1. Introduction

UniMed Living recognises that your privacy is very important to you. As such, we are committed to doing all we can to promote confidence in the way that we handle your personal information. We ask that you read this Privacy Statement very carefully as it explains who we are, how we handle your personal data, and your privacy rights.

Your use of our website and/or any of our services constitutes an acknowledgment that you have been made aware of our Privacy Policy.

2. Who we are

UniMed Living Pty Ltd ACN 84 605 412 762 is the host and registrant of the UniMed Living website at www.unimedliving.com. We collect, use and are responsible for certain personal information about you.

We are an Australian company, regulated by Australian laws, including the Privacy Act 1988 (Cth). We are also responsible as an ‘organisation’ for the handling of your personal information under those laws. Also, if you are located in the European Economic Area and we offer goods or services to you, how we handle your personal information is regulated under the European Union General Data Protection Regulation (GDPR).

The GDPR establishes a uniform data protection law across the European Economic Area and aims to protect the privacy and use of EEA residents’ personal information. We are responsible as ‘controller’ of your personal information for the purposes of the GDPR.

UniMed Living is bound by, and is committed to supporting, Australia’s Privacy Act 1988 and Spam Act 2003 in relation to electronic direct marketing.

3. Scope

This notice applies to the collection and processing of your personal information by us or on our behalf. This notice tells you how we collect and process your personal information, the legal basis for processing it, what we use it for, and who we share it with. It also explains particular rights you have in relation to the processing of your personal information.

4. Contact us

We welcome your feedback. Please contact us if you have any questions or comments about this notice, our privacy policies and procedures, or you wish to exercise the rights you have under applicable privacy laws, which are explained further below.

You can contact us by using the Contact Us page of this website.

5. What personal information do we collect and use?

When you visit our website, or interact with us through our webpages and applications, or services, or otherwise, we may collect personal information about you as follows:

  1. your contact details, including your name, email address, mailing address, phone number and mobile phone number;
  2. your country and state or territory;
  3. data collected through your use of our services;
  4. technical data associated with web-browsing, cookie data and the date and time of website visits, plus other data for analytical purposes;
  5. any third-party website from which you linked to our website or accessed our services;
  6. transactional information about your access to our website or services; and
  7. any other personal information you provide to us in relation to the website or our services.

We may also collect other information relating to your use of our website, as detailed in section 19, below.

6. How do we collect your information?

We collect personal information in a variety of ways, such as:

  1. from you directly, including when you interact with us in writing, electronically and when you visit our website, webpages or use our applications (including when you submit a contact request form via the Contact Us page (above);
  2. when you participate in our events or promotions; and
  3. when we supply or you access our products or services.

Note that when you use our website, webpage and applications, UniMed Living is not responsible for any data that you input which is not mandatory for the purpose of the website, webpage or application.

7. Can you opt out of providing personal information?

If you do not want us to collect or use your personal information for a specific purpose, you should let us know accordingly via the Contact Us page (above) and we will use reasonable measures to observe your request. However, if you were to do so, this may result in you not being able to access, or use, all or part of our website or our services.

If personal information has been collected, we may still use or disclose that information:

  1. if we subsequently notify you of the intended disclosure and you do not object to that use or disclosure;
  2. if we believe that the use or disclosure is reasonably necessary to assist a law enforcement agency or an agency responsible for government or public security in the performance of their functions;
  3. to enforce our terms and conditions or to protect our rights;
  4. to protect the safety of members of the public and users of our website and services; or
  5. if we are required by law to disclose the information.

8. How do we use personal information we collect?

Your privacy is respected, and we do not sell, rent or trade your personal information.

We use or may later use your personal information for a variety of purposes to effectively conduct our website (and that is all), including to:

  1. verify your identity;
  2. administer and manage our services;
  3. verify and/or authenticate that your use of our services is in accordance with our terms of use and policies;
  4. assist you to subscribe to or use our services, including to respond to your requests, and to contact you when necessary;
  5. gain an understanding of your information and communication needs in order for us to provide you with a better service;
  6. conduct research, surveys, and opinion polls;
  7. provide you with news, information and material in relation to our services or direct marketing and promotional content of us;
  8. monitor who is accessing our website or using our services;
  9. profile the type of people using our website or services solely for the purposes of improving our website or services;
  10. improve our website or services;
  11. comply with our legal obligations; or
  12. respond to your requests.

Where the GDPR applies, we rely on the following lawful reasons to collect and use your personal data:

  1. our legitimate interests in marketing and providing our services;
  2. to perform or enter into any contract we may have with you;
  3. to comply with our legal obligations;
  4. to protect your vital interests or that of another person (e.g. in an emergency); or
  5. where you consent to the processing (e.g. for certain sorts of marketing or other processing where the law either requires this or where it is our policy from time to time to seek consent for such processing).

On occasions, more than one of the foregoing reasons may apply.

9. To whom do we disclose personal information?

From time to time we disclose your personal information to third parties including:

  1. parties to whom you authorise us to disclose your personal information, either directly or pursuant to the terms and conditions of our services;
  2. companies and consultants who perform services for us, such as specialist information technology or outsourcing companies, or other contractors of ours. In such cases, we require those companies and consultants to protect your personal information;
  3. government and regulatory authorities (as required or authorised by law);
  4. our professional advisors (such as accountants and lawyers);
  5. our related organisations;
  6. organisations that assist us to conduct research/surveys or analyse data. In this case we require those companies to protect your personal information;
  7. service providers who to enhance your user experience may store your personal information on servers in a country outside Australia. To the fullest extent possible, we will require those companies to protect your information; or
  8. other third parties as permitted by law.

The third parties with whom we share personal information may be located overseas including, but not limited to, our partners or affiliates in USA, Canada, Belgium, Germany, UK, Ireland, Spain, New Zealand and more. Please note that some countries outside the UK or EU (including Australia) do not have the same data protection laws as the UK or EU.

Some of your data may be stored on servers in the United States.

If you are a resident of the European Economic Area and do not wish your data to be stored in the United States, then you should not use this site.

If you have any queries about the basis upon which we may transfer or store your personal information outside of Australia, please contact us using the Contact Us page (above).

If you are an individual or sole trader, you may request that information supplied to third parties for the purposes of verification / authentication be de-identified.

10. Your rights under the GDPR (if applicable)

Under the GDPR and the Australian privacy laws, you have a number of important rights free of charge. In summary, those include rights to:

  1. fair processing of information and transparency over how we use your use personal information that this Privacy Notice is already designed to address;
  2. access to your personal information and to certain other supplementary information;
  3. require us to correct any mistakes in your information which we hold;
  4. require the erasure of personal information concerning you in certain situations;
  5. receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format;
  6. transmit your personal information to a third party in certain situations;
  7. object at any time to our processing of personal information concerning you for direct marketing;
  8. object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
  9. object in certain other situations to our continued processing of your personal information;
  10. where the processing is based on your consent, withdraw your consent at any time;
  11. otherwise restrict our processing of your personal information in certain circumstances.

For further information on each of the aforementioned rights, including the circumstances in which they apply, see, for example, the Guidance from the United Kingdom Information Commissioner's Office (ICO) on individuals’ rights under the General Data Protection Regulation. If you would like to exercise any of those rights, please:

  1. contact us using Contact Us page (see above) and let us have enough information to identify you (such as your name and country of residence);
  2. let us have proof of your identity and address;
  3. let us know the information to which your request relates.

11. Direct marketing and your privacy

On occasions, we may use the personal information that we collect from you to identify particular products and services which we believe may be of interest to you. We may then contact you to let you know about these products and services. We will give you a choice to ‘opt out’ (unsubscribe) from receiving such information in the future.

12. How can you ‘opt out’ from promotional and marketing material

You can opt out of receiving promotional and marketing information by any one of the following methods:

  1. unsubscribing via the electronic means provided;
  2. by using the Contact Us page (above).

13. Electronic Direct Mail policy

Your ability to ‘opt out’ by unsubscribing via the electronic means provided will remain functional for at least 30 days after we send our original communication to you. If you wish to ‘opt out’ using the electronic means provided, you will need to do so within 30 days after the relevant communication is sent to you. After this time, if you have not opted out and wish to do so, another ‘opt out’ method should be used (e.g., using the Contact Us page above).

We will use all reasonable endeavours to process your request as quickly as we can, but, in any event, in a fair and reasonable timeframe: we will aim to complete your ‘unsubscribe’ request within five working days of receipt if the request is received electronically.

14. With your consent

We will only use your personal information for the purpose for which you have given your consent in accordance with this Privacy Policy.

If any information that you provide us is more sensitive and therefore falls within a special category of personal information, such as health information, we will collect and process this information only with your express consent.

15. For direct marketing

With your consent where required by law, we may communicate with you (through the preferred communication channel(s) you have selected, which may include by email, telephone, SMS, iM, mail, or any other electronic means including via social networking forums) to tell you about products, services and offers that may be of interest to you.

If you have provided your consent to receive direct marketing, you can withdraw it at any time, and we will process your request as quickly as we can.

16. What do we do with personal information when it is no longer needed?

We will destroy or archive personal information that is no longer needed for the purposes for which it was collected, or if we are no longer permitted or required by law to retain it, using secure methods to destroy the information.

We may need to retain certain personal information after we cease providing you with products or services to enforce our terms, to identify, issue or resolve legal claims and/or for proper record keeping.

We may also retain a record of any stated objection by you to receiving marketing for the purpose of ensuring that we respect your wishes and not contact you further.

17. Exceptions

Your right to access your personal information is not absolute.

In certain circumstances, the law may permit us to refuse your request to provide you with access to your personal information. These circumstances may include where:

  1. access would pose a serious threat to the life or health of any individual;
  2. access would have an unreasonable impact on the privacy of others;
  3. the request is frivolous or vexatious; or
  4. access would be unlawful or may prejudice enforcement activities or a security function.

18. Website ‘cookies’

Many websites, including our website, use ‘cookie’ technology.

Cookies’ are small text files that are used by a website to recognise repeat users (or their computers or mobile devices), store registration data, and facilitate the user's ongoing access to and use of the site. This allows a website to track usage behaviour and compile aggregate data for navigational or content improvement. ‘Cookies’ are not programs that come onto your system and damage files.

You can disable ‘cookies’ or request that a warning when ‘cookies’ are used to enable you to accept or reject them by adjusting your internet browser settings. However, disabling or rejecting ‘cookies’ may mean that you are not able to access parts of our website or take advantage of the improved user experience that ‘cookies’ can help provide.

19. Use of our website

When visiting our website, a record of your visit may be recorded in Google analytics or similar services. This record may include the following types of information:

  1. the date and time of visit;
  2. the pages accessed, and documents downloaded; and
  3. the address of any website that linked you directly to our site.

Your personal information is not recorded.

This information is NOT shared with any third party other than those assisting us to enhance your user experience or protect your information (as detailed in section 9, above).

We understand that you may be concerned about the security of the personal information that we collect from you. We will take reasonable steps to protect personal information which we hold from misuse, loss and from unauthorised access, modification or disclosure.

We have systems and processes in place to maximise the security of your personal information, including the use of the industry standard encryption on our website.

For site and service security purposes and to ensure that our services are available to all users, we employ software programs to monitor network traffic in order to identify unauthorised attempts to upload or change information, or cause damage to our site.

However, you should be aware that, when using our website or our services, no data transmission over the Internet can be guaranteed as completely secure.

20. How long do we keep your personal information?

We will continue to store and hold your personal information indefinitely, until such time as we no longer need it for any purpose for which the information may be used or disclosed under this Privacy Policy or under applicable privacy or data protection laws, or a reasonable time after you ask us to delete it. We typically retain data for as long as we are providing services to you and for a period of up to six years (or longer if the legal limitation period is greater). We will destroy, delete or de-identify your personal information within a reasonable time after the end of this period unless we are required to retain it by law.

21. Changes to this privacy policy

We reserve the right to change, modify or update this Privacy Policy at any time by publishing the revised version on our website, which may be with or without notice to you, or by giving you notice of the change. The revised version shall take effect immediately upon publication or notification, unless otherwise set out in this Privacy Policy or the notice.

22. How you can access and correct or ask us to delete or cease processing your personal information

We will, at your request and subject to applicable privacy laws, provide you with access to your personal information that is held by us.

We will endeavour to ensure that personal information that we hold about you is up to date, accurate and complete, but will generally assume that any information provided by you is free from errors and omissions unless you tell us it needs to be corrected. As such, it is important that you keep us informed if personal information that we have about you is inaccurate, incomplete or out of date. We ask that all requests are made using the Contact Us page (above). We will take reasonable steps to action them quickly and promptly.

You may instruct us to remove any previous consent that you provided to receive marketing communications from us.

You may make a request for access to, or correction of, any personal information that we hold about you. We may request you to verify your identity and (for access requests) specify what type(s) of information you require before processing your request. A fee will not apply to making a request for access or update to or deletion of your personal information. A fee may apply and be charged for providing the information to you. The fee covers the cost to us in collating, copying and providing certain information to you. We will only charge this fee where it is lawful for us to do so.

In some circumstances where we correct a record, we may still require retention of the original record.

In some circumstances, we may refuse to provide you with access to or correct your personal information including, but not limited to, where:

  • giving access would have an unreasonable impact on the privacy of others;
  • the information relates to existing or anticipated legal proceedings, and the information would not be discoverable in those proceedings;
  • giving access would be unlawful;
  • denying access is otherwise required or authorised by law; or
  • the request for access is frivolous or vexatious.

If we refuse to provide you with access to or correct your personal information, we will provide you with an explanation in writing.

Please note that if the GDPR applies to you then you will have additional rights (see section 10, above) and, where your GDPR rights are different from what is stated here, then, we will respect your GDPR rights in preference to the rights in this section.

23. Feedback, queries and complaints

We always welcome your feedback. Feedback is a valuable opportunity for us to improve the services that we deliver to you. We are committed to working with visitors to our site and people using our services to ensure that any complaint, concerns or questions are addressed without delay.

If you have a query regarding our privacy practices or wish to complain about a breach of privacy or data protection laws, you can contact us using the Contact Us page (above). We will then respond in writing as quickly as possible, but in accordance with any timeframes required by law, and we will give you details about how we propose to deal with the complaint as soon as reasonably practicable. We may ask you to provide further information about your complaint in order to assist us to assess your complaint.

If, for any reason you do not wish to complain to us initially or if you are unhappy with how we propose to resolve your complaint, then a complaint may also be made to the Office of the Australian Information Commissioner, by visiting the following website and following the steps. Please note that where it applies, the GDPR also gives you right to lodge a complaint with a supervisory authority, in particular in the EU (or European Economic Area) member state where you work, normally live or where any alleged infringement of data protection laws occurred.

Office of the Australian Information Commissioner

Online: www.oaic.gov.au/privacy

Phone: 1300 363 992

Email: enquiries@oaic.gov.au

Office of the UK Information Commissioner

Online: https://ico.org.uk

Phone: 0303 123 1113

Live chat: https://ico.org.uk/global/contact-us/live-chat

German Federal Commissioner for Data Protection and Freedom of Information

Online: www.bfdi.bund.de

Phone: +49 (0)228 99 77 99-0

Email: poststelle@bfdi.bund.de