Matrak—Privacy Policy
Last update: 17 May 2021
1. Introduction
1.1 In this Privacy Policy, “Matrak”, “we”, “us” or “our” means Matrak Enterprises Pty Ltd ABN 92 636 521 232.
1.2 We understand that the privacy of your personal data, and the security of your personal data, is of paramount importance to you. Matrak has therefore adopted internal data protection policies with respect to your privacy and security. Matrak’s Privacy Policy sets out how we deal with personal data we collect from individuals or third parties in the course of our business. This policy applies to customers, their users, all users of our web site whether or not customers of Matrak and anyone else we collect personal data about.
1.3 We may make alterations or additions to this Privacy Policy from time to time. Should we do so, we will update the policy on our web site and it will take effect from the date it is posted on our website. If we make a material change to our Privacy Policy, we will provide you with notice of such material change and the modified policy will take effect from the future date we specify in the notice.
1.4 Please note that we cannot and do not assume any responsibility for the privacy or security practices of any other websites which you may be able to access through our site, or for our customers’ level of compliance with their privacy obligations.
2. What Information Do We Collect?
Matrak collects different information about you at different times. There are four broad categories of information that we collect from you:
2.1 Information we require to supply our services.
(a) [On the basis of performing a contract,] when you first sign up or contract with Matrak for our services, we request information such as your name, email address, telephone number, and details of your company.
(b) [On the basis of our legitimate commercial interest in promoting our services,] when you make an inquiry about our services, we request information such as your name, email address, telephone number, and details of
your company so that we can contact you about your enquiry and tailor our response to you.
(c) [With your consent,] we may also monitor and/or record telephone conversations with you from time to time in order to train staff and to improve our service to you.
(d) [To allow for the processing of your payment as part of performing the contract,] when purchasing our services online, we collect your credit card expiry date and the last 4 digits of its number. Matrak does not ever store your full credit card details. Instead all payment information is use solely by our third-party payment processor, Stripe. More information about Stripe’s privacy policy can be found here a https://stripe.com/au/privacy (e) Any other personal data you or a third party provide to us as part of supplying our services.
2.2 Non personally-identifying information.
[On the basis of our legitimate commercial interest in improving our services], in addition to the information you specifically provide above, Matrak operates statistics gathering software on its website to collect information about the number of visitors coming to the site. No identifying information is collected by this software. The software records the IP address of the visitor only. We use this information to improve our own technical structure and performance, and to determine which areas of our web site are most popular.
2.3 Other demographic information.
[On the basis of your consent,] if you respond voluntarily to our surveys or other interactive communications, we collect the responses and use the information to improve the quality and range of Matrak’s products and services.
2.4 Information collected as part of service use
(a) [On the basis of our legitimate commercial interests in securing our services and detecting unauthorised acts], we collect End User device or computer configuration information (such as IP Address information, IMEI, Matrak username and password).
(b) Any personal data that is inadvertently provided to Matrak as part of the data either to be loaded into our services or entered directly by an End User is voluntarily provided by you and therefore is provided with your consent or is collected by us as a data processor for a controller and is therefore only processed on the controller’s instructions. This may include information such as name, contact details, or company.
3. How Do We Use Personal Data We Have Collected?
3.1 We collect and use your personal data to operate our web site and deliver all of our services to you. At a more granular level, we will use your personal data to provide you with:
(a) technical support;
(b) billing and credit control;
(c) sales support;
(d) product upgrades; and
(e) other information we think may be of interest to you.
3.2 We may use and disclose your personal data to:
(a) [With your express consent / on the basis of our legitimate commercial interest in promoting our services], contact you in relation to upgrading your use of our services, special offers (from us, or on behalf of third parties), with newsletters, surveys, and individual service audits. We may give extracts of our customer lists containing personal data to third party contractors to do this on our behalf. We will ensure that those contractors are bound to protect your personal data to the same standard that we are;
(b) [On the basis of our legitimate commercial interest in promoting our services,] to identify the source of new customers to Matrak;
(c) [On the basis of our legitimate commercial interest in customer satisfaction], to monitor and address complaints, other feedback, and to resolve disputes;
(d) [On the basis of our legal record-keeping and reporting obligations and for the purpose of performing the services for you,] maintain a technical and account history of your dealings with us, and to re-establish your account with us where you re-join as a customer within six months after having terminated your account; and
(e) [On the basis of our legitimate commercial interest in ensuring compliance with our terms,] monitor your compliance with our terms and conditions of supply.
3.3 Matrak does not sell, rent or lease its customer lists to third parties (unless they have a specific need to fulfil a Matrak service such as referred to in clause 3.2(a)). We will not reveal, disclose, sell, distribute, rent, licence, share or pass onto any third party (other than those who are contracted or supply services to Matrak) any personal data that you may have provided to us unless we have your express consent to do so, other than in the circumstances set out in the next paragraph.
3.4 We will disclose your personal data, without notice or your consent, only if:
(a) a customer instructs us (including by using the functionality of the services) to share personal data controlled under their account with another user;
(b) we use a third-party service provider to assist us with the supply of our services;
(c) we are required to do so by law or in the good faith belief that such action is necessary to conform with the laws, applicable code of conduct or legal process served on us in relation to our business or website;
(d) to protect and defend the rights or property of Matrak;
(e) if we consider it necessary to do so in order to enforce or apply the terms of any of our agreements with you;
(f) if we sell our business or part of it; and
(g) in extreme circumstances, to protect the personal safety of users of Matrak’s services, its website, our staff or the public.
3.5 The types of third parties we may disclose to include:
(a) our third-party payment processor to process payments;
(b) our third-party data hosting provider to host data;
(c) our third-party invoicing and accounting software provider for invoicing and internal record keeping, billing and accounting purposes;
(d) our third-party internal communication tools for staff communication;
(e) our third party customer support software provider to provide customer support to you;
(f) our CRM and email marketing software provider to manage leads, our customer contacts and email marketing;
(g) third parties to collect, process and analyse data to analyse and improve our services;
(h) our employees, contractors and/or related entities to carry out our services and internal business activities;
(i) our existing or potential agents or business partners as required to provide our services and any ancillary services;
(j) anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;
(k) courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights; and
(l) any other third parties as required or permitted by law, such as where we receive a subpoena.
4. Security
4.1 The information that Matrak stores about you is kept within our networks and only employees, contractors or third-party service providers are given permission to view this information. Where necessary, your information is protected with passwords given only to the required Matrak employees, contractors or third party service providers.
5. Other Disclosure by You
5.1 You might provide personal data through your participation in chat sessions, message boards, email exchanges or newsgroups accessed via Matrak.com, or another service provided by Matrak. This information is public and immediately available to anyone who has access to such a site; it is not private. Matrak urges you to enter only information that you are comfortable to share with the public at large in this public domain.
5.2 You should never reveal your password to third parties. If you lose control of your password, you may lose control over your personal data and may be liable for actions taken by third parties using your password and/or personal data. Therefore, if your password has been compromised for any reason, you should immediately change it.
5.3 If you collect personal data which you keep on servers provided by Matrak as part of our service to you, you alone are responsible for compliance with any privacy laws applicable to you in respect of that information. Except to the extent we are legally required to or contractually commit to, we take no responsibility for your dealings with personal data you collect.
6. Your rights
6.1 Objecting to processing: You have the right to object to processing of your personal data that is based on our legitimate interests or public interest. If this is done, we must provide compelling legitimate grounds for the processing which overrides your interests, rights and freedoms, in order to proceed with the processing of your
personal data.
6.2 Restricting processing: You have the right to request that we restrict the processing of your
personal data if:
(a) you are concerned about the accuracy of your personal data;
(b) you believe your personal data has been unlawfully processed;
(c) you need us to maintain the personal data solely for the purpose of a legal claim; or
(d) we are in the process of considering your objection in relation to processing on the basis of legitimate interests.
6.3 Access, erasure and data portability: You may have the right to request details of the personal data we hold about you, or to request that we erase the personal data we hold about you, or that we transfer this information to a third party.
6.4 Rectification: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to promptly correct any information found to be inaccurate, incomplete, misleading or out of date.
6.5 Note that that if we are acting as a processor of your personal data then before acting on a rights request we will need to seek the instructions of the relevant controller.
7. Data Transfers
The countries to which we send data for the purposes listed above may not have the same data protection laws as the country in which you initially provided the information. If we transfer your personal data to third parties in other countries:
7.1 we will perform those transfers in accordance with the requirements of applicable law; and
7.2 we will protect the transferred personal data in accordance with the Privacy Policy.
8. Data retention
8.1 We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
8.2 To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, whether we can achieve those purposes through other means and the applicable legal requirements.
8.3 In some circumstances you can ask us to delete your data: see ‘access, erasure and data portability’ above for further information.
8.4 In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for analytics, research or statistical purposes in which case we may use this anonymised information indefinitely without further notice to you.
Complaints
If you have a complaint about any aspect of our privacy procedures, please contact our Privacy Officer on [email protected] We will deal promptly with your complaint. If we cannot resolve the complaint to your satisfaction within a reasonable time, you or we may refer the complaint to the relevant supervisory authority.