Collection and Storage of Personal Information and Data
We may collect personal information (being information about a person from which their identity is apparent or can reasonably be determined). This information can include names, dates of birth, email addresses, home and work addresses, telephone numbers and photographs. It can also include such information (where applicable) about a Client, including a Primary Account Holder to whom a Mint profile pertains (“Client”). We will collect such information by lawful and fair means and not in an unreasonably intrusive way.
We may collect personal information in circumstances including:
- From you directly when you provide information to us (whether face to face or otherwise);
- When an individual signs-up or registers to use the Application;
- If material created by a Primary Account Holder include such personal information and is loaded into the Application by the Primary Account Holder or the Authorised Viewer in respect of that Primary Account Holder;
- In respect of sensitive information (as defined in privacy legislation) when such information is submitted in relation to a Primary Account Holder in posts made by that Primary Account Holder or an Authorised Viewer of the Primary Account Holder;
- When you enter into a transaction with us using a credit card or method of payment other than cash;
- When you interact with us on social media, visit our website and send an enquiry through or make a comment or other post at the Website;
- When you sign up or subscribe to an email marketing list;
- When we meet with an organisation wishing to do business with us (and an individual from that organisation provides personal information about themselves); and
- When evaluating job applicants and personnel which may include collection of details such as employment history and educational qualifications. This may include “sensitive information”.
Use of Personal Information
We use personal information only for the purpose it was provided or collected, including in the following ways:
- To respond to enquiries received from you;
- To perform authorised financial transactions with you and to help us to manage our accounts and administrative services;
- To verify your identity;
- To communicate with you and provide you (including through functionality provided with an Application) with information (whether by email, post or other means) about our services, where you have requested or consented to receiving this from us or where this provision is otherwise permitted under the relevant legislation.
- To notify you about changes to our services;
- To receive and address feedback or complaints from you;
- Incidentally, so that staff of Service Providers and their mentors may view some content of an account to which a Service Provider has lawful access for the purposes of their further professional development,;
- To protect our legal interests and fulfil our regulatory obligations (if and to the extent necessary); and
- In other circumstances, with your prior consent.
All those with whom we interact have the option to opt-out of receiving marketing communications from us. If you do not wish to continue to receive electronic marketing communications from us and/or selected third parties you should opt-out by clicking on the “unsubscribe” link in any email communications that we might send you. You acknowledge that some features of the Application may involve us providing through the Application recommendations or suggestions for goods, services or benefits that we offer.
We may use personal information for the purpose of marketing but only where such use complies with privacy legislation in effect in the relevant jurisdiction. We may, subject to legislative requirements, send occasional emails to you in relation to our current or future services. Any such emails will contain an unsubscribe link, enabling you to opt-out of these messages.
We take steps to regularly destroy data (being personal information and sensitive information) that does not need to be archived and to de-identify stored data where identification of a person is not reasonably required or necessary.
Disclosure of Personal Information
We will not sell your personal information to anyone. We share your personal information outside our organisation for limited purposes, such as to help us run our business and provide services. Those persons and business include:
- Organisations who carry out credit, fraud and other security checks;
- IT support providers; and
- Marketing businesses engaged by us to disseminate materials to which recipients have consented.
Mint enables Users to label or tag User posts and content in a way as to identify particular interests of a Primary Account Holder or features of a Primary Account Holder’s progress (for example, “lifestyle program’, ‘exercise”). This information may be provided to the staff of a Service Provider (if the Service Provider is an Authorised Viewer, to facilitate their understanding of the Primary Account Holder’s progress, development, interests etc).
We may also disclose your personal information to third parties outside our organisation:
- Where we have your express permission to do so or it can reasonably be inferred from the circumstances that you consent to the disclosure to the third parties;
- In relation to a Staff Profile, in response to a request from the Service Provider who controls/maintains the Provider Account to which your Staff Profile relates to;
- If Mint or Hestia, or substantially all of their assets were acquired by a third party, in which case personal information which we hold may be one of the transferred assets (subject to the same constraints on use and disclosure as under this policy); and
- If we are under a duty or have a legal right to disclose or share personal information in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions or to protect our rights, property, or the safety of our personnel and users. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We limit the information we provide to third parties to the information they need to help us provide or facilitate the provision of goods and services and associated purposes. We deal with third parties so that they are required to meet the privacy standards required by law in handling your personal information and are obliged to use your personal information only for the purposes that we give it to them.
Trans-border data flows
The vast majority of personal information we handle is stored and hosted in Australia. All personal information relating to Clients on Mint is hosted in Australia.
Some limited personal information may be provided to companies located overseas, where we use their software products to enable us to provide the Service (for example, conversion of images and videos to make them suitable for viewing online/ through a web browser). Such third parties located overseas are not permitted to (and are contractually obligated to not access or use the personal information provided except for the limited purposes for which they are provided the personal information. We only choose reputable service providers and our agreements with such third parties prevent them from using or disclosing to others the personal information we share with them, other than as is necessary to assist us.
Please note that personal information residing in other jurisdictions may be accessible to the local courts, law enforcement and national security authorities in that foreign jurisdiction.
Security of personal information
We take all reasonable steps to protect personal information, including through internal and external security measures, by restricting access to personal information to those who have a need to know, maintaining technological products to prevent unauthorised computer access and regularly reviewing our technology to maintain security. We choose technology partners based on their security and privacy policies and practices.
Personal information stored in our system is protected by electronic and procedural safeguards. We take reasonable precautions to protect personal information (and other content) from accidental loss and theft by storing it in secure data providers with off-site backups. Communication between Users and our servers is encrypted via industry-standard secure sockets layer (SSL).
The Application is protected by a secure and encrypted password that each User must choose themselves. Users should never share their passwords. Mint is not responsible for any loss of data or breach of privacy if a User shares their password with someone else. We do not store your password on our servers.
Mint takes all reasonable precautions to protect your data. Because internet transmissions cannot be guaranteed to be 100% secure, you acknowledge and agree that you use this service at your own risk.
In case of a breach of security safeguards, such as the loss of, unauthorised access to or unauthorised disclosure of personal information under Mint ’s control, and where the breach poses a real risk of significant harm to you, we will notify you and the appropriate Privacy Commissioner in Australia, as well as any other organisation that may reduce the risk or mitigate the harm from the breach.
Questions and concerns and access to/ correction or updating of your personal information
You have a right to access the personal information we hold about you.
You may have a right to have material that you have posted on the Website or to the Application removed by contacting our Privacy Officer.
To obtain a copy of the personal information we hold about you, or to update it, please write to us at:
The Privacy Officer Mint Moments Limited
PO Box 1280
New South Wales Australia 2099
or by email to: firstname.lastname@example.org
Please provide sufficient detail about the information in question to help us locate it. We will then use commercially reasonable efforts to promptly determine if there is a problem and take the necessary corrective action within a reasonable time. If a fee is charged for such access we will advise you of the cost in advance.
If you wish to complain about a breach of privacy legislation or have any questions about how we handle personal information please contact our Privacy Officer.
Statistical Information and Tracking of Online Activity
We may collect statistical (non-personal) information about your use of the Website and Application to improve the features and overall experience for our Users. The information Mint may collect includes statistical information such as pages accessed on the Website and Application, search terms, links that are clicked on, Website and Application visit times, browsers and operating systems, IP address, and cookies.
The Website does not currently recognise Do Not Track (DNT) signals sent by our Users’ web browsers.
However, we do not collect any of our Users’ personally identifiable information pertaining to their activity over time and across other websites or online services.
In addition, third parties that have content embedded on the Website, such as videos or social media buttons, may set cookies on a User’s browser and/or obtain information about the fact that a web browser visited the Mint website from a certain IP address.
Cancelling your Account
If your Account terminates (for whatever reason), the personal information associated with it may no longer be accessible to you as it may no longer be held by Mint . In relation to a Provider Account, any Content you have posted from your Provider Account may still be available to other Services Providers associated with the relevant Primary Account Holder. There may continue to be residual copies of content from your terminated Account due to ongoing data back-up and archiving.