Last updated: 5 January 2024
2.1 The website (www.NinaRapilane.com) and all associated digital platforms, media accounts, mobile applications (together, the Website), contents, products, materials, and services (together, the Services) are owned and operated by Nina Rapilane Obran ABN 90 993 493 515 (Health and Wellness Coach, ‘we’, ‘us’). The terms ‘you’, ‘user’, and ‘client’ refer to any user or browser of the Website or purchasers of our Services.
2.2 We acknowledge your privacy rights and are dedicated to ensuring the confidentiality of our customers’ and website visitors’ personal information. This policy outlines how we collect and handle your personal information.
2.3 We adhere to the Australian Privacy Principles in the Privacy Act 1988 (Cth) and, where applicable, the EU General Data Protection Regulation (GDPR).
2.4 “Personal information” refers to data identifiable as belonging to you, including but not limited to your name, email address, identification number, health information, or any information that can reasonably identify an individual.
2.5 Our principles of data protection are:
- Transparency: We are dedicated to maintaining openness, honesty, and transparency regarding Personal Data.
- Trust: We pledge to use Personal Data solely for the purposes explicitly stated, aiming to enhance the effectiveness and efficiency of our Services.
- Safety: We are devoted to ensuring the security of the Personal Data entrusted to us.
- Responsibility: We acknowledge and embrace the responsibility of managing Personal Data with utmost care.
3. What Personal Information Is Collected
3.1 We periodically receive and store personal information submitted to our website, provided directly by you, or in other forms.
3.2 This information may include but is not limited to your name, contact details, date of birth, credit and financial information, bank account details, preferences and opinions about our Services, personal and lifestyle information, health information, medical history (including medication history), and bloodwork results.
3.3 We will only collect, use, or disclose your sensitive information if it is reasonably necessary to carry out our functions or activities, and we have your explicit consent. Sensitive information includes information about an individual’s mental health, disability, racial or ethnic origin, criminal convictions, religious affiliation, and political affiliation.
3.4 Basic information such as your name, phone number, address, and email address may also be provided for information dissemination, promotion, updates, and processing of product or service orders.
3.5 Additional information may be collected at other times, such as when providing feedback, sharing personal or business affairs, adjusting content or email preferences, participating in surveys or promotions, providing financial or credit card information, or communicating with customer support.
3.6 Additionally, any other information you provide while interacting with us may be collected.
4. How We Collect Your Personal Information
4.1 Directly Provided Information
4.1.1 When you access specific sections of our Website and/or Services, we may request that you provide Personal Data. This could occur when you fill out an enquiry form, respond to an email offer or newsletter subscription, engage with us on social media platforms, establish an account, or participate in a competition.
4.1.2 If applicable, you may be prompted to input details such as your name, email address, mailing address, and/or phone number. By willingly submitting this information, you provide it to us voluntarily, and by doing so, you grant us consent to use, collect, and process this Personal Data.
4.2 Information Provided Through Orders
4.2.1 When you place an order through our Website, you explicitly agree to provide us with your Personal Data for the explicit purpose of processing and executing your order in accordance with your request.
4.2.2 By doing so, you confirm that you are providing this information voluntarily. Additionally, by supplying us with this information, you grant us consent to use, collect, and process this Personal Data for the specific purpose of fulfilling the order and/or complying with our legal obligations.
4.2.3 If we are unable to collect this and other essential Personal Data, we may be unable to process your order, potentially restricting our ability to provide you with some or all of our Services.
4.3 Collection of Sensitive Information
4.3.1 We may gather information about you, including sensitive data as defined by applicable privacy and data protection laws. This sensitive information encompasses personal and health-related details necessary to fulfill your product orders and meet any service requirements you may have.
4.3.3 We may handle your health or other sensitive information in various ways, including compliance with legal obligations, safeguarding your interests (particularly when you are unable to provide consent), addressing public interests, or handling legal claims.
4.4 Automatically Collected Information
When you visit our Website or use our Services, certain information is automatically collected, including your IP address, device ID, computer and connection details, geo-location information, and device type. As you navigate through our Website and Services, we also track your interactions, such as the pages viewed and links clicked, providing us with insights into how you engage with our offerings. This aids us in enhancing your experience, such as by tailoring the content you encounter.
4.5.1 We employ standard cookies and similar tracking technologies to collect some of this information. Cookies are small files that websites or service providers transfer to your computer’s hard drive through your web browser, allowing them to recognise your browser and capture specific information. Cookies assist in monitoring advertisements, compiling aggregate data on website traffic, and understanding website interactions to improve future experiences and tools.
4.5.2 We do not embed personally identifiable information in cookies, nor do we use any data-capture mechanisms on our Website aside from cookies. You have the option to disable cookies through your web browser settings or receive alerts when a cookie is being sent if you prefer. However, disabling this function may impact some features on the Website, though you can still place orders for our programs or Services over the telephone.
4.6 Information Obtained from Third Parties
4.6.1 Occasionally, we may gather Personal Data about you from external sources, including publicly available materials or reputable third parties such as marketing and research partners. This information serves to enhance the Personal Data we already possess about you, contributing to a more informed, personalised, and improved provision of our Services, and aiding in the verification of the personal data you provide.
4.6.2 When we acquire Personal Data, we will process it solely for the purpose of fulfilling a contract with you, making a booking, pursuing legitimate interests not overridden by your rights, complying with a legal obligation, or when we have obtained your consent. Failure to collect your Personal Data may impede our ability to offer you all our Services, and certain functions and features on our Website may become inaccessible to you.
5. Storage of Your Personal Information
Your personal information is securely stored in encrypted electronic formats, within protected databases, or on cloud-based platforms either owned and operated by us or our service providers. Despite implementing reasonable measures to safeguard the security of your personal information, it’s important to note that the assurance of absolute data protection and security cannot be guaranteed. Consequently, we cannot provide a guarantee of the complete security of your personal information.
6. How We Use Your Information
6.1 We primarily use your Personal Data for the operation of our Website, the provision of requested Services, and the management of our relationship with you. Here are the specific ways in which we use your Personal Data:
- Service delivery: When you become our client, you provide consent for us to access and use your personal information to deliver optimal health and wellness services. Access to your personal information is restricted to staff who require it for service provision. If we intend to use your information for any other purpose, we will seek additional consent from you for those specific activities.
- Communication: We may provide the information you’ve requested, and respond to your enquiries, comments, and applications. We communicate changes to our Website, Services, and security updates, and offer assistance in using our platform. This includes administering our products, events, webinars, podcasts, programs, courses, and promotions.
- Personalisation: Your information helps us tailor your experience on our Website to better respond to your individual needs.
- Enhancement and Development: Through technical analysis and monitoring, we improve and optimize your user experience on our Website and Services.
- Customer Support: Your information aids us in effectively responding to your customer service requests and support needs.
- Relevant Information: We provide you with information and materials relevant to our Services.
- Contests, Promotions, and Surveys: Administering contests, promotions, surveys, or other site features.
- Protection: Ensuring compliance with permitted uses, detecting and preventing fraudulent or malicious activity to protect you.
- Marketing: We may use your Personal Data for marketing communications and targeted advertising online, either on our Website, third-party websites, or social media platforms. Profiling activities may be conducted to tailor advertising based on your behavior on our platforms. You can opt-out of Google Analytics® at any time.
- Analysis and Reporting: We use the Personal Data collected to produce aggregated and anonymized analytics and reports, which may be shared publicly or with third parties.
- Periodic Emails: The email address provided during order processing may be used to send order-related information, updates, company news, and related product or service information. Instructions for unsubscribing are included at the bottom of each email.
6.2 The legal grounds for processing your Personal Data, as outlined above, generally fall under one of the following:
- Your Consent: Where you have explicitly agreed to the processing of your Personal Data.
- Contractual Obligations: In cases where processing is necessary for the performance of a contract with you or a relevant party.
- Legitimate Business Interests or Legal Compliance: When processing is carried out based on our legitimate business interests or to fulfill legal obligations we are subject to.
7. Security Measures: Safeguarding Your Information
7.1 We are dedicated to protecting the information you entrust to us. To prevent unauthorised access, maintain data accuracy, and ensure proper information usage, we have implemented rigorous physical and managerial procedures to secure the data we collect.
7.2 When collecting or transferring sensitive data such as credit card information, we employ Secure Sockets Layer (SSL) encryption. SSL encryption is designed to render the information unreadable by anyone other than us. You can verify this security measure by observing the symbol of an unbroken key or a closed lock (depending on your browser) at the bottom of your browser window. However, it’s important to note that, despite our efforts, we cannot guarantee absolute security for your Personal Data due to potential technological or security breaches. In the event of a high-risk data breach, we commit to notifying you (and the appropriate authorities) within seventy-two (72) hours.
8. Disclosure of Your Personal Data
8.2 Personal Data may also be disclosed to doctors or other health professionals to facilitate communication and optimal care.
8.4 Your Personal Data will not be shared outside Australia without your consent, except in exceptional law-permitted circumstances.
8.5 We do not sell, trade, or transfer your personally identifiable information to external parties. However, to enhance our Website’s operation, conduct business activities, or provide you with services, we may engage in the transfer of your Personal Data to trusted third parties (for example, an Email Service Provider, or Client Relationship Management System). Any such transfer will be executed under agreements ensuring the confidentiality of this information.
8.6 We may disclose your information when we believe it is necessary to comply with the law, enforce our site policies, or protect our rights, property, or safety, as well as the rights, property, or safety of others. However, non-personally identifiable visitor information may be shared with other parties for marketing, advertising, or similar purposes.
8.7 We might be obligated to share your Personal Data with regulatory bodies, law enforcement agencies, government entities, courts, or other third parties. This is essential to comply with applicable laws or regulations and to establish, exercise, or defend our legal rights. Whenever possible and appropriate, we will inform you of such disclosures.
8.8 In the event of an actual or proposed purchase, merger, or acquisition of any part of our business, your Personal Data may be shared with a potential buyer and its agents and advisers. We will only disclose your Personal Data to other third parties with your explicit consent.
9. Direct Marketing Consent and Opt-Out
9.1 Direct marketing involves using your personal information to reach out to you through phone calls, SMS, or email for the purpose of promoting our services. By providing us with your personal information, you acknowledge that we, along with our related entities or business partners, may contact you to promote and market our services.
9.2 If you wish to opt out of being contacted for direct marketing purposes, you can do so at any time. Simply send an email to email@example.com to request to be unsubscribed. Additionally, you can follow the unsubscribe instructions provided in any email communication you receive from us, our related entities, or business partners.
10. General Data Protection Regulation (GDPR) for the European Union (EU)
10.1 We adhere to GDPR principles for fair, transparent, and lawful data collection and use.
10.2 We process your personal information as a Processor and/or Controller under GDPR definitions.
10.3 We establish a lawful basis for processing personal information, depending on the data collected and its intended use.
10.4 Personal information is only collected with your express consent for specific purposes, and data collected will be limited to what is necessary and not excessive. We ensure data safety and security.
10.5 Processing occurs for legitimate interests, contractual or legal obligations, protection of life, public functions, or tasks of public interest based on clear legal foundations.
10.6 No Sensitive Personal Data under GDPR is collected or processed without explicit consent, following GDPR guidelines.
10.7 Personal Data is not collected from individuals under 16 without parental consent.
11. Your Rights Under the GDPR
11.1 If you are an EU resident, you have rights under the GDPR regarding the collection and use of personal information. We comply with these rights.
11.2 Your rights include being informed of how your Personal Data is used, access to your information, correction, deletion, processing restriction, retention, reuse, objection to usage, and objection against automated decision-making and profiling.
11.3 To exercise GDPR rights, contact us at nina[at]ninarapilane.com. We may verify your identity before acting on your requests.
12. International Data Transfers
12.1 To provide you with our products and services, your Personal Data will be stored and processed in Australia. By providing us with your personal information, you consent to the disclosure of your Personal Data to third parties located overseas, and you acknowledge that Australian Privacy Principle 8.1 does not apply to such disclosures. When data is shared, it may be transferred to and processed in countries outside your residence.
12.2 For individuals in the European Union (EU), this means that your data may be transferred outside of the European Economic Area (EEA). The EEA has specific regulations on data protection, and transferring data outside this region is subject to certain criteria. We take steps to ensure the protection of your Personal Data by implementing reasonable safeguards when sharing with third-party data processors in other countries. However, it’s essential to be aware that your Personal Data will be handled in accordance with the policies, practices, and local regulatory laws of the respective countries.
12.3 In the case of data transfer outside the EU, we only transfer data to countries recognised as providing adequate protection for EU data or to a third party with approved transfer mechanisms to protect your Personal Data. If US-based companies part of the EU-US Privacy Shield are involved, data may be transferred to them as they have equivalent safeguards in place. In situations where none of these safeguards is available, we may seek your explicit consent for the specific transfer, and you retain the right to withdraw this consent at any time. Your data security and privacy are paramount to us, and we are committed to maintaining the highest standards in compliance with applicable regulations.
13. Third-Party Websites
13.1 Our Website may contain links to other websites for your convenience. We have no responsibility or liability for the content and activities of these external websites. We cannot be held accountable for the privacy practices of other individuals, companies, or entities whose websites or materials may be linked to ours.
13.2 We advise you to review the privacy policies of these linked websites. Each website has its own policies governing the storage, use, and protection of Personal Data. We cannot ensure or be held responsible for the privacy of any information you voluntarily share with these external websites. Your understanding of their privacy practices is crucial, and we encourage you to familiarise yourself with their policies to make informed decisions when navigating through linked websites.
14. Children’s Online Privacy Protection Act Compliance and Minors
We do not knowingly collect any personally identifiable information from anyone under eighteen (18) years of age in compliance with COPPA (Children’s Online Privacy Protection Act (USA)), the Australian Privacy Act 1988 (Cth), and the GDPR (General Data Protection Regulation of the European Union). If you are under the age of eighteen (18), you must ask your parent or guardian for permission to use this Website.
15. Retention of Personal Data
We will keep your Personal Data for the duration of our relationship with you and for a reasonable period afterward, as long as there is an ongoing business need to retain it. This aligns with our data retention policies and practices. After this period, we will ensure that your Personal Data is either deleted or transformed into aggregate data.
16. Your Consent
17. Your Rights
17.1 You retain several rights concerning your Personal Data:
- Marketing Preferences: You can request to stop receiving marketing emails at any time by contacting us at nina[at]ninarapilane.com. Alternatively, you can follow the unsubscribe instructions in our email communications.
- Access and Accuracy: You have the right to know what Personal Data we hold about you and ensure its accuracy.
- Data Copy and Deletion: You can request a copy of your Personal Data, ask for restrictions on its processing, request deletion, or object to our processing.
- Right to be Forgotten: You have the right to be forgotten, and we will erase your Personal Data upon request.
17.2 To exercise these rights, email us at nina[at]ninarapilane.com, and we will respond within thirty (30) days. Access to your personal data or the exercise of these rights is generally free. However, we may charge a reasonable fee for unfounded, repetitive, or excessive requests.
17.3 We may need to verify your identity and gather additional information to process your request securely. We aim to respond to legitimate requests within one (1) month. Complex or numerous requests may take longer, and we will keep you informed in such cases.
19. Contacting Us
19.2 For complaints, email us at nina[at]ninarapilane.com. We will thoroughly review and investigate your complaint and provide a response.
19.3 If you prefer, you can submit a complaint to the Privacy Commissioner or your local authorities. They will guide you on the formal complaint submission process.