Gurner™ Privacy Policy — Wellness

Updated: 2 August 2024 

Updated: 2 August 2024 

Your personal information is being collected by Gurner Group Wellness Operations Pty Ltd ABN 38 670 532 975 and Gurner Group Wellness (Saint) Operations Pty Ltd ABN 93 675 336 517 (GURNER™ Wellness Group, We or Our) in order to provide services and facilities to you. 

GURNER™ Wellness Group collects, holds, uses and discloses personal information, health information and sensitive information (as defined in applicable legislation) about you in accordance with this Collection Statement and our Privacy Policy, outlined below. 

GURNER™ Wellness Group collects information, health information and sensitive information from you and from third parties, such as Oura Health.  

The purposes for which GURNER™ Wellness Group is collecting your personal information are: 

  • To ensure that the services and facilities we provide are appropriate and safe for you; 
  • To administer your membership and collect your membership fees;  
  • To provide health and wellness recommendations via our GURNER™ Wellness Group Members App based on your Oura Ring readiness score. This data is only stored for 24 hours on a secure server; and 
  • For purposes described in our Privacy Policy. 

GURNER™ Wellness Group will use that information for these purposes, and we may also use it to contact you to comply with our regulatory and legal obligations, as well as to contact you (including by way of email) in response to your inquiries about our facilities and services. 

GURNER™ Wellness Group may share your health information with people or organisations for medical, ethical, insurance, legal and management and/or procedural purposes, including: 

  • Insurers for the purposes of benefits payable or other third parties for billing/accounting purposes (such as Medicare, your private health insurer fund, workers compensation insurer or transport accident insurer); 
  • Your representatives (such as a guardian, carer, family member or legal advisor); 
  • Our professional advisors (such as auditors and legal advisors); 
  • Local contractors whom we have partnered with to provide services to our business operations;  
  • Government and regulatory authorities or other bodies as required by or authorised under Australian law;  
  • In limited circumstances, research bodies; and 
  • To our related bodies corporate and to other persons or entities as outlined in our Privacy Policy. 

If you do not provide your personal information, we may not be able to provide you access to our facilities or provide you with our services. 

We otherwise use, disclose, process and handle your personal information, health information and sensitive information in accordance with our Privacy Policy.  

While your personal information, health information and sensitive information is collected in Australia, it is unlikely that it will be disclosed to overseas recipients outside of Australia. 

More detailed information about the way GURNER™ Wellness Group uses and discloses your personal information and overseas disclosures is set out in our comprehensive Privacy Policy. Our Privacy Policy also contains the contact details of our Privacy Officer and information regarding your rights (including how to withdraw your consent, if applicable) and how you can seek to access and correct your personal information or raise a privacy concern with us and how it will be dealt with. 

If you have any questions or concerns about this Privacy Collection Statement, our Privacy Policy or how we handle your personal information, please contact our Privacy Officer[email protected] or +61 3 9654 6222, or by post to Privacy Officer, 168 Williams Road, Prahran, Victoria 3181. 

  1. Background

1.1 General 

Gurner Group Wellness Operations Pty Ltd ABN 38 670 532 975 and Gurner Group Wellness (Saint) Operations Pty Ltd ABN 93 675 336 517 (GURNER™ Wellness Group, we, us, our) is a recreation, health and wellness group based in Melbourne, Australia. We are committed to protecting your privacy, in accordance with applicable Australian privacy laws. 

This Policy is designed to give you a greater understanding of how we collect, use, disclose and otherwise handle personal information. 

A copy of this Privacy Policy is available on our websites at www.sainthaven.com.au and www.saintprivateclub.com.au or you can request a copy by contacting out Privacy Officer (details under heading 11 below). 

1.2 What is personal information? 

Personal information means information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable. 

1.3 Our obligations 

We are required to comply with the Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth) (Privacy Act). The APPs regulate the manner in which personal information is handled throughout its life cycle, from collection to use and disclosure, security, accessibility and disposal. 

We are also required to comply with more specific privacy legislation in some circumstances, such 
as: 

  • Applicable State and Territory health privacy legislation (including the Health Records Act 2001 (Vic)(HR Act)) when we collect and handle health information in the relevant jurisdiction; and 
  • The Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth). 

1.4 Employee records 

We are generally exempt from the Privacy Act when we collect and handle employee records and this Privacy Policy does not apply to that information. However, where State or Territory health privacy legislation applies, we are still required to protect the privacy of employee health information. 

This Privacy Policy will apply in those circumstances. 

  1. What we collect

2.1 General 

The type of personal information that we collect about you depends on the type of dealings you have with us. For example, if you: 

  • Apply to be a member – we will collect your name, contact details, date of birth, credit card details and health information in some circumstances; 
  • Are a supplier to us – we will collect your name and contact details, details about the goods or services you supply and payment details; 
  • Send us an enquiry, complete an enquiry form or provide us with feedback, we may collect your name, contact details, details of your enquiry or feedback and information about our response; 
  • Ask us to send you information about our products and services – we will collect your name, address, contact details, details of the memberships you are interested in and how you heard about us; 
  • Apply for a job with us, we will collect the information you include in your job application, including your cover letter, resume, contact details and referee reports; and 
  • Enter into any promotions, competitions or special offers, we will collect the information you provide when submitting your entry. 

In addition to the above, if you interact with us generally, we will collect your details (e.g. name, telephone number, email address), details of the services or products you are interested in, or how you heard about us.  Other information may be collected from other sources but those sources should provide you with details of what personal information is being collected and why. 

The personal information collected may vary depending on your particular interaction with us but will be limited to that information necessary to record and manage our interaction with you (e.g. your name, relevant contact details and information about the interaction) and that information required to enable you to participate in our services and other products being offered by GURNER™ Wellness Group. 

We may also collect some information that is not personal information because it does not identify you or anyone else.  For example, we may collect anonymous answers to surveys or aggregated information about how users use our website. 

2.2 Sensitive information 

Sensitive information is a subset of personal information that is generally afforded a higher level of privacy protection, such as health information. We only collect sensitive information where it is reasonably necessary for our functions or activities and either: 

  • The individual has consented; or 
  • We are required or authorised by or under law to do so. 

2.3 Health Information  

  

Health information is protected by the HR Act. The term ‘health information’ has the meaning given to it in the HR Act.  In general terms, health information is information or an opinion about the physical, mental or psychological health, or a disability of an individual; information about the provision of health services to an individual; personal information collected to provide a health service and genetic information.   

We only collect health information where it is reasonably necessary for our functions or activities and either: 

  • The individual has consented; or 
  • We are required or authorised by or under law to do so.  

2.4 Collection of information other than personal information through our website 

When you visit our website, some of the information that is collected about your visit is not personal information, as it does not reveal your identity. 

SITE VISIT INFORMATION 

For example, we record your server address, the date and time of your visit, the pages you visited, any documents you downloaded, the previous site you visited and the type of device, browser and operating system you used. 

We use and disclose this information in anonymous, aggregated form only, for purposes including statistical analysis and to assist us to improve the functionality and usability of our website. You are not individually identified, however we reserve the right to use or disclose this information to try to locate an individual where we reasonably believe that the individual may have engaged in any unlawful or inappropriate activity in connection with our website, or where we are otherwise required or authorised by law to do so. 

COOKIES 

A cookie is a small string of information that a website transfers to your browser for identification purposes. The cookies we use do not identify individual users, although they do identify the user’s internet browser. 

We use cookies to hold anonymous session information. This information is used to personalise your current visit to the website, for example to allow the website to remember who you are by keeping server variables linked to your session. 

We only use non-persistent cookies. That is, they are held on your browser’s memory only for the duration of your session. 

Most internet browsers are set to accept cookies. If you prefer not to receive them, you can adjust your internet browser to reject cookies, or to notify you when they are being used. There are also software products available that can manage cookies for you. Rejecting cookies can, however, limit the functionality of our website. 

2.5 What if you don’t provide us with your personal information? 

We will provide individuals with the option of not identifying themselves, or of using a pseudonym, when dealing with us if it is lawful and practicable to do so. A pseudonym is a name or other descriptor that is different to an individual’s actual name. 

For example, you can access our website and make general phone queries without having to identify yourself. 

In some cases however, if you don’t provide us with your personal information when requested, we may not be able to provide you with the product or service that you are seeking. For example, you must identify yourself to a member of our accounts team in order to check on the status of a payment made to or by us. 

  1. How we collect personal information

3.1 Methods of collection 

We may collect personal information in a number of ways, including: 

  • In person (for example, visits to our clubs, at events); 
  • Through our website (for example through our ‘Enquiries’ form); 
  • Through our Facebook, LinkedIn or Instagram page; 
  • Over the telephone; 
  • Through written correspondence (such as letters, faxes and emails); 
  • During conversations between you and our representatives; 
  • By contracting with us; 
  • On hard copy forms (for example, enquiry forms and surveys); and 
  • Through surveillance cameras at our premises and on some of our display suites. 

3.2 Collection notices 

Where we collect personal information about you, we will take reasonable steps to provide you with certain details about that collection (such as the purpose for which we are collecting the information and the type of third parties to which it is usually disclosed). We will generally include this information in a collection notice. 

Collection notices provide more specific information than this Privacy Policy. The terms of this Privacy Policy are subject to any specific provisions contained in collection notices and in the terms and conditions of particular offers, products and services. We encourage you to read those provisions carefully. 

3.3 Unsolicited information 

Unsolicited personal information is personal information we receive that we have taken no active steps to collect (such as an employment application sent to us by an individual on their own initiative, rather than in response to a job advertisement). 

We may keep records of unsolicited personal information if the Privacy Act permits it (for example, if the information is reasonably necessary for one or more of our functions or activities). If not, we will destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so. 

  1. What happens if we can’t collect your personal information?

If you do not provide us with the personal information described above, some or all of the following may happen: 

  • We may not be able to provide the requested products or services to you, either to the same standard or at all; 
  • We may not be able to provide you with information about products and services that you may want; or 
  • We may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful. 
  1. Why we collect personal information

5.1 General 

The main purposes for which we collect, hold, use and disclose personal information are set out below: 

  • To process and manage your membership; 
  • To provide you access to our facilities and services; 
  • To conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties; 
  • Outlining our products and services to prospective and existing members; 
  • Promoting ourselves and our products and services, including through direct marketing, events and competitions (see under heading 5.2 below); 
  • Obtaining products and services for our business; 
  • Performing research and statistical analysis, including for customer satisfaction and service improvement purposes; 
  • Protecting the security of our facilities, staff, customers and the property held on our premises; 
  • Answering queries and resolving complaints; 
  • Recruiting staff and contractors; 
  • To update our records and keep your contact details up to date and to assist you with enquiries, resolving complaints or to improve our customer service; 
  • To verify your identity; 
  • To provide you with the products, services and information that you request from us; 
  • To process payment transactions and for our billing and account purposes; 
  • To provide you with access to protected areas of our website; 
  • To assess the performance of the website and to improve the operation of the website; 
  • To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; 

We may also collect, hold, use and disclose personal information for other purposes explained at the time of collection or which are required or authorised by law or for which you have provided your consent. 

Your personal information and health information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy. 

5.2 Direct marketing 

We may use or disclose your personal information to let you know about us and our products and services (including promotions, special offers and events), either where we have your express or implied consent, or where we are otherwise permitted by law to do so. We may contact you for these purposes in a variety of ways, including by mail, email, SMS, telephone and facsimile. 

OPTING OUT 

Where you have consented to receiving marketing communications from us, your consent will remain current until you advise us otherwise. However, you can opt out at any time, by: 

  • Contacting us (details under heading 11 below); 
  • Advising us if you receive a marketing call that you no longer wish to receive these calls; and 
  • Using the unsubscribe facility that we include in our electronic messages (such as emails, SMS and MMS). 

THIRD PARTY MARKETING 

We will get your express opt-in consent before we share your personal data with any company outside the GURNER™ Wellness Group entities for marketing purposes. 

NOTIFICATION OF SOURCE 

If we have collected the personal information that we use to send you marketing communications from a third party (for example a direct mail database provider), you can ask us to notify you of our source of information, and we will do so, unless this would be unreasonable or impracticable. 

  1. Who we may share your personal information with

 We may share personal information with third parties where appropriate for the purposes set out under heading 5, including: 

  • Referees whose details are provided to us by job applicants; and 
  • Our contracted service providers, including: 
  • Recreational, recovery and spa service providers 
  • Fitness instructors 
  • Information technology and data storage providers 
  • Venues and event organisers 
  • Marketing and communications agencies 
  • Research and statistical analysis providers 
  • Call centres 
  • Mail houses 
  • External business advisers (such as consultants, recruitment advisors, accountants, auditors and lawyers). 

In each case, we may disclose personal information to the service provider and the service provider may in turn provide us with personal information collected from you in the course of providing the relevant products or services. 

We may also disclose information to provide our products and services, to respond to legal requirements, enforce our policies, and protect our rights and property. 

  1. Cross border disclosure of personal information

We do not currently disclose personal information to third parties located overseas. If this changes at some time in the future, we will comply with the requirements of the Privacy Act that apply to cross border disclosures of personal information and this Privacy Policy will be amended accordingly. 

  1. Use of government related identifiers

We will not: 

  • Use a government related identifier of an individual (such as a Medicare number or driver’s licence number) as our own identifier of individuals; or 
  • Otherwise use or disclose such a government related identifier, unless this is permitted by the Privacy Act (for example, use of an identifier to verify an individual’s identity or uses or disclosures required or authorised by or under an Australian law). 
  1. Data quality and security

9.1 General 

We hold personal information in a number of ways, including in electronic databases, email contact lists, and in paper documents held in drawers and cabinets. Paper files may also be archived in boxes and stored offsite in secure facilities. We take reasonable steps to: 

  • Make sure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant; 
  • Protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure; and 
  • Destroy or permanently de-identify personal information that is no longer needed for any purpose permitted by the APPs. 

You can help us keep your information up to date, by letting us know about any changes to your details, such as your address, email address or phone number. 

9.2 Security 

The steps we take to secure the personal information we hold include website protection measures (such as firewalls and anti-virus software), security restrictions on access to our computer systems (such as login and password protection), controlled access to our corporate premises, policies on document storage and security, personnel security (including restricting access to personal information on our systems to staff who need that access to carry out their duties, staff training and workplace policies. 

 

ONLINE CREDIT CARD PAYMENT SECURITY 

We process payments using EFTPOS and online technologies. All transactions processed by us meet industry security standards to ensure payment details are protected. 

WEBSITE SECURITY 

While we endeavour to protect the personal information and privacy of users of our website, we cannot guarantee the security of any information that you disclose online and you disclose that information at your own risk. If you are concerned about sending your information over the internet, you can contact us by telephone or post (details under heading 15 below). 

DATA BREACHES 

If there is any breach of your personal information or health information, GURNER Wellness Group will deal with such breach and notify you in accordance with its obligations under the Privacy Act and HR Act. 

  1. How long we keep your information 

 We will only keep the information we collect about you for as long as required for the purposes set out above, or as required to comply with any legal obligations to which we are subject.   

If you decide not to go ahead with purchasing a property for which you have registered, we may still keep your information.  

  1. Mail and email information

If you wish to stop receiving any emails or other communications from GURNER™ Wellness Group which may be sent to you in the future, or if you have submitted personal information or health information through the website and would like to have that information deleted from our records, please notify us at [email protected].  

GURNER Wellness Group will preserve the contents of any email message that you send if we believe that we have a legal requirement to do so.   

  1. Access and Correction

12.1 General 

Please contact our Privacy Officer (details under heading 15 below) if you would like to access or correct the personal information that we hold about you. We may require you to verify your identity before processing any access or correction requests, to make sure that the personal 
information we hold is properly protected. 

12.2 Access 

We will generally provide you with access to your personal information, subject to some exceptions permitted by law. We will also generally provide access in the manner that you have requested (eg by providing photocopies or allowing a file to be viewed), provided it is reasonable and practicable for us to do so. We may however charge a fee to cover our reasonable costs of locating the information and providing it to you. 

12.3 Correction 

If you ask us to correct personal information that we hold about you, we will take reasonable steps to correct that information. 

12.4 Timeframe for access and correction requests 

Except in the case of more complicated requests, we will endeavour to respond to access and correction requests within 30 days. 

12.5 What if we do not agree to your request for access or correction? 

If we do not agree to your access or correction request, or if we do not agree to give you access in the manner you requested, we will provide you with a written notice setting out: 

  • the reasons for our decision (except to the extent that, having regard to the grounds for 
    refusal, it would be unreasonable to do so); and 
  • available complaint mechanisms. 

In addition, if we refuse to correct personal information in the manner you have requested, you may ask us to associate your request with the information and we will take reasonable steps to do so. 

  1. Unique identifiers

We will not assign unique identifiers to you unless the assignment of unique identifiers is necessary to enable us to carry out any of our functions efficiently.  Further, we will not require an individual to provide a unique identifier (e.g. your tax file number) unless required or authorised by law.  

  1. Complaints

If you have a complaint about how we have collected or handled your personal information, please contact our Privacy Officer (details under heading 15 below). 

We will endeavour in the first instance to deal with your complaint and take any steps necessary to resolve the matter within a week. If we are not able to do so, we will ask you to submit your complaint in writing. 

In most cases, we expect to investigate written complaints and provide a response within 30 days of receipt. If the matter is more complex and our investigation may take longer, we will contact you and tell you when we expect to provide our response. 

If you are not satisfied with our response, you can refer your complaint to the Office of the Australian Information Commissioner (see here for further information). 

  1. Our contact details

Please contact us if you have any queries about the personal information that we hold about you or the way we handle that personal information. Our contact details are set out below. 

Mail: PRIVACY OFFICER, 168 WILLIAMS ROAD, PRAHRAN, VICTORIA 3181 

Email: [email protected] 

Telephone: +61 3 9654 6222 

Further general information about privacy is available on the website of the Office of the Australian Information Commissioner at www.oaic.gov.au or by calling the OAIC’s enquiry line at 1300 363 992. 

  1. Changes to this Policy

We may amend this Privacy Policy from time to time. The current version will be posted on our website and a copy may be obtained by contacting our Privacy Officer (details above).