RPY Trade trading as The Core Collab (The Core Collab, we, us or our) operates the The Core Collabwebsite www.thecorecollab.com (the Website) which supplies reformers, and the The Core Collab Eat Sleep Reform Repeat application (the App) which offers a fitness program to subscribers.
We are committed to respecting and protecting the privacy of your personal information.
We will handle your personal information in accordance with applicable privacy and health records laws, including the Privacy Act 1988 (Cth) (Privacy Act) and its Australian Privacy Principles (APPs).
What is 'personal information’?
‘Personal information’ includes information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether or not the information is true and whether or not the information is recorded in a material form. For example, this may include your name, age, gender, postcode and contact details
Personal information includes ‘sensitive information’, which is a special subset of personal information. Sensitive information includes identifying health information about you (eg: details of your health and medical history). Sensitive information also includes information about racial or ethnic origin, political opinions or associations, religious or philosophical beliefs, and sexual orientation or practices.
Why we collect your personal information
We may collect personal information from you so that you can access and use our Website and App.
When you make a purchase on our Website, subscribe to our App, when you make an inquiry, or you otherwise contact us, we collect the personal information that you give us such as your name, your telephone number, your address and email address and your date of birth. We do this so that we can provide you with our goods and services. We also keep personal information so that we can respond to queries and provide support to you in your use of the Website and App.
We may collect 'sensitive information' from you. However, if we do, we will ask for specific consent for the collection and use of such.
If we do collect sensitive information, it would be in respect of health information and fitness history you have given us so that we can help with your fitness journey. We also do not seek out or collect information about your racial or ethnic origin, political opinions or associations, religious beliefs, or your sexual orientation or practice
You are not required to disclose your personal information to us. However, if you do not provide the information requested, you may not be able to receive the full benefit of our Website and App.
What types of personal information do we collect?
We may collect the following personal information when you access or use our Website and App:
When you contact us, make a purchase from our Website, subscribe to our App, or sign up to our marketing communications we will often collect some or all of the following information from you:
- your name, home address, email address and phone number;
- your age, date of birth and gender;
- your log in details and password used to sign in to your account on our App;
- your banking, payment and billing details;
- your social media accounts (eg: Facebook, Instagram and TikTok) where you have connected to us;
- any information you voluntarily share with us when you interact with us via phone, email, social media or other form of communication;
- your marketing preferences such as whether you wish to receive communications from us; and
- any other information you share with us as part of your interactions with us.
How do we collect your personal information?
We collect your personal information in a lawful and fair way and in a manner that is not unreasonably intrusive.
We collect your personal information when:
- you provide us with personal information and/or sensitive information when you contact us, when you make a purchase, when you use our Website, and when you subscribe to or use our App;
- you visit our Website;
- you access or use our App;
- you submit any forms or surveys via the Website or App
- you interact with us via phone, email, social media or any other form of communication;
- we collect your billing and payment information; and
- you agree to receive marketing or newsletter communications from us.
How do we use your personal information?
We collect information primarily to allow you to use and enjoy the benefits of the goods and services we supply, our Website and App.
Some of the reasons we collect and store your information include:
- to create and set up your account with us;
- to maintain your subscription on our App;
- to enable you to make a purchase of our goods and services;
- to prepare and deliver to you the goods and services you purchase;
- to allow you to access and use our App;
- to provide information about our products, Website and App including updates, competitions, promotions and marketing messages;
- to obtain feedback from you so we can continually enhance the experience of our Website and App;
- to record data and analytics for statistical and market analysis which allows us to improve our product offerings, Website and App;
- to respond to data requests from you and to fulfil our commitments to data storage and freedom of information under relevant governing agreements and regulations; and
- to allow us to effectively respond to your complaints and enquiries.
In addition, we may from time to time use some of your personal information for other purposes such as:
- to verify your information and identity and to protect against fraud and other unlawful activities;
- to confirm your identity in order to allow you to join community chats or notice boards that we maintain or moderate;
- to detect and prevent abuse of our goods and services (including by confirming your membership details and your use of our Website and App);
- to continually improve our product offering and the relevance of our marketing materials;
- to fulfil our reporting obligations to any relevant tax and regulatory bodies; and
- to share certain information with relevant third parties in order to provide services and marketing messages.
We may also use your personal information for purposes which are permitted under the applicable privacy laws, which include:
- where we use your information for purposes which are directly related to the main purpose for which we collected it, in circumstances where you would reasonably expect us to use your information for these purposes; or
- where we reasonably believe that use of your information is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety, and it is unreasonable or impracticable to obtain your consent.
Do we disclose your personal information to others?
We respect the privacy of your personal information and we take reasonable steps to keep it confidential and protected.
Certain aspects of our business (including the Website, the App and our payment systems) are integrated with third-party software and systems (third-party vendors) and, to provide the goods and services, we will need to disclose personal information to these third-party providers to the limited extent required to enable and support these integrated functions and to support the goods and services. We will endeavour to only disclose personal information to third parties with privacy policies in place that are committed to personal information security and complying with privacy laws.
We will not otherwise disclose your personal information to third parties unless it is consistent with the purpose for which we collected it, you have consented, or we are otherwise permitted or required to do so by law. This may include disclosure of your personal information in the following circumstances:
- disclosure to our consultants and trainers in order to provide you with the goods and services (including the content making up the goods and services);
- disclosure to payment providers (see further below);
- disclosure to our shipping and delivery providers (including but not limited to Australia Post, Toll, Shippit, Fed Ex and Allied Express);
- disclosure to comply with our legal obligations, including, but not limited to, where we are required to provide information under a subpoena or Court order or other mandatory reporting requirements under law;
- to communicate with the Office of the Australian Information Commissioner if you make a privacy complaint or that body makes an inquiry of us; or
- where this is reasonably necessary for the establishment, exercise or defence of any legal claim.
We refer you to the privacy policies of our third party providers:
We use third party payment gateway providers to process your payment, including but not limited to:
- GoHighLevel; and
- U Screen
For more insight, please refer to:
Will we transfer your personal information overseas?
As a rule of thumb, we generally do not transfer personal information overseas however we will do so where our suppliers require it (our cloud provider has data storage overseas or our payment providers have servers overseas).
In the event that we need to disclose personal information overseas, we will comply with the requirements of the Privacy Act when disclosing personal information overseas.
We will only disclose your personal information overseas if:
- our service providers have platforms or databases based overseas;
- you have provided your prior consent;
- the receiving person or organisation (such as a supplier described above) is subject to a law, binding scheme or binding contract that provides substantially similar protection to the APPs which you can access and enforce; or
- if the disclosure is otherwise required or authorised by law.
We will in all cases take reasonable steps to ensure that any such recipient of your personal information does not breach the APPs.
European Union General Data Protection Regulation (GDPR) and United Kingdom GDPR
If you are a resident of the European Economic Area you are protected by specific rights set out in the GDPR, including the following:
- the right to access your personal information at any time and make enquiries as to what information we are holding about you;
- the right to rectify or change your personal information at any time;
- the right to request deletion of your personal data at any time unless we are required to hold your data for legal or regulatory reasons;
- the right to restrict whatever personal information we hold about you;
- the right to request the transfer of your data to a relevant third party;
- the right to object to your personal information being used in a way that you do not like and request that we stop doing so. We will fulfil your request unless there is a legal or regulatory reason not to; and
If you are in the United Kingdom, post "Brexit", the United Kingdom implements the "UK GDPR" with the same key principles, rights and obligations as the GDPR.
If we intend to engage in any marketing communications, we may send you such communications in accordance with any previous consent you have provided or any marketing communication preferences that you have notified to us, and in accordance with the requirements under the Privacy Act and the Spam Act 2003 (Cth).
If you have previously agreed or consented to receiving marketing communications, but no longer wish to receive such marketing communications you can contact us using our contact details set out below to modify your preferences, or you can simply opt-out of such communications using the instructions or opt-out link provided in the marketing communication sent to you.
When you unsubscribe from our marketing communications, we will no longer contact you with marketing messages. However, this will not remove your personal information from our systems and will not result in you not receiving any communications from us. We will still have the right to communicate with you regarding operational and administrative matters in respect of the products we have supplied to you, the Website or the App (eg: we may contact you in respect of payment information, your member account or to require you to update your computer settings). If you would like for us to completely remove your personal information, you can contact us using our contact details set out below however we are not required to delete your personal information if we have a regulatory, operational or administrative requirement to keep it.
In no instance will we:
- sell or transfer your personal information to a third party for their marketing purposes; or
- use your sensitive health information for marketing purposes.
Quality of the personal information we hold
We take reasonable steps to ensure that the personal information we collect, use and disclose is accurate, up-to-date, complete, relevant and not misleading. You can assist us in keeping your personal information accurate by informing us of any updates to your personal information using our contact details below (when you interact with us and when you hold an account with us, you have an obligation to keep your details accurate and up-to-date).
How can you access and correct your personal information?
You have a right to seek access to, and correction of the personal information we hold about you.
If you have an account with us you can log into your account and access the personal information we hold about you.
You can also request access to the personal information that we hold about you using our contact details set out below.
In certain circumstances, we may refuse to allow you access to your personal information where this is authorised by the law, such as where providing access would have an unreasonable impact on the privacy of other individuals, providing access would pose a serious threat to the life or health of any person or to public health or safety, or giving access would be unlawful.
If you believe that the personal information we hold about you requires correction (for example, because the information is inaccurate, out-of-date, incomplete, irrelevant or misleading), you may request that the information be corrected using our contact details set out below.
If we refuse your request for access or correction, we will provide you with reasons for the refusal in writing, and details about how you may complain about the decision.
How do we protect your personal information?
We take reasonable steps to protect personal information we hold about you from misuse, interference and loss, and from unauthorised access, modification, disclosure and destruction.
We use physical and technological security measures to protect the personal information we hold. We endeavour to work with suppliers and providers who work to keep data secure.
We may hold your personal information in a number of ways (including electronically and in physical format). When we store information electronically, this may be on our computer systems, databases, software programs, third party clouds, internet servers and hosted internet solutions, which are protected through necessary security systems including firewalls, security systems and passwords.
We use a third-party platform with cloud storage provider with servers located in Australia which uses industry standard security measures.
We are committed to complying with the mandatory ‘notifiable data breach’ scheme (the NDB scheme) under the Privacy Act. The NDB scheme applies when an ‘eligible data breach’ of personal information occurs.
An ‘eligible data breach’ occurs when:
- there is unauthorised access to or unauthorised disclosure of personal information, or a loss of personal information, that an organisation holds;
- this is likely to result in serious harm to one or more individuals; and
- the organisation has not been able to prevent the likely risk of serious harm with remedial action
An organisation may take remedial steps to prevent the likelihood of serious harm occurring for any affected individuals after a data breach has occurred, in which case, the data breach is not an ‘eligible data breach’.
Where we have reasonable grounds to believe that we have experienced an eligible data breach (and remedial action cannot be used), we will promptly notify affected individuals and the Office of the Australian Information Commissioner about the breach in accordance with the Privacy Act.
Our website and cookies
Where you upload information via our Website or the App, including via the "Contact Us" contact form, by the very act of your upload you consent to us keeping your personal information for the purposes of dealing with your inquiries and our supply of goods and services to you.
We will deal with any personal information collected via our website in accordance with this Policy and the law.
We also collect data through our use of ‘cookies’, 'beacons' and other internet technologies.
Cookies are small data files which are stored on your device’s browser. Cookies are stored in order for your internet browser to navigate a website. Cookies will not identify you, but they do identify your internet service provider, browser type and browsing habits.
A web beacon is a technique used on web pages and emails to unobtrusively check that a user has accessed some content.
The default setting of most internet browsers is to accept cookies automatically, but you can choose whether to allow cookies through your browser settings. Please note that if you deactivate your cookies, you may have difficulty accessing or using our Website and App.
We also collect your IP address to create an audit trail of events that take place on our Website and App, and to track and aggregate non-identifiable information, your referring website addresses, browser type and access times.
If we provide links through our Website or App to third-party websites, add-ins, plug-ins and applications, those links are provided for convenience and may not remain current or be maintained.
Privacy related questions and complaints
We respect your privacy and we take all feedback, input, complaints and concerns regarding privacy very seriously.
Contact Us: www.thecorecollab.com/contact; or
Telephone number: +61 or
Address:RPY Trade Pty Ltd trading as The Core Collab(Attn: Privacy Officer)
Where you contact us, we will respond to you as soon as possible, but no later than 30 days from receipt of your question or complaint.
If you are not satisfied with our response, or if you do not wish to raise a question or complaint with us directly, you may wish to contact the Office of the Australian Information Commissioner at www.oaic.gov.au.