Privacy and Security Policy ‐ Outfit

Purpose of our Policy

1. 
This Privacy Policy follows the standards of the Australian Privacy Principles set by the Australian Government for the handling of personal information under the Privacy Act 1988 (Privacy Act) (Privacy Policy).

2. 
The Privacy Policy deals with how we handle personal information, which is information that can be used to (or is reasonably likely to) identify an individual, as defined in the Privacy Act (Personal Information).

3. 
Outfit ACN 606 816 639 (we, us or our) has adopted the Privacy Policy to ensure that we have standards in place to protect the Personal Information that we collect, which is necessary for running our business and providing services.

4. 
The Privacy Policy does not apply to information we collect about companies or other entities, however it does apply to information about the individuals in those organisations.

5. 
We collect Personal Information:

  • ( a ) that is provided to us by the end users of our sites and applications (Users) at www.outfit.io (and that domain’s subdomains) (Sites); and
  • ( b ) about individuals associated with the information technology services that we provide (Services).

6. 
By publishing this Privacy Policy we aim to make it easy for individuals to understand what Personal Information we collect and store, why we do so, how we receive and/or obtain that information, and the rights that individuals have with respect to their Personal Information in our possession.

7. 
By contracting with us under any of the terms and conditions entitled “Terms and Conditions”, “Website Terms”, “SaaS Agreement” and “SaaS Website Terms” (Terms), providing information in relation to security and background checks (Security Form) to one of our Users, or contracting in any other way with one of our Users, individuals will be made aware of our use and disclosure of Personal Information as described in this Privacy Policy.

8. 
If, at any time, Users or individuals provide Personal Information or other information about someone other than the User or individual, that User or individual warrants that it has the person’s consent to provide or disclose such information.

The Information We Collect

1. 
In the course of providing the Sites and Services, it is necessary for us to collect Personal Information. If we are collecting the information, we will always let Users know when Personal Information is being collected. The Personal Information that we collect allows us to identify who individuals are for the purposes of our business, contact individuals in the ordinary course of business and, if relevant, transact with individuals. Without limitation, the type of information we may collect about individuals is as follows.

  • ( a ) Identity Information
    We may collect personal details including but not limited to an individual’s name, location, date of birth, nationality, details of licenses & registrations, associations, family details, passwords, employment details, information provided to complete a Security Form, and third‐party usernames and other information that allows us to identify who individuals are.
  • ( b ) Contact Information
    We may collect information including but not limited to an individual’s email address, telephone & fax number, third‐party username, residential, business and postal address and other information. Such information will allow us to contact individuals where appropriate.
  • ( c ) Statistical Information
    We may collect information about an individual’s online and offline preferences including but not limited to his or her habits, movements, trends, decisions, associations, memberships, finances, purchases and other information for statistical purposes.
  • ( d ) Information Sent to Us by Users and Individuals
    We may collect any personal information or correspondence that individuals send us, or that is sent to us by Users about individuals.

2. 
We may collect other Personal Information about individuals, which we will maintain in accordance with this Privacy Policy.

3. 
We may also collect non‐personal information about individuals such as information regarding the use of mobile devices, computers, operating systems, networks and browsers. This may include IP addresses. Where non‐personal information is collected the Australian Privacy Principles do not apply.

4. 
We do not generally collect health, criminal, medical and other sensitive information about individuals except in the case of storing electronic versions of Security Forms for some of our Users.

How User Information Is Collected

1. 
Some Personal Information is collected as a result of our dealings with individuals. Some Personal Information is collected as a result of Users using our Site and Services. We may also receive Personal Information about individuals from sources such as Users, advertising, public records, mailing lists, contractors, staff, recruitment agencies and our business associates. Personal Information may be collected as follows.

  • ( a ) Providing Details to One of Our Users
    When an individual provides information to one of our Users, which we store on our Users’ behalf owing to the use of our Sites.
  • ( b ) Registrations / Subscriptions
    When an individual registers or subscribes for a service, list, account, membership, connection or other process provided by us, whereby that individual enters his or her details in order to enjoy the Services or Site, or to receive or access something, including a transaction.
  • ( c ) Contact
    When an individual contacts us in any way.
  • ( d ) Access
    When a User accesses the Sites or Services, we may require the User to provide details to permit access. When Users access the Services through the Internet we may collect information using cookies or analytical services.
  • ( e ) Our Sites
    We collect data when Users visit parts of our Sites. Your visit may automatically provide us with data about your computer, such as your IP (Internet Protocol) address, browser type, operating system, domain name, access times, and referring website addresses. We use this automated data to obtain general statistics regarding the use of our Sites and its specific sections and to evaluate how our visitors use and navigate our Sites on an aggregate basis.

2. 
If Users use any commenting, reviewing or analogous functionality in our Sites, certain information that those Users post that can identify them may be read by other Users. We will not be responsible for the Personal Information that Users submit in this respect.

When Personal Is Information Used and Disclosed

1. 
We will not use the Personal Information that we hold for purposes other than those for which it was collected, unless we have the relevant individual’s permission. The purpose of collection is determined by the circumstances in which the Personal Information was collected.

2. 
We will retain the Personal Information of individuals for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

3. 
Personal Information is used to enable us to operate our Sites and provide our Services. This may include:

  • ( a ) providing the Sites to Users;
  • ( b ) the provision of Services to individuals;
  • ( c ) verifying an individual’s identity;
  • ( d ) communicating with individuals about:
    • ( I ) their relationship with us;
    • ( ii ) our goods and services;
    • ( iii ) marketing and promotions; and
    • ( iv ) competitions, surveys and questionnaires;
    • ( e ) investigating any complaints about or made by individuals, or if we have reason to suspect that a User is in breach of any of our terms and conditions or that a User is otherwise engaged in any unlawful activity; and/or
  • ( f ) as required or permitted by any law (including the Privacy Act).

4. 
It is necessary, and by using the Services, Users consent, for us to disclose their Personal Information to third parties in a manner compliant with the Australian Privacy Principles in the course of our business, which includes disclosure of Personal Information:

  • ( a ) with our related bodies corporate;
  • ( b ) as part of a sale (or proposed sale) of all or part of our business;
  • ( c ) during investigations into an individual’s conduct insofar as it relates to the relationship we have with an individual, or a possible contravention of any relevant laws or regulations;
  • ( d ) where we reasonably believe that individuals may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of; and
  • ( e ) as required or permitted by any law (including the Privacy Act).

We will not sell the Personal Information of individuals to unrelated third parties under any circumstances

Opting “In” or “Out”

1. 
Individuals may opt to not have us collect Personal Information. This may prevent us from offering our Sites and Services and may terminate the individual’s access to some or all of the Sites or Services provided by us. Individuals will be aware of this when:

  • ( a ) Opt In
    Where relevant, individuals will have the right to choose to have information collected and/or receive information from us.
  • ( b ) Opt Out
    Where relevant, individuals will have the right, at no cost, either upfront or at any time after they have provided Personal Information, to choose to exclude themselves from some or all collection of information and/or receiving information from us. Individuals can do so by sending us a written request either by email to privacy@idea11.com.au or by writing to us on the details in section 10 of this Privacy Policy.

The Safety and Security of Personal Information

1. 
We and our employees, contractors and other authorised representatives will take all reasonable precautions to protect Personal Information from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.

2. 
We may appoint a Privacy Officer to oversee the management of this Privacy Policy and compliance with the Australian Privacy Principles and the Privacy Act. This officer may have other duties within our business and also be assisted by internal and external contractors, professionals and advisors.

3. 
By using any of the Sites, Users acknowledge that the security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. Users provide information, including Personal Information, to us via the Site at their own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, Personal Information where the security of information is not within our control.

4. 
By using any aspect of the Sites or Services, individuals acknowledge that we are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose or transfer Personal Information to in accordance with the Privacy Policy or any applicable laws). The collection and use of Personal Information by such third parties may be subject to separate privacy and security policies.

5. 
If individuals suspect any misuse or loss of, or unauthorised access to, their Personal Information, individuals are obligated to let us know immediately.

6. 
We are not liable for any loss, damage or claim arising out of another person’s use of an individual’s Personal Information.

7. 
Where Personal Information we hold is no longer necessary, we delete the information or permanently de‐identify it.

How to Access and/or Update Information

1. 
Individuals have the right to request from us the Personal Information that we have about them, and we have an obligation to provide Individuals with such information within 28 days of receiving a written request. Individuals may review and update Personal Information provided to us by contacting us on the details in section 10 of this Privacy Policy.

2. 
We may charge individuals a reasonable fee for our costs incurred in meeting any requests to disclose Personal Information that we hold about those individuals.

Transfer of Personal Information Outside Australia

Personal Information may be stored, processed and accessed in the United States. By contracting with us for Services or the use of our Sites, individual’s consent to the transfer of Personal Information outside Australia. We take all reasonable steps to ensure that the Personal Information that has been transferred will not be held, used or disclosed by the recipient of the information inconsistently with the Australian Privacy Principles.

Complaints and Disputes

1. 
If an individual has a complaint about our handling of his or her Personal Information, he or she should address a complaint in writing to the details in section 10 of this Privacy Policy.

2. 
If we have a dispute with an individual regarding his or her Personal Information, the individual must make a good faith attempt to resolve the issue directly with us.

3. 
If an individual is dissatisfied by how we deal with his or her complaint, the complaint may then be taken to the Office of the Information Commissioner.

4. 
If we become aware of any unauthorised access to an individual’s Personal Information, we will inform the individuals affected at the earliest practical opportunity once we have established what was accessed and how it was accessed.

Contacting Us

1. 
Users should address all correspondence with regards to privacy and Personal Information to the “Privacy Officer”.

2. 
Individuals must contact the Privacy Officer by email in the first instance. The email address for the Privacy Officer is: contact@outft.io

3. 
The Privacy Officer mail address is:
17 Cordelia Street,
South Brisbane,
Queensland, 4101,
Australia

Additions to this Policy

1. 
We may amend the Privacy Policy at our sole discretion. By continuing to access our Services or Sites after an amendment to the Privacy Policy, individuals agree to be bound by the Privacy Policy as amended.

2. 
We may do things in addition to what is stated in this Privacy Policy to comply with the Australian Privacy Principles, and nothing in this Privacy Policy shall deem us to have not complied with the Australian Privacy Principles.

Contacting the Australian Information Commissioner for further information on privacy laws

If further information about privacy laws in Australia is required, please contact http://www.oaic.gov.au/about/contact.html

Last Updated: 20 October 2015