Frankie4 Holdings Pty Ltd, FrankieB Pty Ltd, and All Podiatry Pty Ltd, collectively trading as Frankie4, are committed to respecting your right to privacy and protecting your personal information.

We are bound by the Privacy Act 1988 (Cth) (Act) and the Australian Privacy Principles set out in the Act. If you are located in, or are a citizen of the European Union, you may have additional rights under the European Union General Data Protection Regulation (GDPR).

We will ensure that all officers, employees and subcontractors are aware of and understand Frankie4’s obligations as well as their own obligations under the Act. We will achieve this through the provision of training and through maintaining and implementing internal policies and procedures to prevent personal information from being collected, used, disclosed, retained, accessed or disposed of improperly.

This Policy applies to all your dealings with us, whether in person, or via telephone, email, correspondence or our website.

The purpose of this Policy is to:

• Give you a better and more complete understanding of the kinds of personal information we collect and hold;
• Clearly and concisely communicate how and when we collect, disclose, use, store and otherwise handle personal information;
• Inform you about the purposes for which we collect, hold, use and disclose personal information;
• Provide you with information about how you may access your personal information, and seek correction of your personal information;
• Provide you with information about how you may make a complaint, and how we will deal with any such complaint;
• Advise you of the circumstances in which we are likely to disclose personal information to overseas recipients; and
• Enhance the transparency of our operations.

For the purpose of this Policy, the following terms will have the following meanings, as attributed to them by section 6 of the Act:

Health information means:

(a) Information or an opinion about:

1. The health or disability (at any time) of an individual; or
2. An individual’s expressed wishes about the future provision of health services to him or her; or
3. A health service provided, or to be provided, to an individual;

that is also personal information; or

(b) Other personal information collected to provide, or in providing, a health service; or
(c) Other personal information about an individual collected in connection with the donation, or intended donation, by the individual of his or her body parts, organs or body substances; or
(d) Genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual.

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.

Sensitive information means:

(a) Information or an opinion about an individual’s:

1. Racial or ethnic origin; or
2. Political opinions; or
3. Membership of a political association; or
4. Religious beliefs or affiliations; or
5. Philosophical beliefs; or
6. Membership of a professional or trade association; or
7. Membership of a trade union; or
8. Sexual orientation or practices; or
9. Criminal record

that is also personal information; or

(b) Health information about an individual; or
(c) Genetic information about an individual that is not otherwise health information; or
(d) Biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
(e) Biometric templates.

Whenever prospective, current or former clients and customers deal with Frankie4, we will collect personal information in order to provide goods or services to you. We do not collect personal information unless it is reasonably necessary for, or directly related to, one or more of the goods or services we provide or functions we carry out.

The types of personal information we generally collect about prospective, current and former clients and customers includes but is not limited to:

• Name.
• Profession.
• Postal address.
• Name of workplace and/or business address.
• Email address.
• Telephone number.
• Date of birth.
• Financial information including credit card details or details of your bank or financial institution account. Any such financial information is destroyed immediately after we have processed your payment.   

Whenever prospective, current or former employees or contractors deal with Frankie4, we will collect personal information in order to assess job applicants, process payments of salary and superannuation, take out appropriate insurance, and otherwise administer the employer/employee or principal/contractor relationship.

The types of personal information we generally collect about prospective, current and former employees and contractors includes but is not limited to:

• Name.
• Residential address.
• Postal address.
• Email address.
• Work telephone number.
• Mobile telephone number.
• Your occupation and business address.
• Your bank account details.
• Your tax file number, ABN and/or ACN.
• Details of current and former employers, details of current salary, and details of referees.
• Academic transcripts.
• Medical certificates and other documentation relevant to personal or carers leave.
• Medical records, rehabilitation records and other documentation relevant to workers compensation claims.

We will not ordinarily ask you to provide sensitive information. However, there may be circumstances where the information provided by you reveals sensitive information. For example, you may require Frankie4 to custom-design a product with particular features. This may reveal health information about you.

We will only collect sensitive information in circumstances where:

• It is reasonably necessary for one or more of the goods or services we provide or functions we carry out; and
• You consent to the collection of the information; or
• We are required or authorised by law to collect the sensitive information.

We will, if it is reasonable or practicable to do so, collect your personal information directly from you. This may happen when you fill out a form or when you give us personal information in person, or via telephone, email, correspondence or our website.

Sometimes we will collect personal information from a third party or a publicly available source. For example, we may need to collect personal information from Mailchimp, Shopify, from a credit reporting agency or from a former employer.

If we receive personal information that we did not solicit, we will determine as soon as reasonably practicable whether we could have lawfully collected that information as part of our functions or activities. If we are not satisfied that we could have lawfully collected the information, then we will (if it is lawful and reasonable) destroy the information or ensure that it is de-identified.

You may choose to deal with us anonymously or under a pseudonym where lawful and practical. Where anonymity or use of a pseudonym will render us unable to provide the relevant goods or services or do business, we may request that you identify yourself.

For example, whenever documents are to be submitted to government agencies or financial institutions, it is essential that we record your name accurately.

Personal information collected by Frankie4 will ordinarily be used for the following purposes:

• Providing you with the goods or services requested.
• Warranty claims.
• Product recall notifications.
• Recording or accessing information on a credit reporting database.
• Client and business relationship management.
• Marketing of products and services to you.

In order to achieve the purposes described above, we may disclose your personal information to the persons/organisations described below:

• Persons or organisations involved in providing your product or service, or components of your product or service, including independent contractors engaged by us.
• Companies in the Frankie4 Group.
• Government agencies or other persons/organisations involved in product safety recalls.
• Credit reporting agencies.   
• Organisations involved in maintaining, reviewing and developing our business systems, procedures and infrastructure including maintaining or upgrading our computer systems, e-commerce platform, and marketing platform.
• Persons or organisations involved in purchasing part or all of our business.
• Organisations involved in the payments systems including financial institutions, merchants and payment organisations.

We will only use and disclose personal information for the primary purpose for which it was initially collected, or for purposes which are directly related to one of our functions or activities.

We will not disclose your personal information to government agencies, private sector organisations or any third parties unless one of the following applies:

• You have consented.
• You would reasonably expect, or you have been told, that information of that kind is usually passed to those individuals, bodies or agencies.
• It is otherwise required or authorised by law.
• It is reasonably necessary for enforcement related activities conducted by, or on behalf of, an enforcement body (eg. police, ASIC, Immigration Department).

Personal information provided to Frankie4 may be shared with its related companies.  We will take all reasonable and practical measures to keep such information strictly confidential.

In the course of providing goods or services to you, it may be necessary for us to enter your personal information into third party software and websites. Depending on the terms of use of such software and websites, a third party may acquire rights to use or disclose information entered into the relevant software or websites.

The collection and use of personal information by third parties may be subject to separate privacy policies or the laws of other jurisdictions.

In order to perform one or more of our functions or activities, Frankie4 may transfer your personal information to service providers, including warehousing and logistics providers outside Australia. These countries include, but are not limited to, Belgium, Germany, Netherlands and New Zealand.

Whenever we transfer your personal information overseas, we will take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to the information.    

Like many other businesses in Australia, Frankie4 may rely on third party suppliers or contractors to provide specialised services such as web hosting, cloud computing technology, data storage services, marketing services and e-commerce services. Those third party suppliers or contractors may be based overseas. If personal information is provided to these suppliers and contractors in order to enable them to perform the agreed tasks, we will make every effort to ensure that the supplier or contractor handles the personal information in accordance with the Act and the Australian Privacy Principles.  We will also require all suppliers and contractors to provide privacy undertakings and enter into confidentiality agreements.

There may be limited circumstances in which it is necessary for us to collect a government related identifier such as your tax file number, ABN or ACN. We will not use or disclose your government related identifiers unless we are required or authorised to do so by law or by a court or tribunal order, or in order to fulfill our obligations to a State or Territory authority.

Frankie4 may use or disclose your personal information to let you know about products and services in which you may be interested. You can contact us at any time if you no longer wish us to market our products and services to you (see the Contacting Us section for more information).

Accuracy of Personal Information

Frankie4 will take reasonable steps to ensure that all personal information it collects, uses or discloses is accurate, complete and up-to-date.

If you believe your personal information is not accurate, complete or up-to-date, please contact us (see the Contacting Us section for more information).

Your personal information may be stored in hard copy documents or electronically. Frankie4 is committed to keeping your personal information secure and safe. Some of the ways we do this are:

• Requiring employees and contractors to enter into confidentiality agreements.
• Secure hard copy document storage (i.e. storing hard copy documents in locked filing cabinets).
• Security measures for access to our computer systems.
• Providing a discreet environment for confidential discussions.
• Access control for our buildings.
• Security measures for our websites (see the Your Privacy on the Internet section for more information).

We will review and update our security measures from time to time.

In addition, we will review the personal information and sensitive information held by us from time to time, ensuring that information which is no longer needed for a purpose for which it was initially collected is destroyed or de-identified.

Frankie4 takes care to ensure that the information you provide to us via our website is protected. For example, our website has electronic security systems in place, including the use of firewalls and data encryption.

You may be able to access external websites by clicking on links we have provided on our website. Those other websites are not subject to our privacy standards, policies and procedures. You will need to contact or review those websites directly to ascertain their privacy standards, policies and procedures.

You may request access to personal information that Frankie4 holds about you (see the Contacting Us section for more information).

We will acknowledge your request within 5 business days of the request being made.  Access will usually be granted within 10 business days of our acknowledgment or, if the request involves complex considerations or voluminous photocopying or scanning, within 15 business days.  We will let you know which timeframe applies to your request and if any delays are anticipated.

You will need to verify your identity before access to your personal information is granted.

While we cannot and do not charge an “application fee” for you applying to access your personal information, we may charge a fee for actually giving you access to your personal information in your preferred format (where reasonable and possible), which will cover our costs involved in locating and collating information as well as reproduction costs.

Once your request has been processed by Frankie4, you may be forwarded the information by mail or email or you may personally inspect it at the location where the information is held or another appropriate place. Whenever possible, we will endeavour to make the information available to you in the manner requested by you unless it is unreasonable for us to do so (eg. if you have asked for the information to be emailed to you, we will endeavour to email the information to you. If the file size would be too large, we may send you the information by hard copy instead of email).

If you are aware that we hold personal information about you that is no longer accurate, complete or up-to-date, please contact us (see the Contacting Us section for more information).

If you request access to your personal information, or if you request that we correct your personal information, we will allow access or make the correction unless we consider that there is a sound reason to withhold the information, or not make the correction.

Under the Act, we may refuse to grant access to personal information if:

• We believe that granting access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety.
• Granting access would have an unreasonable impact upon the privacy of other individuals.
• Denial of access is required or authorised by law or by a Court or Tribunal order.
• Giving access would be unlawful.
• The request for access is frivolous or vexatious.
• Legal proceedings are underway or anticipated and the information would not be accessible by way of the discovery process in those proceedings.
• Giving access would reveal our intentions in relation to negotiations between us and you in such a way as to prejudice those negotiations.
• Giving access is likely to prejudice enforcement related activities conducted by, or on behalf of, an enforcement body.
• Giving access is likely to prejudice action being taken or to be taken with respect to suspected unlawful activity or serious misconduct relating to our functions or activities.
• Giving access would reveal information in connection with a commercially sensitive decision making process.

If we do not agree to make a correction to your personal information, you may provide a statement about the requested corrections, and we will ensure that the statement is apparent to any users of the relevant personal information.

If we do not agree to provide access to your personal information or to correct your personal information, we will provide written reasons for the refusal and the mechanisms available to complain about the refusal (see the Complaints section for more information).

If your personal information is governed by the GDPR, you may have additional rights as set out below:

1. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
   
   
2. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
   
   
3. Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information in the following scenarios:
   

   (i) If you want us to establish the information’s accuracy.
   (ii) Where our use of the information is unlawful but you do not want us to erase it.
   (iii) Where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims.
   (iv) You have objected to our use of your information but we need to verify whether we have overriding legitimate grounds to use it.

4. Request the transfer of your personal information to you or to a third party. We will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
   
   
5. Withdraw consent at any time where we are relying on consent to process your personal information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

Frankie4 is bound by Part IIIA of the Act and the Credit Reporting Privacy Code (Code). In accordance with the requirements of the Act and the Code, Frankie4 has a separate policy regarding credit information and credit reporting.

The most up-to-date version of Frankie4’s Credit Information and Credit Reporting Policy is available on our website: https://frankie4.com.au/

You may contact us by mail, email or telephone as follows:

A: 260 Moggill Road, Indooroopilly, QLD 4068

E: info@frankie4.com.au

P: 1300 721 898

If you consider that there has been a breach of the Australian Privacy Principles, you are entitled to complain to Frankie4 (see the Contacting Us section for more information).

We will acknowledge receipt of a complaint within 2 business days.    

We will investigate the complaint and attempt to resolve it within 20 business days after the complaint was received.  Where it is anticipated that this timeframe is not achievable, we will contact you to provide an estimate of how long it will take to investigate and respond to the complaint.

If you consider that we have not adequately dealt with a complaint, you may complain to the Office of the Australian Information Commissioner on the below details:

A: Officer of the Australian Information Commissioner (OAIC), GPO Box 5218, SYDNEY  NSW 2001

E: enquiries@oaic.gov.au

P: 1300 363 992

This policy is to be reviewed as follows:

• Annually as a minimum.
• Following an information security incident.
• Following significant changes to our systems.
• Following changes to the relevant State and Commonwealth legislation

Reviews are to examine the appropriateness of the policy taking into consideration corporate, system and compliance requirement changes since the last review was undertaken.