A. Description of Our Service/Product
If We have collected the Personal Information directly then We usually have control of the way in which that information is handled from the outset. If our access to the Personal Information is downstream from the collector of the information, then We will have the degree of control and access that is allowed by the collector. Such collectors may include: the operator of a third-party Website (which could be a Client, or an entity that a Client has a commercial relationship with); or the operators of Social Media Platforms which have the agreement of Website Visitors to use tracking technologies, including beacons, cookies and pixels, to track the Visitors’ use of Websites and to use that information for advertising or other commercial purposes.
“Client” means a person or entity that has an account with us, and to which we provide Services and/or Products.
“Personal Information” means information that identifies an individual person, the collection, use, storage and disclosure of which is regulated by privacy laws in force in Australia or which otherwise apply to Us.
“Products” means any products that We provide to Clients, under contract.
“Services” means any services that We provide to Clients, under contract.
“Social Media Platform” includes any social media service, such as Facebook or Instagram, which enables third parties to monitor Website visits by subscribers to that platform, and/or to target those subscribers with advertising or other communications.
“Website” means any website the Use of which We monitor through tracking technology, including Our own Website and (where relevant) the Websites of Our Clients.
“Website Visitor” or “Visitor” means a Website visitor or user.
C. Our Collection of Personal Information
If We are aware that the Personal Information We are collecting relates to a person located in the European Union (“EU”) or European Economic Area (“EEA”), We will also comply with the General Data Protection Regulation (GDPR) of the EU, in respect of that information.
Where the GDPR applies to Our collection, storage, use and disclosure of Personal Information, a relevant data subject may have the following rights:
Please note that, in the case of Website Visitors, we collect relevant information on the basis that Our access to that information has already been consented to by the relevant data subject, either as a condition of using the relevant Website, or in connection with the subject’s subscription to or use of a relevant Social Media Platform, or via another third-party relationship.
Any person located within the EEA who claims that their privacy rights have been affected by Us will be asked to verify their identity and location before We can respond to their claim. We will use Our best endeavours to respond to all inquiries about Personal Information quickly and courteously. An EEA resident may have the right to complain to a Data Protection Authority about our collection and use of their Personal Information, and are encouraged to check with their local Data Protection Authority to learn what their rights are.
D. Consent to and Authorisation of Collection
When opening an account with Us, a Client consents to our collection, storage, use and limited disclosure of that Client’s Personal Information, or that of its relevant employees, for purposes related to the delivery of the Services and/or Products. Where the Client authorises Us to track Website Visitors, as part of our Services and/or Products, then the Client warrants to Us that it has full legal and contractual authority do so.
We do not knowingly collect Personal Information from anyone under the age of 18. If You are the parent or guardian of such a person, and you are aware that a minor in your custody has provided Us with their Personal Information, please contact Us. If We become aware that we have collected the Personal Information of any minor without verified parental consent, We will take immediate action to delete that information.
E. Policy Details
As stated above, We collect Personal Information either for the purposes of managing a Client’s account, or in the course of providing a Client with Our Services and/or Products, or for monitoring our Website for business reasons (where We have enabled that activity). The purposes for which We collect Personal Information, in whatever form, include the following:
We have access to Personal Information when a Client creates an account and gives Us the information, or when a Social Media Platform enables the collection of a Website Visitor’s Personal Information, and We collect that Information in the course of our business. The technology that enables the tracking of Website Visitors and the use and analysis of that information relies on features created by the operators of Social Media Platforms, which are available to be used by website owners.
Website Visitors automatically generate certain information, including technical information from their internet browser, mobile device, internet service provider (ISP) or telecommunications carrier, such as IP addresses (which normally identify country locations), interactions with cookies, beacons, pixels and other visitor-detection and identification software, hardware signatures, GPS signatures of mobile devices, hardware fingerprints, or other attributes, such as the duration of visits, which webpages are accessed within a website and what other websites the Visitor came from and left to. We may utilise these data collection features as part of our legitimate business activities, for purposes including the purposes listed above.
We may rely on such data that we collect in an anonymised manner to do things like track consumer behaviour trends, track payments, and do other things as part of Our routine business activity. We may need to request third parties with special expertise to assist us to do these things.
We use contractors and rely on third party business partners to collect and process information that we collect from people. In some cases, these third parties are located outside Australia, e.g. in the Philippines. Whenever We rely on a third party to assist Us to perform Our business functions, We will require that party to agree to comply with industry best practice information security and handling protocols, and also to comply strictly with the legal privacy regime that applies to them. As We do not always use the same contractors or business partners for every situation, We are not able to provide more explicit information here regarding these arrangements, but We are happy to discuss with You who will be handling Your personal information, in Your individual case.
Where You provide Us with information that clearly requires to be cross-checked with another party, or verified by that party, such as personal references, You authorise Us to do that. In some cases, We may need to cross-check Your information with publicly available information available on the Internet or public directories. If You provide Us with photographs or other images, We will use these only for the purpose for which these were submitted.
As explained above, We use Personal Information in the course of providing Our Services and/or Products to Our Clients, or for Our own business, administrative or management purposes.
We store Personal Information that We collect electronically on servers owned and operated by third parties that We rent that may be located within Australia and/or outside Australia, i.e. in other countries. Although We use Our best efforts to ensure that all information We collect is kept safe and secure, and that we rely only on trustworthy business partners, We are not in control of servers rented from or operated by third parties, and therefore cannot decide where those resources are located, or guarantee that those servers will be immune from hacking or unauthorised access. If any breach of security of a server used by Us comes to Our attention, We will take immediate steps within Our ability to rectify the problem.
We use Our best endeavours to store Personal Information in a secure way that is consistent with best practices in our industry in Australia.
If Our Clients have online access to our computer system in which their information is stored, or by which it is submitted to us, then We will provide the Clients with login IDs and passwords to make that access more secure. Each Client, however, is entirely responsible for maintaining the security of its account password, login details and other account information, and is not permitted to share that information with anyone else without our permission.
We retain Personal Information only for as long as is necessary for the purpose for which the information was collected, or as may be required to comply with our legal or contractual obligations (including under our TOU), or to resolve any disputes. Any financial information may need to be retained for seven years.
Any information that is being stored for Us by contractors is not within our direct control, but We select our contractors on the basis that they are reputable and reliable, and We expect them to protect the confidentiality and integrity of any information placed in their care.
If Our Website includes a link to a third party website, we cannot accept responsibility for any person’s interaction with that other website, although we use our best efforts to avoid linking to any website that we learn has any suspicious or malicious aspects.
Clients will be given the opportunity to opt in or opt out of receiving commercial information from Us, e.g. notifications regarding new services or products.
We will send Clients administrative and account-related messages that they may not opt out of, because of the importance or legal significance of those messages. To terminate all communications from Us, a Client must close down its account with Us.
Subject to and in compliance with any applicable regulations or laws, We will allow You, at any time, to access, check, review, or request the edit, update and/or delete Your personal account-related information that We hold, unless:
In order to protect information (including Personal Information) in our computer system from being tampered with or being accidentally removed or corrupted, residual and backup copies of most types of information continue to exist after any authorised deletion, and will remain available until purged completely. You should be aware therefore that when We delete Your Personal Information from our computer system at Your request, residual or backup copies of that information may remain in the system for a period of time thereafter, but in most cases will be completely removed within a reasonable timeframe having regard to current practices in Our industry in Australia.