This Policy is in accordance with the Privacy Act 1988 (Cth) and covers how we collect, use, disclose and store your personal information. It also notes how you may access your information and have it corrected, if incorrect. It details:
- why your personal information is being collected, how it will be used and who it will be disclosed to
- the option of not identifying yourself, or of using a pseudonym in certain circumstances;
- how you may ask for access to your personal information;
- whether we will send and how you can stop receiving any unwanted direct marketing;
- how you can ask for your personal information that is incorrect to be corrected
- how you can make a complaint to us, if you consider that we have mishandled your personal information.
This Policy is in place to ensure that your personal information is collected, held and used in an open and transparent way.
If you are a European Union (EU) resident, this Policy also complies with Article 28 the General Data Protection Regulations (GDPR) – found here: http://www.privacy-regulation.eu/en/article-28-processor-GDPR.htm and if this Policy is inconsistent with Article 28, this Policy shall incorporate the same insofar as is necessary in relation to any EU residents.
If you are a minor (under 18 years of age) we will require your guardian’s consent to you entering into any agreement with us and require proof of your age.
When you apply for our products or services, we collect information that is necessary to be able to provide you with those products or services. For instance, we may ask for identification information such as your name, address and date of birth and contact information (company, email, website, job title, telephone, fax and social networking software contact details) and we only obtain and hold information provided willingly by you.
We may also collect:
- Information relating to projects you are working on, product preferences, budgets and engineering methodologies.
- demographic information such as preferences and interests
- other information relevant to customer surveys and/or offers
We also collect IP address information (this happens implicitly when you use our applications or you connect to our servers) and information regarding the brand of devices being used to access our website, products, services and applications. This is partly for auditing, but mostly so we can determine trends in what device types customers are using so we can refine/enhance our products and services and the information collected is not sold or provided to any third parties unless required by law.
We will only ask you for personal information which is reasonably necessary and directly related to us providing the products or services to you. We may also be required to collect information from you as required by law.
You may ask us to cease collecting your data or delete your data in accordance with this Policy and we will comply with this request so far as is necessary, saving for legal and compliance requirements that may need we need to keep your data stored for a period of time. If this is the case, we may no longer be able to offer products or services to you.
Sometimes we may collect personal information about you from other people or from publicly available sources of information, however this will only apply if you have purchased a product or service from us and we require this additional information to assist us in providing the product or service to you.
We will not collect information about you from third parties unless you consent to the same or if we are required or authorised by or under an Australian law or a court/tribunal order, to collect the information from someone other than you.
If we receive information about you that we did not request or which was unsolicited, and if the information is not freely available, we will, as soon as practicable but only if it is lawful and reasonable to do so, destroy the information or ensure that the information is de-identified. We will also take such steps as are reasonable in the circumstances (if any) to notify you of the unsolicited information being provided to us.
You may withdraw your consent to us collecting or using any of your information by ceasing to use our products and services, deleting any application you may have on your devices and notifying us that you wish for your information to be deleted in accordance with this Policy.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyze web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Our website and online content may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
4. WHY YOUR PERSONAL INFORMATION IS BEING COLLECTED, HOW IT WILL BE USED AND WHO IT WILL BE DISCLOSED TO.
We collect your personal information to assist us with providing the products and services to you as required from time to time. We may also be required to collect information from you in accordance with the law, such as (but not limited to) any telecommunications legislation which applies to our products and services.
- your eligibility for the product or service (including ability to service any agreement to pay with us);
- providing you with the product or service;
- the use of the product or service in accordance with your agreements with us; and
- to issue accounts and notices to you in relation to the services.
We will not use your information for any other purpose (unless such purpose is reasonably determined by us as a reasonable secondary purpose in accordance with your instructions to us from time to time) without your consent or unless we are required to by law. Such secondary purpose must be related to the primary purpose of us providing the products or services to you.
We will use your personal information to allow us to offer the products and services to you and facilitate your use of the same in accordance with our agreement with you. We will also maintain a security audit trail of how and when information is provided, collected, held and amended.
We will use your personal information to contact you and to issue invoices / accounts, as well as provide support for the products and services as may required from time to time. We will send you notices regarding your use of the products and services, including license information, notification of any updates to software, terms and conditions or this Policy.
If we use any of your personal information for statistical purposes, we will ensure the same is de-identified before being disclosed to any third party.
Your personal information may be used by us for the purposes of contacting you and marketing our products and services to you and you may opt out of any marketing communications. We will not use your personal information to provide you with marketing material from any third parties.
From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customize the website according to your interests.
Most of the personal information we hold will be stored electronically in secure data centres, encrypted as required and backed up. These data centres are located in the UK, USA and Australia. We use a range of security measures to protect the personal information we hold and ensure any third party providers we may use (such as Salesforce, Form Assembly or Constant Contact) claim to be GDPR compliant. We have a contract in place with these data storage providers to ensure their obligations are known and clear and confirming their services comply with Article 28 of the EU GDPR.
We will take all such steps as are reasonable in the circumstances to protect the information:
- from misuse, interference and loss; and
- from unauthorised access, modification or disclosure.
When your agreement with us has terminated and our supply of products and services to you has ceased, we may no longer require your personal information. In this instance, we will take such steps as are reasonable in the circumstances to destroy your information upon your request, or to ensure that the information is de-identified, unless we are required to maintain the information by or under an Australian law, due to any legal compliance requirements or a court/tribunal order requires we maintain the information.
If you require we delete any information about you that is held by us, you must ask us in writing in accordance with this Policy.
If you are an employee of ours, we cannot delete your data unless and until all relevant periods of compliance and auditing have been completed, usually 7 years from the date of termination of your employment with us.
We will make best endeavours at all times to ensure your information is stored by equipment and providers that are aware of their obligations pursuant to this Policy and who have sufficient know-how and resources to ensure the information is held securely and only accessed by suitable authorised persons who have been trained to handle the information in a compliant manner.
We will utilize industry standard encryption techniques to transfer and store information. This may include (but not be limited to) HTTPS/SSL utilising certificates issued by recognized reputable issuers.
We will take reasonable steps to ensure the procedures to access, modify and / or delete any of your information are in place and enforced to ensure your information is safe and held in accordance with this Policy.
We will ensure security notification procedures are in place and followed by all relevant parties to ensure enhanced reporting obligations pursuant to the GDPR are met in the case of a data breach, including any obligations being met in a timely manner.
When making enquiries through our website, you may wish to use a pseudonym.
You may not use a pseudonym if you wish to enter into an agreement with us for us to provide you with any products or services, as we are required under an Australian law to deal with individuals who have identified themselves. It would also be impracticable for us to deal with individuals who have not identified themselves or who use a pseudonym as we would not be able to provide our products and services on that basis.
You can request access to the personal information we hold about you or delivery of the said information to you or a third party. You can also ask for corrections to be made. To do so, please contact us on the details listed at ‘Contact us’.
- the Freedom of Information Act; or
- any other Act of the Commonwealth, or a Norfolk Island enactment, that provides for access by persons to documents.
We may also refuse access if:
- We believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
- giving access would have an unreasonable impact on the privacy of other individuals;
- the request for access is frivolous or vexatious;
- the information relates to existing or anticipated legal proceedings between Us and You, and would not be accessible by the process of discovery in those proceedings;
- giving access would reveal our intentions in relation to negotiations with you in such a way as to prejudice those negotiations;
- giving access would be unlawful;
- denying access is required or authorised by or under an Australian law or a court/tribunal order;
- both of the following apply:
- We have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in;
- giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or
- giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
- giving access would reveal evaluative information generated by us in connection with a commercially sensitive decision-making process.
Response to Request for Information
We will respond to your request for personal information within a reasonable period after the request is made and give access to the information in the manner requested by you, if it is reasonable and practicable to do so.
We will respond to your request within 1 month of receipt of your request.
Should we be unable to provide the information requested by you in the manner requested by you, we will take steps as are reasonable in the circumstances to give access in a way that meets your needs or through a mutually agreed intermediary if appropriate.
We will not charge you to make a request for personal information, however we may charge you for giving access to the information and for administrative costs in obtaining and providing the personal information. These costs will not be excessive and we will provide you with an estimation of these costs upon response to your request for the personal information. We may also charge you if your access and variation requests are unfounded or excessive.
Refusal to Give Access
If we refuse your request for access to your personal information, we will provide you with written notice setting out:
- the reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; and
- the mechanisms available to complain about the refusal; and
- any other matter prescribed by the regulations.
We will also, where applicable and where possible, include an explanation for the commercially sensitive decision to refuse access.
If you wish to receive marketing offers from us or opt out of marketing offers please contact us on the details listed at ‘Contact us’. You may change your preference at any time and any direct marketing provided to you will include details on how to remove your name from our marketing list.
We must take steps to ensure as far as reasonable in the circumstances, that the personal information we collect, use and disclose is accurate, relevant, up-to-date and complete.
If we hold any information about you that we or you believe is inaccurate, out of date, incomplete, irrelevant or misleading, we will take such steps (if any) as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
If you request that we notify other entities of the correction of your information (if we had previously disclosed such information to the said entity), we will take such steps (if any) as are reasonable in the circumstances to give that notification unless it is impracticable or unlawful to do so.
Refusal to correct information
We may refuse to correct your information. If we refuse to correct your personal information, we will provide you with a written notice detailing:
- the reasons for the refusal except to the extent that it would be unreasonable to do so; and
- the mechanisms available to complain about the refusal; and
- any other matter prescribed by the regulations.
If we refuse to correct your personal information as requested by you and you request we associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, then we will take such steps as are reasonable in the circumstances to associate the statement in such a way that will make the statement apparent to users of the information.
Response to Request for an Amendment to Your Information
We will respond to your request for personal information to be amended within 1 month of receipt of your request and give access to the information in the manner requested by you, if it is reasonable and practicable to do so.
We will not charge you to make a request to amend your personal information and we will not charge you to make the said amendments to your personal information, unless such access and variation requests are unfounded or excessive.
If there is a data breach in relation to your data, we will notify you and report any such breaches to any relevant local authorities, unless we determine, acting reasonably, that the data breach is unlikely to result in any risk to your rights and freedoms.
If a third party is storing any information on our behalf, they are required to notify us of any data breach whatsoever and we will contact you as soon as possible if this breach effects your data, rights and freedoms.
11. HOW YOU CAN MAKE A COMPLAINT TO US, IF YOU CONSIDER THAT WE HAVE MISHANDLED YOUR PERSONAL INFORMATION.
If this Policy is amended by us at any time, we will contact you using the information you have provided, notifying you of the change of this Policy. Any updated Policy will be located on our website and available upon request in accordance with this Policy.
13. CONTACT US
You can contact us by: