Effective: August 9, 2024
1. Background
Hoozu Holdings Pty Ltd ACN 163 980 416 (ABN 62 616 314 464) trading as Huume MGMT and its related bodies corporate (“Huume”, “we”, “us”, “our”) recognise the importance of protecting the privacy and the rights of individuals in relation to their personal information.
We respect an individual’s right to privacy under the Privacy Act 1988 (Cth) (Privacy Act), Information Privacy Act 2009 (Qld) (“Information Privacy Act”) and the Australian Privacy Principles (“APPs”) contained in the Privacy Act which govern the way in which we collect, use, disclose, store, secure and dispose of an individual’s Personal Information.
We comply with all of the requirements in respect of the collection, management and disclosure of personal information as set out in this document (“Privacy Policy”).
2. What is personal information
When used in this Privacy Policy, the terms “Personal Information” and “Sensitive Information” have the meaning given to them in the Privacy Act.
In general terms, Personal Information is any information that can be used to personally identify an individual. This may include name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies an individual, or an individual is reasonably identifiable from it, the information will be considered Personal Information.
Sensitive information is Personal Information that is:
(a) information or an opinion (that is also personal information) about an individual’s:
- racial or ethnic origin;
- political opinions;
- membership of a political association;
- religious beliefs or affiliations;
- philosophical beliefs;
- membership of a professional or trade association;
- membership of a trade union;
- sexual orientation or practices; or
- criminal record;
(b) health information about an individual;
(c) genetic information (that is not otherwise health information);
(d) biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
(e) biometric templates.
3. Collection of Personal Information
3.1 Why we collect Personal Information and Sensitive Information
We may collect Personal Information and Sensitive Information from you so that we can provide services to you if you are a client, to manage our relationship with you, or where this is otherwise necessary for our functions or activities. The type of Personal Information we collect about you is provided directly to us and for a specific purpose.
We may collect the following types of Personal Information:
-
-
- first and last name;
- email address; and
- other personal information provided by you when using the Huume website.
-
We may collect and record Personal Information when you:
-
-
- access and use our website;
- send us a message (e.g. where you contact us through our website using the “brief us in” section);
- ask us to provide you with services – including as a client, online or by phone;
- interact with us or make a comment Website/s or social media;
- participate in a publicity photo shoot or other audio visual activity;
- supply goods / services to us.
-
If you do not provide the Personal Information requested, we may not be able to provide you with the information or services you require.
3.2 Aggregate information
From time to time, we may collect general, non-personal, statistical information about the use of our Website/s. In addition to this, we will track users to determine the status of users (i.e. whether they user is active or inactive).
We collect this information through the use of “cookies” and other tracking technologies, which are discussed in greater detail below. We collect this information in order to enhance our Website/s and our services.
We may group this information into aggregated data in order to describe the use of our Website/s to our existing or potential business partners, sponsors, advertisers, or other third parties, or in response to a government request. However, please be assured that this aggregate data will in no way personally identify any individuals or any other users of our Website/s or mobile application.
3.3 Third party information
From time to time, we may be provided with, and we may collect, the Personal Information of a third party. Where the Personal Information of third parties is provided, the provider agrees that the provider will ensure that those persons are aware of this Privacy Policy and have consented to the provision of that Personal Information.
To the extent we comply with our obligations under this Privacy Policy, the provider of third party Personal Information must indemnify us and agree to keep us indemnified from any costs, expense, loss or liability we suffer from using the third party’s private information that is provided to us.
4. Cookies and Other Tracking Technologies
Our website may utilise “cookies” and other tracking technologies. A cookie is a small text file that a website transfers to an individual’s hard drive for record-keeping purposes.
For example, we may use cookies to collect information about website activity. Users may set most browsers to notify the user if the user receives a cookie, or users may choose to block cookies with their browser. However, please be aware that some features of our websites may not function properly or may be slower if users refuse cookies.
We do not link the information we store in cookies to any Personal Information submitted while on the website or mobile application.
Tracking technologies may record information such as internet domain and host names; internet protocol (IP) addresses; browser software and operating system types; clickstream patterns; and dates and times that our website or mobile application is accessed.
It is not our practice to link the information we record using tracking technologies to any Personal Information submitted while on the website or mobile application. However, we reserve the right to use IP addresses and other tracking technologies to identify a visitor only when we feel it is necessary to enforce compliance with the website’s or mobile application’s policies, to protect the website and mobile application, our customers, or others, or when we believe in good faith that the law requires it.
5. Direct marketing materials
We may send direct marketing communications and information about us and our services via post and email.
These communications will be sent in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth). If users indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so.
In addition, at any time users may opt-out of receiving marketing communications from us by contacting us in writing via our email set out in section 15 below or, if applicable by unsubscribing to the marketing communication.
6. FOR WHAT PURPOSES DO WE COLLECT, HOLD AND DISCLOSE SENSITIVE INFORMATION
We will only collect Sensitive Information from an individual directly, as reasonably necessary, and with the individual’s consent.
Sensitive Information will only be disclosed in accordance with the Privacy Act as follows:
-
-
- for the primary purpose for which it was collected;
- for a secondary purpose that is directly related to the primary purpose; or
- as required by law.
-
We will not disclose Sensitive Information of an individual without the individual’s prior written consent or unless required by law.
7. For what purposes do we collect, hold and disclose personal information
We collect personal information about users so that we can perform our business activities and functions and to provide best possible quality of customer service.
We collect, hold, use and disclose Personal Information for the following purposes:
-
-
- to provide products and services to users and to send communications requested by users;
- to answer enquiries and provide information or advice about existing and new products or services;
- to assess the performance of our website and mobile application and to improve the operation of our website and mobile application;
- to conduct business processing functions including providing Personal Information to our related bodies corporate, contractors, service providers or other third parties;
- for the administrative, marketing (including direct marketing), planning, product or service development, quality control and research purposes of Huume, its related bodies corporate, contractors or service providers;
- to update our records and keep contact details up to date;
- to process and respond to any complaint made by users; and to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country (or political sub-division of a country).
-
Personal Information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy.
We may use personally identifiable information in a summative form to improve our supply of services and make them more responsive to the needs of our customers. This statistical compilation and analysis of information may also be used by us or provided to others as a summary report for marketing, advertising or research purposes.
8. Accessing and correcting personal information
Users may request access to any Personal Information we hold about that user at any time by contacting us (see the details below). Where we hold information that users are entitled to access, we will try to provide users with suitable means of accessing it (for example, by mailing or emailing it). We reserve the right to charge a fee for searching for and providing access to an individual’s Personal Information to cover our administrative and other reasonable costs.
In order to protect your Personal Information we may require identification from you before releasing the requested information.
There may be instances where we cannot grant access to the Personal Information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give written reasons for any refusal.
If a user believes that Personal Information we hold about that user is incorrect, incomplete or inaccurate, then that user may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the Personal Information stating that the user disagrees with it.
9. Data Security
Huume takes all reasonable steps to protect the Personal Information that it holds from interference, misuse and loss and from unauthorised access, modification or disclosure.
Huume will hold Personal Information for as long as necessary in order to meet the purposes described in this Privacy Policy. Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure.
When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years upon exiting our service.
Our third-party service providers may store Personal Information overseas when providing support or other services. For example:
-
-
- when traffic information is disclosed to Google when users visit the Huume Site/s and mobile applications; and
- communications with us through a social network service (i.e. Facebook or Instagram), may result in the provider and its partners collecting and holding Personal Information, including overseas.
-
Huume will comply with all aspects of the mandatory data breach notification scheme for all eligible data breaches under the Privacy Act.
10. Notifiable Data Breaches Scheme
In the event of any unauthorised access or unauthorised disclosure or loss of your Personal Information that is likely to result in serious harm to you, and where remedial action has not been able to prevent the likely risk of serious harm, we will investigate and notify you and the Office of the Australian Information Commissioner (OAIC) in accordance with the Privacy Act.
11. What is the process for complaining about a breach of privacy?
If an individual believes that their privacy has been breached, that individual can contact us using the contact information in section 15 below and provide details of the incident so that we can investigate it. Our Privacy Officer will investigate and deal with alleged privacy breaches that have been notified to us.
If that individual is still unsatisfied, that user may wish to direct the complaint to the Office of the Australian Information Commission at http://www.oaic.gov.au/ or alternatively:
Phone: 1300 363 992
In writing: The Office of the Australian Information Commissioner (OAIC)
GPO Box 5288,
SYDNEY NSW 2001
12. Do we disclose personal information to anyone outside Australia?
We may disclose Personal Information to our related bodies corporate and third party suppliers and service providers located overseas for some of the purposes listed above. We take reasonable steps to ensure that the overseas recipients of Personal Information do not breach the privacy obligations relating to that personal information.
13. Security
The security of Personal Information is important to us.
We intend to store information electronically but there may be some circumstances that we will need non-electronic forms of electronic information. In this case, the information will be stored in accordance with the relevant legislation.
We take reasonable steps to ensure Personal Information is protected from misuse and loss and from unauthorised access, modification or disclosure.
We restrict access to Personal Information to employees, contractors and agents who need to know that information in order to operate, develop or improve our processes and services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
As our Website/s or mobile application are on the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information transmitted to us online.
We also cannot guarantee that the information supplied by users will not be intercepted while being transmitted over the internet. Accordingly, any Personal Information or other information which is transmitted to us online is transmitted at the user’s own risk.
14. Contact Us
If users have any questions about this Privacy Policy, any concerns or a complaint regarding the treatment of a user’s personal information or a possible breach of a user’s privacy, please use the contact link on our website or contact our Privacy Officer using the details set out below.
We will treat any requests or complaints confidentially. Our representative will make contact within a reasonable time after receipt of the complaint to discuss the concerns and outline options regarding how they may be resolved. We will aim to ensure that any complaint is resolved in timely and appropriate manner. Please contact our Privacy Officer at:
15. Changes to our privacy policy
This Privacy Policy will be regularly reviewed from time to time, following legislative or organisational changes, or as a minimum, every three years.
Any updated versions of this Privacy Policy will be posted on our Website/s.
16. Definitions
In this Privacy Policy:
Website/s means in all of the pages located on the following website/s: