Protecting your privacy and keeping your personal information confidential is very important to us. We're bound by the Privacy Act 1988, including the Australian Privacy Principles (APPs) set out in the Act, when we handle your personal information.
This notice applies across all websites that we own and operate and all services we provide, including our online and mobile accounting and financial services products, and any other apps or services we may offer (for example, events or training).
This notice outlines how we maintain your privacy when handling your personal information if you're a client, a visitor to one of our websites or a member of the public in Australia.
Who are ‘we’?
In this Policy, we use the terms, "we", "us", "our" or "expensemanager" to refer to expensemanager Software Pty Ltd.
What is personal data?
We only collect personal information from you that is necessary to do business with you.
The personal information that we collect about you includes your name and email address, place of work and sometimes your telephone number. We also collect your payment information, such as your credit card and ABN. If you subscribe to our direct entry feed, we'll collect your account details so that you and your authorised contacts can transmit information to your nominated accounts.
How we collect your personal information
We collect most personal information directly from you, when you:
- order and/or register for a product or service;
- activate and use a company file, product or service;
- interact with our client support and sales teams;
- use our website, community forum or social media sites;
- complete a form for us, for example when you register for our competitions, training, events and newsletters;
- interact with members of our authorised partner and certified consultant programs;
- complete our surveys or product testimonials; or
- apply for a job with us.
We may also collect personal information about you:
- that is publicly available from sources such as social media websites
How we use and disclose your personal information
We use your personal information to:
- verify your identity;
- provide you with the products and services you've asked for;
- help us operate, protect, improve and develop our products and services and customise your experience;
- assist your authorised contacts;
- provide technical support to you and your authorised contacts;
- keep you informed about our products and services ;
- enable secure access to our websites;
- respond to any feedback, queries or complaints; and
- fulfil any legal and regulatory obligations; and
- process a job application that you've submitted.
Disclosure to third parties
We may provide your personal information to third party service providers that we outsource functions to or partner with, in certain limited situations where it’s necessary for us to do so to provide our products and services.
These third parties assist us by performing functions such as data processing. They may also provide products and services that integrate with or complement our solutions.
Each of the third parties that we contract with is carefully selected and is only authorised to use your personal information in a secure way that’s necessary for them to perform their service to us.
Some of our related companies and third parties that we share information with may be located outside of Australia, in the Philippines and New Zealand.
We'll also disclose your personal information if we are required by law or permitted by the Privacy Act to do so.
Aggregated data is general data about groups of people which doesn’t personally identify you or anyone else, for example – the number of people that use a product in a particular industry. We use aggregated data to:
- help us to understand how you use our products and services and improve your customer experience;
- tailor the way that we communicate with you about our products and services so that we can interact with you more effectively; and
- create helpful insights for the business community.
- We sometimes share aggregated data with our business or industry partners.
Security of your data
We typically hold the personal information that we collect either on electronic databases or as hard copy documents.
The security of your personal information is fundamental to the way that we do business. We take all reasonable steps to protect the personal information that you give us from unauthorised access, use or disclosure, in line with industry standards.
We do this by employing a range of security measures to protect the personal information that we hold. For example our web pages that request sensitive information employ encryption technologies such as Secure Sockets Layer (SSL).
You can confirm that a data-entry page uses encryption by checking that:
- the page address in the web browser's tool bar or status bar begins with https://; or
- the padlock icon in the web browser's tool bar or status bar is locked.
If you're a registered user of any of our websites, you can control access to your account with a username and password of your choice. You should choose a strong password and keep it protected from others to prevent unauthorised access.
We're also committed to protecting your information offline. All of your personal and business information, not just personal information and sensitive information is subject to access controls.
Whilst we take all reasonable measures to protect your personal information when it’s in our hands, it’s important to note that we’re unable to guarantee the security of the internet as a whole. If you’re using your product and service online, please ensure that you’re doing so in a secure environment. In addition, if you use email to send and receive your personal information, please be aware that the information may be less secure in transit.
Your personal information gives you authorised access to our websites so that you can update your details, access online help or perform financial transactions. For some products, you may be able to authorise other people (such as your employees, accountant or bookkeeper) to access, add and manage information on your behalf.
Our websites may contain links to third party websites, which don't belong to us and are beyond our control. Please note we're not responsible for and can't guarantee the privacy of these third party websites.
International Data Transfers
When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as to the United States, where our data hosting provider’s servers are located. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.
For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data (like Australia), or to a third party where we have approved transfer mechanisms in place to protect your personal data.
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal, tax or accounting requirements).
We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymised.
It’s your personal data and you have certain rights relating to it. You have a right to
- know what personal data we hold about you, and to make sure it’s correct and up to date
- request a copy of your personal data, or ask us to restrict processing your personal data or delete it
- If it’s marketing communications, you can ask us to not send you these at any time by following the unsubscribe instructions contained in the marketing communication
- object to our continued processing of your personal data
- You can exercise these rights at any time by sending an email to firstname.lastname@example.org
Suite 304, 33 Lexington Drive
Bella Vista, New South Wales 2153