Privacy Policy

About this Privacy Policy

At 28 by Sam Wood (28) ABN 72 613 925 830 we recognise the importance of your privacy and understand your concerns about the security of the Personal Information you provide to us. We comply with the Australian Privacy Principles (APPs) as contained in the Privacy Act 1988 (Cth). The APPs detail how Personal Information may be collected, used, disclosed, stored and destroyed, and how an individual may gain access to or make complaints about the Personal Information held about them.

This policy details how 28 manages Personal Information about you (including at times health information). This Privacy Policy applies to all Personal Information submitted to or collected by 28 through the 28 By Sam Wood Website, the Lucky Duck Club website or social media sites, or where you otherwise contact or interact with us through other forms of communication.

In the course of doing business with you, the collection of Personal Information in some instances is necessary or unavoidable.

By submitting Personal Information to us (including via our websites or social media sites or purchasing and using our goods and/or services), you accept the terms of this Privacy Policy, and consent to our use, collection, disclosure and retention of Personal Information.

We may, at any time and at our discretion, vary this Privacy Policy by publishing the amended Privacy Policy on our website. We will take reasonable steps to notify you of any changes to our Privacy Policy. However, we recommend you check our website regularly to ensure you are aware of our current Privacy Policy.

We do not, and do not intend to, transact directly with anyone we know to be under the age of 15. By providing any Personal Information to us, you declare that you are over the age of 15. If you are under the age of 15, you should use your website or otherwise transact with us only with the consent of a parent or guardian and should not submit any Personal Information to us.

What Personal Information we collect and hold

The kinds of Personal Information we collect from you or about you depend on the transaction you have entered into with us, the services you have contracted us to provide, and the services you are interested in or the information you have requested.

“Personal Information” generally means information or opinions about an individual who is reasonably identifiable from that information.

The types of information we collect about you are:

  • Identity Data including your name, age, photographic identification.
  • Contact Data including your address and email.
  • Financial Data including bank account and payment card details (through our third party payment processor who stores such information).
  • Profile Data including your username and password the 28 by Sam Wood app.
  • Transaction Data including details about payments to you from us and from you to us and other details
  • Interaction Data including information you provide to us when you participate in any interactive features, including surveys, contests, promotions, activities or events.
  • Marketing and Communications Data including your preferences in receiving marketing from us and our third parties and your communication preferences.
  • Technical and Usage Data when you access any of our websites or platforms, details about your internet protocol (IP) address, login data, browser session and geo-location data, statistics on page views and sessions, device and network information, acquisition sources, search queries and/or browsing behaviour, access and use of our website (including through the use of Internet cookies or analytics), and communications with our website.
  • Professional Data including where you are a worker of ours or applying for a role with us, your professional history such as your previous positions and professional experience.

“Sensitive Information” is a sub-set of personal information, which includes health information, that is given a higher level of protection.

The types of Sensitive Information we collect include:

  • health information, such as your weight, height and Body Mass Index;
  • your fitness history; and
  • images of you.

We will generally only collect Sensitive Information with your consent or where permitted by law.

How we collect and hold Personal Information

We aim to collect Personal Information only directly from you, unless it is unreasonable or impracticable for us to do so.

For example, we collect Personal Information from you or about you from information you submit to us, emails, surveys, telephone calls with us, and from your activity on our Site and social media platforms. When you browse the 28 by Sam Wood (Site), Lucky Duck Club website  or contact us electronically, we may and you consent to us collecting your Technical and Usage Data.

Cookies are an industry standard and most major web sites use them. A cookie is a small text file that our site may place on your computer as a tool to remember your preferences. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of the Site.

Google Analytics: We may use Google Analytics Advertising Features. We and third- party vendors may use first-party cookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) or other third-party identifiers together. These cookies and identifiers may collect Technical and Usage Data about you.

You can opt-out of Google Analytics Advertising Features including using a Google Analytics Opt-out Browser add-on found here. To opt-out of personalised ad delivery on the Google content network, please visit Google’s Ads Preferences Manager here or if you wish to opt-out permanently even when all cookies are deleted from your browser you can install their plugin here. To opt out of interest- based ads on mobile devices, please follow these instructions for your mobile device: On android open the Google Settings app on your device and select “ads” to control the settings. On iOS devices with iOS 6 and above use Apple’s advertising identifier. To learn more about limiting ad tracking using this identifier, visit the settings menu on your device.

To find out how Google uses data when you use third party websites or applications, please see here.

You can be anonymous or use a pseudonym when dealing with us, unless:

  • the use of your true identity is a legal requirement; or
  • it is impracticable for us to deal with you on such basis.

If you choose to withhold any Personal Information, we may not be able to provide you with part or all of our products or services or resolve a particular matter raised by you.

Why we collect, hold, and use Personal Information

We collect, hold, use and disclose your Personal Information for the following purposes:

  • to enable you to access and use our Site and the App, including to provide you with a login;
  • to provide our services to you;
  • to contact and communicate with you about our business, including in response to any support requests you lodge with us or other enquiries you make with us;
  • to contact and communicate with you about any enquiries you make with us via any website we operate;
  • for internal record keeping, administrative, invoicing and billing purposes;
  • for analytics, market research and business development, including to operate and improve our business, associated applications and associated social media platforms;
  • for advertising and marketing, including to send you promotional information about our events and experiences and information that we consider may be of interest to you, noting you can opt out of receiving any such communications by using the “unsubscribe” button;
  • to run promotions, competitions and/or offer additional benefits to you;
  • if you have applied for employment with us, to consider your employment application; and
  • to comply with our legal obligations or if otherwise required or authorised by law.

We only collect, hold, use and disclose Sensitive Information for:

  • the primary purpose for which it is collected, being to provide our services to you;
  • any purpose you consent to;
  • secondary purposes that are directly related to the primary purpose for which it was collected, including disclosure to the below listed third parties as reasonably necessary to do business with you;
  • to contact emergency services, or to speak with your family, partner or support person where we reasonably believe there is a serious risk to the life, health or safety of you or another person and it is impracticable for us to obtain your consent; and
  • if otherwise required or authorised by law.

How your Personal Information may be Disclosed

We will only disclose Personal Information (excluding Sensitive Information) to third parties where it is necessary as part of our business, where we have your consent, or where permitted by law. This means that we may disclose Personal Information to:

  • our employees, contractors and/or related entities, as defined in the Corporations Act 2001 (Cth);
  • if we merge with, or are acquired buy, another company, or sell all or a portion of our assets, our advisers and any prospective purchaser’s advisers;
  • our IT service providers, data storage, web-hosting and other service providers who perform services on our behalf based on our instructions;
  • our professional advisers such as accountants, lawyers and auditors;
  • payment systems operators or processors;
  • third parties to collect and process data, such as analytics providers and cookies;
  • sponsors or organisations that partner with us, for example for any promotion or competition we run;
  • advertising companies we work with to serve advertisements on our behalf.

In addition, we may disclose Personal Information about you if we are required to do so by law, or in connection with an investigation of suspected or actual fraudulent or illegal activity, or with your consent.

We will only disclose Sensitive Information with your consent or where permitted by law.

How we hold and store Personal Information

We store your personal information in Australia. Where we disclose your personal information to third parties, those third parties may store, transfer or access personal information outside of Australia, including but not limited to, New Zealand. We will only disclose your personal information overseas in accordance with the Australian Privacy Principles.

We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk.

Destruction and de-identification

We will retain your Personal Information whilst it is required for any of our business functions, or for any other lawful purpose. We may retain your Personal Information even after you have completed your transactions with us if retention is reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes, prevent fraud or abuse or enforce this Privacy Policy and our terms and conditions.

We use secure methods to destroy or to permanently de-identify your Personal Information when it is no longer needed:

  • Paper records are shredded or destroyed securely.
  • Electronic records are deleted from all locations, to the best of our ability, or encrypted and/or placed beyond use.

Overseas disclosure

In offering and providing our products and services, your Personal Information may be transferred, stored or processed outside of Australia (such as New Zealand). Those countries may not have the same data protection laws as Australia, and your Personal Information will be subject to applicable foreign laws. When we transfer your Personal Information to other countries, we will protect that information in the manner described in this Privacy Policy. We will also comply with applicable legal requirements providing adequate protection for the transfer of Personal Information, such as the conclusion of data transfer agreements, or other applicable data transfer mechanisms.

Requests for access and correction

You have the right to request access to the Personal Information we maintain about you, to update and correct inaccuracies in your Personal Information, and to have the Personal Information deleted. You may request to access or correct or delete your Personal Information by emailing us at privacy@28bysamwood.com.

In most cases, we expect that we will be able to comply with your request. However, there are some circumstances, we may not be in a position to grant access to your Personal Information, such circumstances include where providing access is likely to pose a serious threat to the safety of an individual or the public, or granting access would impact on a commercially sensitive decision-making process.

In most cases, we expect that we will be able to comply with your request. However, if we do not agree to provide you access or to correct the information as requested, we will give you written reasons why. For further information, please see contact us.

To assist us to keep our records up-to-date, please notify us of any changes to your Personal Information.

Links to other websites

Our websites may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other sites. When you go to other websites from here, we advise you to be aware and read their privacy policy. Our websites uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.

Complaints and concerns

We have procedures in place for dealing complaints and concerns about our practices in relation to the Privacy Act and the APPs.

Our response will be in accordance with the relevant provisions of the APPs.

Our contact details are:

28 by Sam Wood Pty Ltd
privacy@28bysamwood.com

The Lucky Duck club

privacy@28bysamwood.com

If you believe we have not adequately dealt with your complaint, you may complain to the Privacy Commissioner, whose contact details are found on their website http://www.oaic.gov.au/.

Last updated 15th October 2024.