This is the Privacy Policy of Austracking (ABN 84 154 610 248)
1) Definitions
“Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
“Data Protection Law” mean all applicable laws, regulations, and other legal requirements relating to (a) privacy, data security, consumer protection, marketing, promotion, and text messaging, email, and other communications; and (b) the use, collection, retention, storage, security, disclosure, transfer, disposal, and other processing of any Personal Data.;
“the Company Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with Austracking (“Company”).
“Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity;
“Services” means any of the following services provided by the Company: (a) Company-branded product offerings made available via the website of the Company, (b) consulting or training services provided by the Company either remotely via the Internet or in person, and (c) any support services provided by the Company, including access to Company’s help desk;
the terms “data controller”, “data processor”, “data subject”, “personal data”, “processing” and “appropriate technical and organisational measures” shall have the meanings given to them under applicable Data Protection Law.
2) We respect your privacy
- Austracking respects your right to privacy and is committed to safeguarding the privacy of our customers and website visitors. This policy sets out how we collect and treat your personal information.
- We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) and to the extent applicable, the EU General Data Protection Regulation (GDPR).
- “Personal information” is information we hold which is identifiable as being about you. This includes information such as your name, email address, identification number, or any other type of information that can reasonably identify an individual, either directly or indirectly.
- You may contact us in writing at 14 Heronwood Glade, Harrisdale, Western Australia, 6112 for further information about this Privacy Policy.
3) Duration
- The processing of Personal Data will be carried out by the Company while Services Account of the Customer is in existence or as needed for the performance of the obligations and rights between the Company and the Customer unless otherwise agreed upon in writing.
4) What personal information is collected
- Austracking will, from time to time, receive and store personal information you submit to our website, provided to us directly or given to us in other forms. This includes:
- Account Information – If the customer signs up, certain information such as the name and email. The customer may update or correct its information and email preferences at any time by providing the relevant information to Austracking. Austracking can provide the customer with additional support to access, correct, delete, or modify the information the customer provided to Austracking. To protect the security, Austracking takes reasonable steps (such as requesting any legal information) to verify the identity of the customer before making corrections. The customer is responsible for maintaining the secrecy of the password and information of any account that may be created by Austracking.
- Additional information – The customer may choose to provide additional information. This information helps the customer to get more Austracking. It’s the customer’s choice whether to include sensitive information.
- Other Information – The customer may otherwise choose to provide Austracking information when the customer fills in a form, conducts a search, updates information, responds to surveys, posts to community forums, participates in promotions, or uses other features offered by Austracking.
- You may provide basic information such as your name, phone number, address and email address to enable us to send you information, provide updates and process your product or service order.
- We may collect additional information at other times, including but not limited to, when you provide feedback, when you provide information about your personal or business affairs, change your content or email preference, respond to surveys and/or promotions, provide financial or credit card information, or communicate with our customer support.
- Additionally, we may also collect any other information you provide while interacting with us.
5) How we collect your personal information
- Austracking collects personal information from you in a variety of ways, including when you interact with us electronically or in person, when you access our website and when we engage in business activities with you. We may receive personal information from third parties. If we do, we will protect it as set out in this Privacy Policy.
- By providing us with personal information, you consent to the supply of that information subject to the terms of this Privacy Policy.
6) How we use your personal information
- Austracking may use personal information collected from you to provide you with information about our products or services. We may also make you aware of new and additional products, services and opportunities available to you.
- Austracking will use personal information only for the purposes that you consent to. This may include to:
- provide you with products and services during the usual course of our business activities;
- administer our business activities;
- manage, research and develop our products and services;
- provide you with information about our products and services;
- communicate with you by a variety of measures including, but not limited to, by telephone, email, sms or mail; and
- investigate any complaints.If you withhold your personal information, it may not be possible for us to provide you with our products and services or for you to fully access our website.
- We may disclose your personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, legal proceedings or in response to a law enforcement agency request.
- If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases.
- All personal data processed on behalf of the customer remains the property of the customer and/or the relevant data subjects;
- Austracking has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the Customer and its obligations under the Privacy Policy and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Privacy Policy, it will promptly notify the change to the Customer as soon as it is aware, in which case the Customer is entitled to suspend the transfer of data and/or terminate the Services
- Austracking will promptly notify the Customer about:
- any legally binding request for disclosure of the personal data by law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation;
- any accidental or unauthorised access; and
- Any request received directly from data subjects without responding that request,unless it has been otherwise authorised to do so;
- Austracking deals promptly and properly with all inquiries from the customer relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;
- At the request of the customer to submit its data-processing facilities for audit of the processing activities;
- That, in the event of sub-processing, it has previously informed the Customer and obtained its prior written consent;
- That the processing services by the sub-processor will be carried out in accordance with Section 7;
- To appoint a data protection officer, who performs his/her duties in compliance with the applicable laws. The data protection officers contact details are available at the Austracking web page.
- To entrust only such employees with the data processing outlined in this Privacy Policy who have been bound to confidentiality and have previously been familiarised with the data protection provisions relevant to their work. Austracking and any person acting under its authority who has access to personal data, shall not process that data unless on instructions from the customer, unless required to do so by applicable laws.
- To monitor periodically the internal processes to ensure that processing within Austracking area of responsibility is in accordance with the requirements of the applicable laws and the protection of the rights of the data subject
- to process the Personal Data only on behalf of the Customer and in compliance with its instructions and the Privacy Policy; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the Customer of its inability to comply, in which case the Customer is entitled to suspend the transfer of data and/or terminate the Services
7) Sub-Processors
- The Customer agrees that the Company may engage Company Affiliate or third parties to process Personal Data in order to assist the Company to deliver the Services on behalf of the Customer (“Sub-processors”). The Company has or will enter into written agreement with each Sub-processor containing data protection obligations not less protective than those in this Privacy Policy to the extent applicable to the nature of the Services provided by such Sub-processor. If the Sub-processor processes the Services outside the EU/EEA, the Company shall ensure that the transfer is made pursuant to European Commission approved standard contractual clauses for the transfer of Personal Data which the Customer authorises the Company to enter into on its behalf, or that other appropriate legal data transfer mechanisms are used.
- The current Sub-processors for the Services are set out at the website of the Company (“Sub-processor List”) and the Customer agrees and approves that the Company has engaged such Sub-processors to process Personal Data as set out in the The Company shall provide notification of a new Sub-processor(s) before authorising any new Sub-processor(s) to process Personal Data in connection with the provision of the applicable Service.
- The Company shall notify the Customer thirty (30) days’ in advance of any intended changes concerning the addition or replacement of any Sub-processor during which period the Customer may raise objections to the Sub-processor’s appointment. Any objections must be raised promptly (and in any event no later than fourteen (14) days following Company’s notification of the intended changes). Should the Company choose to retain the objected to Sub-processor, the Company will notify the customer at least fourteen (14) days before authorising the Sub-processor to process Personal Data and then the Customer may immediately discontinue using the relevant portion of the Services and may terminate the relevant portion of the Services.
- For the avoidance of doubt, where any Sub-processor fails to fulfil its obligations under any sub-processing agreement or under applicable law the Company will remain fully liable to the Customer for the fulfilment of its obligations under this Privacy Policy.
8) Disclosure of your personal information
- Austracking may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this privacy policy.
- If we do disclose your personal information to a third party, we will protect it in accordance with this privacy policy.
9) General Data Protection Regulation (GDPR) for the European Union (EU)
- Austracking will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.
- We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.
- We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it.
- We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose. We will keep your data safe and secure.
- We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation.
- We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law.
- We do not collect or process any personal information from you that is considered “Sensitive Personal Information” under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or if it is being collected subject to and in accordance with the GDPR.
- You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.
10) Your rights under the Privacy Policy
- If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. Austracking complies with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU
- Except as otherwise provided in the GDPR, you have the following rights:
- to be informed how your personal information is being used;
- access your personal information (we will provide you with a free copy of it);
- to correct your personal information if it is inaccurate or incomplete;
- to delete your personal information (also known as “the right to be forgotten”);
- to restrict processing of your personal information;
- to retain and reuse your personal information for your own purposes;
- to object to your personal information being used; and
- to object against automated decision making and profiling.
- Please contact us at any time to exercise your rights under the GDPR at the contact details in this Privacy Policy.
- We may ask you to verify your identity before acting on any of your requests.
11) Your obligations
The customer agrees and/or warrants:
- that the processing, including the transfer itself, of the Personal Data has been and will continue to be carried out in accordance with the relevant provisions of the Data Protection Law and does not violate the relevant provisions
- that it has instructed and throughout the duration of the personal data-processing services will instruct the Company to process the Personal Data transferred only on the Customer’s behalf and in accordance with the Data Protection Law and this Privacy Policy.
- that after assessment of the requirements of the Data Protection Law, the security measures are appropriate to protect Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;
- that it will ensure compliance with the security measures;
- to access and use the Services only for legal, authorised, and acceptable purposes. The Customer will not use (or assist others in using) the Services in ways that: (a) violate, misappropriate, or infringe the rights of the Company, its users, or others, including privacy, publicity, intellectual property, or other proprietary rights; (b) are illegal, obscene, defamatory, threatening, intimidating, harassing, hateful, racially, or ethnically offensive, or instigate or encourage conduct that would be illegal, or otherwise inappropriate; (c) involve publishing falsehoods, misrepresentations, or misleading statements; (d) impersonate someone; (e) involve sending illegal or impermissible communications such as bulk messaging, auto-messaging, auto-dialling, and the like; or (f) involve any other use of the Services prescribed in this Privacy Policy unless otherwise authorised by the Company
- do not to (or assist others to) access, use, copy, adapt, modify, prepare derivative works based upon, distribute, licence, sublicense, transfer, display, perform, or otherwise exploit the Services platform in impermissible or unauthorised manners, or in ways that burden, impair, or harm the Company, the Services platform, systems, other users, or others, including that the Customer will not directly or through automated means:
- reverse engineer, alter, modify, create derivative works from, decompile, or extract code from the Services platform;
- send, store, or transmit viruses or other harmful computer code through or onto the Services platform;
- gain or attempt to gain unauthorised access to the Services platform or systems; (d) interfere with or disrupt the integrity or performance of the Services platform;
- create accounts for the Services platform through unauthorised or automated means;
- collect the information of or about other users in any impermissible or unauthorised manner;
- sell, resell, rent, or charge for the Services platform; or
- distribute or make the Services platform available over a network where it could be used by multiple devices at the same time;
- that the Customer is responsible for keeping the Customer’s Services Account safe and secure, and the Customer will notify the Company promptly of any unauthorised use or security breach of the Customer’s Account or the Services platform;
- that the Company grants the Customer a limited, revocable, non-exclusive, non-sublicensable, and non-transferable licence to use the Services This licence is for the sole purpose of enabling the Customer to use the Services platform, in the manner permitted by this Privacy Policy. No licences or rights are granted to the Customer by implication or otherwise, except for the licences and rights expressly granted to the Customer.
12) Hosting and International Data Transfers
- Information that we collect may from time to time be stored, processed in or transferred between parties or sites located in countries outside of Australia. These may include, but are not limited to Lithuania, Australia, Europe, United States of America and/or Asia.
- We and our other group companies have offices and/or facilities in Lithuania and Australia. Transfers to each of these countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from Austracking’s Data Protection Officer.
- The hosting facilities for our website are situated in Lithuania and Australia. Transfers to each of these Countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from Austracking’s Data Protection Officer.
- Our Suppliers and Contractors are situated in Lithuania and Australia. Transfers to each of these Countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from Austracking’s Data Protection Officer.
- You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
13) Security of your personal information
- Austracking is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
- Where we employ data processors to process personal information on our behalf, we only do so on the basis that such data processors comply with the requirements under the GDPR and that have adequate technical measures in place to protect personal information against unauthorised use, loss and theft.
- The transmission and exchange of information is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us, or receive from us. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.
14) Access to your personal information
- You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act 1988 (Cth), and to the extent applicable the EU GDPR. If you would like a copy of the information which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at [email protected].
- We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act or any other applicable law.
15) Complaints about privacy
- If you have any complaints about our privacy practices, please feel free to send in details of your complaints to [email protected];. We take complaints very seriously and will respond shortly after receiving written notice of your complaint.
16) Changes to Privacy Policy
- Please be aware that we may change this Privacy Policy in the future. We may modify this Policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check back from time to time to review our Privacy Policy.
17) Website
- When you visit our website
When you come to our website https://austracking.com.au/, we may collect certain information such as browser type, operating system, website visited immediately before coming to our site, etc. This information is used in an aggregated manner to analyse how people use our site, such that we can improve our service.
- Cookies
We may from time to time use cookies on our website. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our website. Our website may from time to time use cookies to analyse website traffic and help us provide a better website visitor experience. In addition, cookies may be used to serve relevant ads to website visitors through third party services such as Google AdWords. These ads may appear on this website or other websites you visit.
- Third party sites
Our site may from time to time have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that Austracking (ABN: 84 154 610 248) is not responsible for the privacy practices of other such websites. We encourage our users to be aware, when they leave our website, to read the privacy statements of each and every website that collects personal identifiable information.
18) Audit
- In order to confirm compliance with this Privacy Policy, the Customer shall be at liberty to conduct an audit by assigning an independent third party who shall be obliged to observe confidentiality in this Any such audit must occur during Company’s normal business hours and will be permitted only to the extent required for the Customer to assess Company’s compliance with this Privacy Policy. In connection with any such audit, the Customer will ensure that the auditor will:
- review any information on Company’s premises;
- observe reasonable on-site access and other restrictions reasonably imposed by the Company;
- comply with Company’s policies and procedures, and
- not unreasonably interfere with Company’s business The Company reserves the right to restrict or suspend any audit in the event of any breach of the conditions specified in this Section 8.
- In the event that the Customer, a regulator or data protection authority requires additional information or an audit related to the Services, then, the Company agrees to submit its data processing facilities, data files and documentation needed for processing Personal Data to audit by the Customer (or any third party such as inspection agents or auditors, selected by Customer) to ascertain compliance with this Privacy Policy, subject to being given notice and the auditor entering into a non-disclosure agreement directly with the Company. The Company agrees to provide reasonable cooperation to Customer in the course of such operations including providing all relevant information and access to all equipment, software, data, files, information systems, used for the performance of Services, including processing of Personal Data. Such audits shall be carried out at the Customer’s cost and expense.
- The audit may only be undertaken when there are specific grounds for suspecting the misuse of Personal Data, and no earlier than two weeks after the Customer has provided written notice to the Company.
- The findings in respect of the performed audit will be discussed and evaluated by the parties and, where applicable, implemented accordingly as the case may be by one of the parties or jointly by both The costs of the audit will be borne by the Customer.
19) Notification of A Data Breach
- In the event of the Company aware of any breach of security that results in the accidental, unauthorised or unlawful destruction or unauthorised disclosure of or access to Personal Data the Company shall to the best of its ability, notify the Customer thereof with undue delay, after which the Customer shall determine whether or not to inform the Data subjects and/or the relevant regulatory authority(ies). This duty to report applies irrespective of the impact of the The Company will endeavour that the furnished information is complete, correct and accurate.
- If required by law and/or regulation, the Company shall cooperate in notifying the relevant authorities and/or Data subjects. The Customer remains the responsible party for any statutory obligations in respect thereof.
- The duty to report includes in any event the duty to report the fact that a leak has occurred, including details regarding:
the (suspected) cause of the leak;
the (currently known and/or anticipated) consequences thereof;
the (proposed) solution;
the measures that have already been taken.
20) Deletion and Return of Personal Data
- The parties agree that on the termination of the provision of data-processing services, the Company and its subcontractors shall, at the choice of the Customer, return all the Personal Data transferred and the copies thereof to the Customer or shall destroy all the Personal Data and certify to the Customer that it has done so, unless legislation imposed upon the Company prevents it from returning or destroying all or part of the Personal Data In that case, the Company warrants that it will guarantee the confidentiality of the Personal Data transferred and will not actively process the Personal Data transferred anymore. The Company and its subcontractors warrant that upon request of the Customer and/or of the supervisory authority, it will submit its data-processing facilities for an audit of the measures referred to in Section 8.
21) Governing Law/Forum
- This Privacy Policy shall be governed by and interpreted in accordance with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) and to the extent applicable, the EU General Data Protection Regulation (GDPR).
22) Effective date
This policy is effective from 19/10/2022 and may be amended from time to time.