PRIVACY POLICY

 

1. PRIVACY STATEMENT

1.1 2XU Pty Ltd (ABN 85 112 308 602) and its related bodies corporate (together, 2XU, we, us and our) respect your privacy and are committed to protecting your personal information. Our privacy policy outlines our approach to privacy and how we collect, use and protect your personal information. It also sets out your rights in relation to accessing the personal information we collect and hold about you. We are bound by the Australian Privacy Principles (or APPs) in the Privacy Act 1988 (Cth) and the General Data Protection Regulation (GDPR), as amended from time to time (collectively Regulation).

1.2 Personal information is defined in the Regulation and is information or an opinion about an identified individual or an individual who is reasonably identifiable. Examples include an individual's name, address, contact number and email address.

1.3 Our Website (www.2xu.com) may contain links to third party websites. We are not responsible for the privacy policies of any third party websites. We recommend that you review the privacy policy of each website you visit.

 

2. COLLECTION OF PERSONAL INFORMATION

2.1 We may collect personal information in a variety of ways, including:
(a) from you directly (such as when you interact with us in writing, electronically or by telephone);
(b) when you visit and communicate with us through our Website or social media sites;
(c) when you complete a transaction with us; or
(c) when you participate in any competition or promotion run by us.

2.2 The kinds of personal information that we collect and hold about you will depend on the circumstances of collection, including whether we collect the information from you as a consumer, supplier, contractor, job applicant or in some other capacity. For example, if you are a consumer, we may collect:
(a) your name;
(b) your contact details including your email, home/delivery address and billing address;
(c) your payment details; and
(d) other personal information that we collect in the course of a transaction or that you provide to us when you contact us.
If you deal with us in some other capacity (for example, as a supplier, contractor or job applicant), we may collect your name and contact details and any other information you choose to provide to us. We may also collect details of the interactions that you have with us.

2.3 We only collect sensitive information (also called special categories of personal data) in circumstances where you consent to the collection of this information (unless we are otherwise required or authorised by or under law to do so). Sensitive information includes health information and information about a person's race, ethnic origin, political opinions, membership of political, professional or trade associations or a trade union, religious beliefs and criminal history. In the event consent was given, you have the right to withdraw such consent given at any time by sending a written notice or e-mail to us. See contact details below.

2.4 Sometimes, we may collect personal information from third parties. If you provide us with personal information about another person, please make sure you tell them about this privacy policy.

2.5 If you are or become an employee of 2XU, the handling of your personal information may be exempt from the APPs and the Regulation if it is directly related to your current or former employment relationship with us.

 

3. COOKIES

3.1 When you visit our Website, we, and/or third parties, may place cookies on your browser to enhance and manage our website and improve our business and the services we provide to you. We, third parties and/or Google may use this information to optimise and place advertisements, including advertisements of third party vendors and remarketing advertisements based on past visits to this Website, on our own and third party websites. Google’s ability to use and share information collected by Google Analytics is restricted by the Google Analytics Terms of Use and Privacy Policy. For further details please refer to our Cookie Policy.

 

4. USING AND DISCLOSING YOUR PERSONAL INFORMATION AND LAWFUL BASIS OF PROCESSING

4.1 We collect and use personal information for a range of purposes, including to:
(a) supply our products and process payment for our products;
(b) respond to your inquiries and provide you with information about, or samples of, our products;
(c) if you enter one of our competitions or promotions, administer your participation in that competition or promotion;
(d) deal with any complaints or feedback you have;
(e) conduct research and development;
(f) manage our relationships with our business customers, suppliers and contractors; and
(g) consider job applicants for current and future employment.

4.2 We may use your information for other purposes required or authorised by or under law (including purposes for which you have provided your consent),for the purpose of other legitimate interests or in order to comply with a legal duty imposed on us.

4.3 If 2XU is unable to collect personal information from or about you, we may not be able to respond to your inquiries or requests or do business with you.

4.4 We may use your personal information to contact you with 2XU news, offers and information about our products and events. In particular, when you register with our Website, you consent to us using your personal information, such as your email address, for direct marketing purposes. This includes sending you promotional emails. You can opt out of receiving direct marketing communications at any time by using the unsubscribe function located on every eDM (Electronic Direct Mail) or by contacting us (using the contact details at the end of this policy).

4.5 In conducting our business, we may sometimes need to disclose personal information to third parties. These include, where appropriate, our related bodies corporate and third parties that provide services to us, including third parties that provide our payment gateway, marketing, logistics and technology support services. We may also disclose your personal information to other third parties and for other purposes where we are required or authorised by or under law to do so (including where you have provided your consent).

4.6 Some of our related bodies corporate and service providers are located overseas. As a result, personal information collected and held by us may be transferred outside Australia to countries without an adequate data protection level (including to the USA, New Zealand & Canada).

The transfer of personal data to such a country shall only take place if contractual clauses (e.g. the EU Model Clauses, Privacy Shield, etc. ) have been put into place.

 

5. DATA PROCESSING RULES

We process your personal information in compliance with the Regulation which is based on the processing principles set out below. Personal information must be:
(a) processed lawfully, fairly, and in a transparent manner;
(b) collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
(c) adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
(d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the pur-poses for which they are processed, is erased or rectified without delay;
(e) kept in a form which permits identification for no longer than is necessary for the purposes for which the personal data is processed;
(f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organi-zational measures.

 

6. SECURITY OF YOUR PERSONAL INFORMATION

We take reasonable steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse. This includes taking appropriate security and organisational measures to protect electronic materials and materials stored and generated in hard copy.

 

7. YOUR RIGHTS

Under the Regulation you have the following rights:
(a) the right to be informed about the collection and use of personal data by us;
(b) the right of access to the personal data we hold about you;
(c) the right to rectification if any personal data we hold about you is inaccurate or incomplete;
(d) the right to be forgotten – i.e. the right to ask us to delete any personal information we hold about you;
(e) the right to restrict (i.e. prevent) the processing of the personal information;
(f) the right to data portability (obtaining a copy of the personal data to re-use with another service or organization);
(g) the right to object to us using the personal information for particular purposes; and
(h) rights with respect to automated decision making and profiling (where applicable).

 

8. COMPLAINTS

Please contact us (using the contact details at the end of this policy) if you have any concerns or complaints about the manner in which 2XU has collected or handled your personal information. 2XU will inquire into your complaint and respond to you in writing within 30 days. If you are not satisfied with our response, you can contact us to discuss your concerns or lodge a complaint with the Australian Information Commissioner (www.oaic.gov.au) or any other competent supervisory authority in the EU (e.g. https://ico.org.uk/).

 

9. CONTACT DETAILS AND ADDITIONAL INFORMATION

If you would like more information about 2XU's approach to privacy, or if you wish to contact us regarding the information set out in this policy, please contact us:
• by phone on +61 3 9819 9700
• by email at data.privacy@2xu.com
• by post at 243 Burwood Rd, Hawthorn VIC 3122, AUSTRALIA-=00]=[]\=

 

10. CHANGE TO THIS POLICY

We may amend this policy from time to time at our discretion. Amended versions will be posted on our website at www.2xu.com.au.
Privacy Policy last updated in May 2018.