Independent Purchasing Company (Australiasia) Limited Privacy Policy
Independent Purchasing Company (Australasia) Limited (IPC Asia Pacific) and its subsidiaries (“we”, “our” or “us”) respect and are committed to protecting the personal information we each collect. IPC Asia Pacific is bound by the Australian Privacy Principles in the Privacy Act 1988 (Cth) (the Privacy Act) and its subsidiaries may be bound by applicable legislation in other jurisdictions.
This Privacy Policy explains how we collect, use, disclose and hold personal information. Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
This Privacy Policy applies to all personal information gathered by us, whether in writing, verbally or electronically through any website operated by us (including www.ipcasiapacific.com). However, it does not apply to our subsidiary Subcard Australia Pty Ltd, which has its own privacy policy available at https://www.subcard.com.au/privacy-policy.
This Privacy Policy does not govern the privacy practices and procedures of independently owned and operated Subway® restaurants and we encourage you to review their respective privacy policies which disclose each entity’s privacy practices and procedures.
Kinds of personal information we collect and hold
The kinds of personal information we collect and hold about you depends on the nature of your dealings with us and the circumstances of collection, including whether we collect the information from you as a Subway® franchisee (franchisee), a supplier or distributor with whom we work to deliver goods or services to a franchisee, a service provider, a job applicant or in some other capacity.
For example, if you are a franchisee in Australia or New Zealand, we may collect and hold the following personal information about you:
- Information that you provide by filling in our Confirmation of IPC Asia Pacific Shareholder Details and Shareholder Register forms including your names, telephone and mobile telephone numbers and email addresses
- Details regarding the contracts and arrangements you have entered into with suppliers and/or distributors sourced by IPC Asia Pacific; and
- Certain details regarding your franchise with Subway® network.
Subway® network includes (but not limited to), Franchise World Headquarters, LLC, Subway International B.V., Subway Systems Australia Pty Ltd, Doctor's Associates LLC, Franchisee Shipping Center Co., LLC, Subway IP LLC, Subway Real Estate, LLC, Subway Franchisee Advertising Fund Trust Ltd Subway Restaurant Management (Shanghai) Co., Ltd and Subway Systems Singapore Pte Ltd.
IPC Asia Pacific’s subsidiaries may collect like information about you (including any franchisees) in the countries in which they carry on business.
As franchisees in Australia or New Zealand are Members of IPC Asia Pacific, the Corporations Act 2001 (Cth) requires us to collect the name and address of current franchisees in Australia or New Zealand and to include that information in a register of Members. If you do not provide any of the information we need to establish and administer your membership you will not be able to become a Member.
We also collect personal information about individuals who are, or are employees of, suppliers and distributors with whom we work to deliver goods or services to franchisees, and our service providers. For these people we usually only collect name and business or work contact details.
If you are a registered user of one of our websites, we will collect your name, contact details, username and password and any other information you choose to provide to us. We may also collect information about your use of the website.
We may collect geolocation information if you use Subway® location-based products.
If you deal with us in some other capacity, we may collect your name and contact details and any other information you choose to provide to us.
If you contact us, we may keep a record of that correspondence. We may also collect details of any other interactions you have with us.
We do not generally collect sensitive information, and we will only collect sensitive information about you with your consent (unless we are otherwise required or authorised by or under law to do so). Sensitive information is a special category of personal information and includes health information and information about an individual’s racial or ethnic origin, political opinions or memberships, religious or philosophical beliefs or affiliations, professional or trade memberships or associations, sexual orientation or practices or criminal record.
If you are or become an employee, the handling of your personal information may be exempt from the Australian Privacy Principles if it is directly related to your current or former employment relationship with us.
Collection of personal information regarding children
Our websites are not targeted towards children under 13. If you are a child under 13 please, do not submit any personal information about yourself on our websites without getting permission from your parent(s) or guardian(s) first.
Children’s privacy is very important to us. We work closely with Subway® Franchise World Headquarters (FWH), whose servers are located in the United States, and which adheres to the United States Children's Online Privacy Protection Act (COPPA). We will not knowingly allow anyone under thirteen (13) years of age to provide us with any personal information about themselves (such as their names, e-mail address, and phone number) over the Internet. If a child under 13 has done so without the consent of a parent or legal guardian, we ask the parent or legal guardian of that child to contact our Privacy Officer immediately using the contact details below.
We will provide parents or legal guardians notice by e-mail of any material changes in the way we intend to collect, use, and/or share their child’s personal information. If you would like to review any personal information that we have collected online from your child (if any), have the personal information deleted, and/or request that there be no further collection or use of your child's personal information, or if you have questions about our privacy practices, you may contact our Privacy Officer using the contact details below.
How we collect personal information
Generally, we collect personal information directly from you, such as when you submit information to us either personally, by phone, electronically or in any other manner. We may also collect your personal information when we provide a service to you, including when you register for or use services on one of our websites (including www.ipcasiapacific.com).
From time to time, you may provide us, and we may collect from you, personal information of another person. You are responsible for the disclosure to us of such personal information and confirm that you have the right to provide that personal information to us. Where you provide personal information of another person, it is also your responsibility to ensure that person is aware of this Privacy Policy.
We also collect personal information through:
- publicly available records and social networking and media sites
- third party service providers
- service companies; and
- our business partners.
We may combine information you have provided to us with information that we or others have collected about you.
You may use a referral feature (either on a web page, in an e-mail, from a banner ad or other communication) to inform a friend about one of our web pages or promotions. You are solely responsible for the disclosure to us of such third-party personal information and confirm that you have the right to provide that third-party personal information to us. Where you provide such third-party personal information, it is also your responsibility to ensure that those persons are aware of this Privacy Policy.
How we store and protect your personal information
We generally hold personal information in computer systems, including computer systems operated for us by our service providers. We regard the security of your personal information as a priority and implement a number of industry-standard physical and electronic practices to protect your personal information from misuse, interference and loss, and unauthorised access, modification or disclosure, including the use of encryption mechanisms (e.g., Secure Socket Layers or SSLs), password protection, and other security measures. We remind you, however, that the Internet is not a secure environment and although all care is taken, we cannot guarantee the security of information you provide to us via electronic means.
We take reasonable steps to destroy or permanently de-identify personal information when we no longer need it.
Phishing-Identity theft and the practice currently known as “phishing” are of great concern to us. Accordingly, safeguarding information to help protect you from identity theft is a top priority. We do not and will not, at any time, request your credit card information, your account ID, login password, or government identifiers in a non-secure or unsolicited e-mail or telephone communication.
We take all reasonable steps to ensure that your personal information is accurate, up-to-date, complete, and relevant. You can help us by letting us know (using the contact details at the end of this policy) about any changes to your personal information, such as your address and phone number.
The purposes for which we collect, hold, use and disclose personal information
We collect, hold, use and disclose personal information for a range of purposes, including:
- to respond to your enquiries
- to provide franchisees and their team members with information, products or services requested from us by franchisees or Subway® Group entities
- if you are a registered user of one of our websites, to administer your access and use of that website
- to comply with our legal obligations
- to manage our relationships with our stakeholders, franchisees, suppliers, and distributors with whom we work and our service providers
- to perform research and analysis, and improve or develop our products or services
- to send surveys to franchisees
- for our administrative purposes and internal record keeping
- to provide customer service or technical support, and deal with any complaints or feedback you have; and
- to consider job applicants for current and future employment.
We may also use franchisee personal information to provide a franchisee with information about goods and services which may be of interest unless the franchisee asks us not to. If we are unable to collect personal information from or about you, we may not be able to respond to your requests or enquiries or engage in certain other dealings with you. We do not sell personal information to third parties.
In conducting our business, we may disclose your personal information to third parties for the purposes outlined above. These third parties may include, where appropriate:
- Subway® network, subsidiaries and third parties that are a party to a service agreement with Subway® network
- Promotions and advertising entities
- consultants
- service companies
- couriers and freight providers
- Franchise World Headquarters (FWH)
- appropriate Subway® Group’s area Development Agents and franchisees
- third party service providers (including but not limited to credit card processors, mailing houses, web hosts, technical support providers, telecommunications carriers and carriage service providers, fulfillment centres, and enforcement and/or investigative entities
- any regulatory or other body if required to do so by law; and
- if you are a job applicant, referees whose details you have provided to us.
We may use Google Analytics (or a similar tool) to help us better serve our customers through improved products, services, and revisions.
IPC Asia Pacific may share personal information with its subsidiaries and IPC Asia Pacific's subsidiaries may share information with IPC Asia Pacific.
We require our agents and service providers to agree in writing to maintain the confidentiality and security of personal information they maintain on our behalf. We also require any third parties we retain to protect personal information disclosed by us in accordance with applicable privacy laws.
The personal information you provide to us is considered a company asset and may be disclosed and/or transferred to a third party in the event of a proposed or actual purchase, sale, lease, merger, amalgamation or any other type of acquisition, disposal, or financing of all or any portion of us or of any of our business assets or shares or a division thereof.
We may also use and disclose your personal information:
- to enforce our policies or contracts
- to collect amount owed to us
- for security purposes
- to protect users of our sites from fraudulent or abusive use
- during emergencies when safety is at risk; and
- for other purposes required or authorised by or under law (including purposes for which you have provided your consent).
Overseas disclosure of personal information
Some of our subsidiaries and service providers are located outside Australia. In particular, we may disclose your personal information to our subsidiaries, advertising entities, service companies, leasing affiliates and third party service providers in Japan, Indonesia, Taiwan, the United States, Singapore, New Zealand, China, South Korea, Philippines, Vietnam, Malaysia, Thailand and Hong Kong.
Some of these countries may not have the same or substantially similar privacy laws as those set out in the Australian Privacy Principles.
Marketing and your rights
We may use and disclose your personal information to send direct marketing to you from us and third parties who provide services to us by a range of means, including by phone or email or in any other manner permitted by law.
The direct marketing may relate to:
- our products and services
- the products and services of our franchisees, service companies, business partners and Franchise World Headquarters (FWH)
- the products and services of other parties; and
- new developments we believe may be of interest to you.
You may opt-out of receiving this direct marketing through the unsubscribe function that will be made available to you with each direct marketing communication, or by contacting our Privacy Officer using the contact details below.
You have the right to ask us not to use your personal information for direct marketing purposes. If you do not want us to use your personal information, or to pass your personal information on to third parties so they can use it, to tell you about products and services which may be of interest to you then please tell us using the contact details below.
Links to third parties
Our websites (including www.ipcasiapacific.com) may contain links to other websites for your convenience and information. We do not control those websites or their privacy practices, which may differ from this Privacy Policy. We do not endorse or make any representations about third-party websites.
Our websites – cookies, internet protocol (IP) address, aggregate information
Cookies - We use data collection devices such as "cookies" on certain web pages to help analyse our web page flow and measure promotional effectiveness. This helps us to provide you with a good experience when you browse our websites and also allows us to improve our sites and services.
A few important things you should know about cookies are that:
- we offer certain features that are available only through the use of cookies
- we use cookies to better your web experience
- most cookies are "session cookies," meaning that they are automatically deleted from your hard drive at the end of a session; and
- you may encounter cookies from third parties on certain pages of the sites that we do not control, for example if you view a web page created by another user, there may be a cookie placed by that web page.
Web Beacon - Also called a web bug or a pixel tag or a clear GIF. We use pixels tags or transparent GIF files to help manage our online advertising and promotions.
With both cookie and tag technology, the information that we collect, and share is anonymous and not personally identifiable. It does not contain your name, address, telephone number, or email address.
Internet Protocol (IP) Address - We may use your IP address to help diagnose problems with our server, to administer our websites and to maintain contact with you as you navigate through the websites.
Aggregate Information – is used to measure the visitors’ interest in, and use of, various areas of our websites and the various programs that we administer. Although we may share this aggregate information with third parties, none of this information will allow anyone to identify you, or to determine anything else personal about you.
Interest-bases/online behavioural advertising
On some pages of our sites we may allow third-party advertising partners to set web tracking tools to collect anonymous, non-personally identifiable information regarding your activities on those pages. We may also share such information we have collected with third-party advertising partners, who may use this information for purposes of delivering future targeted advertisements to you when you visit other (non-Subway®) sites within their networks.
While you may in some cases be able to opt-out of such uses, we may still collect non-personally identifiable information regarding your site activities and use it for non-interest-based advertising purposes as described in this Privacy Policy.
"Do not track"
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. We are committed to providing you with meaningful choices about the information collected on our websites for third party purposes, however we do not recognise or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT. To find out more about "Do Not Track," you may wish to visit http://www.allaboutdnt.com.
Access to information
Please contact our Privacy Officer using the contact details below if you wish to access or correct the personal information, we hold about you. To protect your privacy, we will take all reasonable steps to help verify your identity before granting access or making any changes.
Upon your request, we will generally provide you with access to your personal information (subject to some exceptions permitted by law). We may charge a fee for retrieving this information, in which case we will inform you of the fee and obtain your agreement to that fee before providing the information.
Complaints
Please contact our Privacy Officer using the contact details below if you have any concerns or complaints about the manner in which we have collected or handled your personal information. We will promptly acknowledge and investigate any complaint about the way we manage personal information. If you are not satisfied with our response, you can contact us to discuss your concerns or lodge a complaint with the Australian Information Commissioner (www.oaic.gov.au).
Changes to our privacy policy
We may update this Privacy Policy occasionally. If we do so, we will also revise the "Last reviewed" date below. If there are any material changes to this Privacy Policy, we will notify you by means of a notice on our home page. Any changes to this Privacy Policy are effective immediately after we post them.
We encourage you to review this Privacy Policy periodically to be informed of how we protect your personal information and to be aware of any changes to it.
Contact us
If you would like more information about our approach to privacy, please contact IPC Asia Pacific's Privacy Officer by:
- writing to PO Box 1028, North Sydney, NSW 2059 Australia
- email to [email protected] or
- calling +61 2 8908 7900