details, although our payment processors may store that information on our behalf. Fulfilment may be by AIL or by Amazon.

 

Financial information you provide to a third-party site will be managed according to their own privacy policy. Policies for our providers and potential providers can be found here:

WordPress – https://en-au.wordpress.org/about/privacy/

STRIPE – https://stripe.com/privacy-center/legal

WooCommerce – https://woocommerce.com/document/marketplace-privacy/#section-4

Amazon – https://www.amazon.com.au/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ

Garnet Medical – https://www.garnetmedical.com.au/terms_privacy.asp

Printful – https://www.printful.com/policies/privacy

Thinkific – https://www.thinkific.com/privacy-policy/

 

We will share your personal data with our payment service providers only to the extent necessary to process your payments or deal with refunds, disputes or complaints in relation to your payments.

 

California do not track disclosure

 

Our website does not support or respond to Do Not Track (DNT) or similar signals or mechanisms. Some third-party sites we use keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting or encounter such sites, and they recognise DNT signals, your browser will likely allow you to set the DNT signal so that third-parties (particularly advertisers) know you do not want to be tracked. For example, Chrome provides these instructions https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DAndroid&hl=en

 

Embedded content from other websites

 

Articles or content on our website or within our courses may contain embedded content from other websites, like Vimeo and Youtube. For example, videos or images within an article or even whole articles.

 

The embedded data behaves as though you have actually visited the other website. These websites have their own privacy policies and may collect data about you, use cookies, embed additional third-party tracking and monitor your interaction with the embedded content, including tracking your interaction with the embedded content if you have an account or are logged in to the other website.

 

Facebook groups and other social media platforms

 

Any Facebook group or other social media platform we make available for use, are made available to encourage positive interaction and support between members and the sharing of information. These sites have their own privacy policies and terms of use. Any use you make of these services announces to others that you use our services. Any information you post will become viewable by others and we are not able to keep private or confidential any information you post. If you are concerned about your privacy, we suggest you do not use these sites.

 

We have group rules pinned on our Facebook pages and other social media platforms (where this is possible) and we expect all users to abide by our rules. We reserve the right to (however are not obliged to do so) moderate our social media sites and enforce the rules if we deem it is necessary. This may include suspending or terminating access rights of individuals.

 

Testimonials

 

If you provide us with a testimonial, you give us your consent to display your information (for example your name, date of the testimonial, image) on our website or in our other marketing material, together with the content of the testimonial that you provide.

 

As we sometimes receive quite lengthy testimonials you also agree we may shorten or edit your testimonial provided we do not change the intended meaning.

 

Storage, communications and security of data

 

We use a variety of third-party providers to host and manage our website and to communicate with our customers.

 

Your personal information is stored through their data storage, databases and their general platforms. They store your data on secure servers behind firewalls. Please refer to the privacy policy for Active Campaign at https://www.activecampaign.com/au/legal/privacy-policy for information on how they handle your personal information.

 

Cross border transfers

 

Depending on your location, your personal information may cross international borders and may be stored in a jurisdiction with different privacy laws to where you live. We aim to use reputable service providers for storage and processing of your personal information. By agreeing to this policy, you agree to such a transfer.

Where we collect your data within the European Economic Area (EEA) and it is transferred for processing in other countries (for example, Australia and the US), we have certain safeguards in place to ensure a similar degree of security for your personal data including:

  • transferring your personal data to countries that the European Commission has approved as providing an adequate level of protection for personal data;
  • if we use US-based providers that are part of the EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place; or
  • using specific contracts, codes of conduct or certification mechanisms approved by the European Commission which aim to give personal data the same protection it has in the EEA.

If none of the above safeguards are available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.

 

We recognise the importance of keeping your information secure. To prevent unauthorised access or disclosure, we use third-party hosting and storage providers with industry standard security. We also have SSL certifications for our website with regular backups to avoid misuse, interference loss or unauthorised access, modification or disclosure of your personal information.

 

If the security on our website is breached, we aim to contact you within 24-48 hours of becoming aware of the breach and will prompt you to change your login details (this only applies to users who have registered an on-line account with us and have up to date contact details). We have procedures in place to deal with any suspected personal data breach and will notify any applicable regulator of a breach if we are legally required to.

 

Disclaimer: While we aim to ensure the security of your data, no storage is 100% secure and we cannot guarantee the security of our website, our records, your data or your content. If you feel this is not sufficient, please do not provide us with your personal information, or, if you have already provided personal information, please contact us and we will securely destroy it.

 

Your data rights as an EEA resident

 

This part applies if you are an individual located within the EEA.

 

Under the GDPR, you have rights in relation to your personal data, including:

 

  • The right to request access

 

You may request copies of the information we hold about you, which will only be provided electronically.

 

  • The right to correction

 

You may make a request to amend or correct that information. If we do not agree with your requested change, we will keep a copy of your request with our information and will let you know our reasons. You can update your personal information within your profile by logging into your account on our website.

 

If we have shared your personal data with third parties (for example, third-party service providers processing data on our behalf), we will tell them about the correction where possible.

  • The right to erasure

You have the right to request that we delete or remove your personal data from our records. We will do so in some circumstances, such as where we no longer need it. If we have shared your personal data with third parties, we will tell them about the erasure where possible.

However, your personal data may not be removed from our backups as we are unable to isolate individual data files from our backup. In this instance, your data will disappear on the next scheduled back up update.

  • The right to restrict processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as where you contest the accuracy of that personal data or object to us processing it. If we have shared your personal data with others, we will tell them about the restriction where possible.

  • The right to object to processing

You have the right to ask us to stop processing your personal data in certain circumstances. We will do so if we are processing your personal data for direct marketing.

  • The right to data portability

You have the right to request that we transfer your personal data that we have collected to another organization, or directly to you, under certain conditions.

If data we have collected about you is processed using automated means, you have the right to receive that data in a structured, machine-readable format and to transmit it to another data controller without hindrance.

  • The right in relation to automated decision-making and profiling

You have the right not to be subject to decisions based solely on automated processing of your personal data, including profiling, unless you provide your explicit consent to such processing.

  • The right to withdraw consent

If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on your prior consent.

If you wish to exercise any of the rights set out above, please contact us using our contact details at the top. We try to respond to all legitimate requests within 30 days. Occasionally it may take us longer than that period if your request is particularly complex or if you have made a number of requests. If this is the case, we will notify you.

You will not have to pay a fee to access your personal data or to exercise any of the other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We may refuse to comply with your request in some circumstances however we will let you know if this is the case.

We will request specific information from you to help us confirm your identity and ensure your right to exercise any of your rights above. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you and ask for further information in relation to your request.

 

Data rights where you are not an EEA resident

You may request copies of the information we hold about you, which will only be provided electronically. Our contact details are listed near the top of this policy.

You may make a request to amend or correct that information. If we do not agree with your requested change, we will keep a copy of your request with our information and will let you know our reasons.  You can update your personal information within your profile by logging into your account on our website.

 

Changes to this privacy policy

 

It is important to us that our privacy policy is regularly reviewed, and we will do so to keep it relevant and up to date with changing laws. We will notify you of any changes by posting the new policy on this page. You can find the ‘last updated’ date at the top of this policy to help you keep track of changes over time. Your continued use of our website or services after this policy has been updated indicates your acceptance of the updates.

Cookie Policy

Last updated 10th May 2024

 

Our Cookie Policy provides information about the cookies we use.

 

What is a cookie?

 

A “cookie” is a piece of information that is stored on your computer’s hard drive and which records how you move your way around a website so that, when you revisit that website, it can present tailored options based on the information stored about your last visit. Cookies can also be used to analyse traffic and for advertising and marketing purposes.

 

Cookies are used by nearly all websites and do not harm your system.

 

If you want to check or change what types of cookies you accept, this can usually be altered within your browser settings. You can block cookies at any time by activating the setting on your browser that allows you to refuse the setting of all or some cookies. By not blocking cookies and continuing to browse you are authorising the use of cookies. If you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

 

How do we use cookies?

 

We use cookies to track your use of our website, to provide affiliate revenue and to enable some functions of our website to work properly. This enables us to understand how you use the site and track any patterns with regards how you are using our website. This helps us to develop and improve our website as well as our services in response to what you might need or want.

 

Cookies are either first party cookies set directly by us, or third-party cookies set by third-party service providers we use.

 

When you first visit our website, you will be asked to consent to the use of cookies and similar technologies on the website in accordance with this policy.

 

Cookies can be:

  • Session cookies: these are only stored on your computer during your web session and are automatically deleted when you close your browser – they usually store an anonymous session ID allowing you to browse a website without having to log in to each page but they do not collect any personal data from your computer; or
  • Persistent cookies: a persistent cookie is stored as a file on your computer and it remains there when you close your web browser. The cookie can be read by the website that created it when you visit that website again. We use persistent cookies for Google Analytics.

 

If you are based in the European Union and would like to learn more about how advertisers use these types of cookies or how to choose not to receive them, please visit www.youronlinechoices.eu.

 

Cookies can also be categorised as follows: 

 

  • Strictly necessary cookies: These cookies are essential to enable you to use the website effectively, such as when buying a product and / or service, and therefore cannot be turned off. If you choose to disable these cookies, you will not be able to access all our services including the services you have subscribed to. These cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet.
  • Performance cookies: These cookies enable us to monitor and improve the performance of our website. For example, they allow us to count visits, identify traffic sources and see which parts of the site are most popular.
  • Functionality cookies: These cookies allow our website to remember choices you make and provide enhanced features. For instance, we may be able to provide you with news or updates relevant to the services you use. They may also be used to provide services you have requested such as viewing a video or commenting on a blog. The information these cookies collect is usually anonymised.
  • Analytical cookies: These cookies analyse your use of our website and other websites you visit. We use analytical cookies for targeted advertising.

 

Does anyone else use cookies on our website?

 

Please note that third-parties who advertise on our website (including, for example, advertising networks and providers of external services like web traffic analysis services, if any) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

 

We also use third party cookies that fall into the four categories above.

 

Specifically:

  • We use Google Analytics, Ads and Remarketing as well as Facebook and LinkedIn ads. These third-party providers are likely to use analytical, performance or targeting cookies.
  • If you register an account on our website, you may opt-in to saving your name and email address using our cookies. These are for your convenience so that you do not have to fill in your details again when you make another purchase.
  • If you create an account and visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie does not collect any personal data and is discarded when you close your browser.
  • When you log in, we will also set up several cookies to save your login information and your screen display choices (where applicable).
  • We use cookies to enable affiliate tracking.

 

Opt out

 

To find out how to opt out of tailored advertising please check the options available here – http://www.networkadvertising.org/choices/.

 

End.