Last modified: 26 April 2017
The Subscriber retains full ownership for all Data that they input, and all Data they may contract another party to input, for the purpose of using a Vault service.
We make no claim to any Data, or any other miscellaneous information, the Subscriber may provide to us pursuant to an Order for a Vault service.
- Personal information is any information about an identified individual or an individual who is reasonably identifiable, whether the information is true or not and whether the information is recorded in a material form or not.
Consent and confirmation
By using our websites, using our Vault Enterprise platforms or any of our mobile applications, or otherwise providing us directly, or through others, with personal or sensitive information, Subscribers:
- confirm that they have obtained all necessary consents in relation to the disclosure of personal or sensitive information to Vault.
Passive information collection
As Subscribers navigate through our websites, our Vault Enterprise platforms and access and use any of our mobile applications, certain information can be passively collected (that is, gathered without anyone actively providing the information) through various technologies, such as cookies, internet tags or web beacons and navigational data collection.
Our websites and mobile applications may use and combine such passively collected anonymous information to provide better services to our customers, website visitors and mobile application users, customise the website, our Vault Enterprise platforms and mobile application based on users preferences, compile and analyse statistics and trends and otherwise administer and improve the website, our Vault Enterprise platforms and mobile applications for our Subscribers’ use. Such information is not combined with personally identifiable information collected elsewhere on the websites, our Vault Enterprise platforms or through the mobile application unless we have received consent to do so.
How we collect personal information
We collect personal information that is necessary for our business activities and in order to provide and develop our services. We may do this in a number of ways, including:
- directly from our Subscribers when they provide it to us or our Related Parties;
- directly from our Subscribers’ systems when they provide or otherwise facilitate an electronic connection to our system or the systems of any of our Related Parties;
- from publicly available resources; or
- by analysing our own records of our Subscribers use of our services, websites and mobile applications.
We also may collect personal information when legally required to do so.
What personal information do we collect and why?
The type of personal information we collect may include, names, dates of birth, addresses, postcodes, telephone numbers, email addresses, licences, certifications, medical information, credit card information and information on how people use, and preferences regarding, our products and services. If we are not provided with the personal information that we request, we may not be able to meet the requests of our Subscribers or provide our products or services to Subscribers.
The personal information Subscribers provide us may be used for a number of purposes connected with our business operations, which include to:
- verify identity;
- facilitate provision of our products and services;
- address or respond to any requests from Subscribers;
- inform Subscribers of existing and proposed products and services which we provide;
- better understand Subscribers’ needs in relation to the products and services that we provide; and
- develop and improve the quality and scope of the products and services we provide, and seek feedback.
Personal information may be used so that we and/or Related Parties can provide Subscribers with information about our products and services, such as by way of direct mail or telemarketing, and, where Subscribers have opted in, by email, Push Notifications, SMS and MMS, or to request feedback for promotional purposes. Subscribers always have the right to opt-out of receiving such information. Subscribers may exercise that right by contacting us as set out below or by using the opt out facility provided in the message.
We may also use personal information for purposes related to those described above which would reasonably be expected by our Subscribers.
We will not use information for purposes other than those described above unless we have obtained consent or as permitted or required by law (including for law enforcement or public health and safety reasons).
Our websites and mobile applications are not intended for children under the age of 16. We will not knowingly collect information about children under the age of 16 or from website visitors and mobile application users in this age group. If you believe we have collected information about a child under 16, please contact us so that we may delete the information.
Sharing personal information
We may disclose personal information in certain circumstances, such as where we are required or authorised by law or where we have obtained consent to us doing so.
We also may disclose personal information to:
- others in accordance with a request made by the Subscriber concerned;
- our Related Parties and business partners;
- our data storage providers; and
- persons engaged in providing us with professional, business, technology and corporate services, when reasonably required.
When making such a disclosure we will take reasonable steps to ensure that the recipient is bound by privacy obligations.
Unless we have obtained consent, we otherwise will not disclose personal information to third parties other than as set out above.
Retention of information
We generally retain personal information for as long as we consider it potentially useful and then we securely delete the information, however we only retain personal information for as long as we are legally entitled to. Unless legally prohibited from doing so, we will delete this information from our servers following termination of a Subscriber’s subscription or at an earlier date if Subscribers request.
We will only send personal information outside the country specified in your order:
- if we are authorised to do so by law;
- if we have obtained consent to us doing so.
In the course of our ordinary business operations we commonly store personal information with third party data storage providers located in the following countries:
- Australia (in which case the backup location is Australia).
- New Zealand (in which case the backup location is New Zealand).
- Singapore (in which case the backup location is Hong Kong).
Access and correction
Subscribers may request access to any of the personal information we hold about them or their Related Parties or Users by contacting us as specified below. Where legally permitted, we reserve the right to charge a reasonable fee for the costs of retrieval and supply of any requested information.
We will take steps to ensure that the personal information we collect, use or disclose is accurate, complete and up to date. To ensure personal information is accurate, please notify us of any errors or changes to personal information provided by Subscribers and we will take appropriate steps to update or correct such information in our possession.
Storage and security
We provide a number of options for Data storage which can be selected when the Subscriber completes an Order with us. These options can include data sovereignty for stored and backup Data, or options to securely encrypt stored Data.
We will take reasonable steps to safeguard information provided by Subscribers from loss, misuse, interference, unauthorised access, modification or disclosure.
Links to other websites
Vault and our Related Parties will take any privacy complaint seriously and will aim to resolve any such complaint in a timely and efficient manner, and our target response time is 5 days.
Vault and our Related Parties expect our procedures will deal fairly and promptly with complaints. However, if Subscribers remain dissatisfied, they can also make a formal complaint with the official authority for privacy and information in the jurisdiction of the service location specified in your Order. In Australia, this authority is the Officer of the Australian Information Commissioner (which is the regulator responsible for privacy in Australia) who can be contacted as follows:
Office of the Australian Information Commissioner (OAIC)
Complaints must be made in writing
1300 363 992
Director of Compliance
Office of the Australian
GPO Box 5218
Sydney NSW 2001
In New Zealand, this authority is the Office of the Privacy Commissioner (which is the regulator responsible for privacy in New Zealand) who can be contacted as follows:
Office of the Privacy Commissioner (OPC)
Complaints can be made orally or in writing
0800 803 909
Office of the Privacy Commissioner
PO Box 10094
How to contact us
1300 723 240 Australia
0508 475 2846 New Zealand
Attn: General Manager
Australia: 145-147 Bouverie Street, Carlton, 3053, Melbourne, Victoria, Australia.
New Zealand: Level 1, 106 Wrights Road, Christchurch, 8024, New Zealand.
Version One: 22nd December 2016
Version Two: 26 April 2017