Privacy Policy
1.0 INTRODUCTION
This privacy policy applies to Simple Technology Pty Ltd, its affiliates and related bodies corporate (us, we, our). We take the protection of your personal information very seriously and are committed to compliance with applicable privacy and data protection laws, including the Privacy Act 1988 (Cth) and the EU and UK General Data Protection Regulation (together, the GDPR).
This privacy policy gives you information on how we collect, store, use, process and disclose personal information. Personal information and/or personal data (the terms commonly used in applicable privacy laws) is information or an opinion about an identified or reasonably identifiable individual, whether the information or opinion is true or not and whether the information is recorded in a material form or not.
If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us using the contact information in section 15 of this privacy policy.
2.0 WHY WE COLLECT YOUR PERSONAL INFORMATION
The personal information that we collect about depends on our relationship with you, the circumstances of collection and the products or services that you apply for, purchase, and/or enquire about. We may use personal information you have supplied for purposes including to:
• identify you as the user of our products and services and to provide better client service to you, your business partners and your employees;
• perform authorised financial transactions with you and your associated service providers;
• operate our business, including as it applies to you;
• where you have consented, to keep you informed about Simple products and services and those of relevant business partners;
• participate in the process of any third party acquisition or potential acquisition of an interest in us and/or our assets;
• to fulfil our legal and regulatory obligations; and
• to improve and optimise our platforms (including our websites), products and services.
3.0 LAWFUL BASIS OF PROCESSING INFORMATION
We only collect and use personal information about you when the law allows us to. To the extent you are located in the United Kingdom (UK) or European Economic Area (EEA) we most commonly use personal information where:
• the data subject (you) has given consent to the processing activity taking place;
• If the processing is necessary for the performance of a contract;
• if the processing is necessary for compliance with a legal obligation to which the controller is subject; and
• if the processing in necessary for our legitimate interests or those of any third party.
If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make it clear to you what those legitimate interests are at the relevant time.
4.0 WHAT INFORMATION WE COLLECT AND HOW
Consistent with the provision of our products and services, the types of personal information we may collect and hold includes the following.
(a) Identity and contact details – including individuals’ first and last name, email address, phone number, company name and other identifying and contact information.
(b) Payment information – including any personal information associated with any payment information provided.
(c) Other information – text of written and oral communications gathered in the course of our interaction with you, including other information from your interactions with us online, such as any feedback you provide us, when you communicate with our customer support, cookie information, IP address, URL’s, search histories and other associated information.
We may collect personal information directly from you in the course of providing our products and services, from our website, mobile applications and other online platforms (to the extent applicable), and/or directly from you, including using cookies (data files placed on your device or computer), log files and security tokens.
In some cases, we may collect information about you indirectly, such as from third party providers of our products and services, providers of data analytics services and providers of third party websites, apps and social media platforms. We may also collect personal information about you indirectly when a third party whom you have a relationship with uses our products and services, such as when a company who you have purchased products and/or services from, provides us your personal information so we can provide our products and and/or services to them. Where we receive personal information about you from such third parties, we require that they have collected and disclosed that information with your knowledge or consent (to the extent required by applicable laws).
5.0 HOW LONG WE KEEP INFORMATION FOR
We pride ourselves on ensuring that your personal information is only retained for the period that we need it for, in accordance with laws, regulations, professional obligations that we are subject to and our business needs.
6.0 SECURITY OF PERSONAL INFORMATION
We take the responsibility for protecting your privacy very seriously and we will ensure your data is secured in accordance with our obligations under applicable privacy laws. We have in place technical and organisational measures to ensure personal information is secured and to protect it from unauthorised access, use and disclosure. For example, we have in place a robust access control policy which limits access to your personal information to those employees, contractors and other third parties who only have a business need to know your personal information. We also have policies and procedures to handle any potential data security breaches and data subjects, third parties and any applicable regulators will be notified where we are legally required to do so.
7.0 YOUR INDIVIDUAL RIGHTS
We will take all reasonable steps to ensure any personal information we collect, use or disclose is up to date and accurate. If you believe personal information that we hold about you is not up to date or accurate, you may ask us to correct it.
You may ask us to provide you with details of the personal information we hold about you, and copies of that information. We will respond to your request and attempt to provide you with the data within 30 days of receipt of your request.
If we provide you with copies of the information you have requested, to the extent permitted by law, we may charge you a reasonable fee to cover the administrative costs of providing you with that information.
Please direct all request for access and correction using the contact details set out in section 15.
If you are located in the UK or EEA, you also have additional rights, including the following:
•Right to withdraw consent
•Right to object
•Right to be informed
•Right to erasure
•Right to restrict processing
•Right to data portability
A summary of these rights is set out below.
•The right to withdraw consent
You have the right to withdraw your consent to us processing your personal information at any time.
•The right to object
In certain circumstances, you can ask us to stop or prevent us from processing your personal information, including for marketing purposes.
•The right to be informed
You have the right to be informed about the collection and use of your personal information.
•The right to erasure
In certain circumstances, you may request that we erase your personal information.
•The right to restrict processing
In certain circumstances, you may ask us to restrict the processing of your personal information.
•The right to data portability
In certain circumstances, you can request that your personal information is transferred to another controller or processor machine-readable format.
8.0 FAILURE TO PROVIDE PERSONAL INFORMATION
Where we need to collect personal information by law or in order to process your instructions or perform a contract we have with you and you fail to provide personal information when requested, we may not be able to carry out your instructions, perform the contract we have or are trying to enter into with you or provide you the products and services you are requesting. In this case, we may not be able to provide you the products and services you have requested, but we will notify you if this is the case at the time.
9.0 COOKIES
Our website uses cookies. Please see our cookies policy for full details of the cookies used.
10.0 TRANSFERS TO THIRD PARTIES
We may disclose your personal information to some third parties to help us deliver our services/products. These third parties may include the following:
• Business partners, suppliers, contractors for the performance of any contract we enter into with them or you;
• Our affiliates and related bodies corporate;
• Third parties that support us to provide products and services e.g., IT support, cloud-based software services, providers of telecommunications equipment);
• Third party technology and marketing services providers, including Microsoft Azure, Microsoft Dynamics and PING Federate;
• Payment service providers;
• Recruitment service providers;
• Professional advisors e.g., lawyers and auditors; and
• Web analytics and search engine provider to ensure the continued improvement and optimisation of our website.
11.0 OVERSEAS DISCLOSURE
Relevant to the GDPR, in order to provide our products and services to you, we may disclose the information which we process to countries outside the UK and EEA. Regardless of the location of our processing, we will impose adequate data protection safeguards and implement appropriate measures to ensure that your personal information is protected in accordance with applicable data protection laws.
In relation to our Australian operations, we may, in the course of providing products and services, disclose personal information to overseas entities including to our related bodies corporate and third party service providers. Those overseas entities may be located in the UK and/or the EEA.
12.0 RIGHT TO COMPLAIN
We take any complaints about our collection and use of personal information very seriously.
If you think that a breach of the Privacy Act 1988 (Cth) or GDPR has occurred, please raise this with us in the first instance.
To make a complaint, please contact us via email on privacy.officer@simple.io.
Alternatively, you can contact us:
By Post: Level 6, 2 Kingdom Street, Paddington, London W2 6BD
By Phone: (800) 0487155
If you do not consider our response satisfactory, you may contact the Australian Privacy Commissioner at its website www.oaic.gov.au or by telephone on 1300 363 992.
Alternatively, if you are located in the UK you can make a complaint to the UK Information Commissioner’s Office:
By Post: Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
By Website: Click Here
By Email: Click Here
By Phone: 0303 123 1113 (Local rate) or 01525 545 745 (National rate)
For EEA individuals, you can contact your relevant local data protection authority, which can be located at via the European Data Protection Supervisor and/or this link.
13.0 THIRD PARTY LINKS
Our websites may contain links to other websites from time to time. Please note that we do not control, and are not responsible for, the content or practices of these other websites. Our provision of any third-party links does not constitute our endorsement of these other websites, their content, their owners, or their practices. This policy does not apply to any third-party websites, which are subject to any privacy and other policies they may have.
14.0 ADDITIONAL INFORMATION
Your trust is important to us. That is why we are always available to talk with you at any time and answer any questions concerning how your personal information is processed. If you have any questions that could not be answered by this privacy policy or if you wish to receive more in-depth information about any topic within it, please contact our DPO and Compliance Team via email on privacy.officer@simple.io.
15.0 POLICY REVIEW AND AMENDMENTS
We keep this privacy policy under regular review. This privacy policy was last updated on 22 February 2022.
We reserve the right to update this privacy policy at any time, and we will provide you with a new privacy policy or notify you using a method determined by us when we make any substantial and/or material updates.