As part of your service it is expected that you will require participants in your courses to disclose detailed personal information including their contact details, weight, height, goals and achievements. You may also be collecting information from your website visitor’s activities including data from cookies, google analytics and other information which you may use to assess how people use your website.
If you send direct marketing emails to your clients, you should set out how they can unsubscribe or limit this communication via your website. This should generally alert the client to the fact that they can end their subscription by hitting an unsubscribe button or by emailing you.
You should set out the sensitive information that you will be collecting from your customers as this has a separate set of protections under the Privacy Act 1988 (Cth). You will likely be collecting health information which could be considered sensitive, including details in relation to injuries and ailments. You may also be collecting information about people’s philosophical or religious beliefs in relation to their eating and dietary requirements.
Third Party Disclosure
You should set out when and how any personal information will be shared with third parties and how personal data is stored. For example you should set out whether your data is stored in Australia or overseas. You should also set out the third party products or applications you use and disclose personal information to. This could include marketing tools, advertising tools, payment portals and other third party sites. You should set out the security measures you have in place to protect personal and sensitive information but should state that beyond the standard security measures you cannot guarantee the safety of the data. Customers and visitors should ensure that they also back up their own personal information as required.