Privacy Policy

In this Privacy Policy, “us”, “we” or “our” means Skoosh Pty Ltd (ABN 51 430 288 993). We are committed to respecting your privacy. Our Privacy Policy sets out how we collect, use, store and disclose your personal information. We are bound by the Australian Privacy Principles contained in the Privacy Act and by various other state and territory privacy and data protection legislation, to the extent that they apply to us.

By providing personal information to us, you consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy and any other arrangements that apply between us. We may change our Privacy Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy.

Personal information includes information or an opinion about an individual that is reasonably identifiable. For example, this may include your name, age, gender, postcode and contact details. It may also include financial information, including your credit card information. We may also collect sensitive information, including information about your health, in connection with the provision of our products and services to you and your Related Entities.

Skoosh collects personal information from the following classes of people:

  • Users: who are employees or other representatives of Related Entities;
  • Members: who have a membership with, are employed by, or otherwise have some form of relationship with a Related Entity; and
  • Other Individuals: who are not users of Skoosh products or services but who interact with Skoosh in the course of our business.

For the purposes of this Privacy Policy “Related Entity” means a client of Skoosh that has a relationship with a Member, for example where the Member is an employee of the Related Entity, or the Related Entity is a sporting club, player association or sporting governing body and the Member is an athlete signed to the sporting club, a member of the player association, or competes in a competition conducted by the governing body.

We may collect personal information from individuals in connection with more than one of the above categories, depending on how you interact with us, and our products and services. We have provided specific guidance as to how we collect, use, and disclose personal information for each of these categories. General terms that apply to all categories are set out at the bottom of this policy. We recommend you review this policy in full to understand how your personal information may be collected, used, and disclosed.

Users

Skoosh’s products and services are used by a variety of entities (including sporting competitions and clubs, player associations and employers) to manage the information of their Members. Employees and contractors of these entities may interact with Skoosh’s products and services in connection with the performance of their employment or engagement and Skoosh may collect personal information from those persons when they do so. We may also collect personal information from you when you enquire about Skoosh products or services.

What personal information do we collect from Users?

We may collect the following types of personal information from Users:

  • name;
  • mailing or street address;
  • email address;
  • telephone number and other contact details;
  • age or date of birth;
  • employer and employment details;
  • provider number;
  • login times and locations, and information on which parts of Skoosh products and services you have accessed and when;
  • your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, network IP address and standard web log information;
  • details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries;
  • any additional information relating to you that you provide to us directly through our website or app or indirectly through your use of our website or app or online presence or through other websites or accounts from which you permit us to collect information;
  • information you provide to us through customer surveys; or
  • any other personal information that may be required in order to facilitate your dealings with us.

We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you:

  • enquire about or sign up for Skoosh’s products or services;
  • create an account in a Skoosh product or service;
  • interact with or use a Skoosh product or service;
  • communicate with us through correspondence, chats, email, or when you share information with us from other social applications, services or websites; or
  • interact with our sites, services (including AthleteDS and CoachingDS), content and advertising.

Why do we collect, use and disclose personal information of Users?

We may collect, hold, use and disclose your personal information for the following purposes:

  • to enable Related Entities to receive the benefit of our products and services;
  • to operate, protect, improve and optimise our services, websites, apps, business, and our users’ experience, such as to perform analytics, conduct research and for advertising and marketing;
  • to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
  • to send you marketing and promotional messages and other information that may be of interest to you, including information sent on behalf of our business partners that we think you may find interesting;
  • to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners; and
  • to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties.

To whom do we disclose personal information of Users?

We may disclose personal information for the purposes described in this privacy policy to:

  • the entity through which you are permitted to access our products and services;
  • our employees and related bodies corporate;
  • third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you);
  • professional advisers, dealers and agents;
  • payment systems operators (eg merchants receiving card payments);
  • our existing or potential agents, business partners or partners;
  • specific third parties authorised by you to receive information held by us; and/or
  • other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.

Members

Skoosh products and services are used to manage the information of individuals. When you create an account or otherwise interact with Skoosh products and services we may collect personal information from you, including sensitive health information. We may also collect information about you from Users who act on behalf of your Related Entities.

What personal information do we collect from Members?

We may collect the following types of personal information from Members:

  • name;
  • mailing or street address;
  • email address;
  • telephone number and other contact details;
  • age or date of birth;
  • credit card information;
  • health information such as clinical conditions, health metrics, medications, and treatment plans;
  • login times and locations, and information on which parts of Skoosh products and services you have accessed and when;
  • your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, network IP address and standard web log information;
  • details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries;
  • any additional information relating to you that you provide to us directly through our website or app or indirectly through your use of our website or app or online presence or through other websites or accounts from which you permit us to collect information;
  • information you provide to us through customer surveys; or
  • any other personal information that may be required in order to facilitate your dealings with us.

We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you or a User:

  • create an account in a Skoosh product or service;
  • create a record relating to you in a Skoosh product or service
  • interact with or use a Skoosh product or service;
  • communicate with us through correspondence, chats, email, or when you share information with us from other social applications, services or websites; or
  • interact with our sites, services (including AthleteDS and CoachingDS), content and advertising.

In addition to this you expressly consent to us collecting personal information about you from your Related Entities, including receiving medical and other sensitive information from your Related Entities.

Why do we collect, use and disclose personal information of Members?

We may collect, hold, use and disclose your personal information for the following purposes:

  • to assist you and your Related Entities to better manage information relating to the relationship between you and your Related Entities and to assist in the delivery of services to you by the Related Entities;
  • to operate, protect, improve and optimise our services, website and app, business and our users’ experience, such as to perform analytics, conduct research and for advertising and marketing;
  • to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
  • to send you marketing and promotional messages and other information that may be of interest to you, including information sent on behalf of our business partners that we think you may find interesting;
  • to administer surveys managed by us or our business partners; and
  • to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties.

To whom do we disclose personal information of Members?

We may disclose personal information for the purposes described in this privacy policy to:

  • our employees and related bodies corporate;
  • your Related Entities;
  • third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you);
  • professional advisers, dealers and agents;
  • payment systems operators (eg merchants receiving card payments);
  • our existing or potential agents, business partners or partners;
  • specific third parties authorised by you to receive information held by us; and/or
  • other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.

Other Individuals

We may collect personal information from you when you interact with our business other than via the use of, or in relation to, our products and services.

What personal information do we collect from Other Individuals?

We may collect the following types of personal information from Members:

  • name;
  • mailing or street address;
  • email address;
  • telephone number and other contact details;
  • age or date of birth;
  • credit card information;
  • your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, network IP address and standard web log information;
  • details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries;
  • any additional information relating to you that you provide to us directly through our website or app or indirectly through your use of our website or app or online presence or through other websites or accounts from which you permit us to collect information;
  • information you provide to us through customer surveys; or
  • any other personal information that may be required in order to facilitate your dealings with us.

We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you:

  • sign up for any of our products or services;
  • communicate with us through correspondence, chats, email, or when you share information with us from other social applications, services or websites;
  • interact with our sites, services, content and advertising; or
  • invest in our business or enquire as to a potential purchase in our business.

In addition, when you apply for a job or position with us we may collect certain information from you (including your name, contact details, working history and relevant records checks) from any recruitment consultant, your previous employers and others who may be able to provide information to us to assist in our decision on whether or not to make you an offer of employment or engage you under a contract. This Privacy Policy does not apply to acts and practices in relation to employee records of our current and former employees, which are exempt from the Privacy Act.

Why do we collect, use and disclose personal information of Other Individuals?

We may collect, hold, use and disclose your personal information for the following purposes:

  • to enable you to access and use our services, website, and app;
  • to operate, protect, improve and optimise our services, website and app, business and our users’ experience, such as to perform analytics, conduct research and for advertising and marketing;
  • to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
  • to send you marketing and promotional messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting;
  • to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
  • to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties; and
  • to consider your employment application.

To whom do we disclose personal information of Other Individuals?

We may disclose personal information for the purposes described in this privacy policy to:

  • our employees and related bodies corporate;
  • third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you);
  • professional advisers, dealers and agents;
  • payment systems operators (eg merchants receiving card payments);
  • our existing or potential agents, business partners or partners;
  • specific third parties authorised by you to receive information held by us; and/or
  • other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.

The following terms apply to all classes of individual from whom we collect personal information.

Deidentifying Data

You agree that we may compile and deidentify data that we hold (including personal information), and may use such deidentified data for any purpose. We will comply with OAIC Guidelines in connection with any deidentification.

Do we use your personal information for direct marketing?

We may send you direct marketing communications and information about our services or products. This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act and the Privacy Act. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (eg an unsubscribe link). We will not pass your personal information on to third parties for the purposes of direct marketing without your express prior consent.

Disclosure of personal information outside Australia

We may disclose personal information outside of Australia. We will take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Australian Privacy Principles.

Using our website and cookies

We may collect personal information about you when you use and access our website (as opposed to when you use a Skoosh product or service, which is covered in more detail in the relevant category descriptions above).

While we do not use general website browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.

We may also use 'cookies' or other similar tracking technologies on our website that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but our websites may not work as intended for you if you do so.

We may also use cookies both via our website and services delivered via the website (including AthleteDS and Coaching DS) to enable us to collect data that may include personal information. For example, where a cookie is linked to your account, it will be considered personal information under the Privacy Act. We will handle any personal information collected by cookies in the same way that we handle all other personal information as described in this Privacy Policy.

Security

We may hold your personal information in either electronic or hard copy form. We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information. For example, sensitive personal information is encrypted. All other access is controlled by access rules and security tokens. We limit access to information on a need to know basis, and keep physical files locked to prevent unauthorised access. However, we cannot guarantee the security of your personal information.

Links

Our website may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites. The privacy policies that apply to those other websites may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites.

Accessing or correcting your personal information

You can access the personal information we hold about you by contacting us using the information below. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information.

If you think that any personal information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.

Notifiable data breaches

We are governed by the Privacy Act 1988 (Cth). If there is a data breach with respect to your personal information (determined based on meeting the following criteria):

  • there is unauthorised access to or disclosure of your personal information held by us (or information is lost in circumstances where unauthorised access or disclosure is likely to occur);
  • this is likely to result in serious harm to you; and
  • we have been unable to prevent the likely risk of serious harm with remedial action.

we will notify you and the OAIC (Office of the Australian Information Commissioner) in accordance with our obligations under the Privacy Act. The notification will also include recommendations about steps you should take in response to the data breach.

Making a complaint

If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your personal information, you can contact us using the details set out below. Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, we will provide you with information about the further steps you can take.

Contact Us

For further information about our Privacy Policy or practices, or to access or correct your personal information, or make a complaint, please contact us using the details set out below:

Privacy Officer

Skoosh

Suite 3010

1 Exeter Road

Exeter NSW 2579

privacy@skoosh.com.au

GDPR - European grounds for processing personal data

This section applies if you are based in the European Economic Area (EEA) during your interactions with us and sets out the additional information that we are required to provide to you under the GDPR.

Under European data protection law, use of personal information must be based on one of a number of legal grounds and we are required to set out the grounds in respect of each use. We can only process personal data when the processing is permitted by the specific legal ground set out in the law.

In the table below, we have set out the relevant grounds that apply to each purpose of data processing that is mentioned in this Privacy Statement. You can find an explanation of each of the legal grounds for use of personal information below.

Purposes of the data processing Bases of use
to enable you to access and use our application.
  • contract performance
  • legitimate interests (to allow us to perform our obligations and provide services to you)
to provide you with information about the application.
  • contract performance
  • legitimate interests (to allow us to perform our obligations and provide services to you)
to operate, protect, improve and optimise our application, business and our users’ experience, such as to perform analytics, and conduct research;
  • contract performance
  • legitimate interests (to allow us to maintain and improve the quality of our services and products)
to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you.
  • contract performance
  • legal obligation
  • legitimate interests (to allow us to correspond with you in connection with our services)
to ensure content is relevant, including ensuring that content from our websites is presented in the most effective manner for you and for your device.
  • contract performance
  • legitimate interests (to allow us to provide and improve our services)
to administer surveys or other activities or events managed by us.
  • consent (which can be withdrawn at any time)
we may also combine the information that we collect and hold about you for the purposes of creating insights about you and customer segmentation.
  • contract performance
  • legitimate interests (to allow us to perform our obligations and provide services to you)
  • legal obligation
to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties.
  • contract performance
  • legal obligation
  • legal claims
  • legitimate interests (to allow us to guard against fraud and other unlawful activity)
to provide those parts of the application that collect, store and process sensitive information about your health.
  • consent (which can be withdrawn at any time)
Sensitive personal information
  • Under the GDPR, certain categories of personal information are considered particularly sensitive and need higher protection. These categories include information about health, racial or ethnic origin, political opinions, religious beliefs, trade union membership or your sexual orientation and genetic and biometric data. Information concerning criminal convictions and offences is also viewed as sensitive under the GDPR.
  • We will collect and handle such sensitive personal information, for example, wellbeing notes, education history, career management notes, employment history, ethnicity, family heritage, religion, integrity incident history and management, date of birth and mailing address details.
  • We will obtain your consent when collecting and handling this type of personal information, either from the organisation or entity that is using our application or in some cases, directly from you. We will do this unless we are otherwise permitted to process such personal information under the GDPR or the laws of the EU member state in which you are based.
Other rights available under European Law

If you are based in the EEA during your interactions with us in addition to the rights outlined above, under certain conditions, you may have the right under the GDPR to ask us to:

  • provide you with further details on how we use and process your personal information;
  • delete personal information we no longer have grounds to process; and
  • restrict how we process your personal information whilst we consider an inquiry you have raised.

In addition, under certain conditions, you have the right to:

  • where processing is based on consent, withdraw the consent;
  • lodge a complaint with a supervisory authority;
  • object to any processing of personal information that we process on the “legitimate interests” or “public interests” grounds, unless our reasons for the underlying processing outweighs your interests, rights and freedoms; and
  • object to direct marketing (including any profiling for such purposes) at any time.
You can exercise these rights by contacting us.

These rights are subject to certain exemptions to safeguard the public interest and our interests. We will respond to most requests within 30 days.

Retention period under GDPR

Our retention periods for personal data are based on business needs and legal requirements. We retain personal data for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. When personal data is no longer needed, we either irreversibly anonymise the data (and we may further retain and use the anonymised information) or securely destroy the data.

Disclosure of information outside the EEA

Where we transfer personal information from inside the EEA to outside the EEA, we may be required by law to take specific measures to safeguard the relevant personal information. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal information to these jurisdictions. In countries which have not had these approvals, we will use appropriate safeguards to protect any personal information being transferred, such as EU Commission-approved model contractual clauses or binding corporate rules permitted by applicable legal requirements.

GDPR - Legal grounds for use of personal information

Use of personal information under the GDPR must be justified under one of a number of legal bases or grounds and we set those out here. The principle legal grounds that justify our use of your personal information are as follows:

  • Consent: where you have consented to our use of your information (you may withdraw your consent by emailing privacy@skoosh.com.au with your name, date of birth and the club you play for but that may impact on your ability to use the application).
  • Contract performance: where we are required to collect and handle your personal information in order to provide you with the services that we have contractually agreed to provide to you.
  • Legal obligation: where we need to use your personal information to comply with our legal obligations.
  • Vital interests: where we need to process your personal information in order to protect the vital interests of you or another natural person, e.g. where you require urgent assistance.
  • Public interest: where we need to process your personal information in order to carry out a task that is in the public interest.
  • Legitimate interests: where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.
  • Public interest in area of public health: where we need to process your personal information for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health, set out in EU law or the laws of the member state in which you are based.

The legal grounds for our use of the sensitive categories of personal information are:

  • Consent: where you have explicitly consented to our use of your personal information. You may withdraw your consent to the use of your personal information.
  • Vital interest: where we need to process your personal information in order to protect the vital interests of you or another natural person where you or the other person is physically or legally incapable of giving consent.
  • Legal claims: where your personal information is necessary for us to establish, exercise or defend any legal claims.
  • Substantial public interest: where we need to process your personal information for reasons of substantial public interest set out in EU law or the laws of the member state in which you are based.
  • Public interest in area of public health: where we need to process your personal information for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health, set out in EU law or the laws of the member state in which you are based.

Effective:18 October 2021