Who we are
In short, we only collect data that is relevant to the services we provide, we keep it secure, and do not share it with anyone unless required to under law or where you agree to share it.
Full details are provided below.
Information we collect
Vitality Works may collect information:
- – that you provide for the purpose of registering with Vitality Works;about your use of Vitality Works websites and services, including when and where you visit and which pages you look at;
- – you provide us in the Wellbeing 360 online health assessment platform;about your preferences, interests and goals that you specify in the VitalityHub online health portal;
- – relating to personal health and / or medical data that we collect when conducting health checks on behalf of your employer;
- – relating to personal health and / or medical data that we collect when conducting pre-employment health checks on behalf of a potential employer;
- – captured via wearable devices, including activity levels, step counts, calories burned, etc, where you choose to associate these with your Vitality Works account;
- – you provide during participation in team challenges such as Fit24 or 10,000 steps;
- – you share through your profile in VitalityHub, or with others during team challenges;about the device you are using to access Vitality Works’ services (such as your hardware model, operating system version);
- – from cookies stored on your device by your browser;that you send to us directly via phone, text, post, email or through any of Vitality Works’ platforms.
Information we don’t collect
Vitality Works does not collect:
- – information about your use of websites and services other than those provided by Vitality Works;
- – personal details beyond those required to register and use the Vitality Works services (for example we do not collect details of your home address);
- – credit card or bank details – where Vitality Works offers services which require payment via credit card or bank transfer, these are handled by accredited payment service providers, and at no time does Vitality Works have access to your credit card number or bank details;
- – geographic location information derived from IP addresses, GPS, cell towers or wireless access points.
How we may use that information
Vitality Works may use your personal information to:
- – enable your access to and use of Vitality Works’ websites and services;monitor use of the websites and services;
- – analyse data you provide in Wellbeing 360 to provide you with a personal summary of your health and recommendations for ways to improve this;
- – tailor content in the VitalityHub to align with your stated interests and preferences, and recommendations from the Wellbeing 360 assessment if you have undertaken one;
- – perform health checks and health monitoring for your own benefit, and / or in support of terms of employment and employment legislation;
- – reply to questions you raise with us;
- – send you information that you request.
Keeping your private data private
We keep the personal and health data that you provide to Vitality Works private.
We do not sell, rent, trade or in any other way share your private data with any other individual, your employer, other companies, health authorities, or government agencies (unless required to by law).
For some services we may use third party service providers to help us operate our business or administer activities on our behalf, such as sending out newsletters or surveys. We may share information with these third parties for those limited purposes only.
For some services, we do provide your employer with anonymised, aggregate reports to allow them to determine where best to invest in future health and wellbeing programs, but no personally identifiable information is ever shared with them.
For some services, where a condition of your employment is undergoing health monitoring (such as eyesight or hearing screening), key results from these tests are provided to your employer, but only those that are of direct relevance to your ability to perform your job and any associated legislative requirements.
We do also provide anonymised information to select academic institutions in support of health and wellbeing research. This anonymised data does not contain your name, email address, phone number or staff number, or any other personally identifiable information.
We never provide your contact details (or any other information) to other companies for purposes of marketing or other services.
Where your data is stored
– Your data will be securely held in Microsoft Azure in Australia.
– Any data transferred overseas will be anonymised and only used for reporting and academic research.
– If your base of employment / domicile is in another country, please note that your data will be stored in Australia.
Keeping your data secure
Vitality Works keeps your data secure through:
- – encrypting services using an SSL secured communication channel, to prevent your personal data being intercepted between our servers and your PC / tablet / smart phone;
- – encrypting data held on our servers, which reside in secure data centres;never sharing your personal data with anyone, including your line manager or HR manager;
- – regularly reviewing the security of our systems and operational processes;regularly being audited by a specialist security consultancy to protect against unauthorized access to our systems;
- – restricting access to personal information to specific Vitality Works employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
Notifiable Privacy Breach
If we become aware that there has been a notifiable privacy breach of your personal information (being a privacy breach that has caused or is likely to cause you serious harm), we will, in accordance with the Privacy Act, notify:
(a) the Privacy Commissioner
(b) you (individually or by public notice), unless we are not required to notify you because specific exceptions in the Privacy Act apply relating to your health or safety or the safety of another person, national security or law enforcement or a trade secret, or we are required to delay notifying you because notification or public notice may have risks for the security of the personal information we hold that outweigh the benefit of notifying you.
Accessing and updating your personal information
Where possible, we aim to provide you with access to your personal information, and give you ways to update / correct, except where prohibited by legislation (for instance, you would not be able to change the results of an eyesight test conducted on behalf of your employer).
In some cases you may need us to update your information on your behalf. In such instances, we will ask you to verify your identity before we can act on your request. If we are unable to verify your identity to our satisfaction, we will refuse to make changes that you request.
Deleting your personal information
If you request that your personal information is deleted, we will remove all personally identifiable attributes (name, email address, contact details) from your records, unless we need to retain that information for legitimate business or legal purposes.
How you can make a privacy complaint
If you wish to make a complaint, please contact the Vitality Works Privacy Officer via email@example.com. We will acknowledge your complaint with 10 working days, and will contact you in an attempt to resolve your complaint.
We work with the regulatory authorities in New Zealand and Australia to resolve any complaints regarding the storage and use of personal data that we cannot resolve with our users directly.
We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect.
For any queries about our use or handling of personal information, or if you wish to make a complaint, please direct any enquiries to our Privacy Officer via: firstname.lastname@example.org.