Sunshine Coast Council and We Ride Australia are committed to the highest standards of privacy and data protection compliance. We are bound by the Australian Privacy Act (1988) and the regulations enacted under it (as may be amended from time to time).
Information we collect, and how we do it
You may refuse to provide us with personal information, and you may object to our collection of information, however this may impact your ability to use or benefit from our site, platforms, apps, products, and/or services, and our ability to provide you with support or assistance.
Information you provide, content you create, and files you upload
When you create an account on our site and other platforms, including any mobile applications (apps), you provide us with personal information that may include your email address, phone number, address, name and your child/rens name/s.
We may also collect content that you create or upload when using our site and other platforms. This may include user feedback, messages, and photographs
Information we collect about your browser and devices
While you use our site and other platforms, we collect general information of the sort that web browsers, servers and network operators typically make available, which may include unique identifiers (e.g. persistent cookies, MAC addresses, device IDs, IMEI numbers), browser type and settings, location data, device type and settings, operating system, IP address, mobile network information including operator name and phone number and application version number, language preferences, crash reports, system activity, and the date, time and referral URL of each visitor request. This information helps us troubleshoot problems, understand how visitors use our site, allocate and balance resources, and improve our products and services.
Information we collect about how you use our site and services
As you use our site and services, we collect information about how you interact with our platform and how you use our services (your activity), such as the links that you click, content that you view, terms, products and services that you search for, and how you interact with promotional materials or advertisements (if any).
We collect information about your activity to understand how you use and interact with our site and other platforms, and our products and services. This helps us to understand customer preferences, optimise our site and other platforms, allocate and balance resources, and improve our products and services.
How we use the information we collect
- carry out our obligations and to provide you with agreed products and services;
- secure and protect you, us, our site, platforms, apps, products, and services, and the public;
- establish, maintain and administer your account;
- maintain, troubleshoot, and improve our site, platforms, apps, products, and services;
- measure performance of our site, platforms, apps, products, and services;
- develop new products and services;
- if your preferences permit, to provide you with recommendations and personalised products and services;
- communicate with you about our site, platforms, apps, products, and services—such as to notify of changes and updates, alert you to data or security breaches, and to provide you with customer support;
- with any required consent as applicable in your jurisdiction, to create or distribute promotional and marketing material that is relevant to you;
- for quality assurance and training purposes;
- in the case of non-personally identifiable information only—or personal information only with your explicit consent—to promote and market ourselves, our products and services, and our websites (including any social media pages maintained or operated by us such as Facebook, Instagram, Snapchat, Twitter, YouTube etc); and
- meeting our legal, regulatory, and tax reporting obligations;
- investigating incidents of potential or suspected breaches of our Terms of Service or applicable laws; and
Where the use of personal or personally-identifiable information is not necessary for any of the above listed Purposes, we will process the personal or personally-identifiable information in such a way as to render it non-personally identifiable before use (pseudonymisation).
When we share your personal information with others
Personal information we collect stays within the SCC and We Ride, other than in the following circumstances:
- when you give us explicit consent to share your data;
- when we share it with our partners, and other trusted organisations we work with to provide products and services to you;
- when we share it with trusted external service providers and data processors such as data centres, web hosts, cloud storage and cloud software providers, customer support providers, payment processors, debt collectors, accountants, and insurers; or
- when we share it with regulators, enforcement agencies and other relevant parties for the purpose of legal or contractual compliance, reporting purposes, or when:
- we believe in good faith that disclosure is reasonably necessary to protect our property or rights, or the rights of third parties or the public at large;
- we reasonably believe disclosure is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body;
- we share it with regulators, enforcement agencies (including the Police) and other relevant parties for the purpose of legal or contractual compliance; or
- we reasonably believe disclosure is necessary to uphold or enforce applicable laws.
Your data rights
Right of access
You may access and review any personal information we hold about you. On your specific request we will be able to, as soon as reasonably possible, provide you with some or all of (as requested) the following information, where available:
- personal data about you that is in our possession or under our control and the source of such data;
- the ways in which your personal data has been or may have been used or processed by us, including the logic behind any automated decisions (if applicable), during the one year preceding the date of the request;
- the ways in which your personal data has been or may have been disclosed by us, and information on to whom or to which categories of recipients such data has been disclosed, during the two years preceding the date of the request;
- how long we expect to hold on to your data, or if specific information is not available, the criteria we use to determine such a time period; and
- the purpose of any use, processing, or disclosure.
However, to the extent permitted by law, we reserve the right not to provide you with your personal data or other related information if providing it could reasonably be expected to:
- threaten the safety or physical or mental health of another individual;
- cause immediate or grave harm to your safety, physical or mental health;
- reveal personal data about another individual;
- reveal the identity of an individual who has provided personal data about another individual and the individual providing the personal data does not consent to the disclosure of his identity; or
- affect the prevention, investigation, detection, and prosecution of criminal offences, or of breaches of ethics for regulated professions; or
- be contrary to national and public security, defence needs, or the national interest (including important economic, financial, monetary, budgetary and taxation matters).
If you wish to exercise your right of access, you should contact us at email@example.com and we will respond to your request within a reasonable period after the request is made. We aim to process all requests within a month for simple requests, however complex and/or voluminous requests may take up to three months to process. If we deny you access, we will provide our reason for doing so at the time of your request.
We do not typically charge a fee for reasonable requests for access to your personal information. However, we may charge a reasonable fee, which will be notified to you before we move forward with the request, for time and cost in the following circumstances:
- if an extended amount of time is required to collate and prepare material for you; and
- if you wish to receive and we are able to provide hard copies or physical media (i.e. CDs, USB drives or other storage media).
Right to rectification and erase
Please contact us at firstname.lastname@example.org as soon as possible if there are any changes to your personal information or if you believe the personal information we hold about you is not accurate, complete, up-to-date, no longer necessary for the purpose for which it was collected or processed, or lacks a valid legal ground for processing so that we can update your file accordingly. Depending on the circumstance we may change, erase, or block from use any inaccurate, incomplete, or outdated information. We may require documentary proof or evidence for certain requests. We will process any legitimate requests to correct inaccurate data as soon as practicable, and incomplete data within a reasonable time frame, and send the updated personal data to other organisations to which the data was disclosed during the year preceding the date of the correction, unless it is impossible, involves disproportionate effort, the other organisations no longer require the corrected personal data for any legal or business purpose, or you otherwise agree that we do not need to resend the corrected information to any other organisation. Where information is not corrected, you can request that there be attached to the information a statement of the correction sought but not made.
Right to object to the collection of personal data due to your personal situation
You may object to collection of specific personal data on limited grounds due to your personal situation. Please contact us at email@example.com if you wish to make such a request, along with details of your personal situation and your reasons for objection. We will respond to all requests within a reasonable time frame. If we disallow your objection, we will inform you of our reasons for doing so.
We look after your personal information
We take all reasonable steps within our control to ensure that the personal information we hold about you is accurate. We also take reasonable steps to ensure that the information is complete, up-to-date, relevant, and not misleading. However, we also rely on you to advise us of any changes to your personal information.
Protection of personal data
We take reasonable steps to ensure that your personal information is treated securely and to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks in accordance with the Australian Privacy Act (1988).
Although we aim to create a safe, secure environment by trying to limit access to the site to legitimate users, we cannot guarantee that unauthorised parties will not gain access. To the extent permitted by applicable law, we expressly exclude any liability arising from any unauthorised access to your personal information.
We will make every feasible effort to inform the Office of the Australian Information Commissioner or other relevant authority within 72 hours of the occurrence of any significant personal data breach which poses a risk to your rights and freedoms as a natural person (and we will otherwise comply with any data breach notification obligations in applicable data protection law). We will also inform you without undue delay unless the risk to your individual rights and freedoms is low—such as if the compromised data was well encrypted. We may have other grounds for delaying or not notifying a data breach under applicable data protection law, which we may choose to rely on.
Please contact us at firstname.lastname@example.org immediately if you become aware of any unauthorised use of your account by anyone else or any other breach of security.
Retention of personal data
We will cease to retain documents containing personal data, or remove the means by which the personal data can be associated with particular individuals, as soon as it is reasonable to assume that the Purpose for which that personal data was collected or further processed is no longer being served by retention of the personal data.
To make this site and our services work properly, we sometimes place small data files called cookies on your device. Most big websites do this too. A cookie is a small text file that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
- Strictly necessary cookies. These are cookies that are required for the operation of our site. They include, for example, cookies that enable you to log into secure areas of our site.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our site when they are using it. This helps us to improve the way our site works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our site. This enables us to personalise our content for you and remember your preferences.
- Targeting cookies. These cookies record your visit to our site, the pages you have visited and the links you have followed. We will use this information to make our site and the advertising displayed on it more relevant to your interests.
You can control and/or delete cookies as you wish—for details, see www.aboutcookies.org
. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.
Use of personal information for direct marketing
From time to time we may use the personal information we collect from you to identify particular products and services that we believe may be of interest to you. We may then contact you to let you know about these products and services, new features and how they may benefit you, solicit your feedback, or just keep you up to date with what’s going on with us and our products and services and/or products.
Direct marketing from us generally takes the form of an electronic marketing email or direct notification. Where we use your personal information to send you marketing information by email, SMS, MMS or other electronic means we may do so with your express or deemed consent. Every directly addressed marketing contact sent or made by us will include a means by which you may unsubscribe (or opt out) of receiving further marketing information. Additionally, you may instruct us at any time to remove any previous consent you provided to receive marketing communications from us. You can contact us at email@example.com to make a request
Links to third party websites