INTRODUCTION
The Total Coach website, apps and related products and services (together, Services) are provided by Andark Holdings Limited, a New Zealand company, doing business as Total Coach (we, us, our).
We comply with the New Zealand Privacy Act 2020 (NZ Privacy Act) and other applicable privacy and data protection laws (including, where applicable, the General Data Protection Regulation of the European Union (GDPR) and the equivalent laws of the United Kingdom (UK GDPR)) when dealing with personal information.
Personal information is information about an identifiable individual (a natural person), and includes personal data, personally identifiable information and equivalent information under applicable privacy and data protection laws.
This policy does not limit or exclude any of your rights under the NZ Privacy Act or other applicable privacy and data protection laws.
If you are located in the European Union (EU) or the United Kingdom (UK) and access or use our Services or have other dealings with us, the additional terms in GDPR Addendum below (GDPR Addendum) apply to you.
This policy was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal information. We are happy to provide any additional information or explanation needed. Any request for further information should be sent to hello@totalcoach.com.
CHANGES TO THIS POLICY
We may change this policy by uploading a revised policy onto our website. The change will apply from the date that we upload the revised policy.
This policy was last updated on Feb 12, 2024.
This privacy policy applies to the personal information we collect:
from visitors to our website;
for our own business purposes from users of our Services; and
from other persons with whom we deal directly.
Users of our Services (Users) may collect personal information from individuals (e.g. their employees and customers) and upload, store or process that information (User Data) to or in our Services.
Our Users determine what and how they collect, use, disclose and transfer User Data. This means that our Users’ collection and use of User Data is governed by their privacy policy and practices, not ours. For the purposes of the NZ Privacy Act, we are our Users’ agent when processing User Data. For the purposes of the GDPR and the UK GDPR, our Users are the data controller when storing or otherwise processing User Data and we are the data processor. For the purposes of the California Consumer Privacy Act of 2018 (CCPA), we are a service provider to our Users when processing User Data.
We only process User Data as authorised by our Users in our Total Coach Terms of Use (available at Terms of Use) and we require our Users to comply with applicable privacy and data protection laws. Unless required otherwise under applicable law, if we receive any request or enquiry relating to User Data, we will forward this request to our relevant User.
The remainder of this privacy policy does not apply to User Data.
We do not knowingly collect or solicit personally identifiable information from a child under 16 without obtaining verifiable consent from that child’s parent or guardian. If you are a child under 16, please do not attempt to send any personal information about yourself to us before we obtain parental consent. Please review this privacy policy with your parent or guardian and make sure you understand it.
[We do not intend to collect personal information from or about children aged under 16. If you have reason to believe that we have collected personal information from or about a child under the age of 16 without verifiable consent from that child’s parent or guardian, please contact us athello@totalcoach.com.]
Personal information we collect directly from you
We collect personal information about you from you, when you provide that personal information to us, including via our website, through any registration or subscription process, through any contact with us (e.g. telephone call or email), or when you buy or use our Services.
The personal information we collect may include:
names
phone numbers
email addresses
mailing addresses
job titles
usernames
passwords
contact preferences
contact or authentication data
billing addresses
[when you post information for publication on our website or on the app (e.g. on message boards or chat rooms), the information you include in those posts]
We do not process sensitive information.
[We may collect some of this information using third-party authentication services (as described further in the from third party sources section below).]
Some of the personal information that we collect directly from you may be mandatory and some may be optional. We will let you know which of these applies at the time we collect the relevant personal information. While you do not have to provide us with some of the information that we may request, this might mean that our Services may not perform as well as they should, or that we may not be able to provide some parts of our Services to you. If you require further information about the consequences of not providing us with any information, please contact us at hello@totalcoach.com.
We use Stripe to process credit card transactions. We do not have access to your credit card information. You can see further information about how Stripe processes your credit card information in its privacy policy at https://stripe.com/en-nz/privacy.
Automatically when you use our Services
We automatically collect certain information when you visit, use, or navigate our Services. This information does not reveal your specific identity (like your name or contact information) but may include the following:
Log and usage data: Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your Internet Protocol (IP) address, device information, browser type and settings, referring URLs, information about your activity in our Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called 'crash dumps'), and hardware settings).
Device Data: We collect device data such as information about your computer, phone, tablet, or other device you use to access our Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, device name, language preferences, country, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.
Some of this data is collected through third party tools and/or the use of cookies, web beacons and similar storage technologies. Please refer to our cookie policy available at cookie policy for further information, including information on how you can disable these technologies.
Mobile device access and data
If you use the Total Coach mobile app, we may collect the following information if you choose to provide us with access or permission:
Mobile device access: We may request access or permission to certain features from your device, including your device's storage, calendar, camera, and other features. If you wish to change our access or permissions, you may do so in your device's settings.
Mobile device data: We automatically collect device information (such as your device ID, model, and manufacturer), operating system, version information and system configuration information, device and application identification numbers, browser type and version, hardware model Internet service provider and/or mobile carrier, and IP address (or proxy server). We may also collect information about the phone network associated with your device, your device’s operating system or platform, the type of device you use, your device’s unique device ID, and information about the features of our mobile app you accessed.
From third party sources
[Where possible, we collect personal information from you directly. However, sometimes we may collect:
[personal information that is publicly available (e.g. through LinkedIn profiles or public directories)]
[personal information from third parties where you have authorised this. This may include accessing certain personal information from third party social media or other authentication services (e.g. Facebook, Google or LinkedIn) if you login to your account with us using these services or otherwise provide us access to information from these sources. The third party provider that we use will be displayed and you can visit its privacy policy for further details on how it deals with personal information]
[personal information about you from our trusted advertising partners which may include demographic information, browsing history, location and online behavioural or profile information]
[We may combine the personal information about you that we receive from third parties with the personal information we collect from you directly or with device and usage data we collect automatically when you visit our website or the app.]]
[We do not collect personal information from third parties.]
We may use your personal information:
to facilitate account creation and authentication and otherwise manage your user account
to provide our Services to you
to respond to communications from you, including enquiries and complaints
to send administrative information to you, e.g. details about our Services, changes to our terms and policies, and other similar information
to bill you and collect money that you owe us, including authorising and processing credit card transactions
to enable user-to-user communications, if you choose to use any of our offerings that allow for communication with another user
[to publish comments on message boards or chat rooms on our website or within our apps) ]
to request feedback and to contact you about your use of our Services
to market our Services to you, including contacting you electronically (e.g. by text or email for this purpose)
to develop and deliver personalised content and advertising tailored to your interests, location, and more
to protect our Services, including to monitor and prevent fraud
to improve our Services and the effectiveness of our marketing and promotional campaigns
to save or protect an individual’s vital interest, such as to prevent harm
to conduct research and statistical analysis (on an anonymised basis)
to protect and/or enforce our legal rights and interests, including defending any claim
to respond to lawful requests by public authorities, including to comply with law enforcement requirements, or
for any other purpose authorised by you or applicable law.
You can stop receiving our marketing emails by following the unsubscribe instructions included in those emails or contacting us at hello@totalcoach.com.
We may request to send you push notifications regarding your account or certain features of the Total Coach app. If you wish to opt out from receiving these types of communications, you may turn them off in your device's settings.
We may transfer your information in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition.
We may disclose your personal information to:
another company within our group
any business that supports our Services, including any person that hosts or maintains any underlying IT system or data centre that we use to provide our Services or that we use to process payments
third parties (for anonymised statistical information)
professional advisers e.g. accountants, lawyers or auditors
a person who can require us to supply your personal information (e.g. a law enforcement agency or regulatory authority)
any other person with your consent
any other company in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition
any other person authorised by applicable law.
If you are under 16 and use our Services, you understand that your parent will have access to information about you held in the Services.
[When you share personal information (for example, by posting comments, contributions, or other content to our Services) or otherwise interact with public areas of our Services, such personal information may be viewed by all users and may be publicly made available outside our Services in perpetuity. If you interact with other users of our Services and register for our Services through a social network (such as Facebook), your contacts on that social network will see your name, profile photo, and descriptions of your activity. Similarly, other users will be able to view descriptions of your activity, communicate with you within our Services, and view your profile.]
[Our Services may display a third-party hosted offer wall (Offer Wall). The Offer Wall allows third-party advertisers to offer virtual currency, gifts, or other items to users in return for the acceptance and completion of an advertisement offer. An Offer Wall may appear in our Services and be displayed to you based on certain data, such as your geographic area or demographic information. When you click on an Offer Wall, you will be brought to an external website belonging to other persons and will leave our Services. A unique identifier, such as your user ID, will be shared with the Offer Wall provider in order to prevent fraud and properly credit your account with the relevant reward.]
Also, we may share:
your information with certain Google Maps Platform APIs (e.g. Google Maps API, Places API). You can see Google’s privacy policy at https://policies.google.com/privacy
information about your use of our Services with our trusted advertising and analytics partners through the use of cookies, web beacons, and similar storage technologies. Please refer to our cookie policy available at cookie policy
We will not sell or share (as those terms are defined in the CCPA) personal information about you.
A business that supports our Services may be located outside of New Zealand (the country where we are incorporated) and also outside of the country where you are located. This means that the personal information we collect may be transferred to, and stored in, a country outside of New Zealand and the country where you are located. In particular, our website and apps are hosted in Australia.
If you are located in the EU or UK, your personal information may be transferred outside of the European Economic Area (EEA). Please see the GDPR Addendum for further information about personal data transfers from the EEA.
As required by applicable law, we will take steps to keep your personal information safe from loss, unauthorised activity, or other misuse. We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks inherent in processing personal information.
You play an important role in keeping your personal information secure by maintaining the confidentiality of any password and accounts used in relation to our Services. You should not disclose your password to third parties. Please notify us immediately if there is any unauthorised use of your account or any other breach of security.
Subject to certain grounds for refusal under applicable law, you have the right to access your personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.
Where you request a correction, if we think the correction is reasonable and we are reasonably able to change your personal information, we will make the correction. In all other cases, we will take reasonable steps to make a note of the personal information that was the subject of your correction request.
If you want to exercise either of the above rights, email us at hello@totalcoach.com. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information to be corrected and the correction that you are requesting).
Subject to applicable law, we may charge you our reasonable costs of providing to you copies of your personal information or correcting that information.
In addition to the rights to access and correct your personal information set out above, if you are based in the EU or UK, you have the additional rights set out in the GDPR Addendum.
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
[If you post comments on message boards or chat rooms on our website or app, you do so at your own risk. If you post your personal information as part of those comments, you acknowledge and agree that the information you post is publicly available. You should review your comments before posting them to ensure that you are not posting personal information you do not want to make public. We cannot control the actions of other users who may have access to your comments. You understand and acknowledge that, even after removal, copies of your comments may remain viewable in cached and archived pages or if other users have copied or stored your comments.]
If you follow a link on our website or app to another website, the owner of that website will have its own privacy policy relating to your personal information. We suggest you review that website’s privacy policy before you provide personal information to that owner or website.
We use cookies (an alphanumeric identifier that we transfer to your computer’s hard drive so that we can recognise your browser) to monitor your use of the website or app. You may disable cookies by changing the settings on your browser or in the app, although this may mean that you cannot use all of the features of the website or the app. For further details, please refer to our cookie policy available at cookie policy.
The personal information that we collect and use will not be kept longer than necessary for the purposes for which it is collected, or for the duration required for compliance with applicable law, whichever is longer.
If you have any question about this privacy policy, or our privacy practices, or if you would like to request access to, or correction of, your personal information, you can contact us at hello@totalcoach.com.
If you are located in the EU or UK and access or use our Services or have other dealings with us, this GDPR Addendum forms part of our privacy policy.
The GDPR and UK GDPR regulate the collection, processing and transfer of EU and UK (respectively) individuals’ personal data (as defined in the GDPR and UK GDPR). The personal information described in our privacy policy is personal data under the GDPR and UK GDPR. We are committed to complying with the GDPR and UK GDPR when dealing with personal data of our website visitors and Service users based in the EU or UK.
This GDPR Addendum was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal data. However, we are happy to provide any additional information or explanation needed. Any requests for further information should be sent to hello@totalcoach.com.
For the purposes of the GDPR and UK GDPR:
we are the data controller (as defined in the GDPR and UK GDPR) when processing personal data we collect:
from visitors to our website;
for our own business purposes from users of our Services; and
from other persons with whom we deal directly; and
our Users are the data controller when processing User Data.
We will not process User Data except as provided in our Total Coach Terms of Use (available at Terms of Use and we require our Users to comply with applicable privacy and data protection laws. Unless required otherwise under applicable law, if we receive any request or enquiry relating to User Data, we will forward this request to our relevant User.
The remainder of this GDPR Addendum does not apply to User Data.
Our lawful basis for processing (as that term is defined in the GDPR and UK GDPR) personal data that we collect, use and disclose depends on the personal data collected and the context in which we collect it.
Generally, we collect personal data from you where we have your consent, where processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, or where processing is necessary for the purposes of our legitimate interests (except where such interests are overridden by your interests or fundamental rights and freedoms).
Where we process personal data based on your consent, you may withdraw your consent at any time.
Despite the above, we may process your personal data where:
such processing is necessary for compliance with applicable laws; or
we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
If you have any question about the legal basis on which we process personal data or need further information, please contact us at hello@totalcoach.com.
Your rights in relation to your personal data include:
right of access - if you ask us, we will confirm whether we are processing your personal data and provide you with a copy of that personal data
right to rectification - if the personal data we hold about you is inaccurate or incomplete, you have the right to have it rectified or completed. We will take reasonable steps to ensure inaccurate personal data is rectified. If we have shared your personal data with any third party, we will tell them about the rectification where possible
right to erasure - when your personal data is no longer needed for the purposes for which you provided it, we will delete it. You may request that we delete your personal data and we will do so if deletion does not contravene any applicable law. If we have shared your personal data with any third party, we will take reasonable steps to inform those third parties that they must delete your personal data
right to withdraw consent - if the basis of our processing of your personal data is consent, you can withdraw that consent at any time
right to restrict processing - you may request that we restrict or block the processing of your personal data in certain circumstances. If we have shared your personal data with any third party, we will tell them about this request where possible
right to object to processing - you may request that we stop processing your personal data at any time and we will do so to the extent required by the GDPR and/or UK GDPR (as applicable)
rights related to automated decision-making, including profiling - you have the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where such automated decision-making is necessary for entering into, or the performance of, a contract with you, is authorised by applicable laws or is based on your explicit consent. We do not undertake automated individual decision-making.
right to data portability - you may obtain your personal data from us that you have consented to give us or that is necessary to perform a contract with you. We will provide this personal data in a commonly used, machine-readable and interoperable format to enable data portability to another data controller. Where technically feasible, and at your request, we will transmit your personal data directly to another data controller
right to complain to a supervisory authority - you can report any concern you have about our privacy practices to your local data protection authority.
Where personal data is processed for the purposes of direct marketing, you have the right to object to such processing, including profiling related to direct marketing.
If you would like to exercise any of your above rights, please contact us at hello@totalcoach.com. If you are not satisfied by the way we deal with your query, you may refer your query to your local data protection authority.
If you are located in the EU, your personal data may be transferred outside of the EEA. Under the GDPR, the transfer of personal data to a country outside the EEA may take place where the European Commission has decided that the country ensures an adequate level of protection. In the absence of an adequacy decision, we may transfer personal data if other appropriate safeguards are in place.
If you are located in the UK, your personal data may be transferred outside of the UK. Under the UK GDPR, the transfer of personal data to a country outside the UK may take place where the European Commission (as at 31 December 2020) or the UK government has decided that the country ensures an adequate level of protection. In the absence of an adequacy decision, we may transfer personal data if other appropriate safeguards are in place.
Where we transfer personal data outside the EEA or UK, it will only be transferred to countries that have been identified as providing adequate protection for EU/UK data, or to a third party where approved transfer mechanisms are in place to protect your personal data (e.g. by entering into the European Commission’s Standard Contractual Clauses). For further information, please contact at hello@totalcoach.com.
Some of the personal data we collect is processed in New Zealand. New Zealand is recognised for GDPR and UK GDPR purposes as a country that has an adequate level of data protection and we rely on this decision in transferring personal data to New Zealand.
Some of the personal data we collect is processed in Australia.
If you have any question about this GDPR Addendum, or our data protection practices, or if you would like to exercise any of the rights set out above, you can contact us at hello@totalcoach.com.
The name and contact details of our Data Protection Officer for the purposes of the GDPR and the UK GDPR are:
Name | Ahmad Khudeish |
Email address | |
Phone number | +64 211 475 147 |