Entwined Signage PTY LTD is committed to providing quality services to you whilst respecting your privacy. This policy outlines our ongoing obligations to you in respect of how we manage your Personal Information that you have entrusted to us.
We have adopted the Australian Privacy Principles (“APPs”) that can be found here <www.oaic.gov.au/privacy/australian-privacy-principles>, and are also contained in the Privacy Act 1988 (Cth) (“the Privacy Act”) which can be found here legislation.gov.au/Details/C2019C00025. The APPs govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information.
This policy is incorporated by reference to and made a part of our Terms of Service as if it was set out fully in that document.
Privacy Act: the Privacy Act 1988 (Cth) (Australia)
Users: Users of this website (You).
General Information consists of information that is anonymous in nature and does not identify you as an individual. This includes your computer IP address, unique mobile device identifier, browser type, ISP or carrier name, and the URL of the last webpage you visited before visiting our website. This information gives us insights on how our users use our site and our other products.We collect this information by using “cookies”, which are small bits of computer code that are transferred to your computer’s hard drive via a web browser, which enable us to record the general information described above. We use this information to ensure that our service continues to appeal to our users.
What do we do with General Information?
Where is General Information Stored?
General Information collected from Users outside and within Australia will be transferred to and stored on Microsoft Azure Services servers located in Australia or as otherwise required by Microsoft Azure Services from time to time.
What is Personal Data?
Personal Data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier.
How do we obtain Personal Data?
Personal Data is obtained by us when you submit a contact form or sign up to our mailing list. It may also be obtained via email or other correspondence with us, from cookies and third parties.When you submit a request or sign up for information through the email list you must provide us with your name and email address.
What do we do with your Personal Data?
We do not use Personal Data for marketing or advertising purposes unless you explicitly permit us to do so. We do not share your Personal Data with third parties for those purposes or any other purposes unless we are legally bound to do so by notice of law enforcement (see 5.2).We use your email to enable communications and for no other purpose.We also use your email address to send you information that we believe may be of interest to our subscribers.We use your IP address to identify your location in order to provide you with notices and other information that may be required by your local regulatory authority.Where this information is considered Sensitive Information as defined by section 6 of the Privacy Act it will only be used by us:For the primary purpose for which it was obtained; or
For a secondary purpose that is directly related to the primary purpose; or
With your consent; or
Where required or authorised by law.
Where is your Personal Data Stored?
All Personal Data collected from Users outside and within Australia will be transferred to and stored on servers located in Microsoft Azure Services servers located in Australia or as otherwise required by Microsoft Azure Services from time to time.
Sharing of Data
We will not share Personal Data with third parties for marketing purposes without your consent. We will share Personal Data with certain third parties in the following ways:
If required by the laws of the jurisdiction referred to in our Terms of Service including the law enforcement authorities, courts, or regulators of that jurisdiction, we may disclose any information we have about our users. We also may disclose your Personal Data to exercise or protect legal rights or defend against legal claims.
If the information that we use is already out in the public domain or has already been disseminated by your prior written consent, it may be disclosed by us without first obtaining your consent. In that event, you release us and indemnify us from any claim or demand whatsoever concerning the information so disseminated.
Bulk Asset Transfers
In some cases, we may choose to buy or sell assets. In these business transfers, customer information, including Personal Data, is typically one of the business assets that are transferred. Moreover, if all or substantially all of our business assets were acquired, or in the unlikely event that we go out of business or enter into bankruptcy, customer information (including your Personal Data), would be one of the assets that are transferred or acquired by a third party. You acknowledge that such transfers may occur and that any assets may continue to be used according to your Personal Data as outlined in this policy.
Other Third Parties
We may reserve and have the right to disclose any information about you or your use of our Service without your prior permission, if we in good faith believe that such action is necessary to protect and defend the rights, property or safety of our company or its affiliates, other Users of the Service or the public.
GDPR Compliance Statement
To ensure compliance with the EU General Data Protection Regulation (“GDPR”), we have incorporated the following practices and procedures:We verify that the third parties with which we share User information are GDPR compliant;
We ensure that data is stored in a manner that facilitates our ability to locate and delete information pertaining to a specific user upon request;
We perform security audits and retain outside consultants to help us ensure that we have employed sufficient measures to protect User information.
If we modify any of the terms of this policy, we inform all of our Users via email and specifically ask EU Users to agree to the modified terms via e-mail or on the Entwined Signage PTY LTD website; and
We have appointed an internal Data Protection Officer who is responsible for overseeing our privacy and data protection procedures and will serve as the individual point of contact for information access and deletion requests, and for the effective undertaking of the practices and procedures set out in 2(a)-(f) inclusive as above stated.
Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and unauthorised or unlawful access, modification or disclosure. We also limit access to User information to employees who reasonably need access to it to do their jobs. However, because no security system can be 100% effective, we cannot completely guarantee the security of any information we may have collected from or about you. In addition, we have no control over the security of other web sites that you might visit even when a link may appear to those websites from our Site.When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.
Your Options and Rights
All users may request that we stop sending you emails by clicking the “unsubscribe” link that is included at the bottom of non-account related emails.
You may access the Personal Information we hold about you and to update, correct and/or delete it, subject to certain exceptions. If you wish to access your Personal Information, please contact our Data Protection Officer in writing.
Entwined Signage PTY LTD will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.
To protect your Personal Information we may require identification from you before releasing the requested information.
If you are an EU citizen, you may request that we provide you with (or delete) all the information we collect from and about you or otherwise exercise your rights under the GDPR by contacting our Data Protection Officer. Data reporting and deletion requests will be processed free of charge within thirty (30) days.
If you ever have any questions about this policy or the Personal Data and General Information we have collected please contact our Data Protection Officer. We respect your rights and privacy and will be happy to answer any questions or concerns you might have. Their contact details are as follows:
Entwined Data Protection Officer
6/500 Lytton Road, Morningside, QLD 4170