Privacy Policy


This policy relates to HowNow Portal. Business Fitness Pty Ltd has the right to licence HowNow Portal and provide services to customers relating to HowNow Portal. At Business Fitness we understand that the privacy of your personal details is of the utmost importance to you and this policy communicates the rules we will abide by when dealing with personal information we collect from individuals in the course of our business. This policy is consistent with the Australian Privacy Principles (APP) of the Privacy Act 1988 updated on 12 March 2014.

Personal Information

In this policy personal information means information from which an individual is either identified or reasonably identifiable and may include an individual’s name, address, date and place of birth, telephone numbers, email address, bank account details, taxation details and other financial information. HowNow Portal provides a service where you upload and store documents for your clients and they upload and store documents for you. Documents uploaded by you can be set to be signed by your client. These documents may contain personal information.

What Information is collected and held

The personal information we collect may include your name, address, telephone numbers, email address and other information specific to the services provided. We may collect personal information directly from you when you:
  • Register for online services to use HowNow Portal
  • Use HowNow Portal
  • Visit our website
  • Contact the Business Fitness support team
You may choose not to provide personal information to us, but this may mean that we are unable to provide you with the service. When using HowNow Portal or our website you may provide us with personal information. We will use all reasonable measures to protect any such information from being used for any other purpose, other than the purpose for which it was intended. As well as the information you specifically provide above, we may gather statistics on our website to collect information about the number of visitors coming to the site and their location. No identifying information is collected during this process. We use this information for statistical purposes only. We may also use ‘cookies’. Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data about a user’s preferences. This allows the website to deliver a page tailored for a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next. It is possible to have your internet browser refuse cookies, but that may reduce the functionality. When you pay for your subscription using credit card, your card details are not stored by Business Fitness and cannot be accessed by our staff. Your credit card details are encrypted and securely stored by our third party payment gateway. Where you have selected a recurring monthly payment, this allows us to draw payments from your credit card monthly.

How information is collected

If it is reasonable and practical to do so, we will collect personal information directly from the individual(s) concerned with their consent. This may be through emails, over the telephone, over the internet or in person. When you upload documents through the use of HowNow Portal, we may collect information from you about someone else. When you provide personal information to us about other individuals, we rely on you to have made them aware that you will or may provide the information to us and the relevant purposes for which we will use this information. You also need to inform them how they can access this information.

How we keep personal information accurate and up-to-date

We seek to maintain the quality of the information we hold by taking reasonable administrative and technical steps to make sure that the information collected, used and disclosed is accurate, complete and up-to-date. If the information we hold about you is incorrect, you may inform us and we will correct it for you.

How we use the personal information collected

We collect your personal information so that we can provide the services for HowNow Portal and any other services you may request. We use this information to:
  • Verify your identity when accessing HowNow Portal
  • Communicate with you about changes to the service
  • Carry out support or training relating to HowNow Portal
  • Send you marketing information – you have the option of opting out of these emails
  • Comply with laws and regulations in applicable jurisdictions
We may also use non-personally identifiable statistical data for the purposes of improving or marketing HowNow Portal.

How we store and keep information and data secure

All data, including personal information, uploaded or entered in to HowNow Portal is transferred over the internet to servers currently located in the United States of America, primarily on the Microsoft Azure platform. For further information, please access Microsoft’s Azure’s Privacy Policy. Geo-redundant storage of your files is a basic feature of your account. This means that there are multiple copies of your files within the Microsoft Azure infrastructure. These copies are replicated within the main data centre and again within secondary data centres hundreds of miles away. Whenever your data is in transit between you and us, everything is encrypted, and sent using HTTPS 256bit AES encryption. This is the same for our server-to-server communications, helping to ensure that your data is kept as your data. As data is transferred over the internet, which is not in itself a secure environment, we cannot give absolute assurance that your information will always be secured. While we utilise up-to-date techniques and processes, which meet current government requirements to protect personal information from misuse, loss and unauthorised access, modification or disclosure, transmission of personal information over the interest, is at your own risk and Business Fitness does not take responsibility for any loss or misuse of data. We believe that your password should remain your password and not be known to others, unless you choose to disclose it. For that reason we don’t store your passwords in a readable format. They are hashed at the point of setting and we only store the resulting hash. This is a one-way process, unlike encryption, which means they can never be converted to a readable format. The only people who are permitted to access personal information are those employees or contractors who need personal information to do their jobs. All employees and contractors are contractually bound by the confidentially agreements in place on how personal information must be treated. We take all reasonable steps to ensure that all personal information we hold is secure from any unauthorised access, misuse or disclosure, however we cannot guarantee that unauthorised access will not occur.

Destroying personal information

Any personal information we hold will be maintained in order to comply with legislative and professional requirements, after which time the information will be securely destroyed. If you cancel your use of HowNow Portal, it is your responsibility to ensure you have transferred all documents to another location, prior to the cancellation. We can assist with this process. Once your subscription to the service has been cancelled, documents will be stored for period of time, after which they will be deleted.

Transfer of data with third party applications

We allow connection with third party applications. We have no control over the privacy practices of other organisations and take no responsibility for the data coming to and from these applications. It is your responsibility to review and understand how these organisations handle personal information.

Access to personal information we hold and correction of that information

Our policy is to provide you with access to your own personal information, subject to some exceptions permitted by law. We will also generally provide access in the manner that you have requested (i.e. by providing copies or permitting a file to be viewed), provided it is reasonable and practical for us to do so.

Disclosure of your information to third parties

We do not disclose your personal information to third parties without your consent.

Use or disclosure of government related indentifiers

While we will not use a government identifier as your unique identifier within our systems you may upload documents that contain government identifiers. We will not disclose any of your Government related identifiers unless we are required under the Law.


Should you have a complaint about any of our privacy procedures, please contact us by email at info@businessfitness.net or by telephone on 13000 333 424. Alternatively you may write to us at Privacy Officer, Business Fitness Pty Ltd, Suite 205, Level 1, 58-60 Manila Street, Beenleigh, Qld, 4207. We will deal promptly with your complaint. If we cannot resolve the complaint to your satisfaction within a reasonable time, you or we may refer the complaint to the Office of the Australian Information Commissioner. For more information about privacy issues in Australia, visit the Australian Information Commissioner’s website. Security isn’t just about the technology used to store your data it’s about trust. Since 2001 we’ve worked hard to earn the trust of companies in Australia and worldwide. We continue to work hard every day to maintain that trust and believe that longevity and stability is core to that.