This Privacy Policy sets out how ReFresh OS Pty Ltd ACN 687 813 832 and its related businesses (we, us, our, ReFresh) collects, uses and discloses your personal information.

1.              About ReFresh

1.1           ReFresh is an emotional intelligence platform designed for workplaces. It helps employers build healthier work cultures by using science-backed insights.

1.2           We use anonymised aggregated employee data to pick up on subtle shifts in how employees work, communicate, and engage day to day. The anonymised data looks at patterns including meeting frequency, email and message tone, and work rhythms to spot early signs of employee burnout or disconnection.

2.              Our commitment to protect your privacy

2.1           We recognise that any personal information we collect about you will only be used for the purposes we have collected it for or as allowed by law. It is important to us that you are confident that any personal information we hold about you will be treated in a way which ensures protection of your personal information.

2.2           We are committed to protecting your personal information by abiding by the Australian Privacy Principles, the Privacy Act 1988 (Cth) (Privacy Act) and any other relevant law.

3.              What we collect

3.1           When we refer to personal information, we mean information from which your identity is reasonably apparent, which may include information or an opinion that relates to you. 

3.2           The kinds of personal information we may collect about you include your name, date of birth, email address and phone number.

3.3 We may also collect the following information related to your employment:

(a)            position title;

(b)            terms and conditions of employment;

(c)            personal and emergency contact details;

(d)            performance or conduct;

(e)            salary or wages;

(f)             engagement, training or professional development;

(g)            hours of employment;

(h)            recreation, long service, sick, personal, maternity, paternity or other leave;

(i)              internal feedback, surveys and other content from your employer from which your identity is reasonably apparent; and

(j)              messages, files, emails and other content from your employer from which your identity is reasonably apparent. This may include things that you say in those messages, files, and other content.

3.4           We may also collect information about your location or activity, including IP address and whether you have accessed third party sites, the date and time of visits, the pages that are viewed, information about the device used, and other user usage information. We collect some of this information using cookies. You can manage your cookie preferences by configuring your options in your internet browser.

4.              Why we collect your personal information

4.1           We collect your information to:

(a)            provide services regarding workplace health and culture;

(b)            manage our services;

(c)            comply with our legal obligations; and

(d)            provide direct marketing.

4.2           We will usually aggregate and de-identify data that is provided to your employer. However, there may be circumstances where we prepare reports for your employer that contain your personal information.

5.              How we collect your personal information

5.1           We will collect your personal information through your employer using our services. This may involve collecting your personal information through emails, surveys, messages and other applications and content used in your employment.

5.2           We may also collect information about you that is publicly available, such as from public registers or social media, or made available by third parties.

6.              Disclosing your personal information

6.1           We may disclose your personal information to:

(a)            your employer and its related entities in the provision of our services;

(b)            entities and service providers related to your employment or used by your employer, including insurance providers, counselling services, training and development providers, health and wellness providers;

(c)            companies that provide information and infrastructure systems to us;

(d)            our agents, contractors or external service providers to outsource certain functions, for example, information technology support;

(e)            our auditors, lawyers, and insurers;

(f)             anyone where you have provided us consent;

(g)            where we are authorised to do so by law, such as by government and law enforcement agencies or regulators;

(h)            associated businesses that may want to market products to you;

(i)              investors, agents or advisers, trustees or any entity that has an interest in our business; or

(j)              organisations that provide products or services used or marketed by us.

6.2 If we want to use your personal information for a new purpose not contemplated by this Privacy Policy, we will notify you and obtain your consent before we use your personal information for that purpose.

7.              How we store your personal information

7.1           The personal information we hold about you may be held by us in electronic form on our secure servers and may also be held in paper form. We may use cloud storage to store your personal information. The cloud storage and the IT servers may be located outside Australia, including in [ReFresh to list]. [D3] 

7.2           We may disclose your personal information to overseas entities that provide support functions to us. Those entities may be in countries where there is no law, or binding scheme, that has the effect of protecting your personal information in a way that, overall, is at least substantially similar to the way in which the Australian Privacy Principles protect personal information. You may obtain more information about these entities by contacting us.

8.              Direct marketing

8.1           We may use your personal information for direct marketing purposes. If you do not wish to receive direct marketing communications from us or from other organisations, you can notify us at
privacy@refr-esh.com

9.              Accessing and correcting your personal information

9.1           You may request access to any of the personal information we hold about you at any time. We may charge a fee for our costs of retrieving and supplying the information to you.

9.2           Depending on the type of request that you make, we may respond to your request immediately, otherwise we will usually respond within seven days of receiving your request. We may need to contact other entities to properly investigate your request.

9.3           If we deny you access to the personal information we hold about you, we will explain why.

9.4           If any of the personal information we hold about you is incorrect, inaccurate or out-of-date, you may request that we correct the information by phoning us on +61 422 298 372 or by writing to us at privacy@refr-esh.com.

9.5           If appropriate, we will correct the personal information at the time of your request. Otherwise, we will provide an initial response to you within seven days of receiving your request. Where reasonable, and after our investigation, we will provide you with details about whether we have corrected your personal information within 30 days.

9.6           If we refuse to correct personal information, we will provide you with our reasons for not correcting the information, and take any other steps are required by law.

10.           Cookies

10.1        We use ‘cookies’ to provide you with better and more customised service and with a more effective website.

10.2        A ‘cookie’ is a small text file placed on your computer by our web page server.  A cookie can later be retrieved by our webpage servers.  Cookies are frequently used on websites, and you can choose if and how a cookie will be accepted by configuring your preferences and options in your internet browser.

10.3        We use cookies for different purposes such as:

(a)            to allocate a unique number to your internet browsers;

(b)            to customise our website for you;

(c)            for statistical purposes;

(d)            to identify if you have accessed a third party website; and

(e)            for security purposes.

11.           Complaints

11.1        If you are not satisfied with how we have dealt with your personal information, or you have a complaint about our compliance with the Privacy Act, you may contact our complaints officer on
privacy@refr-esh.com.

11.2        We will acknowledge your complaint within 7 days and aim to resolve the complaint as quickly as possible. We will provide you with a decision on your complaint within 30 days.

11.3        If you are not satisfied  with the response of our complaints officer, you may make a complaint to the Office of the Australian Information Commissioner, which can be contacted at either www.oaic.gov.au or by phone on 1300 363 992.

12.           Contacting us

12.1 We provide our services directly to your employer. We will provide our services to you. Should you with to contact us, you may do so without identifying yourself. This includes using a pseudonym. If you do this, we may not be able to provide some services to you.

12.2        You may request further information about the way we manage your personal information by contacting us on +61 422 298 372 or at privacy@refr-esh.com.

13.           Changes to our Privacy Policy

13.1        We may change this policy from time to time, or as the need arises. We will post any changes to this policy on our website.

13.2        You may request this policy in an alternative form by contacting us using the details above.

13.3        This policy was last updated on 29 July 2025.