The Privacy Act 1988 (Cth) (“Privacy Act”) and the Australian Privacy Principles (“Privacy Principles”) set out in Schedule 1 of the Privacy Act, govern the collection, storage, use, and disclosure of information by which individuals may be identified. Further, ExaOffice complies with EU General Data Protection Regulation 2016/679 (“GDPR”).
Information we collect
“Personal Information” means information that can be used to personally identify you such as your name, residential address, email address, contact number and payment details. We do not collect or process the Personal Information of anyone under the age of 18 without the express consent of their parent or guardian.
“Usage Information” means anonymous aggregate data that is automatically collected through your use of our Website. This includes information that identifies your device, your operating system, your IP address and dates and times that you access and use the Website. This information is used for statistical analysis to help ExaOffice improve their services to the benefit of all users.
ExaOffice will not collect sensitive information except with your consent, and then only if collection of such information is necessary for some activity or function. For the purpose of this policy, “Sensitive Information” means health information or information or an opinion about an individual’s:
racial or ethnic origin;
membership of a political association;
religious beliefs or affiliations;
membership of a professional or trade association;
membership of a trade union;
sexual preferences or practices; or
When do we collect your information
Personal Information is collected directly from you when you:
install the ExaOffice app;
make payment of an invoice;
contact ExaOffice via the Website, email, telephone or otherwise;
subscribe to ExaOffice’s newsletter or mailing list;
access, browse, use, or otherwise interact with the Website.
It is your choice to provide Personal Information to ExaOffice. Wherever it is lawful and practicable, you have the option not to identify yourself when interacting with ExaOffice. Please be aware that it may be necessary for ExaOffice to collect your Personal Information to provide services to you. As such, if you do not wish to provide your Personal Information, ExaOffice may not be able to provide you with full access to the Website and their services.
ExaOffice utilises “cookies” to monitor traffic patterns and to serve you more efficiently if you revisit the Website. A cookie does not identify you personally, but it does identify your computer. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance. If you disable cookies, the Website may not function properly.
How we use collected information
ExaOffice uses the information you provide in order to identify you, communicate with you, and provide personalised services.
ExaOffice may hold and process personal information obtained about you:
to conduct ExaOffice’s business and to provide you with ExaOffice’s services;
to evaluate the effectiveness of ExaOffice’s marketing of the Website and for statistical analysis;
to contact you, including with promotional materials and notifications where you have opted in to receive such direct marketing;
billing and account management;
research and development in improving ExaOffice and in developing new products and services; and
for the purposes of fraud prevention;
to investigate or take action in response to illegal activities; fraud or technical or security issues; threats against the rights, property or safety of ExaOffice;
monitoring and maintaining our computers and network.
Who we disclose your information to
You agree and consent to ExaOffice disclosing your Personal Data to:
directors, officers, employees, contractors, and agents of ExaOffice ;
“Friends of ExaOffice ” as advertised on the Website from time to time;
industry bodies including but not limited to ARIA, PPCA, APRA/AMCOS;
third party agencies ExaOffice may utilise to assist with the delivery of services from time to time;
authorities, including police and regulators if ExaOffice is required to do so by law.
ExaOffice will not sell or otherwise provide your Personal Data to a third party, or make any other use of your Personal Data, for any purpose which is not incidental to your use of ExaOffice’s services (including the Website). For the avoidance of doubt, Personal Data will not be used for any purpose which a reasonable person in your position would not expect.
ExaOffice recognises your right under the Spam Act 2003 (Cth) and the GDPR to opt out from direct marketing communications, and as such these consents can be modified at any time by emailing us at firstname.lastname@example.org, or by clicking ‘unsubscribe’ on any direct marketing communications.
Please note certain non-marketing related correspondence from ExaOffice, including messages relating to payment, will be automatically sent to you by virtue of your use of the Website and associated services and you may not have the option to unsubscribe from receiving this correspondence.
Third party sites
Rights to your Personal Data
In accordance with the GDPR, ExaOffice additionally acknowledge the specific rights of EU subjects to:
have their data erased that is no longer being used for a legitimate purpose;
request a copy of all Personal Data held about them by ExaOffice in a readable format; and
request restricted processing of their Personal Data whilst any complaints or concerns are being resolved.
Securing your information
No security measures are, however, 100% secure and ExaOffice cannot guarantee the security of your information or data at any time. To the extent permitted by law, ExaOffice accepts no liability for any breach of security, or direct hacking of our security measures, or any unintentional disclosure, loss, or misuse of any information or data, or for the actions of any third parties that may obtain any information or data.
Notwithstanding the above, ExaOffice acknowledges their obligation to report any data breach that is likely to risk the rights and freedoms of natural persons to the Australian Information Commissioner and, where such data breach involves the information of EU subjects, report to the European Data Protection Supervisor. ExaOffice will also inform you, where possible, if any Personal Data has been breached in circumstances that pose a serious risk of harm to your rights and freedoms.
ExaOffice may, in the course of providing the Website to you, disclose Personal Data to overseas countries that are deemed by the EU Commission as having an ‘adequate’ level of Personal Data protection. Where ExaOffice transfers data to a third party in a country where no adequacy decision has been made, ExaOffice warrants that such third parties in those countries are bound under contract to meet the requirements of the GDPR.