EDX.COM PTY LTD TRADING AS SIMON BLACK ACADEMY
PRIVACY POLICY

1. INTRODUCTION
1.1 This privacy policy applies to the entities in the EDX.COM Pty Ltd. The companies in the EDX.COM Pty Ltd at the date of this policy are listed at section 11.
1.2 EDX.COM Pty Ltd offers its Students Elite Athletic Training & Education Services (Services).
1.3 In the course of our businesses, there are circumstances where we collect personal information. This privacy policy has been developed to ensure that this information is handled appropriately.
1.4 We are committed to complying with the Privacy Act 1988 (Cth) (Privacy Act) in relation to all personal information we collect. Our commitment is demonstrated in this policy. The Privacy Act incorporates the Australian Privacy Principles, which set out the way in which personal information must be treated.
1.5 This privacy policy also incorporates our policy on managing Personal information (see particularly section 8 onwards).
Who does the privacy policy apply to?
1.6 This policy applies to any person for whom we currently hold, or may in the future collect, personal information.
1.7 Generally, we only collect personal information from customers, third parties we do business with in providing our Services, subcontractors, agents who perform services on our behalf and from prospective employees.
What information does the privacy policy apply to?
1.8 This policy applies to personal information. In broad terms, ‘personal information’ is information or opinions relating to a particular individual who can be identified.
1.9 Information is not personal information where the information cannot be linked to an identifiable individual.

2. HOW DO WE MANAGE THE PERSONAL INFORMATION WE COLLECT?
2.1 We manage the personal information we collect in numerous ways, such as by:
(a) implementing procedures for identifying and managing privacy risks;
(b) implementing security systems for protecting personal information from misuse, interference and loss from unauthorised access, modification or disclosure;
(c) providing staff with training on privacy issues;
(d) implementing mechanisms to ensure any agents or contractors who deal with us comply with the APPs;
(e) implementing procedures for identifying and reporting privacy breaches and for receiving and responding to complaints;
(f) appointing a privacy officer within the business to monitor privacy compliance;
(g) having access to audit trails of information accessed; and
(h) allowing individuals the option of not identifying themselves, or using a pseudonym, when dealing with us in particular circumstances.
2.2 We will take reasonable steps to destroy or permanently de-identify personal information if that information is no longer needed for the purposes for which we are authorised to use it.
2.3 In limited circumstances, it may be possible for you to use a pseudonym or remain anonymous when dealing with us (for example, when making a general enquiry with us). However, if you would like to order a product or service from us, we will need your personal information in most instances in order to supply you with the product or service.

3. WHAT KINDS OF INFORMATION DO WE COLLECT AND HOLD?
3.1 The personal information we may collect differs, depending on whether you are a customer, a subcontractor or agent, or a prospective employee or a prospective subcontractor.

Personal information (customers)
3.2 If you are a Student, we may collect and hold personal information about you, which may include:
(a) your contact details;
(b) financial and Personal information;
(c) date and place of birth;
(d) gender;
(e) employment arrangements and history;
(f) tax file numbers;
(g) licence details;
(h) education qualifications;
(i) marketing preferences;
(j) financial and other information regarding fee help applications;
(k) information in relation to your past education;
(l) insurance information;
(m) Personal information;
(n) information in publicly available company records about you; and
(o) any other personal information required to provide the services to you.

Personal information (subcontractors and agents and prospective employees)
3.3 If you are a subcontractor or agent, or a prospective employee or a prospective subcontractor, we may collect and hold personal information about you, which may include:
(a) sensitive information (see below);
(b) contact information;
(c) date of birth;
(d) tax file numbers;
(e) employment arrangements and history;
(f) licence details;
(g) education details;
(h) banking details; and
(i) any other personal information required to engage you as our subcontractor or agent, or to consider offering you employment.
Sensitive information
3.4 ‘Sensitive information’ is a subset of personal information and includes personal information that may have serious ramifications for the individual concerned if used inappropriately.
3.5 Generally, we only collect sensitive information about our students if we are providing education services & fee help funding or if this information is otherwise needed in order to provide Services to our students . The type of sensitive information we may collect in these circumstances is as follows:
(a) health information (including but not limited to your medical history);
(b) racial or ethnic origin; and
(c) criminal history.
3.6 We may collect sensitive information from and about subcontractors and agents, and prospective employees and subcontractors, such as:
(a) health information (including but not limited to drug and alcohol testing results);
(b) criminal history;
(c) membership of professional or trade associations; and
(d) membership of trade unions.
3.7 We will not collect sensitive information without the individual’s consent to which the information relates unless permitted under the Privacy Act.

4. HOW AND WHEN DO WE COLLECT PERSONAL INFORMATION?
4.1 Our usual approach to collecting personal information is to collect it directly from you.
4.2 We may also collect personal information in other ways, which may include:
(a) from our related entities;
(b) from our subcontractors and agents;
(c) personal / education references;
(d) through our website (including website cookies) or mobile applications;
(e) through referrals from individuals;
(f) from third party providers and suppliers;
(g) from paid search providers;
(h) from employers, colleagues, associates or relatives of yours (where necessary, we will make reasonable enquiries to verify the information);
(i) from government bodies (such as the Australian Taxation Office and the Australian Securities and Investment Commission);
(j) from forms such as our customer feedback forms;
(k) through marketing and business development events and programs, including when you subscribe to ways in which we share information;
(l) through competitions;
(m) from list purchases;
(n) from any other consultants we engage from time to time;
(o) when you interact with us on social media;
(p) when you request technical or other support, make a complaint, contact us or give us information in any other way.

5. HOW DO WE HOLD PERSONAL INFORMATION?
5.1 We generally hold personal information:
(a) physically:
(i) at our premises (securely); and
(ii) off-site, by third party physical storage providers (securely); and
(b) electronically:
(i) on secure online servers;
(ii) on a private cloud;
(iii) by a third party data backup provider; and
(iv) on our website.
5.2 We secure the personal information we hold in numerous ways, including:
(a) using security systems to access areas that contain personal information;
(b) using secure servers to store personal information;
(c) using unique usernames, passwords and other protections on systems that can access personal information;
(d) holding certain sensitive documents securely; and
(e) regularly destroying documents that are no longer needed subject to legal obligations for record keeping.

6. WHY DO WE COLLECT, HOLD, USE OR DISCLOSE PERSONAL INFORMATION?
6.1 We take reasonable steps to use and disclose personal information for the primary purpose for which we collect it. The primary purpose for which information is collected varies, depending on the particular service being provided, but could include any of the services we provide.
A full range of the services we offer can be found at www.simonblackacademy.com.au.
6.2 In the case of potential employees, the primary purpose the information is collected is to assess the individual’s suitability for employment.
6.3 Personal information may also be used or disclosed by us for secondary purposes which are within your reasonable expectations and which are related to the primary purpose of collection.
6.4 For example, we may collect and use your personal information:
(a) to keep record of transactions to assist in future enquiries and enhance our customer relationship with you;
(b) for delivery purposes;
(c) to comply with the standards set by any relevant professional bodies;
(d) to provide you with updates and alerts that are relevant to you or your business;
(e) to send you special offers and promotional material from us and third parties;
(f) to invite you to events;
(g) to enhance our relationship with you;
(h) to provide information to third parties as requested or authorised by you;
(i) in the case of potential employees and subcontractors – to assess your suitability for employment or engagement.
6.5 We may disclose personal information to:
(a) our suppliers and partners;
(b) subcontractors and agents;
(c) government bodies (such as the Australian Taxation Office and the Australian Securities and Investment Commission);
(d) business support service providers (for example our software suppliers, debt collection agencies, data backup provider, law and accounting firms or other consultants);
(e) Personal reporting bodies;
(f) any third party technology providers we engage from time to time, such as email filter providers.
(g) insurance providers;
(h) any other third party we deem necessary in connection with providing you with the products or services; and
(i) our related entities.
6.6 Otherwise, we will only disclose personal information to third parties if permitted by the Privacy Act.

7. WILL WE DISCLOSE PERSONAL INFORMATION OUTSIDE AUSTRALIA?
7.1 From time to time, we may disclose information to overseas recipients, including recipients in the United States of America, Singapore, Ireland, Germany, Japan, South America, South Korea, India and other countries due to the location of our cloud provider, website host, mail servers and in order to back-up our data in third party data centres.
7.2 We take reasonable steps to ensure this personal information is handled in a safe and secure manner.

8. HOW DO WE MANAGE YOUR PERSONAL INFORMATION?

What kinds of Personal information may we collect?
8.1 In the course of providing services to you, we may collect and hold the following kinds of Personal information:
(a) your identification information;
8.2 In some circumstances, we may collect Personal information and personal information from Personal reporting bodies (e.g. Veda). The kinds of information we collect may include any of those kinds of information outlined in sections 3.2, 3.3 and 8.1 of this policy.
8.3 We may also collect personal information. The kinds of personal information we collect may include any of those kinds of personal information outlined in sections 3.2, 3.3 and 8.1 of this policy.

How and when do we collect Personal information?
8.4 In most cases, we will only collect Personal information about you if you disclose it to us.
8.5 Other sources we may collect Personal information from include:
(a) government bodies;
(b) our subcontractors and agents.

How do we store and hold the Personal information?
8.6 We store and hold Personal information in the same manner as outlined in section 5 of this policy.
Why do we collect the Personal information?
8.7 Our usual purpose for collecting, holding, using and disclosing Personal information about you is to enable us to provide you with the requested service.
8.8 We may also collect the Personal information:
(a) to process payments;
(b) to assess eligibilityl; and
(c) for any other purpose that we consider necessary to best provide you with Services.
Overseas disclosure of the Personal information
8.9 Apart from our website, cloud provider, mail servers and back-up arrangements for data disclosed in section 7 , we will not disclose your Personal information to entities without an Australian link unless you expressly request or authorise us to.
8.10 We take reasonable steps to ensure this personal information is handled in a safe and secure manner.
How can I access my Personal information, correct errors or make a complaint?
8.11 You can access and correct your Personal information, or complain if you believe there has been a breach of your privacy in the same manner as set out in section 9 of this policy.

9. HOW DO YOU MAKE COMPLAINTS AND ACCESS AND CORRECT YOUR PERSONAL INFORMATION OR PERSONAL INFORMATION?
9.1 It is important that the information we hold about you is up-to-date. You should contact us if your personal information changes.
Access to information and correcting personal information
9.1 You may request access to the personal information held by us or ask us for your personal information to be corrected by using the contact details in this section.
9.2 Subject to section 9.4, we will grant you access to your personal information as soon as possible.
9.3 In keeping with our commitment to protect the privacy of personal information, we may not disclose personal information to you without proof of identity.
9.4 We may deny access to personal information if:
(a) the request is unreasonable;
(b) providing access would have an unreasonable impact on the privacy of another person;
(c) providing access would pose a serious and imminent threat to the life or health of any person;
(d) providing access would compromise our professional obligations; or
(e) there are other legal grounds to deny the request.
9.5 We may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed prior to it being levied.
9.6 If the personal information we hold is not accurate, complete and up to date, we will take reasonable steps to correct it where it is appropriate to do so.
Complaints
9.7 If you wish to complain about an alleged privacy breach, you must follow the following process:
(a) The complaint must be firstly made to us in writing, using the contact details in this section. We will have a reasonable time to respond to the complaint.
(b) In the unlikely event the privacy issue cannot be resolved, you may take your complaint to the Office of the Australian Information Commissioner.

Who to contact
9.8 A person may make a complaint or request to access or correct personal information about them held by us. Such a request must be made in writing to the following address:
Privacy Officer: Mark Aldridge
Postal Address: PO Box 2091 Ashgrove Queensland 4060
Telephone number: 0410851648
Email address: mark@emandem.com.au

10. CHANGES TO THE POLICY
10.1 We may update, modify or remove this policy at any time without prior notice. Any changes to the privacy policy will be published on our website.
10.2 This policy is effective from 1st July 2017. If you have any comments on the policy, please contact the privacy officer with the contact details in section 9 of this policy.

11. EDX.COM PTY LTD
11.1 The following entities comprise the EDX.COM Pty Ltd at the date of this policy:
11.2 This policy applies to the above entities and other related or associated entities existing from time to time.