BigDataCloud Pty Ltd ACN 627 240 162
Effective Date: 4th July 2022
The security of your personal information is of utmost importance to us. The following policy sets out how BigDataCloud Pty Ltd (BDC, we, us or our) manage personal information. To be clear, we will never sell distribute or allow third parties to access information that can identify an individual without their express consent unless we are required to by law.
If you do not agree to us handling your personal information in the manner set out in this policy we may not be able to provide our services to you and you should not provide us with any personal information.
What is personal information?
We follow the definition of personal information given in the Australian Privacy Act: “Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable: whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.”
What does BDC collect?
The kinds of personal information we may collect, hold and process about you depends upon how you interact with us. This information may vary but primarily we collect your personal information to provide you with our services.
If we ever collect precise information regarding your location, this will only be where you expressly give us permission to do so. Even then:
we will never associate or store this information with personal information about you we hold; and
location data will be solely used as associated with an IP address, and not the individual who is accessing our services via that IP address.
Examples of other information we may collect include:
your name, contact details and certain identifiable information when you register for an account to use our services or send us data (including where you provide us with information to help improve our geolocation service);
how you interact with us including the transactions you make through our services (including recording whether you have successfully paid us where you have a paid subscription with us)
messages, emails, and other correspondence and frequency of enquiries when you interact with us;
other information required to provide a service or information you have requested from us
any information relating to you that you provide to us directly.
How do we collect your personal information?
We collect personal information directly from you, for example when you provide that information to us, we contact you or when you open an account with us. We collect personal information when providing you with our services, you participate in our services (including marketing activities) or from publicly available sources such as the internet and social media.
We also collect personal information from publically available sources, and third parties to enable us to provide services to our customers.
BDC provide free mobile phone applications (Apps) from time to time. These apps collect IP address and location data, but never by reference to any other information. As we never know who an IP address belongs to, this information cannot be used to identify you, only to improve the accuracy of our services. In all cases, we will get your permission before we do this.
Why do we collect your personal information?
We collect your personal information for a number of reasons, including:
to operate and improve our geolocation services
to provide customers with our services or information about our services and activities as well as to promote and drive engagement with our services
to send communications you request or contacting you and responding to your enquiries as well as communicating with you about your use of the services
to develop or refine our services as well as tailoring our services to give you a customised experience
to ensure consistency of service across our business
for internal business / corporate purposes and to comply with our legal obligations
to process payments and to collect overdue payments
to enable us to make use of third party service providers whose products or services are used in the provision of products and services to you
to provide third parties with information about you and your activities to assist us in providing our services
to cooperate with law enforcement bodies and government agencies where required by law or the terms of any relevant licence or industry code of practice
Our use of personal information may extend beyond the uses described above but will be restricted to purposes that we consider to be related to our business functions and activities.
To whom do we disclose your personal information?
We may disclose your personal information to others as described in this policy for the following reasons:
as part of providing services to our customers (but noting we will never provide information that connects an individual to a location)
our related entities and organisations involved in our funding arrangements such as advisers and investors
service providers such as cloud hosts (eg. Microsoft Azure), support ticket and email management services (Freshdesk and Google) entities that verify your identity, process payments on our behalf, product distributors, direct marketing and market research companies
merchants or financial institutions (eg. Stripe) to facilitate your use of our services or when we have to investigate a claim, dispute or mistaken payment
your agents and advisers acting on your behalf such as financial managers and persons holding power of attorney
organisations that help identify illegal activities and prevent fraud
law enforcement or government agent as required by law
We may also disclose your de-identified information to third parties for analysis, research and quality assurance purposes.
How do we hold and secure your personal information (including credit related information)?
We store your personal information digitally (unless legally required to retain in hard copy format). All digital material is secured using password protected computers and databases. Any digital transfer of Personal Information is via secure channels such as HTTPS where possible. Any database we manage is appropriately secured behind firewalls.
Where personal information is no longer needed for the purposes set out in this policy, we ensure that such information is destroyed or de-identified.
Do we send your personal information overseas?
We are an organisation based in South Australia, Australia. All our data is stored in Australia and the US, however service providers we use may have other arrangements for the storage of their data including offshore. Where applicable, in the event that your information is sent overseas, we will use our best endeavours to ensure that any overseas service provider will keep all personal information secure and confidential.
Do we use your personal information for direct marketing?
We may use your personal information to communicate directly with you to promote our services. We use direct marketing to provide you with information about our services. If you receive direct marketing material from us, and do not wish to continue receiving it, please contact us by any of the methods stated in this policy, asking to be removed from all future direct marketing programs. Once we have received your opt-out request, we will remove you from our direct marketing programs as soon as reasonably practicable. Please be aware that unsubscribing from one part of our services (for example, a newsletter) will not automatically remove you from all other services.
How do you access or correct personal information we hold about you?
Access requests: You may request access to the personal information that we hold about you by contacting us. Upon receiving an access request we may request further details from you to verify your identity. We reserve the right not to provide you with access to your personal information if we are unable to verify your identity to our reasonable satisfaction. An administrative fee that covers our time spent in locating and putting the information together, may be charged to cover our costs in providing you with access. We will notify you of the administrative fee before it has been incurred. We will respond to your access request within a reasonable period of time by either providing you with access, or if we refuse your access request, we will provide you with reasons. Generally, access requests may be denied where: we believe your request is frivolous or vexatious, we are entitled to reject a request by law, we are unable to verify your identity; or you have not paid the administrative fee (if any).
Correction requests: If you believe that your personal information held with us is inaccurate or otherwise requires correction, you may send us a correction request by contacting us. We will review your request and respond to the request within a reasonable period of time. If we don’t think that the information is incorrect, we will give you notice and reasons. You have the right to ask us to include a statement with the information that you believe the information is inaccurate, incomplete, misleading or out of date.
What about the General Data Protection Regulation?
The General Data Protection Regulation (GDPR) is the European Union (EU) data protection law. Australian-based organisations that offer goods or services to persons in the EU or target or monitor the behaviour of persons in the EU may be required to comply with the GDPR regulatory regime.
We are an Australian based organisation providing services within Australia. From time to time, we may capture or collect personal information that passes through the EU. This might occur, for example, if a person in the EU accesses the Site and we collect analytical data about them, enquiries about our services from the EU, or if one of our customers gives us information about a person in the EU. If this occurs, we will treat the personal information received in accordance with this policy.
Where data is processed or monitored in the EU, you may have additional rights, such as:
The right to request that we delete your personal information (unless we require that information to comply with a legal obligation, or need it to bring or defend a legal claim)
The right to restrict our processing of your personal information (where it is inaccurate, would be unlawful to process, or where it has not been deleted due to us needing it to meet a legal obligation).
Can you deal with us anonymously or using a pseudonym?
When contacting us, you can do so either anonymously or by using a pseudonym. If you do so, we may not be able to provide you with accurate or useful information, and you may not be able to open an account with us or access the full range of our services. Further, we may not be able to investigate incidents or complaints you have made.
How can you make a complaint?
If you have a question or complaint, you can contact us:
Post: Privacy officer BigDataCloud Pty Ltd U14 29-31 Compton Street, Adelaide SA 5000, Australia
We take all complaints seriously and will respond to you within a reasonable period of time, usually 30 days, unless we consider your complaint to be frivolous or vexatious or if we are unable to verify your identity. If we are unable to resolve your complaint within this period, we will notify you and work with you to agree to an extension.
If you are not satisfied: If you are not satisfied with the way we have handled your complaint, you can make a complaint to the Office of the Australian Information Commissioner at http://oaic.gov.au.
How to contact us?
If you have questions about how we manage your personal information or wish to obtain a printed version of this policy, you may contact us by any of the methods below.
BigDataCloud Pty Ltd
Post: Privacy officer BigDataCloud Pty Ltd U14 29-31 Compton Street, Adelaide SA 5000, Australia