top of page

PRIVACY policy
 

1. Legion by Jazlyn Gabriel
This Privacy Policy outlines our dedication to safeguarding the privacy of any personal information provided to us or collected by us, whether offline or online, including through this website. In this Policy, “we”, “us”, or “our” refers to Legion by Jazlyn Gabriel, ABN 75 472 476 602. We collect, store, and use personal information in compliance with the Australian Privacy Act 1988 and the European Union General Data Protection Regulation (EU) 2016/679 (GDPR).

2. Data we collect

The types of personal information or data we may collect about you include, but are not limited to:

  • your full name;

  • photographs or images of you;

  • your contact details, such as email address, mailing address, residential address, and/or telephone number;

  • your age and/or date of birth;

  • your payment and billing information;

  • demographic details, including postcode;

  • your personal preferences, feedback, and opinions;

  • your height, weight, and general fitness level;

  • health-related information, including step counts, nutrition data, and workout details;

  • information you provide through customer surveys (including our Consent and Disclaimer form);

  • records of products and services you have purchased, used, or enquired about, along with our responses;

  • browser session data, geo-location details, device and network information, statistics on page views and sessions, traffic sources, search queries, and browsing behaviour;

  • details of your interactions with our website, including cookies, communication history, browser type, operating system, and Internet service provider domain;

  • any additional personal information you provide directly or indirectly through our website, associated applications, social media platforms, or linked accounts; and

  • any other personal information we may request, or that you or a third party may provide.

We may collect this information directly from you or, in some cases, from third parties.

3. Collection and Use of Personal Information

We may collect, store, use, and disclose your personal information for the following purposes:

  • to facilitate your access to, and use of, our website, related applications, and social media channels;

  • to communicate with you and respond to your enquiries;

  • for internal administrative and record-keeping purposes;

  • to conduct analytics, market research, and business development activities, including enhancing and improving our website, related applications, and social media channels;

  • to administer promotions, competitions, and provide additional benefits;

  • for marketing and advertising purposes, including sending promotional materials about our products, services, and information from third parties that we believe may be of interest to you; and

  • to comply with legal and regulatory obligations and to manage or resolve any disputes that may arise.

4. Disclosure of Personal Information to Third Parties

We may share or disclose your personal information with a range of third parties where necessary to support our operations, comply with legal obligations, or provide you with our products and services. These parties may include:

  • Our employees, contractors, and related entities who require access to personal information in order to perform their duties and support our business operations;

  • Professional advisors, IT specialists, and data management providers, including web-hosting, server, maintenance, and technical support services;

  • Marketing, advertising, and analytics partners, such as Google Analytics and other similar providers, which may store or process data outside of Australia;

  • Payment system operators and financial service providers, such as PayPal, who assist with transactions and billing;

  • Business partners, affiliates, and current or prospective agents involved in collaborations, joint ventures, or other business arrangements;

  • Sponsors or organisers of competitions, promotional campaigns, or events that we conduct;

  • Third-party contractors or subcontractors who assist in delivering services, managing communications, or providing direct marketing activities, which may involve parties located overseas;

  • Credit reporting agencies, debt collectors, courts, tribunals, and regulatory bodies, where necessary to recover payments or enforce legal rights;

  • Law enforcement agencies, courts, or government authorities where disclosure is required or authorised by law, or where necessary to initiate, defend, or manage legal proceedings; and

  • Entities involved in a business transfer or sale, where our assets or operations (in whole or in part) are, or may be, transferred in good faith.

We require all third parties who process or handle personal information on our behalf to do so in accordance with this Privacy Policy and under our written instructions. These parties must comply with privacy principles consistent with the General Data Protection Regulation (GDPR). The term “processing” includes any activity involving personal information—such as collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, transmission, dissemination, or any other act of making personal information available. By providing your personal information to us, you consent to its disclosure to the third parties identified above, including those located outside of Australia or, if applicable, outside the European Union (EU). Where only Australian privacy laws apply, you acknowledge that we are not required to ensure overseas recipients comply with those laws.

5. Handling of Sensitive Information

Sensitive information is a specific category of personal information that receives additional protection under the Australian Privacy Principles. This includes details about your racial or ethnic background, political opinions, religious or philosophical beliefs, trade union or professional memberships, sexual orientation or practices, criminal history, health information, or biometric data.

With your consent, we may use and disclose your sensitive information only for purposes directly related to the primary reason for which it was collected.

We may also use or disclose sensitive information when required or permitted by law.

6. Our Responsibilities as a “Controller” Under the GDPR

Under the General Data Protection Regulation (GDPR), a controller refers to any natural or legal person, public authority, agency, or other body that determines the purposes and means of processing personal information, whether obtained directly or through third parties. We act as a data controller under the GDPR, as we collect, use, and store personal information in order to deliver our products and services.

As a controller, we are bound by specific obligations when handling the personal information of individuals located in the European Union (EU). Accordingly, if you are an EU citizen, your personal data will:

  • be processed lawfully, fairly, and transparently;

  • be collected for explicit and legitimate purposes, as outlined in the Collection and Use of Personal Information section, and not further processed in a way that conflicts with those purposes;

  • be limited to what is necessary in relation to the purposes for which it is processed;

  • be kept accurate and up to date, where possible and within our control (you may contact us at any time to correct or update your personal information);

  • be retained only as long as necessary for the purposes for which it was collected; and

  • be processed securely, with appropriate safeguards in place to prevent unauthorised access, misuse, loss, or damage.

We also uphold these principles when handling the personal information of our Australian customers and clients.

GDPR Compliance Measures

To ensure compliance with the GDPR, we have implemented the following measures:

  • Data Protection Policies: We maintain internal policies detailing how personal information is collected, stored, transferred, and safeguarded throughout its lifecycle.

  • Right to Erasure: You may request deletion of your personal information at any time by contacting us directly via email.

  • Right to Restrict Processing: You may request that we temporarily limit the processing of your personal data if you believe it to be inaccurate (to allow time for verification) or if you object to its processing under certain legal grounds.

  • Data Breach Notifications: In the event of a data breach, we will take prompt action and comply with all GDPR requirements regarding notification and remediation.

 

7. Your Rights and Control Over Your Personal Information

Consent and Choice

By submitting your personal information, you consent to its collection, use, storage, and disclosure in line with this Privacy Policy. If you are under 16 years of age, you must have permission from your parent or legal guardian to access and use our website. You also confirm that they consent to your personal information being provided to us. While you are not required to share personal information, doing so may be necessary for access to certain parts of the Site or to receive our products and services.

 

Information from Third Parties:

Any personal information we receive from third parties will be managed according to this Privacy Policy.
If you provide information about another person, you warrant that you have their consent to share it with us.

 

Access, Portability, and Correction:

You may request:

  • access to the personal information we hold about you;

  • a copy of your personal information in a machine-readable format (e.g., CSV);

  • correction of inaccurate, incomplete, or outdated information;

  • deletion of personal information we hold about you; or

  • transfer of your personal data to another party (data portability).
    We will take reasonable steps to comply with these requests and keep you informed of the outcome.

 

Restricting or Withdrawing Consent:

You may request limits on how we collect or use your personal information, or withdraw consent for marketing communications at any time by contacting us. If you ask us to restrict processing, we will advise how this may affect your use of the website or our services.

 

Complaints:

If you believe we have breached the Australian Privacy Principles or any article of the GDPR, please contact us with full details of your concern. We will investigate promptly and respond in writing with our findings and any corrective action.
You may also contact the Office of the Australian Information Commissioner (OAIC) to lodge a complaint.

 

Unsubscribing:

You can unsubscribe from emails or marketing communications by using the opt-out link included in the message or by contacting us directly.

8. Cookies and Web Beacons

Our website may use various tracking technologies, including cookies, web beacons, and analytics tools, to improve your browsing experience and help us better understand user behaviour.

 

Cookies:

Cookies are small text files stored in your browser that help remember your preferences and enhance website functionality. While cookies do not, on their own, reveal your identity or email address, they may be associated with your personal information once you voluntarily provide it through our website. We may also use cookies for advertising and retargeting purposes. This allows third parties—such as Google and Facebook—to display our advertisements across social media platforms and other online media channels that you visit. You can adjust your browser settings to refuse cookies or to alert you when cookies are being sent. However, disabling them may limit certain features or functionality of our website.

 

Web Beacons:

From time to time, our website may also use web beacons (sometimes referred to as clear GIFs). These are small snippets of code embedded in web pages or emails that enable us to monitor user activity—for example, counting visitors to a specific page or confirming whether an email has been opened. Web beacons can also be used alongside cookies to better understand user engagement and traffic patterns.

 

Analytics Tools:

We may utilise Google Analytics and similar tools to collect, process, and analyse data about your interaction with our website. This information helps us improve our content, marketing efforts, and user experience. For more information on how Google uses data when you visit websites that use its services, please visit www.google.com/policies/privacy/partners/ or any updated URL provided by Google from time to time.

9. Storage and Security

We take the protection of your personal information seriously and have implemented a range of safeguards to help maintain its security. Our measures include physical, electronic, and managerial controls—such as data pseudonymisation, encryption, restricted access procedures, and secure storage systems—to prevent misuse, interference, loss, or unauthorised access, modification, or disclosure. Despite our best efforts to maintain a high level of data protection, no method of transmission over the Internet or electronic storage is completely secure. Information exchanged with us online is done so at your own risk.

While we actively monitor and update our systems to reduce the likelihood of unauthorised disclosures, we cannot guarantee that your personal information will never be accessed, used, or shared in a way that conflicts with this Privacy Policy.

10. Links to Other Websites

At times, our Site may include links to external websites for your convenience or reference. Please note that once you leave our Site and access a third-party website, we do not have control over that website’s content, security, or privacy practices.

Any personal information you choose to provide to third-party websites is not covered by this Privacy Policy. We encourage you to review the privacy policies of any external sites you visit to understand how they collect, use, and protect your personal information.

11. Amendments

We reserve the right to update or modify this Privacy Policy at any time and at our sole discretion.
When changes are made, we will notify you using the contact details you have provided to us.
The revised Privacy Policy will take effect from the date of notification, and your continued use of our Site or services after that date will constitute acceptance of the updated terms.

© 2025 Jazlyn Gabriel. All rights reserved.
bottom of page