PRIVACY POLICY for invoicesmash 1 PURPOSE OF OUR POLICY 1.1 InvoiceSmash Pty Ltd ABN 67 143 533 233 (“we”, “us” or “our”) has adopted this Privacy Policy to ensure that we have standards in place to protect the personal information that we collect about you that is necessary and incidental to running our business, and making our services available to you and others. 1.2 By accepting this Privacy Policy and the Terms of Service, you consent to our use and disclosure of your personal information as described in this Privacy Policy. 1.3 By publishing this Privacy Policy we aim to make it easy for our customers and the public to understand what personal information we collect and store, why we do so, how we receive and/or obtain that information, and the rights you have with respect to your personal information in our possession. 1.4 This Privacy Policy follows the standards of the National Privacy Principles set by the Australian Government for the handling of personal information under the Privacy Act 1988 (Cth) (Privacy Policy). 2 WHO AND WHAT THIS POLICY APPLIES TO 2.1 Our Privacy Policy deals with how we handle “personal information”, which is information that can be used (or is reasonably likely to) identify an individual. It does not apply to information we collect about businesses or companies, however it does apply to information about the people in those businesses or companies. The Privacy Policy applies to all forms of information, physical and digital, whether collected or stored electronically or in hardcopy. 2.2 If, at any time, you provide personal or other information about someone other than yourself, you warrant that you have that person's consent to provide such information for the purpose specified. 2.3 Our website and services are unavailable to children (persons under the age of 18 years). If you are under 18 years of age, you can only use our website and services if you are under the supervision of a parent or guardian. 3 THE INFORMATION WE COLLECT 3.1 In the course of business it is necessary for us to collect personal information. We always let you know when we are collecting information. This information allows us to identify who you are for the purposes of our business, contact you in the ordinary course of business and transact with you. Without limitation, the type of information we may collect about you is: (a) Identity Information. We may collect personal details such as your name, location, date of birth, nationality, details of licenses & registrations, associations, family details, passwords, employment details and third-party usernames and other information that allows us to identify who you are; (b) Contact Information. We may collect information such as your email address, telephone & fax number, third-party usernames, residential, business and postal address and other information that allows us to contact you; (c) Financial Information. We may collect information about your finances such as your bank accounts and credit cards, the value of transactions you undertake with us or through our services, the value of certain assets that you declare to us and other information that allows us to transact with you and/or provide you with our services; and (d) Statistical Information. We may collect information about your online and offline preferences, habits, movements, trends, decisions, associations, memberships, finances, purchases and other information for statistical purposes. (e) Information you send us. We may collect any personal correspondence that you send us, or that is sent to us by other users of the website about your activities. 3.2 We may collect other personal information about you, which we will maintain in accordance with this Privacy Policy. 3.3 We may also collect non-personal information about you such as information regarding your computer, network and browser. This may include your IP address. Where non-personal information is collected the National Privacy Principles do not apply. 4 HOW YOUR INFORMATION IS COLLECTED 4.1 Most information will be collected in association with your use, custom, enquiry or dealings with us. However we may also receive your personal information from sources such as advertising, your own promotions, public records, mailing lists, contractors, staff, recruitment agencies and our business partners. In particular, your information is likely to be collected as follows: (a) Registrations/Subscriptions. When you register or subscribe for a service, list, account, connection or other process whereby you enter your details in order to receive or access something, including a transaction; (b) Accounts/Memberships. When you submit your details to open and account and/or become a member; (c) Third -Party Services. When you connect a third-party services to our services or websites; (d) Supply. When you supply us with goods or services; (e) Contact. When you contact us in any way; and/or (f) Access. When you access us physically we may require you to provide us with details for us to permit you such access. When you access us through the internet we may collect information using cookies (if relevant – you can adjust your browser’s setting to accept or reject cookies) or analytical services. 4.2 There are many circumstances in which we may collect you information both electronically and physically. We will endeavour to ensure that you always aware of when your personal information is being collected. 5 WHEN YOUR PERSONAL IS INFORMATION USED & DISCLOSED 5.1 The primary principle is that we will not use the information you provide us other than for the purpose for which it was collected other than with your permission. The purpose of collection is determined by the circumstances in which the information was collected and/or submitted. 5.2 We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. 5.3 Your information is used to enable us to operate our business, especially as it relates to you. This may include: (a) the provision of goods and services between you and us; (b) verifying your identity; (c) communicating with you about: i your relationship with us; ii our goods and services; iii marketing and promotions; and iv competitions, surveys and questionnaires; (d) investigating any complaints about or made by you, or if we have reason to suspect that you are in breach of any of our terms and conditions or that you are or have been otherwise engaged in any unlawful activity; and/or (e) as required or permitted by any law (including the Privacy Act). 5.4 It is necessary, and you consent, for us to disclose your personal information to third parties in a manner compliant with the National Privacy Principles in the course of our business, which includes investigations into your conduct insofar as it relates to your relationship with us or a possible contravention of any relevant laws or regulations. 5.5 We will not disclose or sell your personal information to unrelated third parties under any circumstances. 5.6 There are some circumstances in which we must disclose your information that you should be aware of: (a) as part of a sale (or proposed sale) of all or part of our business; (b) where our we reasonably believe that you may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of; (c) as required or permitted by any law (including the Privacy Act). 5.7 We will not disclose your personal information to any entity outside of Australia that is in a jurisdiction that does not have a similar regime to the National Privacy Principles or an implanted and enforceable privacy policy similar to this Privacy Policy. 5.8 From time to time, we may send you important notices, such as changes to our terms, conditions and policies. Because this information is important to your interaction with us, you may not opt out of receiving these communications.] 5.9 In using our services or website, any information that you post that can identify you can be read by other users. We will not be responsible for the personally identifiable information that you submit in this respect. 6 OPTING “IN” OR “OUT” 6.1 You may opt to not have us collect your personal information. This may prevent us from offering you some or all of our services and may terminate your access to some or all of the services you access with or through us. You will be aware of this when: (a) Opt In. Where relevant, you will have the right to choose to have information collected and/or receive information from us; or (b) Opt Out. Where relevant, you will have the right to choose to exclude yourself from some or all collection of information and/or receiving information from us. 6.2 If you believe that you have received information from us that you did not opt in or out to receive, you should contact us on the details below. 7 THE SAFETY & SECURITY OF YOUR PERSONAL INFORMATION 7.1 We will take all reasonable precautions to protect your personal information from unauthorised access. This includes appropriately securing our physical facilities and electronic networks. 7.2 We may appoint a Privacy Officer to oversee the management of this Privacy Policy and compliance with the National Privacy Principles and the Privacy Act. This officer may have other duties within our business and also be assisted by internal and external professionals and advisors. 7.3 You acknowledge that the security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. You provide information to us via the internet or by post at your own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, your personal information where the security of information is not within our control. 7.4 You acknowledge that we are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose your personal information to in accordance with this policy or any applicable laws). The collection and use of your information by such third parties may be subject to separate privacy and security policies. 7.5 If you suspect any misuse or loss of, or unauthorised access to, your personal information, please let us know immediately. 7.6 We are not liable for any loss, damage or claim arising out of another person’s use of the materials. 8 HOW TO ACCESS AND/OR UPDATE YOUR INFORMATION 8.1 You have the right to request from us the personal information that we have about you, and we have an obligation to provide you with such information within 28 days of receiving your written request. 8.2 If you have an online account or membership with us, you will most likely be able to update all your necessary details from within your private account. 8.3 It is your responsibility to provide us with accurate and truthful personal information. We cannot be liable for any information that you provide us that is incorrect. 8.4 We may charge you a reasonable fee for our costs incurred in meeting any of your requests to disclose the personal information we hold about you. 9 COMPLAINTS AND DISPUTES 9.1 If you have a complaint about our handling of your personal information, you should address your complaint in writing to the details below. 9.2 If we have a dispute regarding your personal information, we both must first attempt to resolve the issue directly between us. 9.3 If we become aware of any unauthorised access to your personal information we will inform you at the earliest practical opportunity once we have established what was accessed and how it was accessed. 10 CONTACTING US 10.1 You should address all correspondence with regards to privacy to: The Privacy Officer InvoiceSmash Pty Ltd Lvel 20, Tower A, Zenith Towers 821 Pacific Highway Chatswood, NSW, 2067 admin@invoicesmash.com You may contact the Privacy Officer by email in the first instance. 11 ADDITIONS TO THIS POLICY 11.1 If we decide to change this Privacy Policy, we will post the changes on this web page. Please refer back to this Privacy Policy to review any amendments. 11.2 We may do things in addition to what is stated in this Privacy Policy to comply with the National Privacy Principles, and nothing in this Privacy Policy shall deem us to have not complied with the National Privacy Principles.