PATorganiser has undertaken reasonable steps to ensure we comply with GDPR regulations. We only collect personally identifiable information that is required by Australian law to provide services to our clients. We adhere to the right to withdraw consent. Clients can access all information we hold about them by contacting the PATorganiser Data Security Officer (email@example.com). We adhere to the right to be forgotten outside of the bounds of the Australian data retention laws which state we must retain some information for a minimum period of 2 years. We do not collect any special category personal information from our clients.
PATorganiser collects Your personal information
The Service involves the storage of Data about a company or individual. That Data can include personal information. “Personal information” is information about an identifiable individual, and may include information such as the individual’s name, email address, telephone number, mailing address, bank or Credit Card details.
PATorganiser may collect personal information directly from You when You:
- register to use the Service,
- use the Service,
- post to the PATorganiser Community forum or on our blog,
- contact the PATorganiser support team, and
- visit our Website.
You can always choose not to provide Your personal information to PATorganiser, but it may mean that we are unable to provide You with the Service.
PATorganiser may receive personal information from You about others
Through Your use of the Service, PATorganiser may also collect information from You about someone else. If You provide PATorganiser with personal information about someone else, You must ensure that You are authorised to disclose that information to PATorganiser and that, without PATorganiser taking any further steps required by applicable data protection or privacy laws, PATorganiser may collect, use and disclose such information for the purposes described in this Policy.
This means that You must take reasonable steps to ensure the individual concerned is aware of and/or consents to the various matters detailed in this Policy, including the fact that their personal information is being collected, the purposes for which that information is being collected, the intended recipients of that information, the individual’s right to obtain access to that information, PATorganiser’s identity, and how to contact PATorganiser.
Where requested to do so by PATorganiser, You must also assist PATorganiser with any requests by the individual to access or update the personal information You have collected from them and entered into the Service.
PATorganiser collects, holds, and uses Your personal information for limited purposes
PATorganiser collects Your personal information so that we can provide You with the Service and any related services You may request. In doing so, PATorganiser may use the personal information we have collected from You for purposes related to the Services including to:
- verify Your identity,
- administer the Service,
- notify You of new or changed services offered in relation to the Service,
- carry out marketing or training relating to the Service,
- assist with the resolution of technical support issues or other issues relating to the Service,
- comply with laws and regulations in applicable jurisdictions, and
- communicate with You.
By using the Service, You consent to Your personal information being collected, held and used in this way and for any other use You authorise. PATorganiser will only use Your personal information for the purposes described in this Policy or with Your express permission.
It is Your responsibility to keep Your password to the Service safe. You should notify us as soon as possible if You become aware of any misuse of Your password, and immediately change your password within the Service or via the “Forgotten Password” process.
PATorganiser can aggregate Your non-personally identifiable data
By using the Service, You agree that PATorganiser can access, aggregate and use non-personally identifiable data PATorganiser has collected from You. This data will in no way identify You or any other individual.
PATorganiser may use this aggregated non-personally identifiable data to:
- assist us to better understand how our customers are using the Service,
- provide our customers with further information regarding the uses and benefits of the Service,
- enhance small business productivity, including by creating useful business insights from that aggregated data and allowing You to benchmark Your business’ performance against that aggregated data, and
- otherwise to improve the Service.
PATorganiser holds your personal information on servers located in the UK & Australia
We use a top tier, third party data hosting provider’ Microsoft Azure to host our Services on servers located in the UK & Australia.
By entering personal information into the Services, you consent to that personal information being hosted on servers located in the UK & Australia. While your personal information will be stored on servers located in the UK & Australia, it will remain within PATorganiser’s effective control at all times. Each data hosting provider’s role is limited to providing a hosting and storage service to PATorganiser, and we’ve taken steps to ensure that our data hosting providers do not have access to, and use the necessary level of protection for, Your personal information. They do not control and are not permitted to access or use your personal information, except for the limited purpose of storing the information. This means that, for the purposes of Australian privacy legislation and Australian users, PATorganiser does not currently “disclose” personal information to third parties located overseas.
PATorganiser takes steps to protect your personal information
PATorganiser is committed to protecting the security of Your personal information and we take all reasonable precautions to protect it from unauthorised access, modification or disclosure. Your personal information is stored on secure servers that have SSL Certificates issued by leading certificate authorities and all Data transferred between You and the Service is encrypted. You can find out more about our security arrangements and our data protection measures on our security page.
However, the Internet is not in itself a secure environment and we cannot give an absolute assurance that Your information will be secure at all times. Transmission of personal information over the Internet is at Your own risk and You should only enter, or instruct the entering of, personal information to the Service within a secure environment.
We will advise You at the first reasonable opportunity upon discovering or being advised of a security breach where Your personal information is lost, stolen, accessed, used, disclosed, copied, modified, or disposed of by any unauthorised persons or in any unauthorised manner.
PATorganiser only discloses Your Personal Information in limited circumstances
PATorganiser will only disclose the personal information You have provided to us to entities outside the PATorganiser group of companies if it is necessary and appropriate to facilitate the purpose for which Your personal information was collected pursuant to this Policy, including the provision of the Service.
PATorganiser will not otherwise disclose Your personal information to a third party unless You have provided Your express consent. However, You should be aware that PATorganiser may be required to disclose Your personal information without Your consent in order to comply with any court orders, subpoenas, or other legal process or investigation including by tax authorities, if such disclosure is required by law. Where possible and appropriate, we will notify You if we are required by law to disclose Your personal information.
PATorganiser does not store Your credit card details
If You choose to pay for the Service by credit card, your credit card details are not stored by the Service and cannot be accessed by PATorganiser staff. Your credit card details are encrypted and securely stored by Direct Payments Solutions Limited to enable PATorganiser to automatically bill your credit card on a recurring basis. You should review our list of Data Processors in order to view their own Privacy Policies.
You may request access to Your personal information
It is Your responsibility to ensure that the personal information You provide to us is accurate, complete and up-to-date. You may request access to the information we hold about You, or request that we update or correct any personal information we hold about You, by setting out Your request in writing and sending it to us at firstname.lastname@example.org.
PATorganiser will process Your request as soon as reasonably practicable, provided we are not otherwise prevented from doing so on legal grounds. If we are unable to meet Your request, we will let you know why. For example, it may be necessary for us to deny Your request if it would have an unreasonable impact on the privacy or affairs of other individuals, or if it is not reasonable and practicable for us to process Your request in the manner You have requested. In some circumstances, it may be necessary for us to seek to arrange access to Your personal information through a mutually agreed intermediary (for example, the Subscriber).
We’ll only keep Your personal information for as long as we require it for the purposes of providing You with the Service. However, we may also be required to keep some of Your personal information for specified periods of time, for example under certain laws relating to corporations, money laundering, and financial reporting legislation.
In providing the Service, PATorganiser utilises “cookies”. A cookie is a small text file that is stored on Your computer for record-keeping purposes. A cookie does not identify You personally or contain any other information about You, but it does identify Your computer.
We and some of our affiliates and third-party service providers may use a combination of “persistent cookies” (cookies that remain on Your hard drive for an extended period of time) and “session ID cookies” (cookies that expire when You close Your browser) on the Website to, for example, track overall site usage, and track and report on Your use and interaction with ad impressions and ad services.
You can set your browser to notify You when You receive a cookie so that You will have an opportunity to either accept or reject it in each instance. However, You should note that refusing cookies may have a negative impact on the functionality and usability of the Website.
We do not respond to or honour “Do Not Track” requests at this time.
You can opt-out of any email communications
PATorganiser sends billing information, product information, Service updates and Service notifications to You via email. Our emails will contain clear and obvious instructions describing how You can choose to be removed from any mailing list not essential to the Service. PATorganiser will remove You at Your request.
You are responsible for transfer of Your data to third-party applications
PATorganiser has a privacy complaints process
If You wish to complain about how we have handled Your personal information, please provide our Privacy Officer with full details of Your complaint and any supporting documentation:
- by e-mail at email@example.com or
- by letter to The Data Security Officer, 74-78 Moorabool St, Geelong VIC 3220, Australia
Our Data Security Officer will endeavour to:
- provide an initial response to Your query or complaint within 10 business day, and
- investigate and attempt to resolve Your query or complaint within 30 business days or such longer period as is necessary and notified to you by our Privacy Officer.
Data Processors we use
|Third party||Service type||Data types the third party processes for us||GDPR compliance information|
|Microsoft Azure||Cloud Computing Platform & Services||Application databases, web application, marketing website (no user data), CRM||https://www.microsoft.com/en-us/trustCenter/privacy/gdpr|
|VPSBlocks||Virtual Private Server (VPS) Hosting||Application databases, web application, marketing website (no user data), CRM||https://www.vpsblocks.com/Terms.aspx|
|Zoho||Subscription Management||Subscriptions and billing||https://www.zoho.com/gdpr.html|
|Infusionsoft||CRM, Sales & Marketing||Emails||https://www.infusionsoft.com/legal/data-protection-faq|
|Google GSuite||Cloud computing, productivity and collaboration tools||Emails||https://cloud.google.com/security/gdpr|
|Google Analytics||Marketing Analytics & Measurement||Web usage tracking||https://privacy.google.com/businesses/compliance|
|LogEntries||Log Management and Analysis||Logs||https://docs.logentries.com/docs/security|
|Atlassian Jira||Issue & Project Tracking||Issue tracking||https://www.atlassian.com/blog/announcements/atlassian-and-gdpr-our-commitment-to-data-privacy|
|Stripe||Online Payment Processing||Payments||https://stripe.com/guides/general-data-protection-regulation#stripe-and-the-gdpr|
This policy may be updated from time to time
PATorganiser reserves the right to change this Policy at any time, and any amended Policy is effective upon posting to this Website. PATorganiser will make every effort to communicate any significant changes to You via email or notification via the Service. Your continued use of the Service will be deemed acceptance of any amended Policy.
Last updated: May 2018.