1. Introduction
1.1 EXELLON AU PTY LTD (ACN 660 530 450) trading as Ariiston
(we, us, our) recognises the importance of protecting the privacy and the
rights of individuals in relation to their personal information.
1.2 This Privacy Policy sets out our commitment to
protecting the privacy of your personal information and how it is collected
whether through our website (Site), directly from you or otherwise.
1.3 We respect your rights to privacy under the Privacy Act
1988 (Cth) (Privacy Act) and the Australian Privacy Principles, and we manage
the collection and disclosure of your personal information in accordance with
these requirements.
1.4 We also uphold your rights to privacy if you are based
in the European Union, in accordance with the General Data Protection
Regulation (EU) (GDPR). Your rights under the GDPR are listed in clause 11.
1.5 If you do not wish to provide personal information to
us, then you do not have to do so. However, this may affect your use of this
Site or any products and services offered on it.
2. What is your personal information?
2.1 When used in this Privacy Policy, the term “personal
information” has the meaning given to it under the Privacy Act and GDPR.
2.2 In general terms, it is any information that can be used
to personally identify you. This may include your name, address, telephone
number, email address and profession or occupation.
2.3 If the information we collect personally identifies you,
or you are reasonably identifiable from it, the information will be considered
personal information.
2.4 We may also collect some information that is not
personal information because it does not identify you or anyone else. For
example, we may collect anonymous answers to surveys or aggregated information
about how users operate on our Site.
2.5 Your personal information will not be shared, sold,
rented or disclosed other than as described in this Privacy Policy.
3. What information we may collect from you
3.1 We may collect the following personal information from
you:
(a) names;
(b) email addresses;
(c) telephone numbers;
(d) business management information;
(e) billing, mailing, business and/or residential address;
(f) business or company numbers and names;
(g) banking, credit card, or other online payment details to process purchases;
(h) date of birth; and
(i) various forms of identification.
3.2 We collect personal information about you so that we can
perform our business activities and
functions and to provide best possible quality of customer service. We collect,
hold, use and
disclose your personal information for the following purposes:
(a) to provide our Products to you;
(b) to allow us to conduct our business functions;
(c) to conduct internal record keeping;
(d) to identify and understand user needs;
(e) to enable us to process your personal data;
(f) to personalise and customise your experiences on our Site;
(g) to send communications requested by you;
(h) to answer enquiries and provide information or advice about existing and
new Products;
(i) to conduct market research, business development and marketing activities
(including direct
marketing);
(j) to send you promotional information about our products and services and
about third parties
that we think you may find interesting;
(k) to comply with any law, rule, regulation, lawful and binding determination,
decision or
direction of a regulator, or in cooperation with any governmental authority;
(l) to contact you; and
(m) for our internal administrative, marketing and planning requirements.
4. How do we collect your personal information?
4.1 We collect your personal information directly from you
unless it is unreasonable or impracticable
to do so. When collecting personal information from you, we may collect in ways
including:
(a) when you make an enquiry about our Products;
(b) when you fill in any of our online forms, including when downloading free
publications;
(c) through your access and use of our Site, including when you register an
account with us;
(d) during conversations between you and our representatives or through any
other means or
platforms, including social media;
(e) when you ask to be placed on one of our subscription/mailing lists;
(f) when you become a client or customer of ours or otherwise use our Products;
(g) when you use or access our social media pages, which may be collected
through use of web
analytics tools, 'cookies' or other similar tracking technologies that allow us
to track and
analyse your Products usage;
(h) when you visit any links shared via our social media posts, emails or other
landing pages;
(i) during any calls between you and our representatives.
These calls may be recorded for training, quality and business purposes; and
(j) via third-party service providers where we understand the third-party will
have obtained your consent to disclose this information for social or market
research purposes.
5. What happens if we can’t collect your personal
information?
5.1 If you do not provide us with the personal information
described above, some or all of the following may happen: (a) We may not be
able to provide our products or services to you, either to the same standard or
at all; (b) We may not be able to provide you with information about Products
that you may want, including information about special promotions; or (c) We
may be unable to tailor the content of our Site to your preferences and your
experience of our Site may not be as enjoyable or useful.
6. Our Site Site User Tracking Experience
6.1 We may use tracking software to review and improve your
experience of our Site, Surveys and landing pages. In particular, we may use
Facebook Pixel, Infusionsoft, Active Campaign, Google Analytics, YouTube, etc.
6.2 When visiting our Site, the Site server makes a record
of the visit and logs the following information for statistical and
administrative purposes: (a) the user’s server address – to consider the users
who use the Site regularly and tailor the Site to their interests and
requirements; (b) the date and time of the visit to the Site – this is
important for identifying the Site’s busy times and ensuring maintenance on the
Site is conducted outside these periods; (c) pages accessed and documents
downloaded – this indicates to us which pages or documents are most important
to users and also helps identify important information that may be difficult to
find; (d) duration of the visit – this indicates to us how interesting and
informative our Site is to users; (e) the type of browser used – this is
important for browser specific coding; and (f) in order to optimise our Site
and better understand it’s usage, we collect the visiting domain name or IP
address, computer operating system, browser type and screen resolution.
6.3 We may use advertising products, such as Remarketing
with Facebook, Google Analytics and Google Analytics Demographics and Interest
Reporting. Google Analytics collects data about our Site traffic via Google
Advertising cookies and anonymous identifiers.
6.4 Data collected via these Google products is not linked
with any personally identifiable information you submit while on our Site. If
you wish to opt out of the Google Analytics data collection, you may do so on
Google's Site at tools.google.com/dlpage/gaoptout.
Cookies
6.5 When you access our Site, we may send a “cookie” (which
is a small summary file containing a unique ID number) to your computer. This
enables us to recognise your computer and greet you each time you visit our
Site without bothering you with a request to register. It also enables us to
keep track of Products you view so that, if you consent, we can send you news
about those Products.
6.6 We also use
cookies to measure traffic patterns, to determine which areas of our Site have
been visited and to measure transaction patterns in the aggregate.
6.7 We use this to research our users’ habits so that we can
improve our online services. Our cookies do not collect personal information.
If you do not wish to receive cookies, you can set your browser so that your
computer does not accept them. We may log IP addresses (that is, the electronic
addresses of computers connected to the Internet) to analyse trends, administer
the Site, track users’ movements, and gather broad demographic information.
6.8 The Site may contain content and sharing tools embedded
from various social networks, such as Facebook. These suppliers may use and
place cookies on your device. We do not have access to, and cannot control,
these cookies or the personal data and information that they may collect. You
therefore need to check the websites of these suppliers to get further
information on how they manage cookies and what information their cookies
collect. Security
6.9 As our Site is linked to the Internet, and the Internet
is inherently insecure, we cannot provide any assurance regarding the security
of transmission of information you communicate to us online.
6.10 We also cannot guarantee that the information you
supply will not be intercepted while being transmitted over the Internet.
Accordingly, any personal information or other information which you transmit
to us online is transmitted at your own risk. Links
6.11 We provide links to websites outside of our Site, as
well as to third party websites. These linked sites are not under our control,
and we cannot accept responsibility for the conduct of any companies,
businesses, affiliates, advertisers and sponsors, linked to our Site.
6.12 Before disclosing your personal information on any
other website or to any third party, we advise you to examine the terms and
conditions of using that website and its privacy policy. Third party websites
are responsible for informing you about their own privacy practices.
7. Who do we disclose your information to?
7.1 We may disclose your personal information to: (a) Our
directors, employees, agents, contractors or service providers, including,
without limitation, consultants web hosting providers, IT systems
administrators, mailing houses, couriers, payment processors, data entry
service providers, electronic network administrators, debt collectors, and
professional advisors such as accountants, solicitors, business advisors, for
the purposes of operating our Site or our business, fulfilling requests by you,
and to otherwise provide Products to you; 5 (b) suppliers and other third
parties with whom we have commercial relationships, for business, marketing,
and related purposes, which may include overseas parties; (c) credit reporting
agencies and courts, tribunals, regulatory authorities where customers fail to
pay for goods or services provided by us to them, and other law enforcement
officers as required by Law; and (d) any other organisation for any authorised
purpose with your express consent.
7.2 We only disclose this information if the third party has
agreed to comply with the standards in our Privacy Policy.
7.3 If there is any change or potential change to the
control of our business pursuant to the sale, assignment or transfer of the
business, or business assets, its assets and/or liabilities, we reserve the
right to sell, assign and/or transfer our user databases, together with any
personal information and non-personal information contained in those databases
to the extent permitted by law. In that event, your personal information may be
disclosed to a potential purchaser, assignee or transferee, however any
disclosures will only be made in good faith and where confidentiality is
maintained.
8. Direct marketing materials
8.1 We may send you direct marketing communications and
information about our Products that we consider may be of interest to you.
These communications may be sent in various forms, including mail, SMS and
email, in accordance with applicable marketing laws, such as the Spam Act 2003
(Cth).
8.2 If you indicate a preference for a method of
communication, we will endeavour to use that method whenever practical to do
so.
8.3 In addition, at any time you may opt-out of receiving
marketing communications from us by contacting us at info@exellonau.com.au or
by using opt-out facilities provided in the marketing communications and we
will then ensure that your name is removed from our subscription/mailing list.
8.4 We do not provide your personal information to other
organisations for the purposes of direct marketing.
9. Security and data quality
9.1 We take reasonable steps to ensure your personal
information is protected from misuse and loss and from unauthorised access,
modification or disclosure.
9.2 We strive to ensure the security, integrity and privacy
of personal information that you submit to us through our Site. Unfortunately,
no data transmission over the Internet can be guaranteed to be totally secure.
9.3 We endeavour to take all reasonable steps to protect the
personal information you may transmit to us or from our online products and
services. Once we do receive your transmission, we will also make our best
efforts to ensure its security on our systems. 6
9.4 In addition, our employees and the contractors who
provide products and/ or services related to our information systems are
obliged to respect the confidentiality of any personal information held by Us.
9.5 We may hold your information in either electronic or
hard copy form. Personal information is destroyed or de-identified when no
longer needed or when we are no longer required by Law to retain it (whichever
is the latter).
9.6 Should a data breach involving personal information
occur: (a) We will take positive steps to address the breach in a timely manner
and take remedial action such that the data breach does not result in serious
harm. (b) We will undertake reasonable and expeditious assessment to determine
if it is an ‘eligible data breach’, that is a breach likely to result in
serious harm to any individual affected.
9.7 In compliance with Privacy Amendment (Notifiable Data
Breaches) Act 2017 (Cth), we agree that if we become aware of reasonable
grounds to believe an eligible data breach has occurred, we will promptly
notify the Office of the Australian Information Commissioner (Commissioner),
the Association of Market and Social Research Organisations (AMSRO) and the
affected individuals at likely risk of serious harm.
10. How long do we retain your personal data?
10.1 We will only keep your personal data for as long as
necessary to fulfil the purposes we collected it for, including for the
purposes of satisfying any legal, accounting, or reporting requirements.
10.2 To determine the appropriate retention period for
personal data, we consider the amount, nature, and sensitivity of the personal
data, the potential risk of harm from unauthorised use or disclosure of your
personal data, the purposes for which we process your personal data and whether
we can achieve those purposes through other means, and the applicable legal
requirements.
10.3 By Law, we must keep basic information about our
customers (including contact, identity, financial and transaction data) for
five years for Australian tax law purposes.
10.4 In some circumstances, you can ask us to delete your
data; see your legal rights below for further information.
10.5 In some circumstances we may anonymise your personal
data (so that it can no longer be associated with you) for research or
statistical purposes in which case we may use this information indefinitely
without further notice to you.
11. If I am based in the EU, what are my legal rights
under the GDPR?
11.1 If the General Data Protection Regulation applies to
you because you are in the European Union, you have rights under data
protection laws in relation to your personal data: (a) The right to be informed
– that’s an obligation on us to inform you how we use your personal data; 7 (b)
The right of access – that’s a right to make what’s known as a ‘data subject
access request’ for copy of the personal data we hold about you; (c) The right
to rectification – that’s a right to make us correct personal data about you
that may be incomplete or inaccurate; (d) The right to erasure – that’s also
known as the ‘right to be forgotten’ where in certain circumstances you can ask
us to delete the personal data we have about you (unless there’s an overriding
legal reason we need to keep it); (e) The right to restrict processing – that’s
a right for you in certain circumstances to ask us to suspend processing
personal data; (f) The right to data portability – that’s a right for you to
ask us for a copy of your personal data in a common format (for example, a .csv
file); (g) The right to object – that’s a right for you to object to us
processing your personal data (for example, if you object to us processing your
data for direct marketing); and (h) Rights in relation to automated decision
making and profiling – that’s a right you have for us to be transparent about
any profiling we do, or any automated decision making.
11.2 These rights are subject to certain rules around when
you can exercise them.
11.3 If you wish to exercise any of the rights set out
above, please contact us at info@exellonau.com.au.
12. How can you access and correct your personal
information?
12.1 You may request access to any personal information we
hold about you at any time by contacting us info@exellonau.com.au.
12.2 Where we hold information that you are entitled to
access, we will try to provide you with suitable means of accessing it (for
example, by mailing or emailing it to you).
12.3 We may charge you a reasonable fee to cover our
administrative and other reasonable costs in providing the information to you.
12.4 We will not charge for simply making the request and
will not charge for making any corrections to your personal information.
12.5 There may be instances where we cannot grant you access
to the personal information we hold. For example, we may need to refuse access
if granting access would interfere with the privacy of others or if it would
result in a breach of confidentiality. If that happens, we will give you
written reasons for any refusal.
12.6 If you believe that personal information, we hold about
you is incorrect, incomplete or inaccurate, then you may request us to amend
it. We will consider if the information requires correction. If we do not agree
that there are grounds for correction, then we will add a note to the personal
13. How can you withdraw your consent to this Privacy
Policy?
13.1 You may withdraw your consent to this Privacy Policy at
any point. If you wish to withdraw your consent to our collection and retention
of your data, please contact our Data Protection Officer at
info@ariiston.com.au and we can arrange for your data to be deleted, destroyed
or returned to the extent we are permitted by law. However, this may affect
your use of this Site or any products and services offered on it.
13.2 You may choose to restrict the collection or use of
your personal information. If you have previously agreed to us using your
personal information for direct marketing purposes, you may change your mind at
any time by contacting us at the email address listed in this Privacy Policy.
13.3 To unsubscribe from our e-mail database, or opt out of
any communications, please contact us at the email address listed at the start
of the Privacy Policy, with “Unsubscribe” in the subject line of the e-mail.
14. What is the process for complaining about a breach of
privacy?
14.1 If you believe that your privacy has been breached,
please contact us using the contact information below and provide details of
the incident so that we can investigate it.
14.2 We will treat your complaint confidentially,
investigate your complaint and aim to ensure that we contact you and your
complaint is resolved within a reasonable time (and in any event within the
time required by the Privacy Act and/or the GDPR, if applicable).
15. Contacting us
15.1 If you have any questions about this Privacy Policy,
any concerns or a complaint regarding the treatment of your privacy or a
possible breach of your privacy, please contact us at info@exellonau.com.au.
15.2 We will treat your requests or complaints
confidentially.
15.3 Our representative will contact you within a reasonable
time after receipt of your complaint to discuss your concerns and outline
options regarding how they may be resolved.
15.4 We will aim to ensure that your complaint is resolved
in timely and appropriate manner.
16. Changes to our Privacy Policy
16.1 All personal information held by us will be governed by
our most recent Privacy Policy, posted on our Site, where the Privacy Policy
will be located.
16.2 Any changes to this Privacy Policy may be advised to
you by updating this page on our Site. We encourage you to check this page from
time to time for any changes
