Privacy Policy
1. Our contact details
- Name: Astalty Pty Ltd ACN 648 362 350 ( Astalty )
- ABN: 23 648 362 350
- Address: Suite 202, 337A Main Road, Cardiff, NSW 2285
- Phone Number: 02 4093 1565
- Email: privacy@astalty.com.au
2. Definitions
- we or our or us means Astalty
- you mean the user or customer who uses or accesses our website and/or Services
- services mean any service offered by us to you
- website means astalty.com.au and/or such other website operated by Astalty
- personal information means any information relating to an identified or identifiable natural person
3. Introduction
We are dedicated to protecting your personal information. We have adopted the Australian Privacy Principles contained in the Privacy Act 1988 ( Privacy Act ). By accessing or using our website and/or services, you consent to the collection, transfer, processing, and other uses of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not access or use our website and/or services.
4. The type of information we collect and how we collect
- The nature of the personal information we collect and hold, and where it comes from, will vary according to the circumstances in which we are dealing with you. Personal information comes from you personally, your agents, documentation, correspondence (including facsimile, telephone, email, via application or website and from third parties.
- Personal information may include:
- your name, date of birth, residential and business addresses, telephone numbers, email and other electronic addresses, occupation, details about your family;
- billing information including credit card number, cardholder name and card expiration date;
- your username and password;
- IP address, information identifying your device and website;
- other information collected in the conduct of our business.
- We usually collect your personal information directly from you. Sometimes we may need to collect personal information about you from third parties for the purposes described below. The circumstances in which we may need to do this include where we need information from a third party to assist us to provide the services. We will advise you if this is necessary.
- We may collect certain types of sensitive health or medical information about an individual but only to the extent that where you volunteer such information or if it is necessary for, or incidental to, the purposes of collection set out in clause 7 and clause 8.
5. Holding Personal Information
- We may hold your personal information in physical form or in electronic form on our systems or the systems of our service providers.
- Our systems and procedures are designed to prevent your personal information from being accessed by unauthorised personnel, lost or misused. If you reasonably believe that there has been unauthorised use or disclosure of your personal information please contact our Privacy Officer (details below).
- If we no longer need your personal information we will, take reasonable steps to destroy or securely delete your personal information in accordance with our document retention policy, unless we are required under Australian law or a court or tribunal order to retain it.
- Where appropriate or required, we will require our service providers that hold and process such information on our behalf to follow appropriate standards of security and confidentiality.
6. Information collected automatically and how we collect
- We and third parties may use digital technologies such as cookies, web server logs and web beacons in connection with the use of the websites and provision of our services. Some of these technologies may operate without collecting or using any personal information. Please note this privacy policy applies to our collection, use, disclosure and storage of personal information only.
- Our website may use cookies to track user traffic patterns and to better serve you when you revisit the website. A cookie is a small data file that a website may write to your hard drive when you visit it. A cookie file can contain information, such as a user ID which the website uses to track the pages you have visited. You can refuse all cookies by turning them off in your browser. However, full functionality for our websites requires the use of cookies.
- Information is also generated whenever a page is accessed on our website that records information such as the time, date and specific page. We collect such information for statistical and maintenance purposes that enables us to continually evaluate our website performance.
7. How the information is used
- We will only collect, use and disclose your personal information as reasonably necessary for our business purposes and as permitted by law.
- We use the information that you have given us to:
- registration and management of your account with us;
- provide you services;
- customizing our services for you;
- improving our services;
- responding to your communications;
- meeting legal and regulatory requirements; and
- enforce our terms and conditions, and other legal policies.
8. Sharing, Viewing, and Using the information
- Your information may be stored on our behalf on a third-party cloud infrastructure provider (i.e. Amazon Web Services) ( Service Provider ), and hence your information may be available to our Service Provider. For the avoidance of doubt, this Privacy Policy does not apply to third-party sites, such as the Service Provider and we are not responsible for and make no representations or warranties about their privacy practices.
- Your information may be available to other users, for instance, an admin person (the account owner) of the customer account who has obtained a license to our services who may be able to view and edit some or all of your personal information. Depending on the software license, such account owners may authorize additional users on their account, and such additional users may be able to view and edit all or some of your personal information.
- We may also share your information in connection with a corporate transaction, such as corporate restructuring, sale of the business, merger, or asset sale.
- We may share information in connection with the performance of any contractual obligations or where the disclosure is mandated by law or if we believe that disclosure of the information is necessary and suitable to prevent any risk or injury.
- All our processing operations are performed in Australia and we will use reasonable endeavours to have your information stored in Australia.
9. Lawful Bases
The majority of the lawful bases we rely on for processing your information are:
- Your consent. We collect personal information about you when you give it to us or explicitly consent for it to be given to us. This generally occurs, for instance, when you consent to the use of cookies when accessing the services. You can remove your consent at any time. You can do this by contacting us at the contact details stated herein. However, if you withdraw your consent, you may be unable to use our services or some features in the services.
- We have a contractual obligation. This includes performing any obligations under any contract that we enter with you concerning the services provided to you. For example, when you use our software, you enter with us into a contractual relationship, and for fulfilling this relationship, we need to process information about you.
- We have a legal obligation. This includes processing your information to comply with any legal obligation such as to give information to any legal or regulatory authorities or other competent supervisory authorities on their request or to prevent any fraud or to comply with our legal obligations to which we are subject.
- We have a legitimate interest. This includes processing information when there is a legitimate interest such as protecting the rights of any party including protecting your interests where we find it necessary to do so. For example, when we use Fathom Analytics, our objective is to improve our website and services constantly.
10. Opt-Out
When you access our services, you opt-in to receive emails from us including any marketing, administrative, promotional emails, and newsletters. You may discontinue receiving such communications by updating your preferences with Astalty.
11. Retaining your information
We will retain your personal information so long as it is necessary for the purposes for which it is collected, or as long as your relationship with us continues or follow applicable legal or regulatory requirements.
12. Security and Storage
We shall take commercially reasonable measures to prevent unauthorized access, loss, destruction, or alteration of your personal information under our control by putting in place necessary administrative, security, and technical measures such as firewalls and secure sockets layer (SSL) encryption. Please be aware that, although our attempt to provide stringent security, we cannot guarantee that all potential security breaches can be prevented.
13. Data privacy rights in relation to your personal information
You have the following rights in relation to your personal information:
- Right to Access your personal information
- The right to access your personal information. We will give you access to your personal information when you request it, except where the law allows us to refuse your request. You will need to contact us to request access. Only you or another person you have authorized, such as a legal guardian or authorized agent, can make the request. We must be satisfied that the request came from you or a person you authorized. You may be asked to put your request in writing for information that identifies you. If so, include:
- your name and contact details;
- the personal information you want to access;
- how you'd like access to the personal information (such as receiving a copy by email or post, or if you just want to look at the information);
- if you authorise a person or organisation to access the personal information on your behalf.
- We will respond to your request for access to personal information within 30 days.
- We may refuse to give you access to your personal information if we have a valid reason.
- We will give you access to your personal information in the way you asked to access it if it is reasonable and practical to do so.
- You can request your personal information for free. However, we may charge and if we do that we will explain the reasons for it. We will discuss with you options for changing your request to minimize the charge.
- The right to access your personal information. We will give you access to your personal information when you request it, except where the law allows us to refuse your request. You will need to contact us to request access. Only you or another person you have authorized, such as a legal guardian or authorized agent, can make the request. We must be satisfied that the request came from you or a person you authorized. You may be asked to put your request in writing for information that identifies you. If so, include:
- Right to Correct your personal information
- You have the right to correct the personal information we hold about you if it is inaccurate, out of date, incomplete, irrelevant, or misleading.
- If you think the personal information we hold about you is incorrect, then contact us to correct it. Only you or a person you authorize, such as a legal guardian or authorized agent, can request the correction of your personal information.
- We must be satisfied the request came from you or the person you authorized. You may be asked to put your request in writing or for information that identifies you.
- We will respond to your request to correct your personal information within 30 days.
- We will consider the reasons we hold your personal information, and then take reasonable steps to respond to your request.
- We may have a legal need to keep particular information we hold about you for a certain period and so we may not be able to amend or delete this information during this period.
- There is no charge for the correction of your personal information.
14. Complaints and disputes
- If you have reason to believe that we have not complied with our obligations under the Privacy Act in relation to your personal information, please contact our Privacy Officer.
- You will receive an acknowledgment of your complaint as soon as practicable and in any case within 7 days after we receive it.
- We will investigate all complaints and aim to resolve them within 30 days. If we cannot resolve your complaint within this period we will notify you as to the reasons why, specify a date when we expect a resolution and seek your agreement to extend this 30 day period (if you do not agree, we may then not be able to resolve your complaint).
- If we find a complaint justified, we will resolve it. If necessary, we will change policies and procedures to maintain our high standards of performance, service and client care.
- If you are not happy with the way your privacy-related complaint is being handled, you can also contact the Privacy Officer using the contact details below.
15. Variation
- We may modify the Privacy Policy from time to time and the changes will be posted on this page. You are requested to frequently check the website for any changes to the Privacy Policy. To the extent permitted by applicable law, your use or access to the website and/or services, signify your consent to the revised Privacy Policy.
- If you have any concerns about our use of your personal information, you can make a complaint to us at the contact details stated above.
16. OAIC
- You may contact the Office of the Australian Information Commissioner (OAIC) if you are unhappy with our response.
- The website of the Australia Privacy Commissioner is located at https://www.oaic.gov.au/ and their address is: GPO Box 5218 Sydney, NSW 2001.
17. Contact
If you wish to find out more information, or raise any specific or general concerns, about our Privacy Policy and privacy practices, the contact details are as follows:
Privacy Officer
Astalty
Suite 202 337A Main Road, Cardiff, 2285
privacy@astalty.com.au
Last Updated: 15 July 2024