Strytex Privacy & Cookie Policy

The non legal bit.

The Australian Privacy Act 1988 and Australian Privacy Principles regulate how personal information is handled. The current definition of Personal Information is:
…information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified individual, or an individual who is reasonably identifiable.

This creates a bit of a headache for companies like us who need business related personal information. In fact, one of the Frequently Asked Questions (FAQ) on the government privacy website is “Can I use my customer database to send a customer a Christmas Card” and is answered “Yes, so long as it is within the customer’s reasonable expectations.” (see https://www.oaic.gov.au/agencies-and-organisations/faqs-for-agencies-orgs/businesses/can-i-use-my-customer-database-to-send-a-customer-a-christmas-card)

If you register on our website and join a forum or other activity, we have this privacy policy to tell you how we will deal with your Personal Information.

If your employer has signed up to any of our Services, we may have had to collect a bit more information about you, but we are only interested in your business related personal information. Business related personal information includes things like your job title, your business email address, your business postal address, your business phone number etc. Actually, most people want this type of personal information distributed far and wide. This is why we print business cards and add signatures to the bottom of emails.

As we deal in compliance, we also collect things like licences which may contain some Personal Information,. For compliance and regulatory purposes, your Personal Information may not be removed because someone may need to verify who the licence holder is. An example of this a photograph of yourself.

We stress that we don’t want to collect information just for the sake of it. We only hold Personal Information that is needed. Things like your signature, personal phone number, dates of birth, bank account details, blood group, tax file number etc. are not collected unless specifically needed for compliance purposes. However Governments do keep changing the rules so we cannot guarantee that this will not change!

In short,

  • we will do everything we can to keep your Personal Information private
    • except where your employer has to share your personal information with their trading partners for regulatory/compliance purposes.
  • we promise not to profit from your personal information by selling it to unrelated third parties
    • we will however use anonymised information so we can sell advertising space. We have to pay for all the products and services and information we provide for “free”.
      you agree to let us communicate with you electronically, for instance, we may send you a newsletter, tell you about a change to our Website or our Services or tell you about changes to the system and new features.

If you are looking at this before signing up for our Services, thank you and we recommend you read the Portal End User Terms of Use which contain the actual terms you will need to agree to before you use the Strytex Portal and our Managed Services.

If you have already signed up and are just checking our Privacy policy, then thanks again for joining and we hope you enjoy the benefits we believe our Managed Services can bring to you and your organisation.

Now for the legal stuff…………

Rights to privacy

Strytex Pty Ltd ACN 138 521 132 and all related corporations (“Strytex, we, us or our“) understand the importance of protecting an individual’s rights to privacy. We have prepared this policy to help you understand how we aim to protect the privacy of your Personal Information and the Personal Information of others, obtained through use of our Website, our Portal and our Products and Services.

Definitions for capitalised terms not found in this policy are located in the Strytex Definition of Terms and should be read in conjunction with this policy.

This privacy policy applies to:

  • Website Services that we provide from our website – strytex.com and strytex.zendesk.com (“Website”)
  • Products and Services that we provide via the Strytex portal (“Portal“).

This policy describes the way Strytex collects information from all users of our cloud based Website Services, our Products and Services, and our Managed Services (collectively referred to as the “Services“).

Users of our Services include (i) Member organisations and Source organisations through their Employees, (ii) individuals who use our Website Services (“Subscribers“), and (iii) other individuals who access our Website but who are not Employees or Subscribers (“Visitors“). Below we explain what we do with the information we collect and the choices Employees, Subscribers and Visitors have concerning the collection and use of this information.

We ask that you read this Privacy and Cookie Policy carefully.
For further information, please contact privacyofficer@strytex.com

1. Personal Information Strytex Collects and How It Is Used
Strytex collects information in different ways from Member organisations, Source organisations, Subscribers and Visitors who access our various Services. We use this information primarily to provide a customised experience as you use our Services. Generally, we do not share this information with third parties. However, we may disclose collected Personal Information if (i) you have provided us with your information under the Website Terms of Use or (ii) your organisation has provided us with your information under the Service Terms of Use; or (iii) we have received your permission beforehand to do so, or (iv) in the special cases as described below.

By necessity, authorised Strytex Staff have full access to all information on the platform.

2. Personal information provided by Visitors and Subscribers to the Website
2.1 Responses to Email Enquiries:
If you are a Visitor, or Subscriber or Member Staff and you send an email enquiry to Strytex or a Member via their Company Profile page, your return email address will be used to answer the email enquiry.
If you contact a Member via a Contact button on their Company Profile page, the privacy policy of the Member will govern how your Personal Information is handled and managed.
Where the enquiry is addressed to Strytex, Strytex does not use this return email address for any purposes other than responding to the request and setting up your details on our CRM system. We do not share this information with any third party, unless this is agreed otherwise in writing. Please note that we do log your information on a third party CRM application to which we subscribe. This information is not shared with this organisation but in the interests of full disclosure, we have listed it below.
If you need to fill in a form to access information on our website, we may request information such as your name, job title, organisation, email address and other information. If you make repeated requests, we may contact you to ascertain if you wish to subscribe to one of our Website Services or Professional Services.

2.2 Registration to Website Services

  • Our e-newsletter, Strytex-stories: We regularly send out our Strytex-stories newsletter to our e-newsletter subscribers (but not more than monthly). You may subscribe to this service by providing a name, organisation and email address. You may choose to provide a pseudonym or first name rather than your own full name. Email addresses will be used to deliver our newsletter to you, and from time to time other information related to our Services that we think you may find interesting.
  • Our Blog: You may subscribe to our Blog by providing your email address. If you choose to participate in the Blog you are also required to provide a name. You may choose to provide a pseudonym or first name rather than your own full name. Using the email address you provide we may deliver to you from time to time other information related to our Services that we think you may find interesting.
  • Voluntary Customer Surveys: We may periodically conduct online surveys. As these are voluntary, we are grateful when you participate because these surveys provide us with important information that helps us to improve the types of services we offer and how we provide them to you. Your Personal Information and responses to these surveys will remain strictly confidential, even if the survey is conducted by a third party.
    We may take the information you give us and combine (or aggregate) it with the responses of other respondents we may have, to create broader, generic responses to the survey questions (such as gender, age, residential postcode, employment, industry sector, or other demographic information). We may then use the aggregated information to improve the quality of our services to you, and to develop new services and products. This aggregated, non-personally identifying information may be shared with third parties.
    We also may undertake industry wide surveys and again, we may take the information you give us and combine (or aggregate) it with the responses of other respondents to create broader, generic responses to the survey questions. As a result, we may produce and industry report or article that updates everyone with the responses to the questions posed. Please be aware that whenever we conduct a survey like this, you will be notified on the first page of the survey and, if you provide us with your contact details at the end of the survey, you will be provided with a copy of the report.

2.3 Third Party applications which we use
Our e-newsletter service is managed for us by MailChimp from Rocket Science Group, LLC Australia Pty Ltd. How MailChimp handles your Personal Information is governed by Australian Law and our agreement with MailChimp (which prohibits MailChimp from using your Personal Information except to provide our Subscriber Services). However all data used to provide the MailChimp service is processed by MailChimp in the USA and sits on MailChimp servers which are probably located outside Australia. MailChimp explicitly requires its service providers to acknowledge and adhere to the MailChimp Privacy Policy which can be found at https://mailchimp.com/legal/privacy/

Our Blog uses WordPress.org services that handles Personal Information in accordance with the WordPress Privacy Policy. You can find their Privacy policy at https://wordpress.org/about/privacy/

We use Zoho to store all our CRM information. You can find their privacy policy at https://www.zoho.com/privacy.html

We Survey Monkey for conducting Surveys. You can find their privacy policy at https://www.surveymonkey.com/mp/policy/privacy-policy/

We use Zendesk for all support tickets, user guide and FAQs. You can find their Privacy Policy at https://www.zendesk.com/company/privacy

By providing us with your Personal Information to receive Website Services, you consent to our disclosure of this information to the Third Party applications listed above to help us provide the Subscriber Services, which means that Australian Privacy Principle 8.1 will not apply and you agree that we do not have to take reasonable steps to ensure that this information is treated in accordance with the Australian Privacy Principles.

3. Personal Information provided by Member organisations as part of Professional Services
Member organisations join Strytex Professional Services so they can manage their internal business information and share this information with their trading partners. To do this, each Member gets a secure Member Site on which to store Member Information. This Member Information is business information about a Member, which may include amongst other things some business related Personal Information about Member Staff – names, roles, business contact details, professional licences etc. So this may include your Personal Information.
The Member may provide this information to Strytex for loading on to their secure site, where it can be shared with its trading partners for compliance purposes.
Through acceptance of the Service Terms of Use, each Member provides Strytex with explicit consent to share this information both within the Member organisation and, on an as needs basis, with linked Members, i.e. trading partners. Your information is probably already shared with your employers trading partners, it’s just done on paper at the moment. Under the Australian Privacy Principal, because we are managing this information on behalf of your employer, we want to make everything clear and unambiguous.
Here are some key points

  • How individual Members deal with Personal Information collected on their own staff or on linked members staff is governed by that Member’s privacy policy, i.e in this case, your employers Privacy Policy.
  • In general, Personal Information collected and stored within a Members Site is not publicly available and is only viewable by the Member’s authorised staff and authorised staff of Linked Members.
  • If you are the Member Administrator for your secure site, you have the ability to set both internal and external access permissions for each document, which may or may not contain Personal Information of your co-workers.
  • Authorised Strytex support personnel can view all Personal Information.
  • Strytex Service Terms of Use require Members and Authorised Member Staff to comply with the Privacy Act 1988 (Cth) and Australian Privacy Principles.

3.1 Sharing Personal Information within a Member organisation
If you are a Member Administrator, you can view all documents within your secure site. Please take this responsibility seriously and make sure you are aware of your obligations under your employers Privacy Policy.
If you are a Member User or Member Exec, you can all document for which you have been allocated access privileges. The Member Administrator, sets the access permissions for each document by specifying which departments can access which documents which may include personal information of other staff including Member Non Users. Please note that the Privacy Policy of your employer governs how the Personal Information of all your co-workers has to be handled and managed.
If you are a Member Nonuser and you want to obtain the details of your personal information stored on your employer’s Member site, please contact your member Administrator. If you cannot find out who this is, feel free to contact us and we will do our best to help. Our contact details are at the bottom of this document.

3.2 Sharing Personal Information on the Company Profile page
If you are a Member Nonuser, your Personal Information should never be displayed on the Company Profile Page.
If you are a Member Administrator, Member User or Member Exec, you can choose to display some of your Personal Information, e.g name, job title, contact details, etc. on your Member’s Company Profile page. Under the personal settings, you have complete control over what is and what is not displayed, however, in the interests of privacy and anti-spamming, the Company Profile page does not display email addresses. Strytex hides these behind a “Contact Me” button.
Please note that the Company Profile Page may be accessed by (i) other Members and their authorised staff via the Portal and (ii) by the public via any search engine.

3.3 Sharing Personal Information with Linked Members
Members link with their customers, suppliers, contractors and other business partners in order to share compliance and other documents. Only Authorised Member Staff from Linked Member organisations may use and view the information on your Member’s Site. As some of this business information may include your staff compliance related documents, your employer may already be sharing Personal Information with their trading partners, it’s just done manually right now.
By accepting the Service Terms of Use, your employer provides Strytex with explicit consent to share this Personal Information electronically on an as needs basis with your employer’s Linked Members.

Here are some key points

  • Only your Member Administrator (or Strytex staff if authorised by a nominated Executive or Member Administrator) can create a link with another Member.
  • By default, all documents are loaded with external permissions set so that no linked Members can access the document. Access permissions have to be individually activated for each document. Your Member Administrator (or Strytex staff if instructed by a nominated Executive or Member Administrator) has control over these access permissions.
  • Strytex Service Terms of Use require Members and Authorised Member Staff to comply with the Privacy Act 1988 (Cth) and Australian Privacy Principles

Strytex Service Terms of Use require Strytex Members and Strytex Users to comply with the Privacy Act 1988 (Cth) and Australian Privacy Principles.

4. Third Party Websites:
In addition to our Website, which we control directly, we also use and provide links to websites that are controlled by third parties, including: Facebook, Twitter, Linked In, Google+, so users can share information they find on our Website, and YouTube, so users can access Strytex newsfeeds and other streamed information.
If you use or follow a link to any of these third party websites, please be aware that these websites have their own privacy policies and that we cannot accept any responsibility for how they use information obtained about you from your use of their website. It is your responsibility to read and understand the privacy policies of these entities.

5. Special Cases:
It is Strytex’s policy not to use or share the Personal Information about you except as described above without also providing you an opportunity to opt out from the unrelated use.
However, we may disclose Personal Information about you, or information regarding your use of the Services or websites accessible through our Services, for any reason if, in our sole discretion, we believe that it is reasonable to do so. Such a reason may include:

  • where we have a regulatory or legal obligation to do so; or
  • to satisfy, enforce or apply our Website Terms of Use or Strytex Service Terms, or other user policies; o
  • to operate the Services effectively; or
  • to protect Strytex, Strytex Members, Strytex Users, Subscribers, and Visitors.

Unless expressed otherwise in this policy, where we use third party service providers to provide services to Strytex that involve data processing (eg archival, auditing, professional advisory – including legal, accounting, financial and business consulting, technology, website, research, banking/payment, data processing and security services), we require the service providers to handle your Personal Information in accordance with the Privacy Act 1988 (Cth) and Australian Privacy Principles.

6. Our use of cookies
Cookies are pieces of information that a web site transfers to your computer’s hard disk for record keeping purposes. Most web browsers are set to accept cookies. Strytex uses cookies to make your use of our Website and Portal as convenient as possible. Cookies do not themselves personally identify users, although they do identify a user’s browser. Cookies allow us to remember the information you have entered as you move through our Website, and tell us how many people are using the different parts of the Website. If you do not wish to receive any cookies you may set your browser to refuse cookies, however, this may mean you will not be able to take full advantage of all aspects of our Website. Please be aware that if you visit other external websites they may also use their own cookies. We do not control use of these cookies and expressly disclaim responsibility for information collected through them.

7. Public Forums
Please remember that any information you may disclose in any public areas of our Website, Third Party applications we use or the Internet becomes public information. You should exercise caution when deciding to disclose Personal Information in these public areas. We accept no responsibility for your participation in a public forum.

8. Strytex Commitment to Data Security:
Our Portal and Website have reasonable security measures in place to protect the loss, misuse, and alteration of Personal Information under our control. While we make every effort to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party “hackers” from illegally obtaining this information.
You can help us to keep your information secure. Please remember that any user name or password in relation to our Website is personal to you and should not be made available to any other person. You should stop using your username and password and notify us immediately if you suspect that someone else may be using them.

9. Status of this policy:
Your use of our Website and or Professional Services constitutes your acceptance of the terms of this privacy policy, as revised by us from time to time. Technologies and information governance practices are constantly developing. We will therefore need to revise this privacy policy in future, so please review this page regularly to ensure that you are aware of any changes to its terms.

10. Verifying Your Personal Information
If at any time you would like to verify your personal details, or would like more information on our approach to privacy, please contact us at the address below

11. Where to Direct Questions About Our Privacy Policy:
If you have any questions about this privacy policy or our privacy practices please contact us directly at the address below

12. Privacy Complaints:
Please direct all privacy complaints to our privacy compliance officer. A privacy complaint relates to any concern or dispute that you have with our privacy practices as it relates to your Personal Information. At all times, privacy complaints will be treated seriously, dealt with promptly, and in a confidential manner. If you are unsatisfied with the outcome of your complaint, you may refer your complaint to the Australian Privacy Commissioner on 1300 363 992 or email enquiries@oaic.gov.au.

13. Strytex Privacy Officer Contact Details
By email: privacyofficer@strytex.com
By post: Confidential – Privacy Officer
Strytex Pty Ltd
PO Box 383
Balwyn North
VIC 3104
Australia

Last updated September 2017