ThinkCaddie Pty Ltd ACN 619 755 985 trading as “Caddie” (referred to as “Caddie”, “our”, “we”, or “us”) is committed to protecting your privacy and personal information in accordance with our obligations under the Privacy Act 1998 (Cth) (the Act), including the Australian Privacy Principles (APPs).
The APPs establish requirements for the way entities collect, store and use an individual’s personal information. Our aim is to provide an online environment which will ensure the information you provide to us is handled in a secure, efficient and confidential manner. Details of what we collect and how it is used are contained in this policy. By using any of our services, visiting our website (thinkcaddie.com), using our applications or products or giving us your personal information, you agree to your information being collected, stored, used and disclosed on the terms set out in this Policy.
1. Collection of Information
1.1 What is Personal Information
Personal information is information, whether true or not, and whether recorded in a material form or not, about an identified individual, or an individual who is reasonably identifiable.
1.2 Collection of Personal Information
- We may collect the following types of personal information from you:
- your name and other personal information such as your gender;
- your contact information, such as email addresses, contact and delivery addresses and phone numbers;
- your credit card and bank account details;
- information that you provide for the purpose of registering with our websites and the transactions carried out over our websites;
- your preferences and feedback for the purpose of subscribing to website services and marketing material;
- information about your use of our websites, products and services;
- records and content of any communications between us and you; and
- any other personal information provided by you to us in the course of you using our websites or in the course of us providing any products or services to you.
We will only collect personal information by lawful and fair means and where that information is reasonably necessary for one or more of our functions or activities as identified in our Purposes at paragraph 3 of this Policy.
We generally collect your personal information directly from you with your consent. We will only collect personal information from a third party where it is appropriate, given the nature of the services, or where it is unreasonable or impractical to collect the information directly from you.
Like most websites, we also collect cookies from your computer, which enables us to tell when you use the website and also to help customise your website experience (for example, your likes, dislikes and needs). Cookies are pieces of information that a website can transfer to an individual’s computer. A cookie does not and cannot provide us with access to your personal computer or any information about you that you have not provided to us on our website.
We use traffic log cookies to identify which pages are being used. This helps us improve our website in order to tailor it for your needs. We use this information for statistical analysis purposes and then the data is removed from the system. Your website browser can be set to reject cookies or to prompt you each time a website wishes to add a cookie to your browser.
1.3 Collection of Sensitive Information
- Sensitive information is defined in the Act as information about an individual’s ethnic origin, beliefs (whether political, religious or philosophical), sexual orientation, criminal history, health, genetics and membership of political or trade associations.
We will collect sensitive information with the relevant individual’s consent and where the collection is reasonably necessary for one or more of the Purposes at paragraph 3 of the Policy.
An individual’s consent is not required to collect sensitive information where the collection of that information is required or authorised by or under any Australian law or a court order, or where a permitted general situation exists (as defined in section 16A of the Act).
2. Storage of, and Access to, Personal Information
2.1 Storage and Security of Personal Information
- We strive to provide an environment which ensures that personal information (including sensitive information) is stored in a secure and confidential manner. We employ a PCI Level 1 service provider for all processing, transmission, and storage of credit card data. Other personal information is stored in and access via tested and verified identity standards, including LDAP, SAML, OAuth, OpenID, OpenID Connect, and JSON Web Tokens (JWTs). Electronic and procedural systems are in place for the security of our databases.
We will take such steps as are reasonable in the circumstances to protect the personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure. We will retain your personal information so long as it is personal information necessary or relevant to our Purposes outlined in paragraph 3 below
If your subscription expires or is cancelled, your User Account and all personal information included will be kept in our secure database to enable you to re-activate your subscription at any time. We may (in our absolute discretion), destroy your data and remove your viewing access to your User Account, thirty days after your subscription is cancelled or expires.
2.2 Access to, and Correction of, Personal Information
- A user is entitled to request access to the personal information Caddie holds about him or her by making a request to Caddie as provided in paragraph 10 of this Policy. We will respond to the request and provide access to the information within a reasonable time. There may be charges associated with making a request or the subsequent provision of information.
- where we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in and we reasonably believe that the collection, use or disclosure is necessary for us to take appropriate action;
- we reasonably believe that the collection, use or disclosure is reasonably necessary to assist in locating a person who has been reported missing; or
- the collection, use or disclosure is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim.
- Where an individual requests that we correct the personal information we hold about that individual, we will take such steps (if any) as are reasonable in the circumstances to correct the information. We are entitled to refuse to correct the personal information, provided that we give the individual a written notice containing the reasons for the refusal.
- Where we are satisfied that the information we hold about an individual is inaccurate, out-of-date, incomplete, irrelevant or misleading, we must take such steps (if any) as are reasonable in the circumstances to correct the information.
Despite the above paragraph, we are not required to give the individual access to personal information if a ‘permitted general situation’ is defined in section 16A of the Act which includes:
3. The Purposes for which we collect Personal Information
- We collect the personal and sensitive information described in Clause 1 above only to the extent that such information is reasonably prudent or necessary for, or directly related to, one or more of our Purposes.
Please be aware that it is impractical for us to deal with a user and carry out any of the Purposes if the user does not identify himself or herself sufficiently.
3.2 Description of the Purposes
- The “Purposes” of Caddie include (but are not limited to) the collection, use and exchange of your personal and sensitive information:
- to operate Caddie’s business in a safe manner;
- to operate an online user system to allow users and employers to track and manage their continuing professional development; and
- to operate and manage an online database of continuing professional development content for users and employers.
- establish your identity and assess requests for goods and services;
- supply to you products or services that you purchase or are entitled to access;
- send to you statements and invoices and collect payments from you;
- contact you, including sending you marketing communications (including newsletter subscriptions, market research and customer feedback);
- conduct and improve our businesses and improve the customer experience;
- comply with any legal obligations we may have;
- use the personal information in relation to any proceedings (whether commenced by you or against you and whether we are also a party to those proceedings); and
- in other ways where permitted by law.
to fulfil Caddie’s functions and activities including:
so that we can:
Providing us with some personal information is optional (we will tell you when such information is optional). However, if you do not provide us with certain types of personal information, you may be unable to enjoy the full functionality of our websites or our goods and services.
4. Collection of Third Party Personal Information
- If you provide us with the personal information of a third party (“authorised recipient”) for the purpose of receiving any products or services, communications, or any other information from us (including your own personal information), you warrant and represent that:
- you have obtained the authorised recipient’s consent to provide us with their personal information; and
5. Use and Disclosure of Personal Information to Third Parties
- We may use and disclose your personal information for any of the purposes listed above.
- who are engaged by us to provide goods or services, or to undertake functions or activities on our behalf (for example, processing payment information, marketing, research or managing databases);
- who are your authorised recipients (as defined above in clause 4);
- that are our business partners, authorised distributors, joint venturers, partners or agents; or
- as required or permitted by law.
- we have your consent;
- you would reasonably expect us to use or disclose the information for the secondary purpose;
- the use or disclosure of the information is required or authorised by or under an Australian Law; or
- a permitted general situation exists (see clause 2.2(b) for the definition).
We may use and disclose, and you consent to us using and disclosing, your personal information to third parties:
We will not use or disclose any personal information for a purpose (other than those listed above) (‘a secondary purpose’) unless:
6. Third Party Links and Stripe Payment Processing
6.1 Links to Third Party Websites
- From time to time, Caddie may display advertisements from third parties and other content that links you to third party websites. Caddie cannot control or be held responsible for a third party’s privacy practices and/or content. Please read their privacy policies to find out how they collect and process your personal information.
6.2 Stripe Payments
- If you subscribe to a user account, we may collect your payment details and information and debit future subscription payments directly from your credit card.
Stripe may provide us with unique authentication tokens to make payment requests with. Stripe may also provide us with information such as your name, credit card type, expiration date and the last four digits of your credit number. This information is used only to make single payment requests, or register the user for an ongoing subscription that requires automatic payments in the future.
7. Access and Correction
- It is important that you ensure that your personal information is kept up to date at all times. If you require access to your personal information or require the correction of your personal information, please contact us at the details listed at the beginning of this Policy.
We reserve the right to charge a fee for searching for, and providing access to, your information on a per request basis.
Despite the above paragraph, we are not required to give you access to personal information if any of the circumstances detailed in clause 12.3 of Schedule 1 of the Act exist.
- It is an important to us that your personal information is up to date. Where you request that we correct the personal information we hold about you, we will take such steps (if any) as are reasonable in the circumstances to correct the information. We are entitled to refuse to correct the personal information, provided we give you written notice containing the reasons for the refusal.
8. Direct Marketing
- Direct marketing occurs where entities use the personal information they collect to market related or other goods and services to the individual who provided the information. A common example is where an organisation sends an email newsletter.
We may use or disclose personal information for the purpose of direct marketing. We will only use or disclose sensitive information for the purpose of direct marketing if you have consented.
You are entitled to request not to receive direct marketing communications from us by contacting us on the details listed at the beginning of this Policy or by clicking “Unsubscribe” where available. We will give effect to any such request.
9. Changes to this Policy
- We encourage you to check our Policy from time to time to ensure that you understand and agree with the changes that are made. If you have objections to this Policy then you should not access or use our websites, or order our goods or services.
We reserve the right to make amendments to this Policy from time to time in our absolute discretion.
- Should you have any queries about the Policy or the APPs, or wish to lodge a complaint about a potential breach of the APPs, please contact Caddie as follows:
Unit 5, 27 Napier Close Deakin ACT 2600 Australia
(02) 6100 1385
We will endeavor to respond to an individual communication within thirty (30) days.