1. Anditi Pty Ltd (Anditi, we or our) is committed to supporting the Australian Privacy Principles and complying with the Privacy Act 1998 (Cth), which sets out the standards and guidelines for the collection, access, storage and use of your personal information held by us or on our behalf (Personal Information).
THE PERSONAL INFORMATION WE COLLECT OR RECEIVE
2. Personal Information is information that identifies an individual. The Personal Information that we might collect or receive includes:
(a) Your name;
(b) Your address;
(c) Your email address;
(d) Billing information – see further paragraph 10 below;
(e) The name of your company;
(f) Your internet protocol (IP) address;
(g) Your browsing habits; and
(h) Connection Information, as described in paragraph 4 below.
3. This information is gathered in many ways including by email, via our website at www.anditi.com, when we make contact with you or your company, from other publicly available sources, from cookies and from third party providers such as HubSpot and Xero.
4. When you access our website, the following information (Connection Information) will be automatically transmitted to Anditi:
(a) IP address;
(b) date and time;
(c) quantity of information transmitted;
(d) accessing device;
(e) operating system running of the accessing device; and
(f) a notification of whether access was successful.
5. The Connection Information will be used for the following purposes:
(a) to technically enable you to use our website; and
(b) to evaluate the Connection Information for statistical purposes and to improve the operation of our website.
Once the Connection Information is used for the purposes described in this paragraph, it will subsequently be deleted.
6. If you wish us to cease using Connection Information for the purposes described in paragraph 5above, please notify us accordingly by emailing to email@example.com. We will cease using the Connection Information and (provided it is reasonably possible to do so) delete it from our system, within 14 days of receiving notification from you in accordance with this paragraph.
USE OF PERSONAL INFORMATION
7. The Personal Information that we collect or receive will be used for the following purposes:
(a) To identify you as a user of our products, services and website;
(b) For marketing, as further described in paragraph 8 below;
(c) For analytics, as further described in paragraph 9 below; and
(d) For billing, as further described in paragraph 10 below.
If you do not wish us to use your Personal Information for any of these purposes, see paragraph 18below.
8. Marketing: We may contact you with tailored or generic information regarding our products or services.
9. Analytics: We use your Personal Information to better understand your needs and how you are using our products or services. We obtain data on your use of our website from Google Analytics.
10. Billing: We may need to use your Personal Information to enable us to bill you or your company for any Anditi software licence or Anditi products or services that you acquire from us. We use Chargify, located in United States of America (USA), to manage recurring payments and invoices. We also use Stripe, located in USA, to process payments made by you. Personal Information about credit card details, such as your name, credit card number, address and billing address, may be provided to Chargify and Stripe to facilitate that management and processing.
STORAGE OF PERSONAL INFORMATION
11. We may store Personal Information we hold as electronic data in our software or IT systems. We endeavour to protect all personal information that we hold from misuse and loss, and to protect it from unauthorised access, modification and disclosure.
12. Personal Information will be stored either by us or Xero in Australia or by Stripe, HubSpot or Chargify in USA.
13. We take all reasonable steps to ensure that all Personal Information we hold is accurate, however it is your responsibility to ensure that the information you provide us is accurate and that you advise us of any changes to your details. If you feel that the Personal Information we have about you is inaccurate or incomplete, you may contact us at any time and ask for its correction. For further information, see paragraph 22 below.
14. Our internal access, storage and use of Personal Information is governed by Anditi’s Information Security Policy, which is regularly reviewed and updated. Anditi is PCI (Payment Card Industry) compliant with the Security Standards Council.
15. Anditi will not store or use Personal Information longer than necessary, in accordance with the Australian Privacy Principles.
16. The storage, handling and use of Personal Information provided to or accessed by our third-party providers is subject to their privacy policies. Those policies may be accessed as follows:
(a) Stripe – https://stripe.com/au/privacy
(b) Xero – https://www.xero.com/au/about/terms/privacy/
(c) Chargify – https://www.chargify.com/privacy-policy/
(d) HubSpot – https://legal.hubspot.com/privacy-policy
(e) Google Analytics – https://policies.google.com/privacy?hl=en
17. We regularly review the privacy policies of our third-party providers to ensure they comply with privacy principles at least equivalent with the Australian Privacy Principles.
CEASING TO USE OR DESTROYING PERSONAL INFORMATION
(a) we determine that Personal Information held by or on our behalf is no longer needed for any purpose authorised by you;
(b) you advise us that you want your Personal Information destroyed; or
(c) we are legally required to destroy your Personal Information,
we will take reasonable steps to promptly destroy or permanently de-identify that information, unless we are required by law or a court or tribunal to retain the information.
CONSENTS REGARDING PERSONAL INFORMATION
20. By providing your Personal Information to us, you acknowledge that, and consent to the following:
(b) You are authorised to provide such information to us; and
(c) Any information provided may be disclosed on a confidential basis to our third-party suppliers Chargify, HubSpot, Xero and Stripe, as mentioned above.
21. We may disclose any Personal Information we deem necessary, in our sole discretion, to comply with any applicable law, regulation, legal process or government request. We may also exchange Personal Information with other companies and organisations for credit fraud protection and risk reduction.
ACCESSING AND CORRECTING PERSONAL INFORMATION
22. You may access or correct any Personal Information held by us through our customer dashboard on the Anditi website. Alternatively, you may request such access or correction by emailing to firstname.lastname@example.org.
23. You may access and update the Personal Information you have provided to our third-party providers, Stripe and Chargify, from within our website at www.anditi.com.
25. If you are dissatisfied with our response, you can bring your complaint to the Office of the Australian Information Commissioner. For further information, see https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint