This document will outline how OnePoint Digital Pty Ltd will use, collect and store personal information and why this information is collected.
- we/us/our/ours - refers to OnePoint Digital Pty Ltd (ABN: 28 620 932 569/ ACN: 620 932 569) and its subsidiaries
- you/your/clients/customers - refers to the person/entity reading this document who is interacting with us.
- service/services - refers to any website, program, application and or technology created and/or operated by us.
- third-party/third-parties - refers to a person/company/entity not owned or otherwise affiliated with us in any way.
- service provider - refers to a person/company/entity who we use for the provision and/or delivery of a service in part or entirety.
- support team - refers to the department at OnePoint Digital Pty Ltd who can be contacted by email at firstname.lastname@example.org.
Anonymity and Pseudonyms
We allow for you to interact with our services anonymously although to purchase a service we must know your identity in order to provide such service. If you do not which to provide your identity then you may interact with us using a pseudonym, this may however limit the way we can service you as you may still be required to provide your real identity to make a payment or to deliver a service.
Collection of Solicited Personal Information
Personal information is typically collected by completing a digital form on our website(s) and that information is then transmitted to us. Other ways which we may collect personal information is through email exchanges, phone calls and physical mail.
We may also collect anonymous information about you which includes but is not limited to what type of device you are using, the town/state/country in which you are accessing our services from, how you have used and interacted with our services, your internet service provider and your IP address.
Collection of Unsolicited Personal Information
There may circumstances in which we receive personal information from you without us making a request for that information. In circumstances where it is reasonable to do so we will delete and destroy the information. Where the information was obtained via email communication and is part of a relevant communication record it will be archived. We will not actively use any unsolicited information unless the information was intended to be shared with us for use to use the information and/or the information was already part of the records we hold.
Reason for Data Collection
Information is collected to provide a service to you. The information we collect will depend on the service you are using and how you are using a service. Personally identifiable information is typically collected during the provision of a paid service where as anonymous information is collected when you interact with any aspect of our services.
Disclosure of Collected Data
Personal information is not shared with any third-parties unless you have ordered a service which is provided through a third-party organisation or to a law enforcement agency when a legal court order such as a subpoena or search warrant requires us to do so.
Services which may require your details to be forwarded to a third-party include but are not limited to; domain names, SSL/TLS certificates and services sold by us which are then delivered via a third-party like Google for G Suite. You will be notified at the checkout if you data with be shared with a third-party for the provision of a service.
What Data is Collected
We may be required to collect details including but not limited to the following; you full name, phone number, mobile number, email address, postal address, business name (where applicable), payment details such as credit card information and other miscellaneous information depending on which service has been purchased and what the information is being used for.
Storage and Security of Data
The way information is stored may depend on the information collected. If we are collecting information such as your name and email address we may store this in a database as plain text and protect it through user authentication and electronic protection from viruses and unauthorised access. Information such as passwords will be stored in an encrypted format within a database which can only be reversed by authorised persons or it will be stored in a one directional hash where it is unable to be reversed.
Financial information is stored using an external service provider who provides Payment Card Industry Data Security Standard (PCI DSS) compliant technology to collect and store information which is used for processing and making payments, you may request a PCI compliance certificate by contacting our support team.
Where you have consented to receive marketing materials we may use your personal information such as your email address or phone/mobile number to send you promotional materials including but not limited to new service announcements, sales and promotions and news related to your services and technology. You may unsubscribe to any direct marketing using the unsubscribe link included in the message.
We may also conduct physical mail marketing, this is conducted through mail delivery services like Australia Post and does not involve the use of your personal information to opt-out of physical mail marketing you will need to follow the instructions provided by your mail delivery provider.
You may receive other electronic and physical mail related to a service you have purchased or relating to important changes at our business. As these communications are critical to the delivery of your service and/or maintaining our legal obligations you are unable to opt-out from these communications.
Some or all of your personal information may be transmitted outside of Australia depending on the location of our service provider(s) and where they may store your data. While we cannot guarantee that your data is stored in any one location many of our service providers have a presence in Australia, New Zealand, Japan, United Kingdom, United States of America and Canada which are the most likely locations your data will be stored and transmitted to. During the transmission of your data, it may cross through other nations not previously mentioned, this is due to the design of the internet. We do not take any responsibly for the location your data is stored, although you may request this information should it be required by contacting our support team.
Access of Data
Personal information cannot accessed by any employee or contractor of ours who does not require access to your information, nor can it be accessed by any third-party unless otherwise indicated in this policy.
You may access the information we hold on you at any time by contacting our support team who will provide you with a summary of the information you have been provided and who your information has been transmitted to, this request may take 30 business days to complete. When asking for personal details through an email address which is not on our record we may require you provide us with the answers to some security questions only the account holder would know. This may be via email or via phone.
Keeping Data Accurate
It is a requirement that we keep accurate and up to date records of our customers and to help enable this we have a customer portal that you are able to login to and update all your information. For security reasons some details may be locked to increase security, should you wish to change those locked details please contact our support team who will gladly update details on your behalf.
Where your personal information has changed you agree that you will update your information within 30 days of the information changing where reasonably possible.
Use of Government Identifiers
We may at times collect government identifiers such as Australian Business Numbers (ABN)s, Australian Company Numbers (ACN)s, state/territory drivers licence numbers, passport numbers or other government issued identification identifiers. Excluding ABNs and ACNs which are available via public record, we do not store and government identifiers for later user. We may engage a third-party service provider to validate the details you have provided. The details we will store from government documents will be the type of identifier, the expiry of the identifier and whether our service provider could validate the detail. We will not store the identifier itself, there are some instrances where an external provider may need to keep a record of your identifier for legal record keeping purposes.
Restriction of Data
Access to personal information may be denied in cases where it relates to a court case and the information would not be accessible in discovery, it relates to an ongoing police investigation, we have been instructed to deny access by a law enforcement agency or any state, territory and/or Commonwealth law requires we do not provide you with access to the data we have collected from you.
Duration of Data Storage
Personal information collected by us will be stored while a service remains active, and will extend for a such a period as required by law. Information that is no longer required will be securely erased from our systems in a timely manner from the date it is no longer required.
Unauthorised Access and Sharing of Data
In the event of a data breach, you agree that we will not be held liable for the unauthorised access or sharing of data when such a breach is a direct or indirect result of illegal and/or malicious activity and/or the breach is as a result of a third-party service provider.
Updates & Changes
If you require any further information or clarity regarding this policy, you may contact our support team who will be able to assist you further with regards to interpretation of this policy and to provide you access to any information we may have on you.