We are committed to providing high quality services to our clients and this policy outlines how we manage personal data when you do business with us, use our software or visit our website.
We take all reasonable steps to ensure that information we collect, use or disclose is accurate, complete, up-to-date and securely stored. In doing so, we follow the spirit of the Australian Privacy Principles in the Privacy Act 1988 (Cth) (“the Act”). However, until such time (if at all) as we are subject to the Act, we have chosen not to opt in to the Act.
If you are a citizen of a European Union (“EU”) country or we collect personal data about you from a source in the EU, we aim to provide the standards of privacy protection required by the EU’s General Data Protection Regulation (“GDPR”). Additionally, EU based organisations that share subject data with us may require that we meet GDPR standards. Our commitments in this policy are generally consistent with the GDPR requirements applying to a Controller of subject data, but if you have a query about your rights or our obligations for GDPR purposes, please contact us.
You are not obliged to disclose personal information about yourself when you visit our website. Where practicable, we will allow you to deal with us on an anonymous or pseudonymous basis.
If you do not wish to provide personal information to us, then you do not have to do so, however it may affect your ability to do business with us, use our software or visit our website.
By providing us with any personal information, you consent to us using this information to assist you with your enquiry and to offer our services in accordance with this policy.
What is personal information, how and why do we collect it?
Personal information is information or an opinion that identifies an individual. Examples of personal information we collect includes names, user names, gender, email addresses, phone and facsimile numbers, social media information, age, date of birth, and information about your personal and business circumstances.
Personal information is obtained by us in many ways including by telephone and facsimile, by email, via our website (such as your device identity and type, IP address, geo-location information, page view statistics, advertising data and standard web log information), from your website, from media and publications, from other publicly available sources, from cookies and from third parties, including but not limited to our subscribers.
The personal information that we collect and hold about you, depends on your interaction with us. We collect your personal information for the primary purpose of providing our services to our subscribers and to communicate with our subscribers and their users. We may also use your personal information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing/marketing lists (if any) at any time by contacting us in writing or using the “opt out” function that we include in our communications.
Some personal information (e.g. race, ethnicity, health, criminal record etc.) is sensitive and requires a higher level of protection. If we hold any sensitive personal information, we will not use or disclose your sensitive personal information other than as permitted by law or with your consent.
If you are an individual residing in the EU, we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the services being used. We collect and use your information only where:
we need it to identify you to enable us to provide our services, customer support and personalised features and it satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development purposes, to maintain and improve our services, to promote and market our services, and to protect our legal rights and interests
you give us consent to do so for a specific purpose e.g. where you subscribe to our newsletters or request or download our publications or data
we need to process your data to comply with a legal obligation such as performing client due diligence/”know your client”, anti-money laundering, anti-bribery, sanctions or reputational risk screening, identifying conflicts of interests, for the prevention of fraud and/or other relevant background checks as may be required by applicable law and regulation and best practice at any given time (and if false or inaccurate information is provided and fraud is identified or suspected, details may be passed to fraud prevention agencies and may be recorded by us or by them), to enforce our legal rights, to comply with our legal or regulatory reporting obligations and/or to protect the rights of third parties, to ensure that we can recover any payments due to us and where necessary to enforce such recovery through the engagement of debt collection agencies or taking other legal action (including the commencement and carrying out of legal and court proceedings) or
to reorganise or make changes to our business. In the event that we undergo a re-organisation (e.g. if we merge, combine, list or divest a part of our business), we may need to transfer some or all of your personal information to the relevant third party (or its advisors) as part of any due diligence process or transfer to that re-organised entity or third party for the same purposes as set out in this policy or for the purpose of analysing any proposed transaction.
Where reasonable and practicable to do so, we will collect your personal information only from you. However, in some circumstances we may be provided with information by third parties, including but not limited to our subscribers. In such cases we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
We collect website activity statistics such as number of visitors, pages visited, time and date of visit and where you accessed our website from, so that we can make informed decisions relating to improving our website and the services we deliver. This information is anonymous and doesn’t identify a person.
We may also collect personal information from you when you use or access our website or our social media pages. This may be done through use of web analytics tools (such as Google Analytics), ‘cookies’ or other similar tracking technologies that allow us to track and analyse your website usage. Cookies are small files that store information on your computer, mobile phone or other device and enable and allow the creator of the cookie to identify when you visit different websites. If you do not wish information to be stored as a cookie, you can disable cookies in your web browser.
Disclosure of personal information
Your personal information may be disclosed in a number of circumstances including the following:
to third parties to enable us to provide our services to our subscribers or to you
for record keeping and administrative purposes
to provide information about you to our subscribers
to provide information about you to our contractors, employees, consultants, agents or other third parties for the purpose of providing our services
to improve and optimise our service offering and client experience
when we use outsourcing services, such as data storage, debt collection, bulk distribution and mailing, direct marketing, and technology support
where required or authorised by law.
We may disclose your personal information to cloud-providers, contractors and other third parties located outside Australia. If we do so, we will take reasonable steps to ensure that any overseas recipient deals with such personal information in a manner consistent with this policy.
If you are based in the European Economic Area (“EEA”), this will mean that your personal information may be transferred to, be accessible from, and/or stored at, a destination outside the EEA in which data protection laws may not be as comprehensive as in the EEA.
Regardless of the location of our processing, we will impose the same data protection safeguards that we deploy inside the EEA and implement appropriate measures to ensure that your personal information is protected in accordance with applicable data protection laws. Where a third party service provider processes the personal information of EEA residents on our behalf, we will ensure that appropriate measures are in place to ensure an adequate level of protection for your personal information, usually by including EU standard contractual clauses in our agreements with such third party service providers.
Our services may enable you to upload user-generated content, post or provide information about yourself, contribute comments, or communicate with other users. This information may be shared by us with our subscribers or others. We are not responsible for the conduct of third parties who may read, collect and use this information.
Our system automatically captures the IP address of those who visit our website. We reserve the right in circumstances such as attempts to mislead other users about a user’s identity through statement or omission, to disclose that information.
Our website may contain links to other websites. Those links are provided for convenience and may not remain current or be maintained. We are not responsible for the privacy practices of those linked websites and we suggest you review the privacy policies of those websites before using them.
Security of personal information
Your personal information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure. However we cannot guarantee the security of your personal information.
When your personal information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your personal information. However, most of the personal information is or will be stored in client files which will be kept by us for the minimum period of time required by law.
Access to your personal information
You may access the personal information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your personal information, please contact us in writing.
If you are protected under the GDPR, you may have the following rights:
right of access – the right to access the personal information that we hold or process about you
right to rectification – the right to update, correct or amend the personal information that we hold or process about you
right to erasure – the right to request remove personal information that we hold about you
right to restrict – the right to stop us processing all or some of your personal data
right to object – the right to object to your personal information being used for direct marketing purposes
right to data portability – the right to request a copy of your personal data in electronic format
right not to be subject to automated decision making – the right to not be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect
right to restrict – the right to restrict how we use your personal information whilst a complaint is being investigated
the right to lodge a complaint with a supervisory authority.
We will not charge a fee for your access request, but may charge an administrative fee for providing a copy of your personal information.
In order to protect your personal information we may require identification from you before releasing the requested information.
Maintaining the quality of your personal information
It is an important to us that your personal information is up to date. We will take reasonable steps to make sure that your personal information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide our services to you. In some cases, we may be unable to provide you with access to all your personal information and where this occurs, we will explain why. We will deal with all requests for access to personal information within a reasonable timeframe.
Failure to provide information
If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.
This policy may change from time to time and is available on our website.