Effective date: September 11, 2020
Vibit., doing business as Vibit, (“Vibit,” “us”, “we”, or “our”) operates the website https://www.vibit.com.au and affiliated websites and mobile applications (“Websites”), and provides various services to our community members, including providing products that use vibration and compression to help people relieve bodily pain (hereinafter collectively referred to as the “Services”).
- Personal Information (also known as “Personal Data”): Personal Information means data about a particular individual or household that identifies, relates to, describes, could be reasonably linked with, or could be used to identify that person or household (or from those and other information either in our possession or likely to come into our possession). It also includes other information that may be associated with your Personal Information, such as your Usage Data (defined below), location, preferences, or interests, if that information can be used to identify you or your household.
- Services: Our Services include the website www.vibit.com.au and mobile applications, operated by Vibit and our products that use vibration and compression to help people relieve bodily pain.
- Usage Data: Usage Data is data collected automatically either generated by the use of the Websites or from the Websites’ infrastructure itself (for example, your IP address or the duration of a page visit).
- Cookies: Cookies are small files stored on your device (computer or mobile device).
- Data Processors: Any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various partners in order to process your data more effectively.
- User (or “Data Subject”): Any individual who uses our Services and is the subject of Personal Information collected and/or processed.
II. Information Collection and Use
- Types of Data Collected
We collect several different types of information for various purposes to provide and improve our Service to you.
- Personal Information. While using our Services, we may ask you to provide us with or otherwise obtain certain personally identifiable information that can be used to contact or identify you (“Personal Information,” as defined above). This includes your name, address, email, phone number, payment card information, purchase and service history, gender, and age range, and employment and military service information.
- Usage Data. We may also collect information on how you access and use our Services (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Services that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.
When you access our Services with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, your mobile device’s IP address, your mobile device’s operating system, the type of internet browser you use, unique device identifiers, and other diagnostic data.
- Generic Information. Generic information is information that does not directly reveal the identity of a Vibit customer or visitor to the Websites. This information may include Usage Data and other aggregate usage metrics such as total number of Websites visitors, pages viewed, and usage patterns within the Websites, etc. This may also include information about your device. We may automatically gather some Generic Information from our customers and Websites visitors.
At times and under certain circumstances, the type of Generic Information or Usage Data collected as well as the combination of various types of data may qualify as Personal Information, and will be treated as Personal Information in those cases.
Some of the cookies we use are “strictly necessary” for the functionality of our Websites. Others improve the functionality of our Websites but are not strictly necessary. Some cookies help improve the performance of our Websites (such as by gathering analytic data), while others help provide targeted services to you (like ads that you may be interested in).
Examples of Cookies and other technologies we may use include:
o First party cookies
- Session Cookies. We use Session cookies to operate our Websites. Session cookies are temporary and are automatically deleted once you close your Internet browser.
- Preference Cookies. We use Preference cookies to remember your preferences and various settings. Preference cookies remain on your computer hard drive until you delete them or until they are otherwise removed upon expiration.
o Third Party Cookies and Pixel Tags
- Pixel tags. Pixel tags and web beacons are tiny graphic images placed on website pages or in our emails that allow us to determine whether you have performed a specific action. When you access these pages or open or click an email, the pixel tags and web beacons generate a notice of that action. These tools allow us to measure response to our communications and improve our web pages.
o Other Technologies. We collect many different types of information from other technologies to improve the quality of our Websites and the services we provide. For example, we may collect Usage Data and other information about the device you use to access our Website, your operating system and/or mobile device type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. We may record the IP address of the device you use to connect to the Internet.
Your Cookie Choices
- Personal Information Collected over the last 12 months
We have collected the types of Personal Information described above , including Usage Data, Generic information, and Cookie data when they qualify as Personal Information within the last 12 months.
III. How We Collect Your Information
Vibit collects and obtains your information in a few ways: there is information that you choose to give to us, information we obtain through your use of our Services – including our Websites – and information we obtain from third parties.
- Information You Give Us
We collect information that you decide to share with us. At times, we may require you to provide certain information – including Personal Information – in order to use certain parts of our Websites, fulfill your requests with us, or provide you with certain Services. For instance, we may require you to provide your name, email address, or other contact information when you contact us with a question or comment. If you create a customer account with us, we may require you to create a username and password to access our Customer Login portal. Additionally, we may need you to provide certain Personal Information to purchase a product, take advantage of special offers or promotions, or to use other portions of our Services.
- Information We Obtain When You Use Our Services
As noted above, we collect certain information from you through your use of our Services, such as Usage Data. For instance, in using our Websites, we may collect information about the device you use to log into, access, and use the Websites. We may collect other Generic Information in relation to how you use our Websites or other Services (for example, aggregate metrics on how often certain pages on our Websites are accessed and viewed).
We also may collect information through the use of cookie, pixel tags, or other technologies as described above.
- Information We Obtain from Other Sources
We may also obtain limited information about you from our business facilitation partners who help us provide our Services to you. For example, if you purchase our products, we may obtain information about your purchase from our payment processor in order to complete that order for you. We may also use certain business facilitation partners to monitor and analyze the use of our Website. For example:
- Google Analytics. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Website. This data is shared with other Google services. Google Analytics may collect your IP address and other Internet network information as part of its services, which may qualify as Personal Information under certain circumstances.
For more information on Google’s privacy practices, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en.
- Facebook Insights. Facebook Insights is a web analytics service offered by Facebook that tracks users’ interactions with our Facebook page and Facebook posts. The data is shared with other Facebook companies. Facebook Insights may collect information you provide, like when you set up your account with Facebook, create or share content, communicate with others on the platform, and give Facebook access to contact information stored on your device. It may also collect information about how you use Facebook, like the time, frequency, and duration of your activities on Facebook, and information about the device from which you access Facebook. Facebook Insights may collect your IP address, GPS location, and other information about you as part of its services, which may qualify as Personal Information under certain circumstances.
Facebook may use the collected data to contextualize and personalize the ads of its own advertising network. You can manage or delete the data Facebook has collected about you through the “Settings” menu of your account(s) with Facebook companies.
IV. Why we Collect, Process, and Use Your Information
- Business and Commercial Purposes for Collection
Vibit collects, processes (or asks our business facilitation partners to process on our behalf), and uses your information to provide the Services we make available to you. We therefore will collect, process and use your information for a variety of reasons, including:
- To perform a contract with you or provide those Services you have requested of Vibit (for instance, we need to collect and process your information when you purchase our products in order to provide those services to you).
- You have otherwise given us your consent and permission to do so (for example, you have consented to receive our newsletter and provided your email address for that purpose).
- To provide you with news via our newsletter, special offers, marketing or promotional materials, and general information about other goods, services, and events which we offer that are similar to those that you have already purchased or enquired or which we believe may be of interest to you, unless you have opted not to receive such information. You may opt out of receiving any, or all, of these communications from us by contacting us at the contact information listed below.
- Various aspects of the Website, such as content on the Website, and email messages we send you in connection with your use of the Websites may include advertisements that may be selected for you based on your demographic information, interests, preferences, and usage patterns within the Website.
- To facilitate providing our Websites and other Services that we offer to you. These operational purposes may include but are not limited to:
o Operating, maintaining, and improving of our Services, including the Websites;
o Detecting security incidents;
o Detecting, preventing, and addressing technical issues;
o Protecting against malicious, deceptive, fraudulent, or illegal activity; and
o Helping law enforcement to prosecute individuals responsible for malicious, deceptive, fraudulent, or illegal activity.
- The collection and/or processing is related to another Vibit business or commercial purpose. For instance, we may use your information to assist with fraud prevention, improve the security of our networks, assist with enhancing the physical security of our customers, and report suspected criminal activity to law enforcement. We may also use your information in relation to certain marketing events and promotions we think may be of interest to you.
- To comply with applicable laws, in response to a lawful and enforceable request by a law enforcement, judicial, or other public authority, or in connection with an applicable legal obligation.
- Legal Bases for Processing and Using Your Information (EU data subjects)
Similar to the purposes for collecting your information, Vibit processes the information of EU Data Subjects for the following reasons:
- Fulfilling a Contractual Obligation: the processing is necessary to perform a contract with you.
- Consent: you have otherwise given us your consent and permission to do so – for instance, if you provide us your email address to receive our newsletter, or willingly provided your information to us to provide feedback on or ask us questions about our Services.
- Legal Obligation: to comply with applicable laws, in response to a lawful and enforceable request by a law enforcement, judicial, or other public authority, or in connection with an applicable legal obligation.
- Legitimate Interest: the collection is in our legitimate interests or the legitimate interests of a third party, and is not outweighed by any applicable rights you may have. For instance, we may use your information to:
o Assist with fraud prevention.
o Improve the security of our networks.
o Operate, maintain, and improve our Services, including the Websites.
o Prevent, detect, and address technical and security incidents.
o Report suspected criminal activity to law enforcement.
o To provide customer support to you and our other members, customers, and visitors.
V. How We Disclose or Share Your Information
Vibit does not sell your information to any third party. However, Vibit may disclose your information in a number of ways in order to provide our Services to you. For instance, we may share your information with our business facilitation partners that help us provide our Website and other Services to you, such as our web hosting and cloud storage providers. We may also share or disclose your information to those business facilitation partners that assist us with completing your orders, such as providing your credit card number to a third party payment processor when you make a purchase with us.
We may also provide your Personal Information to business facilitation partners or contractors to perform functions on our behalf including companies or individuals hired to publish and operate the Website, communicate news, deliver our promotional materials via e-mail and direct mail, promote our social media presence and activities, develop, enhance, market, or provide any of our products, and assist us with sending communications and performing other marketing and support functions.
We may also disclose or share your information for the following purposes:
- To comply with a legal obligation.
- To protect and defend Vibit’s rights or property.
- To prevent or investigate possible wrongdoing in connection with the Services.
- To protect the personal safety of users of the Services or the public.
- To protect against legal liability.
- When there is a good faith belief that such action is necessary to investigate or protect against harmful activities to our customers, associates, or property (including the Websites), or to others (including Vibit itself). This may include disclosures to law enforcement to investigate potential criminal activity or other civil violations.
- Categories of Third Parties that Receive Personal Information from Vibit
We share or otherwise disclose individuals’ Personal Information to the following categories of third parties:
- Fulfillment Service Providers and Business Facilitation Partners: we employ fulfillment service providers and business facilitation partners, companies, individuals, and agents to facilitate and help us provide our Services to you. Such partners perform tasks or functions on our behalf, provide Services-related services, or assist us in analyzing how our Services are used or delivered. These third parties are granted access to your information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. For more information on the analytic partners we use to better understand how you and other visitors use our site, please go to the “Information we obtain from Other Sources” above.
- Other Vibit Entities: we may share or disclose your information to other Vibit subsidiaries or affiliated companies.
- Categories of Personal Information Disclosed
Vibit has disclosed the following categories of Personal Information in the last 12 months for a business or commercial purpose:
- Customer names. This information may be shared with our Fulfillment Service Providers, Business Facilitation Partners, and other Vibit Entities.
- Customer addresses. This information may be shared with our Fulfillment Service Providers, Business Facilitation Partners, and other Vibit Entities.
- Payment card or other billing information. This information may be shared with our Fulfillment Service Providers, Business Facilitation Partners, and other Vibit Entities.
- Categories of Personal Information Disclosed in the last 12 months
Vibit has disclosed the Personal Information as described above within the last 12 months.
- Categories of Personal Information Sold
Vibit does not sell individuals’ information without their permission. Vibit has not sold Personal Information to third parties in the past 12 months.
Please note that a “sale” of Personal Information does not include those instances when such information is part of a merger, acquisition, or other transaction involving all or part of our business. If we sell all or part of our business or make a sale or transfer of assets or are otherwise involved in a merger or other business transaction, we may transfer your Personal Information to a third party as part of that transaction. If such transaction materially affects the manner in which your Personal Information is processed, we will notify you of such change prior to its implementation.
VI. Retention of Data
We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Services, or we are legally obligated to retain this data for longer periods.
For Australian residents and EU Data Subjects, we will retain your information and delete your information (should you request it be deleted) to the extent permitted under applicable laws.
VII. Transfer of Data
Your information, including Personal Information, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
VIII. Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information from loss, misuse, and unauthorized access, alteration, disclosure, and destruction, we cannot guarantee its absolute security. By using our Websites and Services, you acknowledge that there are data security and privacy limitations inherent to the use of the Internet, and that the security, integrity, and privacy of any and all information exchanged between you and Vibit, or between you and other related entities, cannot be guaranteed. We cannot ensure or warrant the security of any information you transmit to us or that we store, and you do so at your own risk.
IX. Your Data Protection & Privacy Rights
Australian residents and data subjects in the EU / European Economic Area (“EEA”): Vibit aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information and exercise other rights available under applicable law. Vibit therefore informs you that, where applicable to you under relevant law, you are entitled to the following:
- Right to Access / Disclosure: to have access to your Personal Information upon simple request – that is, you may receive a copy of such data upon receipt of a verifiable request along with other information related to the processing.
- Disclosure of Direct Marketers: Australian residents have the right to have access upon simple request, and free of charge, the categories, names, and addresses of third parties that have received Personal Information for direct marketing purposes. Please see the “Your Australian Privacy Rights” section below for more information.
- Right to Information About Selling, Sharing, or Disclosing Personal Information: upon receipt of a verifiable request, Australian residents may obtain a list of:
o The specific pieces of your Personal Information Vibit holds;
o The categories of Personal Information collected about you, sold to third parties, or disclosed to third parties for business purposes;
o The categories of Personal Information sold within the last 12 months;
o The categories of sources from which Personal Information is collected;
o The business or commercial purpose for collecting or selling Personal Information; and
o The categories of third parties with whom Personal Information is shared, sold, or disclosed for a business purpose.
- Right to Opt-Out of the Sale of Personal Information: Australian residents have the right to opt-out of the sale of their Personal Information under certain circumstances. As noted elsewhere, however, Vibit does not sell individuals’ Personal Information.
- Right to Correction: to correct your Personal Information if you find it is inaccurate, incomplete, or obsolete.
- Right to Deletion / “Right to be Forgotten”: to obtain the deletion of your Personal Information in the situations set forth by applicable data protection law.
- Withdraw of Consent to Processing: for EU data subjects, you may withdraw your consent to the data processing without affecting the lawfulness of processing, where your Personal Information has been collected and processed based on your consent and not any other basis.
- Right to Object: for EU data subjects, you may object to the processing of your Personal Information under certain circumstances, in which case we may ask you to justify your request by explaining to us your particular situation.
- Right to Restrict Processing: for EU data subjects, you may request limits to the processing of your data, when allowed by and in circumstances set forth under applicable law.
- Right to Data Portability: to have your Personal Information directly transferred by us to a third-party processor of your choice (where technically feasible; may be limited to situations when processing is based on your consent).
- Right to Non-Discrimination. As defined under relevant law, Australian residents have a right to non-discrimination in the Services or quality of Services you receive from us for exercising your rights.
Please contact us at the information in “Contact Us” Section below in relation to exercising these rights. Note that we may ask you to verify your identity before responding to such requests.
- Additional Rights for EU Data Subjects
EU data subjects also have the right to complain to a Data Protection Authority (“DPA”) about our collection and use of your Personal Information. For more information, please contact your DPA. EU data subjects also have the right to object to automated decision-making that produces a legal effect on the data subject.
X. Your California Privacy Rights Regarding Direct Marketing Information
If you are an Australian resident, you have the right to request information from us regarding the manner in which we share certain categories of personal information with third parties for their direct marketing purposes, in addition to the rights set forth above.
Under Australian law, you have the right to send us a request at the designated address listed below to receive the following information:
- The categories of information we disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year;
- The names and addresses of the third parties that received the information; and
- If the nature of the third party’s business cannot be determined from their name, examples of the products or services marketed.
To make such a request, please provide sufficient information for us to determine if this applies to you, and attest to the fact that you are an Australian resident. Please also provide a current Australian address for our response. You may make this request in writing to us at the below postal address. Any such request must include “Australian Privacy Rights Request” in the first line of the description, and include your name, street address, city, state, and postcode. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through the address provided for this purpose below.
Note that responsive information may be provided in a standardized format that is not specific to you.
XI. Links to Other Sites
We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services.
XII. Children’s Privacy
Our Websites are intended for adult audiences, and is not meant to address anyone under the age of 18 (“Children”). As such, children under 18 may not use our Website. If you are under 18, do not attempt to register for or use our Websites and do not provide us any Personal Information about yourself.
XIV. Submitting a Verifiable Request to Vibit
As mentioned above, Australian residents and European data subjects have certain rights to access, correct, delete, or otherwise control the use, collection, and/or disclosure of their information. Vibit will respond to an individual’s “verifiable request” to exercise his or her rights under such laws – that is, where Vibit has received a request claiming to be from a particular person, and Vibit has been able to verify that person is who they say they are. The need to verify a person’s identity is critical to protecting your information, and ensuring that your information is not shared with anyone pretending to be you or someone who is not authorized to act on your behalf.
You may submit a verifiable request via our email address or mailing address listed in the “Contact Us” section below, or as otherwise provided on our Website. Vibit will ask you to provide information about yourself so that we can verify your identity as part of this process. This information may include your name, your address, and any other information deemed necessary by Vibit to reasonably verify your identity, to ensure that your information is not shared with anyone impersonating you. Once we have your submission, we will compare the information you provided to the information we have about you to verify your identity.
We may ask for additional information if we have difficulty confirming your identity. We will not share your information or honor other requests in those situations in which we are unable to confirm a request for your information is a “verifiable request.” We will not be able to process your request if we cannot verify your identity.
Please note under Australian law that a consumer can appoint an “authorized agent” to make certain verifiable requests upon their behalf, such as the right to know what information we collect about the consumer or to request deletion of the consumer’s information. Because the security, integrity, and privacy of your information are paramount, we will ask that you identify and provide permission in writing for such persons to act as your authorized agent and to exercise your applicable rights under Australian law in such situations. This may require us to contact you directly and alert you that an individual has claimed to be your agent and is attempting to access or delete your information. We will also independently verify your identity to ensure that an unauthorized person is not attempting to impersonate you and exercise your rights without authorization. We will not share your information or honor any other requests in those situations where you cannot or do not grant permission in writing for an identified authorized agent to act on your behalf, or where we cannot independently verify your identity.
Under Australian law an Australian resident can appoint an “authorized agent” to make certain verifiable requests upon their behalf, such as the right to know what information we collect about the consumer or to request deletion of the consumer’s information. An authorized agent may submit a request by following the steps outlined above. An authorized agent must identify the consumer he or she is submitting a request on behalf of, and provide the information requested by Vibit to verify the consumer’s identity. Vibit will also require the purported authorized agent to submit proof that he or she has been authorized by the consumer to act on the consumer’s behalf.
Because the security and privacy of your information is paramount, we will ask that you identify and provide permission in writing for such persons to act as your authorized agent and exercise your applicable rights under Australian law in such situations. This may require us to contact you directly and alert you that an individual has claimed to be your agent and is attempting to access or delete your information. We will also independently verify your identity to ensure that an unauthorized person is not attempting to impersonate you and exercise your rights without authorization. We will not share your information or honor any other requests in those situations where you cannot or do not grant permission in writing for an identified authorized agent to act on your behalf, or where we cannot independently verify your identity.
Please note that we will only process valid rights requests as they apply to Australian residents and EU data subjects.
XV. Contact Us
By mail: 83 Green Tce, Windsor, QLD, 4030
By email: [email protected]