MAP Muay Thai Gym — Privacy Policy (Australia)

Last updated: [19/09/2025]

Plain‑English summary: We collect only what we need to run safe, effective Muay Thai training and to communicate with you. We keep it secure, we don’t sell it, and you can access, correct or opt out at any time.

1. Who we are

Business name: MAP Muay Thai Gym (“MAP Muay Thai”, “we”, “us”, “our”)

Location: Penrith, NSW, Australia
ABN: 47 668 435 569
Email: mspmuaythai@gmail.com
Phone: 0451925161
Address: 5/51 York Road, Jamisontown, NSW

We aim to handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). If we would otherwise be exempt as a small business operator, we voluntarily choose to follow the APPs. Because we collect health information to help keep training safe, we treat it as sensitive information and handle it with extra care.

2. What information we collect

Depending on how you interact with us, we may collect: – Identity & contact: name, date of birth/age, email, phone, address/suburb, emergency contact. – Membership & training: goals, experience level, class attendance, progress notes, waivers and incident reports. – Health (sensitive information): injuries, medical conditions, medications or other details you choose to share for training safety. We collect this only with your consent and limit access to relevant staff. – Billing & transactions: membership type, payment history and billing details processed via our secure payment provider. We do not store full card numbers. – Marketing preferences: your choices about receiving email/SMS/ads. – Online activity: website form submissions, cookies, device/IP information, and analytics about how you use our site and interact with our ads or emails. – Media: photos/video captured in classes or events (used only with consent or as otherwise permitted by law).

3. How we collect information

4. Why we collect and how we use it

We use personal information to: – Provide classes, coaching and customer support. – Tailor training to your needs and manage risk of injury. – Manage bookings, memberships, payments and accounts. – Communicate schedule changes, renewals and service notices. – Send marketing you’ve opted into (you can opt out any time). – Run promotions, challenges and community events. – Improve our website, programs and member experience. – Meet legal, insurance, reporting and record‑keeping obligations.

5. Consent, opt‑out and direct marketing

6. Disclosure to third parties

We do not sell your personal information. We may disclose it to: – Service providers that help us operate (website host, booking/membership software, email/SMS provider, payment gateway, analytics, advertising platforms). They are only permitted to use it to provide their services to us. – Coaches/contractors bound by confidentiality, on a need‑to‑know basis. – Insurers, legal advisers or authorities where required by law or to manage an incident or claim.

Overseas disclosure (APP 8)

Some providers may store data outside Australia (e.g. the United States, EU, Singapore or other locations). Where we disclose personal information overseas, we take reasonable steps to ensure the recipient protects it in a way that is substantially similar to the APPs (e.g. contractual safeguards, reputable providers with strong security).

7. Security (APP 11)

We use reasonable administrative, technical and physical safeguards to protect personal information, including role‑based access, staff training, secure passwords, and encrypted payment processing. No method is completely secure; if a data breach occurs that is likely to cause serious harm, we will notify affected individuals and, where required, the Office of the Australian Information Commissioner (OAIC).

8. Access and correction (APP 12 & 13)

You can request access to, or correction of, the personal information we hold about you. Contact us via the details above. We’ll respond within a reasonable period (usually within 30 days). If we refuse access or correction, we’ll tell you why and how to complain.

9. Retention & destruction

We keep personal information only for as long as needed for the purposes in this policy and as required by law and insurance. When no longer needed, we take reasonable steps to de‑identify or securely destroy it.

10. Children & young people

If you are under 16, a parent/guardian must provide consent for participation and for the collection of personal information. Parents/guardians can request access, updates or deletion for minors’ information (subject to legal limits).

11. Photos, videos and social media

We love highlighting our community. We will only publish identifiable photos or videos of you with your consent. You may withdraw consent at any time and we will stop using future images of you.

12. Cookies & online tracking

Our website may use cookies and similar technologies to operate, remember preferences and measure performance. You can change cookie settings in your browser. We may use analytics and advertising tools (e.g. Google/Meta) to understand usage and to deliver relevant ads. You can adjust ad preferences within those platforms.

13. Complaints (APP 1.2)

If you have a privacy concern or complaint, please contact us first at [insert email]. Provide as much detail as possible and we’ll aim to respond within 30 days. If you’re not satisfied with our response, you can contact the OAIC:

14. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website at /privacy or /privacy‑policy. Changes take effect when posted.

Disclaimer: This document is a general template for compliance with Australian privacy standards and is not legal advice. Consider obtaining legal review for your specific operations, especially regarding health information and overseas disclosures.