Sleep better with Sleepsavers. Shop Now

  

1. Introduction

Forty Winks Franchising Pty Ltd ABN 38 059 512 640 and Forty Winks Online Pty Ltd ABN 37 145 962 385 (Forty Winks, we, us, our) and its related bodies corporate is committed to complying with applicable privacy laws in relation to the personal information that we collect in the course of running our business. 

Authorised Forty Winks franchisees (Franchisees) are independent entities and not related to Forty Winks and may have privacy policies which differ from ours. Franchisees are responsible for their own privacy policies and privacy practices. Please contact your Franchisee directly for further information.

Please take a moment to read our Privacy Policy as it explains how we manage personal information including our obligations and your rights in respect of our dealings with your personal information.

We may, in connection with particular goods or services we offer or provide to you, make other privacy disclosures to you or seek your authority to use your personal information in ways which are different from or more specific than those stated in this Privacy Policy. In the event of any inconsistency between the provisions of this Privacy Policy and those other disclosures, the other disclosures will apply. Where applicable privacy laws provide for exceptions or exemptions, we may rely on those exceptions or exemptions in our information handling practices.

Forty Winks may amend this Privacy Policy at any time and for any reason. The updated version will be available at www.fortywinks.com.au (Website). Forty Winks may highlight changes to this Privacy Policy on the Website, but you should check the Privacy Policy regularly for changes.

This Privacy Policy (other than section 9) explains how we manage personal information about individuals other than employees. Section 9 explains the position of employees.

2. Key definitions

In this document:

  • "APPs" means the Australia Privacy Principles set out in the Privacy Act;
  • "personal information" has the meaning set out in the Privacy Act, and (in summary) means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or otherwise;
  • "Privacy Act" means the Privacy Act 1988 (Cth); and
  • "sensitive information" has the meaning set out in the Privacy Act, and includes certain specific types of personal information such as health information, and information about a person's racial or ethnic origin, sexual orientation or practices, criminal record, religious beliefs or affiliations, political opinions, membership of a political, professional or trade association, and biometric and genetic information.

3. How we collect your personal information

Forty Winks does not collect personal information unless it is reasonably necessary for us to carry out our functions and activities. We only collect such information by lawful and fair means and in an unobtrusive way.

We may collect your personal information in a number of ways. The most common ways we collect personal information are:

  • when you create a user account on the Website or make an  appointment using the Website;
  • when you make an inquiry or order in relation to goods or services, including through our Website or in-store;  
  • when you use the bedMATCH diagnostic system in-store or the bedMATCH profiler online via our Website;
  • via our Franchisees if you purchase goods or services from them;
  • if you signed up to receive special offers and marketing materials from Forty Winks (e.g. via our Website or if you requested one of our Franchisees to add you to our marketing database);
  • when you request product information, publications or other materials to be sent to you;
  • when conducting customer satisfaction and market research surveys;
  • when you upload content to or interact (in an identifiable manner) with our Websites or our social media pages;
  • if you are a representative of a supplier or service provider, when on-boarding, contacting, administering and performing contracts with that supplier or service provider;
  • when you apply for a role with us;
  • from correspondence (whether in writing or electronically) or when you contact us via telephone or other means;
  • from our delivery service providers, if they collect personal information to confirm the delivery (e.g. a copy of the delivery recipient's drivers licence);
  • if you attend any of our premises, we may record certain contact details so that we can comply with applicable laws, and we may also record your image and/or voice if we have surveillance systems operating at those premises;
  • from public sources and third parties, such as recruitment agencies and referees (e.g. if you apply for a role with us); and
  • as otherwise required to manage our business.

If we collect personal information about you from a third party we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.

4. Types of personal information we collect

The types of personal information we collect about you depends on the circumstances in which the information is collected. Typically, the types of personal information we may collect can include (but is not limited to) your name, address, email address and phone numbers.

If we enter into contracts with you, request or receive goods or services from us or have any other commercial dealings with us, we may also collect your signature, credit card and /or banking details and billing information.

In relation to customers and prospective customers:

  • if you utilise our bed match service (either in-store or online), Forty Winks and the relevant Franchisee will collect details about you such as your height, weight, width of your shoulders, hips and waist, so that we can identify the best bed type for you and make product recommendations;
  • Forty Winks, its Franchisees and its delivery fulfilment providers may also request to see relevant identification (such as a your drivers' licence) and take a copy of such identification, so we can verify your address and confirm that delivery has been made;
  • we may collect relevant purchasing and sales information so that we can offer and provide with you relevant goods or services;
  • we collect your preferences and other information via information you provide to us via the Forty Winks Preference Centre found in the footer of our email communications;
  • if you elect to use one of our credit or deferred payment providers, the relevant provider may also request details such as a copy of your driver's licence, passport or proof of age, details of income, assets and debts, and your employer's name and contact details (however such  details are provided to the relevant provider directly and are not collected or stored by Forty Winks).

If you are an individual contractor to us or apply for a role with us, we may also collect information relevant to your engagement with us including qualifications, length of engagement, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records and logs of your usage of our equipment (e.g. phones, computers and vehicles).

If you attend a premises we operate or manage, we may:

  • collect certain contact details that you provide to us (which may be via digital check-in apps), including the date and time of attendance, including so that we can comply with applicable laws (such as public health directives).  If we collect such information to comply with a particular law, we will only use and disclose it in accordance with applicable laws; and
  • record your image and/or voice through the use of Closed-Circuit Television (CCTV) systems, for the purposes of managing security of the premises and health and safety of occupants and the public generally.

If you call us via telephone, we may monitor and in some cases record such telephone conversations for staff training, quality assurance and record-keeping purposes.

If we communicate with you by email, we may use technology to identify you so that we will be in position to know when you have opened the email or clicked on a link in the email.

If you access our Website, we may utilise cookies to collect additional information about your use of our Website and apps. Please see section 10 below for further details. 

If when you are on our Website and you have provided us with permission to access your device location, we may collect information about your geographical location. This allows us to notify you of the closest stores to your current location.

We only collect sensitive information about you with your consent, or otherwise in accordance with the Privacy Act. The main types of sensitive information we may collect include:

  • details of injuries(i,e. health information) that may occur on our premises or arising through the use of our goods or receipt of services;
  • details of disabilities or allergies (i.e. health information) you notify us of so we can accommodate any special requirements when you attend our premises; and
  • details of an existing physical condition or injury such as back pain (i.e. health information) via our bedMATCH diagnostic system. This information is collected by the supplier of the bedMATCH diagnostic system, Kingsdown, and shared with us so we can recommend the most appropriate product for you.

If you do provide sensitive information to us for any reason (for example, if you provide us with information about an injury or allergy you have), you consent to us collecting that information and to us using and disclosing that information for the purpose for which you disclosed it to us and as permitted by the Privacy Act and other relevant laws.

In addition to the types of personal information identified above, we may collect personal information as otherwise permitted or required by law.

Where you do not wish to provide us with your personal information, we may not be able to provide you with requested goods or services and/or certain functionality of our Websites and apps.

5. Our purposes for handling your personal information

We may use or disclose your personal information:

  • for the purposes for which we collected it (and related purposes which would be reasonably expected by you);
  • for other purposes to which you have consented; and
  • as otherwise authorised or required by law.

In general we collect, use and disclose your personal information so that we can do business together and for purposes connected with our business operations.

Some of the specific purposes for which we collect, hold, use and disclose personal information are as follows:

  • to provide you with our goods and services, or to direct you to a Franchisee that can do so;
  • if you are a supplier or service provider, to receive goods or services from you;
  • to consider you for a job (whether as an employee or contractor) or other relationships with us;
  • to provide you with tax invoices for our goods and services and, if you have ordered goods from us, dispatch and tracking information, returns and exchange authorisations;
  • to provide you with aftercare support services and manage and administer any product warranty or guarantee claims you may have, and to contact you in relation to any recalls affecting products you purchase from us or our Franchisees;
  • to confirm your identity;
  • to send you advertising, special offers and marketing materials (see section 8 below);
  • to operate, monitor, develop and improve our Website and our goods and services;
  • to optimise and customise the user experience (including content and advertising) for users of the Websites;
  • to facilitate communications via our Website, social media platforms or third party websites/platforms, including communications with us or with other users of those platforms via direct messaging and posting to forums;
  • where you have provided us with access to your geographical location via our Website or via third party websites/platforms, we may send you push notifications and other electronic communications (including SMS) for purposes including but not limited to notifying you of relevant promotions, special offers, store updates, stock availability and to provide accurate product pricing or shipping quotes;
  • to facilitate your entry and participation in a competition or trade promotion;
  • to protect the security and integrity of the Website;
  • to obtain your feedback and level of satisfaction with our goods and services and in relation to your dealings with our Franchisees (either directly or through our service providers and marketing agencies);
  • to comply with our legal and regulatory obligations;
  • to protect the security, health and safety of our premises, facilities, personnel and visitors;
  • to address any issues or complaints that we or you have regarding our relationship; and
  • to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.

6. Who do we disclose your personal information to

We may disclose your personal information to third parties in connection with the purposes described in section 5 of this Privacy Policy.  This may include disclosing your personal information to the following types of third parties:

  • our Franchisees and their staff;
  • our sales representatives;

  • our suppliers, contractors and organisations that provide us with technical and support services or who manage some of our business functions, including without limitation:

    • mailing houses – we do not sell your personal details but we use mailing houses for the purpose of communication with you;
    • providers of IT services and ecommerce / online shopping solutions such as gateway providers, data hosting providers and merchant facility providers;
    • delivery service providers;
    • marketing agencies and advertising partners;
    • Kingsdown (the provider of the bedMATCH diagnostic system);
  • our suppliers, including in relation to warranty issues;

  • credit or deferred payment providers that you elect to use in order to purchase our goods and services and to assist you to make payments;

  • our related entities (who may use and disclose the information in the same manner we can);

  • our accountants, insurers, lawyers, auditors and other professional advisers;

  • any third parties to whom you have directed or permitted us to disclose your personal information (e.g. referees);

  • in the unlikely event that we or our assets may be acquired or considered for acquisition by a third party, that third party and its advisors;

  • credit reporting agencies for credit rating and fraud protection services; and

  • government regulatory authorities.

We may also disclose your personal information in accordance with any consent you give or where disclosure is authorised, compelled or permitted by law.

If we disclose personal information to a third party, we generally require that the third party only use it as reasonably required for the purpose we disclosed it to them and otherwise in a manner consistent with the APPs under the Privacy Act (for example, where commercially practicable, by including suitable privacy and confidentiality clauses in our agreement with the third party recipient).

If you post information to certain public parts of our Website, apps or to our social media pages, you acknowledge that such information may be available to be viewed by the public. You should use discretion in deciding what information you upload to such sites.

7. Overseas transfers of personal information

Some of the third parties to whom we disclose personal information may be located outside Australia.  The countries in which such third party recipients are located depend on the circumstances.   Whenever we transfer your personal information outside of Australia, we will do so in accordance with the requirements of applicable privacy and data protection laws.

From time to time we may also engage an overseas recipient to provide services to us, such as cloud-based storage solutions.  Please note that the use of overseas service providers to store personal information will not always involve a disclosure of personal information to that overseas provider. 

By providing your personal information to us, you consent to us disclosing your personal information to any such overseas recipients for purposes necessary or useful in the course of operating our business, and agree that APP 8.1 will not apply to such disclosures.  For the avoidance of doubt, in the event that an overseas recipient breaches the Australian Privacy Principles, that entity will not be bound by, and you will not be able to seek redress under, the Privacy Act. 

8. Marketing, advertising and special offers

Like most businesses, marketing and advertising is important to our continued success.  We therefore like to stay in touch with customers and let them know about new offers and opportunities. 

We may provide you with information about products, services, offers and promotions either from us, our Franchisees or from third parties which may be of interest to you, where:

  • you have consented to us doing so; or
  • it is otherwise permitted by law.

Direct marketing

Direct marketing can be delivered by a range of methods including mail, telephone, email, SMS or instant messaging / direct messaging (including on social media platforms such as Facebook Messenger and Instagram).

You can unsubscribe from our direct marketing or change your preferences via the Forty Winks Preference Centre found in the footer of our email communications or by contacting us (see section 16 below).

Email analytics

Like many organisations, we use e-mail analytics to track and measure the success of our e-mail newsletters and other e-mail campaigns.

We use various technologies (such as tracking pixels) to collect information such as: which of our emails you have opened, which links you have clicked, which email client you are using, whether you opened our e-mail on a computer or mobile device, and the geolocation of your IP address.  We use this data to analyse and improve the performance of our e-mail campaigns.

Internet advertising

We may also collect and use information about you for the purposes of online targeted advertising services that help our ads to reach you (and other people who may be interested in our products and services) on websites, apps and social media platforms across the Internet.  These online targeted advertising services are operated by third party vendors such as Meta (which operates Facebook and Instagram).

Some of these services work by using non-identifying data about your behaviour and demographics that has been collected through cookies and other tracking technologies (such as pixels and device identifiers) when you use the Internet, including when you move between different websites and apps and use different devices.  For example, third-party vendors may use cookies and/or device identifiers to serve ads based on your past visits to our websites.  Your browser or device may provide you with the option to disable or opt-out of some of these cookies and other tracking technologies (such as device identifiers).

Other services require us to use limited amounts of your personal information.  For example, we may include your information in a customer list that we provide to selected online advertising service providers so that we can conduct audience-based advertising.  This allows us to show our ads to you (if you also use those platforms) and to other users of those platforms who share similar characteristics with you.  The customer list is usually hashed (to improve security and confidentiality) before it’s processed by the service provider to target and serve our ads.

The data that is collected through these cookies and other tracking technologies, or provided by us, may be combined with other data (supplied by our advertising service provider, or third parties) to improve the targeting and serving of ads.

Our online advertising service providers also help us by measuring the effectiveness of our ad campaigns (e.g. conversion tracking) and providing us with analytics data that we use to inform and optimise our ad campaigns.  These analytics are based on data that may be collected through cookies and other tracking technologies.  The analytics data we receive is generally aggregated and non-identifying.

When we use any advertising service that requires us to use or disclose your personal information, we will only do so if we are permitted to do so by applicable privacy laws.  You can notify us at any time if you would like us to stop using your personal information for these targeted advertising purposes. Our contact details are set out in section 16 of this Privacy Policy.

You can also:

  • Opt-out of certain online targeted advertising networks directly by visiting:

  • view the relevant social media platform's website to learn more about how they collect and use your information and adjust your preferences regarding the types of advertising you are shown.

9. Employees

We collect information in relation to employees as part of their application and during the course of their employment, either from them or in some cases from third parties such as recruitment agencies, referees, government bodies (e.g. police checks, if required) and academic and professional bodies (e.g. to validate details and currency of qualifications).  Such information may include contact details, qualifications, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records and logs of your usage of our equipment (e.g. phones, computers and vehicles).

Under the Privacy Act, personal information about a current or former employee may be held, used or disclosed in any way that is directly connected to the employment relationship.  We handle employee information in accordance with legal requirements and our applicable policies in force from time to time.

10. Cookies

A cookie is a small text file stored in your computer’s memory or on your hard disk for a pre-defined period of time.  We use cookies to identify specific machines in order to collect aggregate information on how visitors are experiencing our Website.  This information will help to better adapt our Website to suit personal requirements.  While cookies allow a computer to be identified, they do not permit any reference to a specific individual.  For information on cookie settings of your internet browser, please refer to your browser’s manual.

We may use third party vendors to show our ads on sites on the internet and serve these ads based on a user’s prior visits to our Website and other internet activity.  We may also use analytics data supplied by these vendors to inform and optimise our ad campaigns.  Refer to section 8 of this Privacy Policy above for further details.

11. Links

Our Website may contain links to other websites operated by third parties.  We make no representations or warranties in relation to privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website.  Third party websites are responsible for informing you about their own privacy practices and procedures.

12. Security and protection of personal information

We will take reasonable steps to keep any personal information we hold secure.   

We will hold personal information as either secure physical records, electronically on our intranet system or in cloud storage on third party servers, which may be located overseas. 

We use a range of security measures to protect the personal information we hold, including by implementing IT security tools to protect our electronic databases. We also provide appropriate training to our staff that have access to personal information to ensure they are familiar with our Privacy Policy and our privacy and security processes and procedures.

We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.

13. Ensuring accuracy of the personal information we hold

We will reasonably attempt to ensure that the personal information we hold about you is accurate, up to date and complete. To assist us to do this please provide us with the correct information and inform us if your details have changed. This can be done via the Forty Winks Preference Centre found in the footer of our email communications or by providing us with details of any changes to your information by contacting our Privacy Officer (see section 16 below).

14. Accessing and correcting your personal information

You may contact our Privacy Officer (see section 16 below) to request access to the personal information that we hold about you and/or to make corrections to that information, at any time.  On the rare occasions when we refuse access (which we will only do in accordance with applicable laws), we will provide you with a written notice stating our reasons for refusing access.  We may seek to recover from you reasonable costs incurred for providing you with access to the personal information we hold about you.

We are not obliged to correct any of your personal information if we do not agree that it requires correction and may refuse to do so.  If we refuse a correction request, we will provide you with a written notice stating our reasons for refusing.

We will respond to all requests for access to or correction of personal information within a reasonable time.

15. Privacy Complaints Process

If you have any questions, concerns or complaints about this Privacy Policy or how we handle your personal information, including if you believe we have breached the APPs, please contact our Privacy Officer (see section 16 below).

When contacting us please provide as much detail as possible in relation to your question, concern or complaint.

We take all complaints seriously, and will respond to your complaint in accordance with any applicable timeframes imposed by law and otherwise within a reasonable period. We request that you cooperate with us during this process and provide us with any relevant information that we may need.

If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner:

Office of the Australian Information Commissioner

GPO Box 5218, Sydney  NSW  2001

Telephone: 1300 363 992

Email: [email protected]

16. Contact details of Privacy Officer

The contact details for our Privacy Officer are as follows:

Privacy Officer

Forty Winks Franchising Pty Ltd

88-90 Peters Avenue 

Mulgrave, Vic 3170

Email: [email protected]