The team at Digistorm has created a resource that can help your school manage communication during the Coronavirus outbreak. Learn More
Title: Privacy Policy
Policy No: D-PP Policy Version: 1.1
Effective Date: 21/11/2018 Revision Date: 21/11/2020
Approved By: Tim Oswald, Managing Director
Approved Date: 21/11/2018
This Policy sets out how we collect, handle and use information about you.
We reserve the right to update this Policy at any time without notice.
We are subject to the Australian Privacy Principles (APPs).
In certain circumstances we may also be subject to the EU General Data Protection Regulation (Regulation 2016/679) as it applies to residents in the European Economic Area.
The purpose of this Policy is to:
This policy applies to information that we may collect about you.
This policy does not apply to information that may be collected by a third party or how that third party may use, handle, store or disclose your information.
Organisation means a natural person, a body corporate, a partnership, any other unincorporated association, or a trust, that is not a small business operator, a registered political party, an agency, a state, territory or national authority or a prescribed instrumentality of a state, territory or nation.
Personal Information means information or an opinion about an identified natural person, or a natural person who is reasonably identifiable.
Digistorm Group, we, us, our means Digistorm Pty Ltd and its ‘related bodies corporate’(as that term is defined and used in the Corporations Act 2001 (Cth)), including but not limited to Digistorm Operations Pty Ltd and Digistorm Group Pty Ltd.
Institution means preschools, primary schools, secondary schools, and further and higher education places for learning, whether public or private.
Suite of Products means:
and any other products or adaptations that may be added from time to time. All of our products may be viewed at https://www.digistorm.com/.
In Australia - Privacy Act 1988 (Cth) which includes the Australian Privacy Principles set out therein, as substituted, amended, replaced or varied from time to time.
In the European Economic Area – for residents in the European Economic Area only, EU General Data Protection Regulation (Regulation 2016/679).
We collect information about you (including, but not limited to, that information set out in the table below) that:
What information do we collect? | Why we might collect this information |
---|---|
Your full name, sex, date of birth, age, residential address, postal address, email address, telephone number, facsimile number and proof of identity information. |
|
Information or opinions about your racial or ethnic origin, political opinions, or memberships, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation, or criminal record. |
|
Information, communication or opinions about any of our products, services, transactions, payment history and business activities. |
|
Video footage and audio surveillance. |
|
Identifiers (such as tax file number and business number), citizenship and residency details, details regarding and information provided by your referees, details regarding and information provided by your guarantor(s) and business partner(s), financials/credit/criminal history checks, results of any pre-employment or profile tests, employment history, education history, identity documents, health information and next of kin details. |
|
Information that may be collected by us or on our behalf via third parties including the date and time of your visit to our website, IP address, documents and pages you access, type of browser and setting, operating system, address of a recurring site you are about to visit; information you submit regarding payment particulars, device identifier, including UDID, device details, pages visited, language selections, cookies, tracking pixels, geographic area and location. |
|
Other information. |
|
Device Information |
|
In some situations you will have the option to deal with us anonymously or through a pseudonym, however, where you are requesting products or services from us or from an Institution where such contact is via us or one of our services, it may become impracticable to provide those products or services to you without verifying your identity. Where you fail to provide us information or where the information provided is incomplete and/or inaccurate, or you choose not to provide us with the information that we have requested, it may affect our or an Institutions ability to provide you with our products and services.
In the event that we receive identifiable information from a third party, such as an Institution, we will take reasonable steps to ensure that you have given express or implied consent to the collection of that information. If it is determined that we are unable to have possession of the information under a relevant law, we will destroy the information or ensure that the information is de-identified.
For some (but not all) services operated by us, the Do Not Track browser setting is accepted (which can be adjusted in your browser). Because a uniform technological standard has not yet been developed for Do Not Track, we do not currently respond to all Do Not Track signals. We continues to review new technologies and may adopt a standard once one is created.
We are a growing online business. In order to offer a consistent service to you we may store and manage data electronically or in paper form. Where data is stored electronically, it is done so by a third party cloud service provider that may store your information or a backup of your information in Australia or such other locations that the third party cloud service provider determines from time to time (see our list of third parties here for jurisdictions where your information may be stored). The data that we collect from you may be transferred to, and stored to these servers or processed by staff operating in other countries, who work for us or an Institution.
We will take all steps reasonably necessary to ensure that your information is secured from misuse, interference, loss, unauthorised access, unauthorised modification or unauthorised disclosure. Any information will be handled in accordance with this Policy and applicable privacy laws. Despite using all steps reasonably necessary, the transmission of information through the internet is not completely secure.
Submission of any information to us is an acknowledgement that you agree to such use, storage and disclosure.
We may share your information with:
Should you believe that we have not fulfilled our obligations under any relevant law or have not complied with the terms of this Policy or would like to appeal a decision made by us in relation to your Personal Information, you can make a complaint in writing to our Privacy Officer using the contact details set out in this Policy.
We will respond to you within a reasonable period of time (or where a period is specified by any law, that period) to acknowledge your complaint and inform you of the next steps we will take in dealing with your complaint.
In Australia if after getting our response you are still not satisfied that your complaint has been resolved or adequately dealt with, you may direct your complaint to the Australian Information Commissioner (AIC). The contact details of the AIC are listed on their website: www.oaic.gov.au
This clause applies to residents in the European Economic Area (EEA).
Controller, Data Processor, Data Subject, Processor, Processing, Subprocessor, and Supervisory Authority shall be interpreted in accordance with applicable EU Data Protection Legislation.
EU Data Protection Legislation means the General Data Protection Regulation, Regulation (EU) 2016/679 and any legislation and/or regulation implementing or made pursuant to it or which amends or replaces any of them, as it applies to the EEA.
Due to the manner in which the Suite of Products is delivered (see clause 6.7 of this Policy), you are contracting directly with an Institution. That Institution has subsequently contracted with us in order to deliver the Suite of Products and therefore facilitate the various communications between you and the Institution. In this manner, we are the Processor of your Personal Information for the Institution.
If you are a Data Subject in the EEA and wish to exercise rights in accordance with the EU Data Protection Legislation, please contact the Institution you interacted with directly -- we serve as a processor on their behalf and can only forward your request to them to allow them to respond.
Our website and Suite of Products are not intended for Data Subjects under the age of 16. However, due to the nature of the Suite of Products facilitating the enrolment and communication of minors that attend an Institution with their respective parents, you may submit Personal Information to us on behalf of a Data Subject under the age of 16. In such circumstances, we will seek your express consent to this submission and use of Personal Information of the Data Subject not yet 16 years of age.
If you have any comments, concerns or questions regarding this Policy or Personal Information that we hold about you, please contact our Privacy Officer by email to or by post at:
Privacy Officer
Digistorm Pty Ltd ACN 153 005 264
(a company incorporated in Australia)
Suite G2, 2019 Gold Coast Highway
MIAMI, QUEENSLAND 4220
AUSTRALIA