1 PURPOSE OF OUR POLICY
(a) Providing the system and services that we offer; and
(b) The normal day-to-day operations of our business.
2 DATA CONTROLLER
2.1 tiny+ is the data controller and responsible for determining the purposes and processing of your personal information.
3 WHO AND WHAT THIS POLICY APPLIES TO
3.3 If, at any time, you provide personal information or other information about someone other than yourself, you warrant that you have that person's consent to provide such information for the purpose specified.
3.4 Our website and services are unavailable to children (persons under the age of 18 years).
4 THE INFORMATION WE COLLECT
4.1 In the course of business it is necessary for us to collect personal information. This information allows us to identify who you are for the purposes of our business, share personal information when asked of us, contact you in the ordinary course of business and transact with you. Without limitation, the type of information we may collect is:
(a) Personal information. We may collect personal details such as your name, location, date of birth, nationality, family details and other information cthat allows us to identify who you are;
(b) Contact Information. We may collect information such as youremail address, telephone & fax number, third-party usernames, residential, business and postal address and other information that allows us to contact you;
(c) Financial Information. We may collect financial information such as any bank or credit card details used to transact with us;
(d) Statistical Information. We may collect information about your online and offline preferences, habits, movements, trends, decisions, associations, memberships, finances, purchases and other information for statistical purposes; and
(e) Information you upload and send us. We may collect any personal information that you upload to the Platform or send us, or that is sent to us by others about you.
4.3 We may also collect non-personal information about you such as information regarding their computer, network and browser. This may include your IP address.
5 HOW INFORMATION IS COLLECTED
5.1 Most information will be collected in association with your use of tiny+, an enquiry about tiny+ or generally dealing with us. However we may also receive personal information from sources such as advertising, our own promotions, public records, mailing lists, contractors, staff, recruitment agencies and our business partners. In particular, information is likely to be collected as follows:
(a) Registrations/Subscriptions. When you register or subscribe for a service, list, account, connection or other process whereby you enter personal information details in order to receive or access something, including a transaction;
(b) Accounts/Memberships. When you submityour details to open an account and/or become a member with us;
(c) Supply. When you supply us with goods or services;
(d) Contact. When you contact us in any way;
(e) Pixel Tags. Pixel tags enable us to send email messages in a format customers can read and tell us whether mail has been opened; and
6 WHEN PERSONAL INFORMATION IS USED
6.1 The purpose for which we collect personal information is to provide you with the best service experience possible on the Platform.
6.2 We will only use personal information:
(a) where necessary for the purposes of the legitimate interest of tiny+ specifically, tiny+’s legitimate interest in operating our business and providing the Platform, training its workforce and helping improve performance of the Platform; or
(b) where it is necessary for the performance of a contract which you have entered into with us; or
(c) if required to satisfy any applicable law, legal requirement, police investigation or request from a government authority. Personal information may also be exposed from time to time to maintenance and support personnel acting in the normal course of their duties; or
6.3 Information is used to enable us to operate our business, especially as it relates to you. This may include:
(a) The provision of goods and services between you and us;
(b) Verifying your identity;
(c) Communicating with you about:
i Their relationship with us;
ii Our goods and services;
iii Our own marketing and promotions to customers and prospects;
iv Competitions, surveys and questionnaires; and
(d) Investigating any complaints about or made by you, or if we have reason to suspect that you are in breach of any of our terms and conditions or that you are or have been otherwise engaged in any unlawful activity.
6.4 There are some circumstances in which we must disclose your personal information:
(a) Where we reasonably believe that you may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of; and
(b) In order to sell our business (in that we may need to transfer personal information to a new owner).
6.5 By using the Platform, you consent to the receipt of direct marketing material. We will only use personal information for this purpose if we have collected such information directly from you and if it is material of a type which you would reasonably expect to receive from us. We do not use sensitive personal information in direct marketing activity. Our direct marketing material will include a simple means by which you can withdraw your consent by requesting not to receive further communications of this nature.
7 DISCLOSURE AND TRANSFER OF PERSONAL INFORMATION
7.1 If it is necessary for us to disclose your personal information to third parties in the course of our business, we will inform you that we intend to do so, or have done so, as soon as practical.
7.2 We will not disclose or sell your personal information to unrelated third parties under any circumstances.
7.3 We may share personal information with:
(a) other users of the Platform; or
(b) third parties including our service providers who provides and administers the Platform.
7.4 We may utilise third-party service providers (such as Gmail from Google, Inc., and MailChimp from The Rocket Science Group LLC) to communicate with You and to store contact details about You. These service providers are located in the United States of America.
7.5 The recipients may be located in Australia or overseas. tiny+ is based in Australia. Whilst Australia has a data protection supervisory authority and data subject rights, Australia is not one of the few countries which is the subject of an adequacy decision by the European Commission.
7.6 While we endeavour to ensure that personal information is adequately protected, the overseas recipient may have laws which are different and potentially not as protective as the laws of your own country. In the circumstances, we will assess the technical and organisational measures our processors have in place and will maintain when operating the Platform to satisfy ourself that personal information is protected in such circumstances. In addition, where appropriate, tiny+ will endeavour to enter into standard contractual clauses with the processors to act as a further safeguard for the personal information being transferred outside of Australia. We will not be liable for any mishandling of your information in such circumstances.
8 OPTING “IN” OR “OUT”
8.1 You may opt to not have us collect their personal information. This may prevent us from offering them some or all of our services and may terminate your access to some or all of the Platform you access with or through us. You will be aware of this when:
(a) Opt In. Where relevant, you will have the right to choose to have information collected and/or receive information from us; or
(b) Opt Out. Where relevant, you will have the right to choose to exclude yourself from some or all collection of information and/or receiving information from us.
8.2 If you believe that you have received information from us that you did not opt in or out to receive, you should contact us on the details below.
9 THE SAFETY & SECURITY OF PERSONAL INFORMATION
9.1 We process personal information on our servers in Australia, and you consent to your personal information being processed and stored in that location.
9.3 We will take all reasonable precautions to protect your personal information from unauthorised access. These measures may include internal reviews of our data collection, storage and processing practices and security measures, including appropriate encryption and securing our physical facilities and electronic networks.
9.4 tiny+ uses SSL encryption to store and transfer personal information. Despite this, the security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. You provide information to us via the internet or by post does so at their own risk. We disclaim all liability for misuse or loss of, or unauthorised access to, alteration disclosure of destruction of personal information where the security of information is not within our control.
9.5 We are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose your personal information to in accordance with this policy or any applicable laws). The collection and use of your information by such third parties may be subject to separate privacy and security policies.
9.6 If you suspect any misuse or loss of, or unauthorised access to, your personal information, you should let us know immediately.
9.7 We are not liable for any loss, damage or claim arising out of another person’s use of the personal information where we were authorised to provide that person with the personal information.
9.8 We will notify you within 72 hours and without undue delay of any:
(a) actual breach of security, which when reasonably suspected poses a risk to the security, confidentiality or integrity of their personal information; or
(b) actual unauthorised access of any personal information;
which is likely to result in a high risk to your rights and freedoms.
10 HOW TO ACCESS AND/OR UPDATE INFORMATION
10.1 You can update their personal information from within their tiny+ account or profile.
10.2 You have the right to request from us the personal information that we have about you, and to correct any errors in the personal information we hold about them.
10.3 You also have the right to request that we not sell, release, disclose or transfer their personal information. In some circumstances, you may also restrict or object to the processing of your personal information.
10.4 You may delete any personal data you upload to the Application. You may also request the deletion of your personal data.
10.5 It is your responsibility to provide us with accurate and truthful personal information. We cannot be liable for any information that is provided to us that is incorrect.
10.6 We may charge you a reasonable fee for our costs incurred in meeting any of their requests to disclose the personal information we hold about them.
11 COMPLAINTS AND DISPUTES
11.1 If you have a complaint about our handling of their personal information, you should address their complaint in writing to the details below.
11.2 If we have a dispute regarding your personal information, we both must first attempt to resolve the issue directly between us. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.
12 CONTACTING US
12.1 All correspondence with regards to privacy should be addressed to:
The Privacy Officer
TinyPlus Pty Ltd
11 York Street, Sydney NSW 2000, Australia
12.2 You may contact the Privacy Officer by email in the first instance.
13 ADDITIONS TO THIS POLICY
14 GOVERNING LAW