Digivizer’s privacy policy (Policy) sets out our obligations under the Privacy Act 1988 (the Privacy Act) including the Australian Privacy Principles (APPs).
It includes information on how Digivizer collects, uses, discloses and keeps secure individuals’ personal information.
Digivizer Security Statement
We take your and your customer’s security requirements seriously. Whilst, the majority of data we map to your customer base comes from social platform data held offshore, all our processing and matching to your customer records is performed on servers located in Digivizer’s Sydney office-based datacentre.
All customer data and processing is conducted within a secure, access controlled site with access only being granted to clearly authorized Digivizer technical and application support engineers.
It is secured using industry wide system administration and security best practices. For example, all shell access is via ssh, and password access is explicitly disallowed: we only use public/private key pairs with an RSA key with a minimum length of 2048 bits.
Customer identification data will be held for the minimum time that suits your commercial needs, and all identifying elements will be destroyed at your request or once we have successfully delivered all required outputs.
Privacy
Digivizer respects the privacy and usage settings of each individual and community data provider or platform. We encourage our clients to understand, respect and adhere to the privacy and usage policies of each individual, platform or community and should you choose to engage must accept all risks of taking action, that contravenes those policies.
Digivizer adheres to a strict policy for ensuring the privacy of any personally identifiable information (such as full name, address, e-mail address, and/or other identifiable information). We will never share this information with third parties outside Digivizer’s Sydney based datacentre. unless you give express permission for us to do so, or unless we are required to do so under applicable law.
Data Access
All clients will access Digivizer through our REST API. Client connections are protected using 128bit TLS and if you require the use of client side certificates we can accommodate that. If you require a more flexible approach IPSec is also an option.
Working with you
Whilst the majority of data we map to your customer base comes from public social platform data held offshore, we look to adhere to the Privacy Act in relation to personal records as outlined below. Digivizer is prepared to work collaboratively with you in order to meet your data security requirements.
1. Collection
1.1 Digivizer will only collect personal information where the information is necessary for Digivizer to perform one or more of its functions or activities. In this context, ‘collect’ means gather, acquire or obtaining by any means, information in circumstances where the individual is identifiable or identified.
1.2 Digivizer collects personal information primarily to supply organizations and individuals who obtain Digivizer products and services directly from Digivizer with information and details of its products and services. Digivizer also collects and uses personal information for secondary purposes including:
- provision of products and services
- optimization of marketing activities
- business planning and product development.
1.3 Digivizer will not collect personal information secretly or in an underhanded way. We only work with publicly available information.
2. Use
2.1 Digivizer uses personal information primarily for the purposes listed in 1.2 above.
2.2 If Digivizer relies on the direct marketing exception to carry out directing marketing campaigns to individuals it will ensure that:
- individuals are clearly notified of their right to opt out from further direct marketing contact; and
- if the individual opts out of all such contact the opt out will be respected by Digivizer and implemented free of charge.
2.3 Digivizer will not use sensitive information for direct marketing.
2.4 Digivizer may use personal information to avoid an imminent threat to a person’s life or to public safety. It may also use personal information for reasons related to law enforcement or internal investigations into unlawful activities.
2.5 Digivizer will not use personal information without taking reasonable steps to ensure that the information is accurate, complete and up to date.
2.6 Digivizer may use a YouTube API Client to access YouTube data on behalf of a customer, if a customer chooses to connect their YouTube account to Digivizer. If they connect YouTube, then the YouTube Terms of Service (ToS) will apply, along with the Google Privacy Policy. A customer may view Digivizer’s requested permissions using the Google Security Settings page and can revoke Digivizer’s access to their YouTube account at any time using either the Google settings page or disconnecting via Digivizer’s web platform.
3. Disclosure
3.1 Digivizer generally only acts as a service provider to our customers and we ensure they adhere to the Privacy Act. If for any reason we are asked to disclose personal information to related or unrelated third parties, we will only do so if consent has been obtained from the individual.
3.2 Digivizer may disclose personal information to unrelated third parties to enable outsourcing of functions where that disclosure or use is for a related secondary purpose and has been notified to individuals or where such disclosure is within the individual’s reasonable expectations.
3.3 Digivizer will take reasonable steps to ensure that its contracts with third parties include requirements for third parties to comply with the use and disclosure requirements of the Privacy Act.
3.4 In the rare event that Digivizer is required to disclose personal information to law enforcement agencies, government agencies or external advisers Digivizer will only do so in accordance with the Privacy Act or any other relevant Australian legislation.
3.5 If a disclosure is not for a primary purpose, is not for a related secondary purpose, or upfront consent has not been obtained, Digivizer will not disclose personal information otherwise than in accordance with the exceptions set out at 3.1 to 3.5 above.
3.6 Digivizer does not generally share its customer lists on a commercial basis with third parties and would only do so if we had the appropriate consent of the individual involved.
4. Information Quality
4.1 Digivizer will review, on a regular basis, its collection and storage practices to ascertain how improvements to accuracy and security can be achieved.
4.2 Digivizer will take steps to destroy or de-identify personal information after as short a time as possible and after a maximum of seven years, unless the law requires otherwise.
5. Information Security
5.1 Digivizer requires employees and contractors to perform their duties in a manner that is consistent with Digivizer’s legal responsibilities in relation to privacy.
5.2 Digivizer will take all reasonable steps to ensure that paper and electronic records containing personal information are stored in facilities that are only accessible by people within Digivizer who have a genuine “need to know” as well as “right to know”.
5.3 Digivizer will review, on a regular basis, its information security practices to ascertain how ongoing responsibilities can be achieved and maintained.
6. Openness
6.1 Contact with Digivizer via web inquiry will be the first point of contact for inquiries about privacy issues.
6.2 Any formal privacy related complaints should be directed in writing via email at [email protected] or writing to the Digivizer Privacy Officer, Level 5, 1 Margaret Street, Sydney NSW 2000
6.3 Our Privacy Officer will provide an initial response to your query or complaint within 10 business days, and will investigate and attempt to resolve your query or complaint within 30 business days or such a long period as is necessary and notified to you by our Privacy Officer.
6.4 Digivizer websites will contain a prominently displayed privacy statement and will include a copy of this Digivizer Privacy Policy.
7. Anonymous Transactions
7.1 Digivizer will not make it mandatory for visitors to its websites to provide personal information unless such personal information is required to answer an inquiry or provide a service. Digivizer may however request visitors to provide personal information voluntarily to Digivizer (for example, as part of a competition or questionnaire).
7.2 Digivizer will allow its customers to transact with it anonymously wherever that is reasonable and practicable.
8. Transferring Personal Information Overseas
8.1 All customer data are held within a secure, access controlled site with access only being granted to clearly authorized Digivizer technical and application support engineers. Data are secured using system administration and security best practices. For example, all shell access is via SSH, and password access is explicitly disallowed: we only use public/private key pairs with an RSA key with a minimum length of 2048 bits. Our Data Centre is ISO 28001 Certified.
8.2 If personal information must be sent by Digivizer overseas for sound business reasons, Digivizer will require the overseas organization receiving the information to provide a binding undertaking that it will handle that information in accordance with the Australian Privacy Principles, whenever practicable as part of a services contract.
9. Glossary
Collection of Information means the information outlined in Section 1, notified to individuals prior to, or as soon as practicable after, the collection of their personal information.
Direct Marketing means the marketing of goods or services through a means of communication including written, verbal or electronic means. The goods or services which are marketed may be those of Digivizer or a related Body Corporate or those of an independent third party organization.
Disclosure generally means the release of information outside Digivizer, including under a contract to carry out an “outsourced function.”
Personal Information means information or an opinion (including information or an opinion forming part of a database), whether true or not and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained from the information or opinion.
Primary Purpose is the dominant or fundamental reason for information being collected in a particular transaction.
Reasonable Expectation means a reasonable individual’s expectation that their personal information might be used or disclosed for the particular purpose.
Sensitive Information means information or an opinion about an individual’s:
- racial or ethnic origin; or
- membership of a political association; or
- religious beliefs or affiliations; or
- philosophical beliefs; or
- membership of a professional or trade association; or
- membership of a trade union; or
- sexual preferences or practices; or
- criminal record; that is also personal information; or
- health information
Use means the handling of personal information within Digivizer.
10. Your choices about your information
a) The Choice to Opt-out of Any Email Communications
Digivizer may send billing information, product information, service updates and service notifications via email. Our emails will contain clear and obvious instructions describing how you can choose to be removed from any mailing list not essential to the product or service. Digivizer will remove you at your request.
b) Rights in respect of your Information
The laws of some countries grant particular rights in respect of personal information. In certain circumstances, users in the EEA have the right to:
- Request a copy of your information;
- Request that we correct inaccuracies relating to your information;
- Request that your information be deleted or that we restrict access to it;
- Request a structured electronic version of your information; and
- Object to our use of your information.
Should you wish to make a request in respect of your personal information please contact us at [email protected] You also have the right to object to our processing of personal data about you in order to send you marketing and we will stop processing data for that purpose.
In some circumstances, Digivizer will not be able to comply with a request that you make in respect of your personal data. If we are unable to remove any of your information, we will let you know why. For example, we may not be able to provide a copy of your information where it infringes on the rights of another User. We may also be required to retain certain information that you ask us to delete for various reasons, such as where there is a legal requirement to do so.
If we are unable to resolve your request, or if you are concerned about a potential violation, you also have the option to report the issue or make a complaint to the data protection authority in your jurisdiction. Where you have provided your consent to certain processing and no longer want us to use your information for that purpose, you may withdraw your consent to this use, although this will not affect the lawfulness of processing based on consent before its withdrawal. Please see paragraph “The Choice to Opt-out of Any Email Communications” for more options on how to opt-out of marketing communications.
This policy may be updated from time to time.
Digivizer reserves the right to change this Policy at any time, and any amended Policy is effective upon posting to this website. Digivizer will make every effort to communicate any significant changes to you via email or notification via the service. Your continued use of the service will be deemed acceptance of any amended Policy.
Contacting Digivizer
If you require further information regarding Digivizer’s Privacy Policy, contact us:
Digivizer Pty Ltd
Level 5
1 Margaret Street
Sydney NSW 2000