We collect and use information from visitors to our website and from users of our software applications (“Services”) that are licensed by our business-to-business clients (“Clients”). This may include personal information about you (“Customer Data”). Personal information generally means any information about an individual from which that person can be identified. This may include:
- General information such as your name;
- Contact information such as your address, phone number, and email address
- Transaction information such as information about products and services you have viewed or purchased and when and where the transaction occurred including payment type;
- Technical information such as how you use our products including your identity, device make and model, device name, MAC address, Internet Protocol (IP) address, carrier name, operating system and browser type; and
- Marketing information such as your preferences in receiving marketing communications from us, third-party links you have visited immediately prior to and after you visit our website and your location information
We do not collect any sensitive personal information about you (this includes details about your race or ethnic origin, political opinions or associations, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or union, sexual orientation or practices, criminal record information, health, genetic background or biometric personal information).
How we collect your information
We may collect personal information in the following ways:
- information you provide to us directly, for example when you communicate or interact with us or one of our Clients that offers our Services to you, by telephone, email, online (including through our products and Services and website) or in person;
- your response to any surveys or marketing materials we, or our Clients send out;
- interactions between you, other users of our Services, and our staff;
- interactions between you and our Clients and their staff; and
- information that we automatically collect when you use our Services to enable us to fulfil our obligations to our Clients and to provide product support.
In some instances, we collect information about you from other sources such as our suppliers and other third parties who provide services to us; and publicly available sources.
Why we collect your information
We use your personal information for the following purposes:
- To fulfil our obligations to our Clients, and you, in delivering our Services
- To process transactions you initiate by using our Services;
- To verify your identity;
- To respond to requests and provide product support;
- To monitor usage in order to improve our Services, or to improve your experience with our Services;
- To update you about our Services
- To link or combine with information we get from third parties to help understand your needs;
- To detect and investigate fraudulent, unauthorized, or illegal activity; and
- For any other purpose for which the information was originally collected.
For additional information on our legal basis for processing your information, please contact us.
Who we may disclose your information to
We may disclose information, including your personal information, to various third parties for any of the purposes identified above. The types of third parties with whom we disclose personal information include:
- our Clients;
- government agencies for reporting and compliance purposes;
- third party suppliers, service providers and partners, which provide services and support for our programs and operations; and
- to a third-party organisation in the event, we sell or transfer all or a portion of our business or assets
In order to comply with our legal obligations, respond to complaints and claims, and investigate and protect ourselves and third parties against any activity that we reasonably suspect to be fraudulent, we may also disclose your personal information to law enforcement agencies, regulatory authorities and governments around the world and their service providers in connection with their investigations, screening or other functions.
Transfers to other countries
Direct marketing communications
We may use your information to provide you with targeted advertisements we believe of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work. You can opt out of targeted advertising on services such as Facebook, Google and Bing. You can also opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at http://outpout.aboutads.info/
Cookies and visitor tracking
To provide services through our website, or understand more about visitors to our websites and social media platforms, we collect certain information from your browser about your interactions. This information is collected as statistical information and includes the IP address, browser type, language and access times.
We collect information via cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies in the browser settings if you prefer. If you choose to decline cookies, you may not be able to use certain services or features that depend on cookies.
We use Google Analytics to track information about how visitors use our site. This only collects statistical information such as the number of visitors to our website, how they arrived there (i.e. via a Google search or another website), whether it is a first-time or return visit. You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/ and exercise the opt-out provided by Google by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
We take reasonable measures to ensure that your personal information is transmitted and stored securely, in order to prevent loss, misuse, and unauthorized access, destruction, or disclosure. However, please be aware that, despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.
We store information in both physical and electronic form at our offices or on our servers. We have put in place reasonable security measures designed to protect your personal information from being accidentaly lost, modified, used or accessed in an unauthorised way, altered or disclosed.
We have put in place procedures to deal with personal information breaches and will notify you and any applicable regulator of a breach where we are legally required to do so.
Accessing your personal information
The accuracy of the personal information we hold, and use is important to us. We take reasonable steps to ensure that the personal information we handle is accurate, complete, relevant, not misleading and up to date. To help us keep your personal information accurate, please let us know if there are any errors or changes in your personal information.
From time to time, we may need to reject your request to access or correct the personal information we hold about you, if we believe it to be necessary and to the extent allowed by law. We will provide our reasons if we deny your request for access to, or correction of, your personal information. Where we decide not to make a requested correction to your personal information and you disagree, you may ask us to make a note of your requested correction with the information we hold about you. We won’t charge you for simply making a request to access or correct personal information. However, we may charge reasonable costs for carrying out your request.
You may also contact our Privacy Officer if you wish to obtain further information regarding our privacy practices and the way we handle your personal information
Other privacy rights
Subject to certain limitations and restrictions (e.g., depending on circumstances such as where you reside) you may have the right to exercise additional rights in relation to your personal information. These may include the right to:
- request erasure of your personal information;
- object to processing of your personal information;
- request restriction of processing of your personal information;
- transfer your personal information (i.e. the right to data portability);
- not be subject to automatic decision making; and
- withdraw consent.
Additional services and external links
This policy is subject to change from time to time and without notice to you due to changes in technology and/or our business. A revised version will be posted to this website if required. The changes shall be effective to you immediately upon our posting.
We uses sub-processors to assist in providing our Services. A sub-processor is a third party who agrees to receive personal data from us intended for processing activities to be carried out (i) on behalf of our customers; (ii) in accordance with customer instructions as communicated by us; and (iii) in accordance with the terms of a written contract between us and the sub-processor.
|Sub‐processor||Purpose for the data transfer||Location|
|AWS||Provision of hosted server infrastructure and database services||Australia|
|Atlassian||Management of support ticket data used to provide support services to our customers||Australia, USA|
|Shopify||E-commerce services for TWC customers.
If you have questions about this online privacy statement please contact us, and one of The Wishlist Company specialists will be in touch with you shortly.