1. INTRODUCTION
1.1. AppLab Holdings Pty Ltd (ACN 621 749 148) and its affiliated entities (we, us and our) are committed to protecting the privacy of your personal information in accordance with the Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth). We understand that you trust us with your personal information and we are committed to keeping that trust.
1.2. Please take a moment to read this privacy policy (Privacy Policy) as it explains how we collect, use, hold and disclose your ‘personal information’ (that is, information or an opinion about you, whether true or not, which identifies you or from which your identity is reasonably identifiable) and how to contact us if you have any queries about our management of your personal information.
1.3. This Privacy Policy also contains information about how you may access your personal information, seek correction of your personal information and make complaints if you think we have breached any privacy laws and how we will deal with such complaints.
2. HOW WE COLLECT PERSONAL INFORMATION
2.1. We will collect and hold your personal information in a fair and lawful manner, and not in an intrusive way. Where it is reasonably practical to do so, we will collect your personal information directly from you. We may collect your personal information in a variety of ways, including:
(a) when you interact with us in writing, electronically or by phone;
(b) when you access, use or interact with one of our products or services, including any application or software provided by us (AppLab Application);
(c) through your use of any associated applications and third party systems which interface or interoperate with the AppLab Application;
(d) when you subscribe to our email or mobile services and newsletters, or access and use our website or social media;
(e) when you provide us with information in response to direct marketing, competitions or customer satisfaction or market research surveys;
(f) in the course of administering or providing any of our products or services;
(g) in the course of administering, performing or managing contracts with our service providers or other third parties;
(h) when you apply for employment with us; and
(i) as otherwise required to manage our business.
2.2. However, in some cases we may also collect personal information from publically available sources and third parties, such as your employer, your financial advisers, government bodies, recruitment agencies, referees, banks, contractors, our other customers and business partners and other third parties in the circumstances described in clause 6.1.
2.3. If we collect personal information from a third party we will, where appropriate, request that the third party inform you that we are holding such information and of the terms of this Privacy Policy.
3. TYPES OF PERSONAL INFORMATION WE COLLECT AND HOLD
3.1. The kinds of personal information we collect and hold about you will depend on a range of circumstances, including who you are and which products and services you are looking to access or use.
3.2. Generally, the personal information we collect can include (but is not limited to):
(a) your name, date of birth, age, gender, postcode and other demographic information;
(b) your contact details, such as your email, postal and work addresses and phone numbers;
(c) information to verify your identify, such as your driver’s licence or passport details, photos or signatures;
(d) billing and financial information (such as your banking or payment information) and any other financial information you provide to your financial adviser from time to time;
(e) information relating to your creditworthiness (including the credit information described in section 8);
(f) if applicable, employment information, such as job application information;
(g) information relating to incidents relating to our business or the products or services we provide, such as misconduct, breach of our licence terms, unlawful activity, claims or disputes;
(h) any information which is publicly available; and
(i) any other information you provide us from time to time (including through the AppLab Application or our website), such as your
preferences or opinions relating to our products and services, and information relating to surveys, enquiries or complaints.
3.3. In addition, when you execute an order form with us, or access or use the products or services we provide, we may collect:
(a) your company and personal details, contact information, financial and billing information and any other information you provide when you sign an order form with us;
(b) usage data about how you interact with our products and services (including the AppLab Application and our website), such as access dates and times, features used, content viewed, crashes and other system activity; and
(c) information about the system or device which you use to access our products and services (including the AppLab Application and our website), including the type of system or device, its name, MAC address, location data, operating system, browser type, software, IP address, data usage and other information relating to that system or device.
3.4. We may also collect personal information about you from others who have purchased access to our products or services (including the Creativemass Application) for your benefit, such as your employer or financial adviser.
3.5. In some circumstances, we may collect sensitive information about you where permitted by law. Examples of sensitive information we may collect about you include details of licenses, accreditations, professional associations and memberships.
3.6. We will not collect sensitive information about you unless you have consented to the collection (including by contributing content
through one of the products or services we provide, such as by entering the data when using the AppLab Application), or we are otherwise required or authorised to do so by or under the law of any jurisdiction.
3.7. If we are unable to collect personal information from or about you:
(a) we may not be able to respond to your requests or enquiries;
(b) you may not be able to use the products or services we provide (or use them to their full extent); or
(c) we may not be able to do business with you or the organisation with which you are related.
4. COOKIES
4.1. Our website may use ‘cookies’ as part of its interaction with your computer or device. A ‘cookie’ is a small text file placed on your
computer or device for a pre-defined period of time by our server for later retrieval.
4.2. Cookies are frequently used by businesses and you can choose if and how a cookie will be accepted by configuring your preferences and options in your computer or device. Cookies do not alter the operation of your computer or device in any way.
4.3. We may use cookies to identify specific machines and website interactions in order to collect aggregate information on how visitors are experiencing our website. This information will help to better adapt our website to suit our users’ requirements. While cookies allow a computer to be identified, they do not permit any reference to a specific individual.
5. OUR PURPOSE FOR HANDLING YOUR PERSONAL INFORMATION
5.1. We collect and use personal information about you primarily to supply you with our products and services. We do not sell, rent or lease your personal information to third parties.
5.2. As a general rule, we only process personal information for purposes that would be considered relevant and reasonable in the circumstances. In particular, we collect, hold, use and disclose personal information for a range of purposes, including:
(a) to communicate with you;
(b) to offer and provide you with our products and services, or request feedback about products and services your have received;
(c) to verify your identity and create, maintain and administer your user account;
(d) to provide personalised content, functionality and accessibility options relating to the products and services we provide;
(e) to help you to stay informed about news, events and ideas regarding professional topics or potential work, career, training or educational opportunities and other information we believe may be relevant to you based on the personal information you submit to us and the activities you perform through the AppLab Application;
(f) to process and validate payments relating to our products and services;
(g) to invite you to participate in competitions, surveys or customer research and, if you choose to participate, to register and administer your participation;
(h) to manage and administer our products and services (including the performance of those products and services), and otherwise to
appropriately manage and conduct our business, including providing training and performing administrative functions such as billing and accounts and records management;
(i) in the case of credit information, to assess your creditworthiness for the purposes of an application by you for commercial credit;
(j) to provide you with customer service or technical support (including follow-up or ongoing support), and deal with any complaints or feedback you have;
(k) in relation to the management and security of our products and services, including to assess, monitor, log and action security and other incidents relating to use of the products and services we provide, which may involve disclosure of personal information to law enforcement agencies, government bodies and insurers;
(l) to manage our relationships with our suppliers and contractors;
(m) to consider job applicants for current and future employment;
(n) in relation to legal proceedings or claims or disputes relating to our products or services;
(o) to comply with our legal and regulatory obligations;
(p) to conduct research and development and for the purposes of business planning, including the further development of our products and services;
(q) to create aggregated non-identifiable data about our users and share that data with third parties so that they can to serve advertisements to our users on the products and services we provide;
(r) otherwise for direct marketing purposes, including to prepare and provide marketing information about the products and services we provide and those of our related entities and other organisations, work, career, training or educational opportunities we believe may be relevant to you, and other information in accordance with the privacy laws and section 7 below;
(s) for any purpose disclosed to you and to which you have consented; and
(t) for any purpose that you would otherwise reasonably expect.
6. DISCLOSURE OF PERSONAL INFORMATION TO THIRD PARTIES
6.1. In addition to any specific disclosures referred to above, we may disclose your personal information for the purposes outlined above to third parties including:
(a) our related entities, agents and organisations and their personnel;
(b) entities seeking to acquire all or part of our business;
(c) companies that you are associated with (for example, your employer or financial planner), and employees of those companies;
(d) suppliers of services and deliverables that interoperate with our products or services (including the AppLab Application) which you, or your employer or financial adviser, have acquired to use together with the AppLab Application;
(e) suppliers of services and deliverables that are required in order to use our products or services (including the AppLab Application) for which you, or your employer or financial adviser, have entered into a separate contract with the applicable third party supplier;
(f) suppliers of services, material or software which are included in our products or services (including the AppLab Application) and which are not covered under clause 1(d) or 6.1(e);
(g) our contractors, suppliers, partners, insurers, contracted service providers, any other person that forms part of our supply chain, including:
(i) information technology service providers;
(ii) communications carriers and exchange providers;
(iii) data analytics providers;
(iv) research partners, including those performing surveys or research projects in partnership with us or on our behalf;
(v) service providers that assist us to enhance the safety and security of our website;
(vi) external business advisors or consultants (such as auditors and lawyers);
(vii) if you are a job applicant, referees whose details you have provided to us; and
(viii) other third parties with your consent.
6.2. We may also disclose your personal information to other third parties and for other purposes where we are required or permitted by or under law to do so (including where you have provided your consent).
6.3. If we disclose information to a third party, we generally require that the third party protect that information to the same extent that we do.
7. DIRECT MARKETING
7.1. Like most businesses, marketing is important to our continued success. We therefore like to stay in touch with customers and let them know about new opportunities.
7.2. From time to time we may contact you with information about new products, services and promotions either from us, or from third parties which may be of interest to you. In these situations, your personally identifiable information is not transferred to the third party. We will not disclose your personal information to third parties for marketing purposes without your consent.
7.3. We may also invite you to participate in surveys or customer research on a range of issues, including satisfaction with the products and services we provide. These surveys help us to improve those products and services and tailor the way we do business with you.
7.4. You may opt-out at any time from receiving communications from us that are not account related or legally required by contacting us using the contact details at the end of this Privacy Policy or using the opt-out/unsubscribe facility in our communications.
8. CREDIT REPORTING
8.1. From time to time, where permitted by the privacy laws, we may collect, hold, use and disclose certain credit and credit eligibility information about you, including:
(a) your name, current and previous addresses, driver’s licence number, date of birth and employer;
(b) the fact that you have applied to us for one of our products or services and any credit limit on your account;
(c) your repayment history, including the amount of any payments due to us which are overdue for at least sixty days, and when steps have been taken by us to recover those overdue payments;
(d) where an overdue payment has been previously reported, advice that the payment is no longer overdue;
(e) default information, including cheques or credit card payments which have been dishonoured;
(f) court judgments or bankruptcy orders made against you;
(g) if, in our opinion, you have committed a serious credit infringement;
(h) when we cease to provide products or services to you; and
(i) other credit information that we are able to derive from the above information.
8.2. In particular, this credit information may be collected from, or disclosed to, credit reporting bodies. You authorise us to disclose such information to credit reporting bodies to assist them with assessing your creditworthiness for the purposes of us considering an application by you for commercial credit. You also authorise us to collect and use information from credit reporting bodies for the same purpose. We reserve the right to refuse or cancel the supply of products or services on the basis of a credit assessment of you.
8.3. If you believe you have been, or are likely to be, a victim of fraud you have the right to request that a credit reporting body not use or disclose your credit information. You can also request that a credit reporting body not use your credit information for the purposes of pre-screening or direct marketing by a credit provider.
9. PROTECTION OF PERSONAL INFORMATION
9.1. We may hold personal information as either secure physical records, electronically on our intranet system, in cloud storage or on third party servers. In particular, our products and services currently utilise data storage provided by Salesforce. Details of Salesforce’s security measures and systems are set out on Salesforce’s website and in Salesforce’s Security Guide available at https://developer.com/docs/atlas.en-us.securityImplGuide.meta/securityImplGuide/salesforce_security_guide.htm.
9.2. We maintain appropriate physical, procedural and technical security for our offices and information storage facilities so as to prevent any loss, misuse, interference, unauthorised access, disclosure, or modification of personal information, including when we dispose of personal information.
9.3. We further protect personal information by restricting access to personal information to only those who need access to the personal information to do their job. Physical, electronic and managerial procedures have been employed to safeguard the security and integrity of your personal information.
9.4. We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be key by law.
9.5. We may retain certain information if necessary for our legitimate business reasons as indicated in this Privacy Policy, such as fraud prevention. For example, if we shut down a user account because of a security incident, we may retain certain information about that account to prevent that member from opening a new account in the future.
10. ACCESS TO, AND CORRECTION OF, YOUR PERSONAL INFORMATION
10.1. In some cases you will be able to access and correct the personal information we hold about you through your user account settings.
10.2. In other cases, please contact us (using the contact details at the end of this Privacy Policy) if you would like to access or correct the personal information we hold about you (including credit information) and provide us with as much detail as possible to enable us to best assist with your request. We will respond within a reasonable period of time, but we may need further information to verify your identity.
10.3. We will generally provide you with access to your personal information (subject to some exceptions permitted by law), but may charge an access fee to cover the cost of retrieving the information and supplying it to you. If we deny any request by you to access or correct your personal information, we will provide our reasons for doing so. Where we decide not to make a requested correction to your personal information and you disagree, you can ask us to make a note of your requested correction alongside the information.
11. QUESTIONS, CONCERNS AND COMPLAINTS
11.1. Please contact us (using the contact details at the end of this Privacy Policy) if you have any questions, concerns or complaints about this Privacy Policy or the manner in which we have collected or handled your personal information or credit information (including under the APPs or other binding codes).
11.2. We take all complaints seriously and will inquire into your complaint and respond to you in writing within a reasonable period. If you are not satisfied with the handling of your complaint, you can contact us to discuss your concerns or lodge a complaint with the Australian Information Commissioner at oaic.gov.au.
11. CHANGES TO THIS PRIVACY POLICY
11.1. We may amend this Privacy Policy from time to time at our discretion. An up-to-date copy of our Privacy Policy is available by contacting us at info@app-lab.com.au
11.2. This Privacy Policy was last updated on 7 August 2019.
12. CONTACT DETAILS AND ADDITIONAL INFORMATION
12.1. If you would like more information about our approach to privacy, or if you wish to contact us regarding the information set out in this Privacy. Policy, please contact our privacy officer:
(a) by email: at info@app-lab.com.au
12.2. Nothing in this Privacy Policy is intended to limit our ability to rely on any exemptions under the Privacy Act 1988 (Cth).
12.3. You acknowledge and agree that:
(a) your personal information may be collected and used by third party service providers under a separate contractual arrangement you have with those third party providers in connection with your use of our products and services, (including Salesforce); and
(b) in those circumstances you may be required to deal with those third party service providers directly relating that personal information (including Salesforce) and we may not be able to control those third parties, or otherwise assist you with those dealings.
