We recognise and value:
(a) the protection of your personal information; and
(b) that you have an interest in our collection and use of your personal information.
We collect personal information:
(a) when you interact with us online, over the phone, by email, in person or through other means of communication; and
(b) in order to assist you with the supply of products, the provision of services and any related assistance or other purposes requested through such communication.
The type of personal information we collect includes your name, address, telephone number, email, IP address, device identification and any additional information you provide to us.
When using our software and mobile applications we collect a broader range of information which may include sensitive information about your health status, biometric data, diet, exercise regime and personal health objectives.
Where you contact us on behalf of your employer the information you provide often contains information about your employment, position and employers contact details, in those circumstances certain employment information is collected.
Information will only be collected directly from you unless you authorise another person to provide the information. This may occur when you connect our service to those provided by third party service providers.
Cookies are used to assist you to navigate around our website, to streamline the service provided to you and for marketing purposes.
Log files track actions occurring on the Websites, and collect data including your IP address, browser type, internet service provider, referring/exit pages, and date/time stamps.
Web beacons, tags, and pixels are electronic files used to record information about how you browse the Websites.
We do not collect personal information or associate the information collected via cookies, web beacons, tags or pixels with other personal information we collect.
1.5 Xyris’ use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how you use the site.
Cookies are used to store information, such as the time that the current visit occurred, whether you have been to the site before and what site referred you to our web page.
The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage.
Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.
The personal information you provide is used for purposes related to our primary business operations, which is provision of nutritional analysis software and associated services.
Examples of when your information may be used include:
(a) informing you about our products and services;
(b) providing you with the products and services you have requested;
(c) administration needs in relation to providing you with products and service, including your account;
(d) dealing with requests, enquiries or complaints and other customer care related activities;
(e) connecting our service to third party services where you have elected to connect services and provided the necessary authentication;
(f) providing you with software support;
(g) marketing our products and services generally; and
(h) carrying out any activity in connection with a legal, governmental or regulatory requirement imposed on us or in connection with legal proceedings, crime or fraud prevention, detection or prosecution.
We may also use personal information for purposes, as would be reasonably expected by you, in connection with those activities described above.
1.7 Interacting with us
If you contact us with a general question we may interact with you anonymously or through the use of pseudonyms.
However, you are required to provide true and accurate details when requesting the supply of products or provision of support services. You agree you will provide accurate information if so required.
1.8 Direct marketing
From time to time we may send you marketing or promotional material.
We (or an appointed third party) may also conduct surveys or market research and may seek other information from you on a periodic basis. These surveys will provide us with information that allows improvement in the type, quality and the manner in which those products and services are offered to you.
To opt-out of receiving certain marketing material, you may contact us or select the “unsubscribe” link provided in the email.
1.9 Sharing your personal information
We may disclose your personal information to:
(a) employees, a related company and professional advisors such as our lawyers;
(b) law enforcement agencies to assist in the investigation and prevention of criminal activities;
(c) your third party service providers where you have elected to link your account with us to those third parties services; and
(d) our third party contractors or service providers with whom we have a business association, including:
(i) marketing service providers;
(ii) accounting service providers; and
(iii) information technology service providers including cloud application providers.
1.10 Use of de-identified data
The data we collect has significant analytical value to us and third parties, including but not limited to nutritionists and academic research organisations. We reserve the right to process, distribute or sell information we collect through our services. However, we will only distribute data which has been deidentified. Deidentified data will not include personal information such as your name, address, phone number, email address or other information which would reasonably allow you to be identified.
1.11 Overseas disclosure
We may disclose your personal information to off shore third party contractors, service providers or customers with whom we have a business association.
While we do not otherwise actively disclose your personal information to overseas entities, we do engage service providers such as cloud data services, who may have international data centres and disaster recovery sites. Consequently, these providers may have access to your information.
We rely solely on reputable organisations for such cloud services.
1.12 Security of your personal information
We store your personal information using secure servers protected from unauthorised access, modification or disclosure. Where possible, access to our systems require two factor authentication and when we transfer data across public networks, such as the internet, we encrypt that data and pass the information through a secure sockets layer (SSL).
While we endeavour to only hold personal information that is accurate, complete and up-to-date, if you become aware your information is no longer accurate, complete or up-to-date please contact us.
1.13 Disposal of personal information
If we hold personal information about you, and we do not need that information for any purpose, we will take reasonable steps to destroy or de-identify that information, in accordance with the APP and the European Union General Data Protection Regulation (GDPR), unless we are prevented from doing so by law.
You may make a request to us in writing to remove your personal information and, where permitted, we will do so in accordance with the APP and the GDPR.
Under Australian law, financial records, such as those relating to financial transactions, must be retained for 7 years after the transactions associated with those records are completed.
1.14 How to access your personal information
Upon your request and after satisfying ourselves of your identity, we will provide access to the personal information we hold about you except in certain prescribed circumstances which include, where:
(a) we believe giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
(b) giving you access would be unlawful;
(c) granting that access would have an unreasonable impact on the privacy of other individuals;
(d) the request for access is frivolous or vexatious; or
(e) there are anticipated legal proceedings.
1.15 Complaints procedure
Your privacy is important to us. If you have a complaint or concern about our information handling processes as they relate to your personal information, we ask that you first contact our privacy officer whose contact details are listed below.
If, after we have conducted our investigations you are still not satisfied then we ask you to consult with:
The Office of the Australian Information Privacy Commissioner
GPO Box 5218
Sydney NSW 2001
Telephone: 1300 363 992
1.16 How to contact us
If you have any queries, questions, concerns or wish to make a complaint regarding how we deal with your personal information please contact us:
PO Box 896
Kenmore QLD 4069, Australia
Telephone: 1800 875 549
For further information about privacy in general, please refer to the Office of the Australian Information Commissioner’s website located at http://www.oaic.gov.au.
Alternatively, please contact our Privacy Officer using the details provided above.
Published July 2019
Amended: June 2020
Xyris Pty Ltd
ACN 637 864 905