Who we are
I’m Richard Convery, author of Back For Life and other publications.
This web site is https://backforlife.net
As an Australian sole trader I am subject to the Australian Privacy Act 1988, including the Australian Privacy Principles (APPs).
More information about how personal information is defined, your rights, and obligations can be found at the Office of the Australian Information Commissioner (OAIC)
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
In order to complete a purchase from us we will ask you to provide additional information that may include delivery address, postal address, billing enquiry contact phone number and email address, and delivery preferences.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
This site uses third party services for analytics. This includes Google’s advertising and measurement products, Facebook pixels, and HubSpot tracking code. Only anonymised information may be passed to these providers for the purposes of analytics, remarketing, or advertising.
Information passed to Google Corp may allow Google Corp to identify you from information that they have already gathered, third-party cookies, products that you already use, or sites that you are currently signed in to.
Information passed to Facebook may allow Facebook to identify you from information that they have already gathered, third-party cookies, products that you already use, or sites that you are currently signed in to.
Please review this HubSpot Knowledgebase article.
Who we share your data with
Third party data storage providers
A third party data storage provider is used to store off-site data backups that includes web site data along with operational data such as accounting information, and email. Your personal data may be included in backups retained by a third party data storage provider for the purposes of business continuity, and ensuring we can meet our statutory and legal obligations.
Third party services
For operational purposes we use a number of external services such as banks, payment processors, accountants, cloud accounting software, email services, email gateways, data storage providers, video streaming services, Internet service providers, and hosting providers.
Data in transit
Electronic communications with third party services uses Transport Layer Security (TLS) which now supersedes the more commonly known Secure Sockets Layer (SSL). TLS prevents access to your data in transit by employing Internet standard cryptographic techniques.
Data at rest with third party services
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Aside from leaving comments which are retained indefinitely, if you are not a customer, we retain your information for six months from our most recent contact with you unless you request that we delete it earlier. Personal data contained in off-site backups cannot be deleted as it could corrupt the integrity of the backup which also contains data that must be retained to meet statutory requirements. Should a backup be used to retrieve data, we will undertake to remove your data from our systems once the backup has been restored and before it is used for recovery purposes.
If you are a business customer then we have a statutory obligation to retain your data for a longer period of time for substantiation, taxation, and record keeping purposes. The exact retention period will depend on the laws of Australia, or the State of New South Wales.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
If you have a privacy request
If you have a request to obtain a copy of the information we retain about you, are requesting deletion of your personal data, or any other privacy related enquiry, send an email to firstname.lastname@example.org
To request deletion of your personal data you must use the contact method that you used to provide the information in the first place or the contact information associated with your current profile otherwise we cannot validate that you own the information that you are requesting us to delete.
Data breach procedures
If you suspect that your personal data has been disclosed through the use of this site you must inform us within 24 hours of you becoming aware of such breach and include such details and reasons that you have in order to help us understand the nature of the breach.
Notify us within 24 hours by sending an email to email@example.com with sufficient specific details for us to begin an investigation.
If a breach is proven we will undertake to inform other customers and, at the same time, take actions to correct the breach to prevent future occurrences.
Dispute resolution and legal jurisdiction
Disputes arising from the use of this website or its contents will be governed by the laws of New South Wales, Australia and determined by courts having jurisdiction there.
Revision: 1.0 Effective 01 January 2021