WELL DONE! YOU CARE ABOUT YOUR PRIVACY!
We don’t sell your personal information, share it with third parties for their own marketing purposes, or use it for any other purposes not described in this policy.
We are delighted that you have shown an interest in our company. We are committed to safeguarding the privacy of our website visitors, service users, and customers.
This Privacy Notice applies where we are acting as a “data controller” with respect to the personal data of such persons; in other words, where we determine the purposes and means of the processing of that personal data.
By using our services, you are consenting to the practices described in this Privacy Notice.
1. Information We Collect
When you visit our website, our servers may automatically log the standard data provided by your web browser. It may include your computer’s Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details.
We may also collect data about the device you’re using to access our website. This data may include the device type, operating system, unique device identifiers, device settings, and geo-location data. What we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us.
We may ask for personal information, such as your:
- Social media profiles
- Phone/mobile number
- Home/Mailing address
- Work address
- Payment information
If we receive or process any personal information that contains or is paired with Cardholder Data or Sensitive Authentication Data (both as defined in the Payment Card Industry Data Security Standard version 3.2.1 May 2018 (PCI DSS) (collectively referred to as Payment Information), then we will use, disclose, transmit, store, manage, allow access to and process such personal information in accordance with PCI DSS as it applies to us.
2. Legal bases for processing
We will process your personal information lawfully, fairly and in a transparent manner. We collect and process information about you only where we have legal bases for doing so.
These legal bases depend on the services you use and how you use them, meaning we collect and use your information only where:
- it’s necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract (for example, when we provide a service you request from us);
- it satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote our services, and to protect our legal rights and interests;
- you give us consent to do so for a specific purpose (for example, you might consent to us sending you our newsletter); or
- we need to process your data to comply with a legal obligation.
Where you consent to our use of information about you for a specific purpose, you have the right to change your mind at any time (but this will not affect any processing that has already taken place).
We don’t keep personal information for longer than is necessary. While we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification. That said, we advise that no method of electronic transmission or storage is 100% secure and cannot guarantee absolute data security. If necessary, we may retain your personal information for our compliance with a legal obligation or in order to protect your vital interests or the vital interests of another natural person.
3. Collection and use of information
We may collect, hold, use and disclose information for the following purposes and personal information will not be further processed in a manner that is incompatible with these purposes:
- to enable you to customise or personalise your experience of our website;
- to enable you to access and use our website, associated applications and associated social media platforms;
- to contact and communicate with you;
- for internal record keeping and administrative purposes;
- for analytics, market research and business development, including to operate and improve our website, associated applications and associated social media platforms;
- to run competitions and/or offer additional benefits to you;
- for advertising and marketing, including to send you promotional information about our products and services and information about third parties that we consider may be of interest to you;
- to comply with our legal obligations and resolve any disputes that we may have; and
- to consider your employment application.
4. Disclosure of personal information to third parties
We may disclose personal information to:
- third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, hosting and server providers, ad networks, analytics, error loggers, debt collectors, maintenance or problem-solving providers, marketing or advertising providers, professional advisors and payment systems operators;
- our employees, contractors and/or related entities;
- sponsors or promoters of any competition we run;
- credit reporting agencies, courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
- courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;
- third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing to you; and
- third parties to collect and process data.
If personal information contains or is paired with Payment Information then, to the extent required by PCI DSS, we will only disclose or give access to such personal information on a ‘need to know’ basis.
5. International transfers of personal information
The personal information we collect is stored and processed in the USA, or where we or our partners, affiliates and third-party providers maintain facilities. By providing us with your personal information, you consent to the disclosure to these overseas third parties.
We will ensure that any transfer of personal information from countries in the European Economic Area (EEA) to countries outside the EEA will be protected by appropriate safeguards, for example by using standard data protection clauses approved by the European Commission, or the use of binding corporate rules or other legally accepted means.
Where we transfer personal information from a non-EEA country to another country, you acknowledge that third parties in other jurisdictions may not be subject to similar data protection laws to the ones in our jurisdiction. There are risks if any such third party engages in any act or practice that would contravene the data privacy laws in our jurisdiction and this might mean that you will not be able to seek redress under our jurisdiction’s privacy laws.
6. Your rights
When we process personal data for purposes that are in our legitimate interests, we have carried out a Legitimate Interest Assessment to confirm what these interests are, to consider what effect the processing has on individuals, and to check if our interests in processing could be outweighed by individuals’ interests.
Additionally, data subjects located in the EU have certain rights under the General Data Protection Regulation (GDPR). Those rights include, for example, the right to access the personal data we hold about you; the right to rectify inaccurate data; the right to erasure if you want all your data deleted from our systems; the right to restriction of processing if you want us to stop processing your data; and the right to withdraw consent when you have provided it to us.
Data subjects who are US California residents have specific rights under the California Consumer Privacy Act (CCPA). Apart from the rights already mentioned above (GDPR Section) we must enable and comply with a consumer’s request to opt-out of the sale of personal information to third parties.
There are some exceptions to these rights, however.
For example, it will not be possible for us to delete your data if we are required by law to keep it. Similarly, access to your data may be refused if making the information available would reveal personal information about another person or if we are legally prevented from disclosing such information.
If you have a concern about the way we handle your data you have the right to complain to the data protection authority in the country where you live, work, or where you believe a breach has occurred.
You can exercise those rights by written notice to firstname.lastname@example.org
8. Business transfers
If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may continue to use your personal information according to this policy.
9. Limits of our policy
Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.
10. Changes to this policy
Absolute Board Co
9 Cairns St, Loganholme QLD 4129
This policy is effective as of 25th August, 2021