ABOUT US

RECONNECT STUDIO (“We/Us”) whose registered office is operates the website(s) Reconnectstudio.com.au and  and Reconnect Yoga.com and provide somatic movement, yoga and meditation sessions privately and in groups (together “services”).

We are committed to providing quality services to you and in the course of providing you with our services we will collect and process information that is commonly known as “Personal Data”.

THE PURPOSE OF THIS PRIVACY POLICY

This Privacy Policy does the following:

  1. describes how we collect, use, share, retain and safeguard Personal Data,

  2. Policy sets out your individual rights; we explain these later in the Policy but in summary these rights include your right to know what data is held about you, how this data is processed and how you can place restrictions on the use of your data,

  3. outlines our ongoing obligations to you in respect of how we manage your Personal Data, and

  4. explains what kind of information we collect in connection with our services, the purposes for which we use the information and how we may share this information.

This Policy applies when you may share personal data in contact with us via our website, online forms, email, social media accounts, the telephone, when writing to us directly or where we provide you with paper based forms for completion or we complete a form in conjunction with you.

To provide a high standard to our client’s personal data and privacy, we adopted and aim to comply with the Privacy Act 1988 (Cth, Australia); the Privacy Act 1993 (New Zealand); The Personal Data Protection and Electronic Documents Act, SC2000, c5 (Federal, Canada); Personal Data Protection Act. (Alberta, Canada); the Personal Data Protection Act (British Columbia, Canada); all applicable United States federal and state privacy laws, excluding the California Online Privacy Protection Act (CalOPPA) and Early Learning Personal Data Protection Act (ELPIPA) and any other applicable privacy legislation (collectively the “Data Acts”).

PRIVACY POLICY (NO EUROPEANS)

A data ‘controller’ means the individual or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data.

A data ‘processor’ means the individual or organisation which processes personal data on behalf of the controller.

We are the controller of any personal data gathered by your use of our website and services. Where we use third parties to process your data. We have a contract with these third parties for the provision of these services.

Melbourne, Australia is identified as the named territory where the processing of personal data takes place. You can learn more about your privacy rights at Victorian Information Commissioner Office - https://ovic.vic.gov.au

WHAT IS PERSONAL DATA?

Personal Data is information relating to an identified or identifiable natural person. Examples include an individual’s name, age, address, date of birth, gender and contact details.

Sensitive Personal Data may contain information which is known as special categories of personal data. This may be information relating to and not limited to, an individual’s health, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, or data relating to sexual orientation.

We are legally required to comply with specific data processing requirements for Personal and Sensitive Data.

WHAT PERSONAL DATA IS COLLECTED BY US?

As a provider of yoga, meditation and somatic movement services, we will process the following categories of data:

(a)   Personal Data:

  • Your Name

  • Contact details including address, email and contact number like a landline or mobile number

  • Emergency Contact

(b)   Sensitive Personal Data

  • Current health and details of historic injuries or illnesses (physical and psychological),

  • Photographs, audio and visual with the option to opt out.

  • Aspect of health that may affect your participation or our provision of services to you.

If you object to the collection, sharing and use of your personal data we may be unable to provide you with our services.

LIVESTREAM ONLINE CLASS OR FILMING CLASSES: We may record your communications with us when contacting our team. We may collect information about your visits to us to help us personalise your experience with us. By providing this information to us you are consenting our use in the manner set out in this policy.

We do not knowingly accept information or attendance of anyone under the age of 18 years old. If you are under 18 years of age you will need your parent or guardian to agree to this Privacy Policy and terms for you. They are responsible to ensure that you fully understand what you are sharing with us and why.

WHY WE DO COLLECT PERSONAL DATA?

Personal Data is obtained in many ways including interviews, online calls, text message, online chat, correspondence, by telephone, by email, via our website, from your website, from media and publications, from other publicly available sources, from cookies and from third parties, including but not limited to social media platforms such as Facebook, Instagram, Twitter and LinkedIn. We don’t guarantee website links or policy of authorized third parties. By providing your information to us you are consenting our use in the manner set out in this Policy.

We collect your Personal Data for the primary purpose of providing our services to you in the most suitable manner, informing our marketing strategy and providing information to our client mainly via email and social media platforms. We may also use your Personal Data for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing/marketing lists at any time by contacting us in writing or email as below.

When we collect Personal Data we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it. Please ask if you do not understand.

THIRD PARTY PROCESSORS

Where reasonable and practicable to do so, we will collect your Personal Data only from you. However, in some circumstances we may be provided with information by third parties or allied practitioners. We may use third party suppliers for management of specific services e.g. advice from your medical doctor, payment processing, and they may store some of your Personal Data to provide such service to you. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party or that you can access your account to check this information directly yourself.

We use third party software to securely store your data to perform specific functions to support our services (“third party suppliers”). Third party suppliers have access to personal information needed to perform their functions but may not use it for other purposes. Their privacy policy is linked below as to how they handle data as part of the service we use. With all of the third-party suppliers you can ask us to review your stored data to ensure that it is accurate and best serves you.

Booking system: Squarespace & Acuity System’s privacy Policy

Payment System: Stripe’s privacy Policy

We do not sell or pass your personal information onto third parties.

DATA MANAGEMENT

We use the following third-party providers for our service to you. Their privacy policy is linked within as to how they handle data as part of the service we use. With all of the below suppliers you can ask us to review your stored data to ensure that it is accurate and best serves you.

Client records as paper documentation are stored in a locked cupboard out of sight and to ensure that they are safe and secure. A digital version is stored with Acuity booking system to protect your Personal Data. We may keep your records on remote digital devices that are encrypted and password protected.

  • Communications with us via email are stored in our account with Gmail and / or Bigpond. Any telephone or online calls may be recorded with your permission and stored in your clients records as a digital file.

  • To schedule appointments, we use Acuity Scheduling. You can mange your data in this system at any point by logging into the booking system.

  • Payments for our services can use third party payment facilitators- Stripe, Xero and Paypal. All are PCI DSS v 3.2.1 compliant to ensure your financial data is secure and we can never access your full payment details.

  • Marketing from us may include:

    • Facebook, Instagram and Linkedin are used by us. If you follow, like and interact with our social media accounts then your comments may be public depending on your personal privacy settings within that social media platform. Please check this if you are concerned about your privacy on any social media platform. Please let us know if you do not wish to be tagged in any of our posts.

    • We may conduct surveys using third parties to collect information in the survey to get an idea of the market. You do not have to participate, and you can choose to complete your name and email address or leave it anonymized.

    • Our electronic maillist ensures that we only send emails to those who want to hear from us. We email fortnightly to monthly with content relating to our services. You can unsubscribe at any time by clicking on the unsubscribe button in the emails sent.

  • Our website is hosted by Squarespace . While using our website, we may ask you to provide us with certain personally identifiable information that might be collected through our website provider, Squarespace. This includes collection of your unique online electronic identifier; this is commonly known as your IP address, browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time spent on those pages and other statistics and analytics. Squarespace uses cookies to provide the website and ensure necessary function of our services. To learn more about Squarespace use of cookies here.

OUR COOKIES POLICY

When you access our Website, we may send a “cookie” (small text files to make web browsing more efficient) to your computer or internet enabled device. We may collect your personal information through the use of cookies.

If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.

LINKS TO OTHER WEBSITES

Our services may include links to third party websites. When you click on this link you have left our website and services. We do not have control over what cookies or beacons or other technology these sites may use to track activity into their website, and do not have control over what data they may collect or their privacy policy. Use of their websites and clicking on those links is at your sole risk. We are not responsible for the protection and privacy of any information that you provide whilst visiting such sites and these sites are not governed by this Privacy Policy. We suggest that you read their privacy statement before using the website.

DISCLOSURE OF PERSONAL DATA

We may release personal data where we believe that it is appropriate in a number of circumstances, including the following:

  • Third parties where you consent to the use or disclosure;

  • Where required or authorized by law;

  • To enforce or apply our agreements with you;

  • To protect the rights, property or safety of us, our clients or others; and

  • With your consent following specific notice or request from us.

This includes fraud protection, but not selling, sharing or otherwise disclosing personally identifiable information from clients for commercial purposes in a way that is contrary to this Privacy Policy.

VIDEOS OF CLIENTS: We may store videos and audio files for longer where relevant for business development, marketing and advertising of our services. This will only be used with consent

SECURITY OF PERSONAL DATA

Your Personal Data collected through acuity scheduling is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure. Acuity scheduling complies with the requirements of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.

DURATION PERIOD

If you have received services and Products with us we will store your data for 5 years from your last appointment/purchase with us (“Duration Period”), as required by our insurers (CGU ) for any potential claims.

When your Personal Data is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Data. However, most of the Personal Data or will be stored in client files which will be kept by us for the Duration Period.

ACCESS TO YOUR PERSONAL DATA

You may request a copy of all data that we store about you at no cost in writing. In order to protect your Personal Data we may require identification from you before releasing the requested information. Repeated, unfounded or excessive requests may be challenged by us.

There are some circumstances that may limit the information that we can provide to you in a request, for example, public interest, law enforcement, legal and or health related matters.

Please also bear in mind that we rely on third parties for some of your information in the flow of data. It may take us the full calendar month permitted to provide a full response to your request.

Your rights in such a request include:

  1. Right to access

  2. Right to rectification of errors

  3. Right to deletion (may be limited)

  4. Right to object to processing

  5. Right to restrict processing

  6. Right to withdraw consent

  7. Right to object to marketing

  8. Right to complain to relevant data protection authority

MAINTAINING THE QUALITY OF YOUR PERSONAL DATA

It is an important to us that your Personal Data is up to date. We will take reasonable steps to make sure that your Personal Data is accurate, complete and up to date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.

INTERNATIONAL DATA TRANSFERS

Our services are available internationally. We control and manage Personal Data in Victoria, Australia. We may transfer data outside of Australia to our suppliers to provide the service to you. We ensure that their service meets the minimum requirements set out in the Privacy Laws. You can request to learn more about what data and which services may have access to your Personal Data.

POLICY UPDATES

We reserve the right to update and amend this Privacy Policy at any time, effective upon posting an updated version on the Website.

We will publish such updates on our website and may email notifications to you. Continued use of the Website after any such changes shall constitute your consent to such changes.

PRIVACY POLICY COMPLAINTS AND ENQUIRIES

If you have any queries or complaints about our Privacy Policy please contact us at:

Contact Name: Wai Ying Tham

Contact email: hello@reconnectstudio.com

Contact Number: +61412023688

Should you have a complaint about the way that we have handled your Personal Data, you may submit this to the Office of the Victorian Information Commissioner at 1300 006 842 or enquiries@ovic.vic.gov.au