Forty Winks Franchising Pty Ltd ABN 38 059 512 640 and Forty Winks Online Pty Ltd ABN 37 145 962 385 (Forty Winks, we, us, our) and its related bodies corporate is committed to complying with applicable privacy laws in relation to the personal information that we collect in the course of running our business.
Authorised Forty Winks franchisees (Franchisees) are independent entities and not related to Forty Winks and may have privacy policies which differ from ours. Franchisees are responsible for their own privacy policies and privacy practices. Please contact your Franchisee directly for further information.
2. Key definitions
In this document:
• "APPs" means the Australia Privacy Principles set out in the Privacy Act;
• "personal information" has the meaning set out in the Privacy Act, and (in summary) means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or otherwise;
• "Privacy Act" means the Privacy Act 1988 (Cth); and
• "sensitive information" has the meaning set out in the Privacy Act, and includes certain specific types of personal information such as health information, and information about a person's racial or ethnic origin, sexual orientation or practices, criminal record, religious beliefs or affiliations, political opinions, membership of a political, professional or trade association, and biometric and genetic information.
3. How we collect your personal information
Forty Winks does not collect personal information unless it is reasonably necessary for us to carry out our functions and activities.We only collect such information by lawful and fair means and in an unobtrusive way.
We may collect your personal information in a number of ways. The most common ways we collect personal information are:
- when you create a user account on the Website or make an appointment using the Website;
- when you make an inquiry or order in relation to goods or services, including through our Website or in-store;
- when you use the bedMATCH diagnostic system in-store or the bedMATCH profiler online via our Website;
- via our Franchisees if you purchase goods or services from them;
- if you signed up to receive special offers and marketing materials from Forty Winks (e.g. via our Website or if you requested one of our Franchisees to add you to our marketing database);
- when you request product information, publications or other materials to be sent to you;
- when conducting customer satisfaction and market research surveys;
- when you upload content to or interact (in an identifiable manner) with our Websites or our social media pages;
- if you are a representative of a supplier or service provider, when on-boarding, contacting, administering and performing contracts with that supplier or service provider;
- when you apply for a role with us;
- from correspondence (whether in writing or electronically) or when you contact us via telephone or other means;
- from our delivery service providers, if they collect personal information to confirm the delivery (e.g. a copy of the delivery recipient's drivers licence);
- if you attend any of our premises, we may record certain contact details so that we can comply with applicable laws, and we may also record your image and/or voice if we have surveillance systems operating at those premises;
- from public sources and third parties, such as recruitment agencies and referees (e.g. if you apply for a role with us); and
- as otherwise required to manage our business.
If we collect personal information about you from a third party we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.
4. Types of personal information we collect
The types of personal information we collect about you depends on the circumstances in which the information is collected. Typically, the types of personal information we may collect can include (but is not limited to) your name, address, email address and phone numbers.
If we enter into contracts with you, request or receive goods or services from us or have any other commercial dealings with us, we may also collect your signature, credit card and /or banking details and billing information. In relation to customers and prospective customers:
- if you utilise our bed match service (either in-store or online), Forty Winks and the relevant Franchisee will collect details about you such as your height, weight, width of your shoulders, hips and waist, so that we can identify the best bed type for you and make product recommendations;
- Forty Winks, its Franchisees and its delivery fulfilment providers may also request to see relevant identification (such as a your drivers' licence) and take a copy of such identification, so we can verify your address and confirm that delivery has been made;
- we may collect relevant purchasing and sales information so that we can offer and provide with you relevant goods or services;
- we collect your preferences and other information via information you provide to us via the Forty Winks Preference Centre found in the footer of our email communications;
- if you elect to use one of our credit or deferred payment providers, the relevant provider may also request details such as a copy of your driver's licence, passport or proof of age, details of income, assets and debts, and your employer's name and contact details (however such details are provided to the relevant provider directly and are not collected or stored by Forty Winks).
If you are an individual contractor to us or apply for a role with us, we may also collect information relevant to your engagement with us including qualifications, length of engagement, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records and logs of your usage of our equipment (e.g. phones, computers and vehicles).
If you attend a premises we operate or manage, we may:
- collect certain contact details that you provide to us (which may be via digital check-in apps), including the date and time of attendance, including so that we can comply with applicable laws (such as public health directives). If we collect such information to comply with a particular law, we will only use and disclose it in accordance with applicable laws; and
- record your image and/or voice through the use of Closed-Circuit Television (CCTV) systems, for the purposes of managing security of the premises and health and safety of occupants and the public generally.
If you call us via telephone, we may monitor and in some cases record such telephone conversations for staff training, quality assurance and record-keeping purposes. If we communicate with you by email, we may use technology to identify you so that we will be in position to know when you have opened the email or clicked on a link in the email.
If you access our Website, we may utilise cookies to collect additional information about your use of our Website and apps. Please see section 10 below for further details.
If when you are on our Website and you have provided us with permission to access your device location, we may collect information about your geographical location. This allows us to notify you of the closest stores to your current location.
We only collect sensitive information about you with your consent, or otherwise in accordance with the Privacy Act. The main types of sensitive information we may collect include:
- details of injuries(i,e. health information) that may occur on our premises or arising through the use of our goods or receipt of services;
- details of disabilities or allergies (i.e. health information) you notify us of so we can accommodate any special requirements when you attend our premises; and
- details of an existing physical condition or injury such as back pain (i.e. health information) via our bedMATCH diagnostic system. This information is collected by the supplier of the bedMATCH diagnostic system, Kingsdown, and shared with us so we can recommend the most appropriate product for you.
If you do provide sensitive information to us for any reason (for example, if you provide us with information about an injury or allergy you have), you consent to us collecting that information and to us using and disclosing that information for the purpose for which you disclosed it to us and as permitted by the Privacy Act and other relevant laws.
In addition to the types of personal information identified above, we may collect personal information as otherwise permitted or required by law. Where you do not wish to provide us with your personal information, we may not be able to provide you with requested goods or services and/or certain functionality of our Websites and apps.
5. Our purposes for handling your personal information
As a general rule, we only process personal information for purposes that would be considered relevant and reasonable in the circumstances. The purposes for which we use and disclose your personal information will depend on the circumstances in which we collect it. Whenever practical we endeavour to inform you why we are collecting your personal information, how we intend to use that information and to whom we intend to disclose it at the time we collect your personal information.We may use or disclose your personal information:
In general we collect, use and disclose your personal information so that we can do business together and for purposes connected with our business operations.Some of the specific purposes for which we collect, hold, use and disclose personal information are as follows:
- for the purposes for which we collected it (and related purposes which would be reasonably expected by you);
- for other purposes to which you have consented; and
- as otherwise authorised or required by law.
- to provide you with our goods and services, or to direct you to a Franchisee that can do so;
- if you are a supplier or service provider, to receive goods or services from you;
- to consider you for a job (whether as an employee or contractor) or other relationships with us;
- to provide you with tax invoices for our goods and services and, if you have ordered goods from us, dispatch and tracking information, returns and exchange authorisations;
- to manage and administer any warranty claims, and to contact you in relation to any recalls affecting products you purchase from us or our Franchisees;
- to confirm your identity;
- to send you special offers and marketing messages (see section 8 below);
- to operate, monitor, develop and improve our Website and our goods and services;
- to optimise and customise the user experience (including content and advertising) for users of the Websites;
- to facilitate communications via our Website, social media platforms or third party websites/platforms, including communications with us or with other users of those platforms via direct messaging and posting to forums;
- where you have provided us with access to your geographical location via our Website or via third party websites/platforms, we may send you push notifications and other electronic communications (including SMS) for purposes including but not limited to notifying you of relevant promotions, special offers, store updates, stock availability and to provide accurate product pricing or shipping quotes;
- to facilitate your entry and participation in a competition or trade promotion;
- to protect the security and integrity of the Website;
- to obtain your feedback and level of satisfaction with our goods and services and in relation to your dealings with our Franchisees (either directly or through our service providers and marketing agencies);
- to comply with our legal and regulatory obligations;
- to protect the security, health and safety of our premises, facilities, personnel and visitors; • to address any issues or complaints that we or you have regarding our relationship; and
- to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.
6. Who do we disclose your personal information to
- our Franchisees and their staff;
- our sales representatives;
- our suppliers, contractors and organisations that provide us with technical and support services or who manage some of our business functions, including without limitation:
- mailing houses – we do not sell your personal details but we use mailing houses for the purpose of communication with you;
- providers of IT services and ecommerce / online shopping solutions such as gateway providers, data hosting providers and merchant facility providers;
- delivery service providers;
- marketing agencies and advertising partners;
- Kingsdown (the provider of the bedMATCH diagnostic system);
- our suppliers, including in relation to warranty issues;
- credit or deferred payment providers that you elect to use in order to purchase our goods and services and to assist you to make payments;
- our related entities (who may use and disclose the information in the same manner we can);
- our accountants, insurers, lawyers, auditors and other professional advisers;
- any third parties to whom you have directed or permitted us to disclose your personal information (e.g. referees);
- in the unlikely event that we or our assets may be acquired or considered for acquisition by a third party, that third party and its advisors;
- credit reporting agencies for credit rating and fraud protection services; and
- government regulatory authorities.
We may also disclose your personal information in accordance with any consent you give or where disclosure is authorised, compelled or permitted by law.
If we disclose personal information to a third party, we generally require that the third party only use it as reasonably required for the purpose we disclosed it to them and otherwise in a manner consistent with the APPs under the Privacy Act (for example, where commercially practicable, by including suitable privacy and confidentiality clauses in our agreement with the third party recipient).
If you post information to certain public parts of our Website, apps or to our social media pages, you acknowledge that such information may be available to be viewed by the public. You should use discretion in deciding what information you upload to such sites.
7. Overseas transfers of personal information
Some of the third parties to whom we disclose personal information may be located outside Australia. The countries in which such third party recipients are located depend on the circumstances. Whenever we transfer your personal information outside of Australia, we will do so in accordance with the requirements of applicable privacy and data protection laws.
From time to time we may also engage an overseas recipient to provide services to us, such as cloud-based storage solutions. Please note that the use of overseas service providers to store personal information will not always involve a disclosure of personal information to that overseas provider.
By providing your personal information to us, you consent to us disclosing your personal information to any such overseas recipients for purposes necessary or useful in the course of operating our business, and agree that APP 8.1 will not apply to such disclosures. For the avoidance of doubt, in the event that an overseas recipient breaches the Australian Privacy Principles, that entity will not be bound by, and you will not be able to seek redress under, the Privacy Act.
8. Direct marketing and special offers
Like most businesses, marketing is important to our continued success. We therefore like to stay in touch with customers and let them know about new offers and opportunities. We may provide you with information about products, services, offers and promotions either from us, our Franchisees or from third parties which may be of interest to you, where:
- you have consented to us doing so; or
- it is otherwise permitted by law.
Direct marketing can be delivered by a range of methods including mail, telephone, email or SMS. You can unsubscribe from our direct marketing or change your preferences via the Forty Winks Preference Centre found in the footer of our email communications or by contacting us (see section 16 below). If you wish to unsubscribe from direct marketing you have received from a Franchisee, please contact that Franchisee directly.
We collect information in relation to employees as part of their application and during the course of their employment, either from them or in some cases from third parties such as recruitment agencies, referees, government bodies (e.g. police checks, if required) and academic and professional bodies (e.g. to validate details and currency of qualifications). Such information may include contact details, qualifications, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records and logs of your usage of our equipment (e.g. phones, computers and vehicles).
Under the Privacy Act, personal information about a current or former employee may be held, used or disclosed in any way that is directly connected to the employment relationship. We handle employee information in accordance with legal requirements and our applicable policies in force from time to time.
We may use third party vendors to show our ads on sites on the internet and serve these ads based on a user’s prior visits to our Website and other internet activity. We may also use analytics data supplied by these vendors to inform and optimise our ad campaigns.
Our Website may contain links to other websites operated by third parties. We make no representations or warranties in relation to privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices and procedures.
12. Security and protection of personal information
We will take reasonable steps to keep any personal information we hold secure. We will hold personal information as either secure physical records, electronically on our intranet system or in cloud storage on third party servers, which may be located overseas.
We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.
13. Ensuring accuracy of the personal information we hold
We will reasonably attempt to ensure that the personal information we hold about you is accurate, up to date and complete. To assist us to do this please provide us with the correct information and inform us if your details have changed. This can be done via the Forty Winks Preference Centre found in the footer of our email communications or by providing us with details of any changes to your information by contacting our Privacy Officer (see section 16 below).
14. Accessing and correcting your personal information
You may contact our Privacy Officer (see section 16 below) to request access to the personal information that we hold about you and/or to make corrections to that information, at any time. On the rare occasions when we refuse access (which we will only do in accordance with applicable laws), we will provide you with a written notice stating our reasons for refusing access. We may seek to recover from you reasonable costs incurred for providing you with access to the personal information we hold about you.
We are not obliged to correct any of your personal information if we do not agree that it requires correction and may refuse to do so. If we refuse a correction request, we will provide you with a written notice stating our reasons for refusing. We will respond to all requests for access to or correction of personal information within a reasonable time.
15. Privacy Complaints Process
When contacting us please provide as much detail as possible in relation to your question, concern or complaint.
We take all complaints seriously, and will respond to your complaint in accordance with any applicable timeframes imposed by law and otherwise within a reasonable period. We request that you cooperate with us during this process and provide us with any relevant information that we may need.
If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner:
Office of the Australian Information Commissioner
GPO Box 5218, Sydney NSW 2001
Telephone: 1300 363 992
16. Contact details of Privacy Officer
The contact details for our Privacy Officer are as follows:
Forty Winks Franchising Pty Ltd
88-90 Peters Avenue
Mulgrave, Vic 3170