Forty Winks values its relationship with its customers and the public, and is committed to protecting the privacy of individuals.
The last update to this policy was 21 December 2021.
In this document: • "APPs" means the Australia Privacy Principles set out in the Privacy Act; • "personal information" has the meaning set out in the Privacy Act, and (in summary) means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or otherwise; • "Privacy Act" means the Privacy Act 1988 (Cth); and • "sensitive information" has the meaning set out in the Privacy Act, and includes certain specific types of personal information such as health information, and information about a person's racial or ethnic origin, sexual orientation or practices, criminal record, religious beliefs or affiliations, political opinions, membership of a political, professional or trade association, and biometric and genetic information.
Forty Winks does not collect personal information unless it is reasonably necessary for us to carry out our functions and activities. We only collect such information by lawful and fair means and in an unobtrusive way.
We may collect your personal information in a number of ways. The most common ways we collect personal information are:
when you create a user account on the Website or make an appointment using the Website;
when you make an inquiry or order in relation to goods or services, including through our Website or in-store;
when you use the bedMATCH diagnostic system in-store or the bedMATCH profiler online via our Website;
via our Franchisees if you purchase goods or services from them;
if you signed up to receive special offers and marketing materials from Forty Winks (e.g. via our Website or if you requested one of our Franchisees to add you to our marketing database);
If we collect personal information about you from a third party we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.
The types of personal information we collect about you depends on the circumstances in which the information is collected. Typically, the types of personal information we may collect can include (but is not limited to) your name, address, email address and phone numbers. If we enter into contracts with you, request or receive goods or services from us or have any other commercial dealings with us, we may also collect your signature, credit card and /or banking details and billing information. In relation to customers and prospective customers:
If you are an individual contractor to us or apply for a role with us, we may also collect information relevant to your engagement with us including qualifications, length of engagement, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records and logs of your usage of our equipment (e.g. phones, computers and vehicles).
If you attend a premises we operate or manage, we may:
If you call us via telephone, we may monitor and in some cases record such telephone conversations for staff training, quality assurance and record-keeping purposes. If we communicate with you by email, we may use technology to identify you so that we will be in position to know when you have opened the email or clicked on a link in the email.
If you access our Website, we may utilise cookies to collect additional information about your use of our Website and apps. Please see section 10 below for further details.
If when you are on our Website and you have provided us with permission to access your device location, we may collect information about your geographical location. This allows us to notify you of the closest stores to your current location.
We only collect sensitive information about you with your consent, or otherwise in accordance with the Privacy Act. The main types of sensitive information we may collect include:
If you do provide sensitive information to us for any reason (for example, if you provide us with information about an injury or allergy you have), you consent to us collecting that information and to us using and disclosing that information for the purpose for which you disclosed it to us and as permitted by the Privacy Act and other relevant laws.
In addition to the types of personal information identified above, we may collect personal information as otherwise permitted or required by law. Where you do not wish to provide us with your personal information, we may not be able to provide you with requested goods or services and/or certain functionality of our Websites and apps.
As a general rule, we only process personal information for purposes that would be considered relevant and reasonable in the circumstances. The purposes for which we use and disclose your personal information will depend on the circumstances in which we collect it. Whenever practical we endeavour to inform you why we are collecting your personal information, how we intend to use that information and to whom we intend to disclose it at the time we collect your personal information.
We may use or disclose your personal information:
In general we collect, use and disclose your personal information so that we can do business together and for purposes connected with our business operations.Some of the specific purposes for which we collect, hold, use and disclose personal information are as follows:
our Franchisees and their staff;
our sales representatives;
our suppliers, contractors and organisations that provide us with technical and support services or who manage some of our business functions, including without limitation:
mailing houses – we do not sell your personal details but we use mailing houses for the purpose of communication with you;
providers of IT services and ecommerce / online shopping solutions such as gateway providers, data hosting providers and merchant facility providers;
delivery service providers;
marketing agencies and advertising partners;
Kingsdown (the provider of the bedMATCH diagnostic system);
our suppliers, including in relation to warranty issues;
credit or deferred payment providers that you elect to use in order to purchase our goods and services and to assist you to make payments;
our related entities (who may use and disclose the information in the same manner we can);
our accountants, insurers, lawyers, auditors and other professional advisers;
any third parties to whom you have directed or permitted us to disclose your personal information (e.g. referees);
in the unlikely event that we or our assets may be acquired or considered for acquisition by a third party, that third party and its advisors;
credit reporting agencies for credit rating and fraud protection services; and
government regulatory authorities.
We may also disclose your personal information in accordance with any consent you give or where disclosure is authorised, compelled or permitted by law.
If we disclose personal information to a third party, we generally require that the third party only use it as reasonably required for the purpose we disclosed it to them and otherwise in a manner consistent with the APPs under the Privacy Act (for example, where commercially practicable, by including suitable privacy and confidentiality clauses in our agreement with the third party recipient).
If you post information to certain public parts of our Website, apps or to our social media pages, you acknowledge that such information may be available to be viewed by the public. You should use discretion in deciding what information you upload to such sites.
Some of the third parties to whom we disclose personal information may be located outside Australia. The countries in which such third party recipients are located depend on the circumstances. Whenever we transfer your personal information outside of Australia, we will do so in accordance with the requirements of applicable privacy and data protection laws.
From time to time we may also engage an overseas recipient to provide services to us, such as cloud-based storage solutions. Please note that the use of overseas service providers to store personal information will not always involve a disclosure of personal information to that overseas provider.
By providing your personal information to us, you consent to us disclosing your personal information to any such overseas recipients for purposes necessary or useful in the course of operating our business, and agree that APP 8.1 will not apply to such disclosures. For the avoidance of doubt, in the event that an overseas recipient breaches the Australian Privacy Principles, that entity will not be bound by, and you will not be able to seek redress under, the Privacy Act.
Like most businesses, marketing is important to our continued success. We therefore like to stay in touch with customers and let them know about new offers and opportunities. We may provide you with information about products, services, offers and promotions either from us, our Franchisees or from third parties which may be of interest to you, where:
you have consented to us doing so; or
it is otherwise permitted by law.
Direct marketing can be delivered by a range of methods including mail, telephone, email or SMS. You can unsubscribe from our direct marketing or change your preferences via the Forty Winks Preference Centre found in the footer of our email communications or by contacting us (see section 16 below). If you wish to unsubscribe from direct marketing you have received from a Franchisee, please contact that Franchisee directly.
We collect information in relation to employees as part of their application and during the course of their employment, either from them or in some cases from third parties such as recruitment agencies, referees, government bodies (e.g. police checks, if required) and academic and professional bodies (e.g. to validate details and currency of qualifications). Such information may include contact details, qualifications, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records and logs of your usage of our equipment (e.g. phones, computers and vehicles). Under the Privacy Act, personal information about a current or former employee may be held, used or disclosed in any way that is directly connected to the employment relationship. We handle employee information in accordance with legal requirements and our applicable policies in force from time to time.
Our Website may contain links to other websites operated by third parties. We make no representations or warranties in relation to privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices and procedures.
We will take reasonable steps to keep any personal information we hold secure. We will hold personal information as either secure physical records, electronically on our intranet system or in cloud storage on third party servers, which may be located overseas.
We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.
We will reasonably attempt to ensure that the personal information we hold about you is accurate, up to date and complete. To assist us to do this please provide us with the correct information and inform us if your details have changed. This can be done via the Forty Winks Preference Centre found in the footer of our email communications or by providing us with details of any changes to your information by contacting our Privacy Officer (see section 16 below).
You may contact our Privacy Officer (see section 16 below) to request access to the personal information that we hold about you and/or to make corrections to that information, at any time. On the rare occasions when we refuse access (which we will only do in accordance with applicable laws), we will provide you with a written notice stating our reasons for refusing access.
We may seek to recover from you reasonable costs incurred for providing you with access to the personal information we hold about you. We are not obliged to correct any of your personal information if we do not agree that it requires correction and may refuse to do so. If we refuse a correction request, we will provide you with a written notice stating our reasons for refusing. We will respond to all requests for access to or correction of personal information within a reasonable time.
We take all complaints seriously, and will respond to your complaint in accordance with any applicable timeframes imposed by law and otherwise within a reasonable period. We request that you cooperate with us during this process and provide us with any relevant information that we may need.
If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner: Office of the Australian Information Commissioner GPO Box 5218, Sydney NSW 2001 Telephone: 1300 363 992 Email: firstname.lastname@example.org
The contact details for our Privacy Officer are as follows:
Privacy Officer Forty Winks Franchising Pty Ltd
88-90 Peters Avenue Mulgrave, Vic 3170