This Privacy Policy is designed to tell you (the Subscriber or you) what will happen to the information Subscribers provide through our website, our Zezamii platforms, any of our mobile or tablet applications or services, or through any other form of communication with Zezamii Pty Ltd ABN 69 645 919 277 or (Zezamii, us or we), or other bodies corporate that we control, that controls us, or that is under common control with us, employees, officers, agents or contractors (Related Parties). Please be sure to read this entire Privacy Policy before using our website, our Zezamii platforms, any of our mobile applications, or submitting personal or sensitive information to us or our Related Parties, and by doing so Subscribers consent to the data practices described in this Privacy Policy. In this Privacy Policy, a reference to an Order means an order for a service provided by us and a reference to Data means any data created or stored by you using a Zezamii service, which may include personal and sensitive information.
Data Ownership
The Subscriber retains full ownership and control of all Data they input, and all Data they may contract another party to input, for the purpose of using a Zezamii service. Zezamii expressly acknowledges that it does not have any ownership claims over any such data. The Data provided by the Subscriber is treated with utmost confidentiality, used strictly in the context of providing Zezamii services and in accordance with this Privacy Policy. We only process such data for the explicit purposes as outlined in the applicable Order or terms of service. Furthermore, Zezamii commits not to share, sell, distribute, or make your Data accessible to any third party without your explicit consent, except in circumstances explicitly mentioned in this Privacy Policy or as required by law.
Personal Information
This Privacy Policy pertains to any personal information or sensitive information provided to us. For the purpose of this Privacy Policy:
•Personal information refers to any data concerning an identifiable individual, whether true or not, and regardless of the form in which it is recorded. This could include but is not limited to information such as names, addresses, telephone numbers, email addresses, and other personally identifiable details.
•Sensitive information encompasses any personal information related to racial or ethnic origin, political opinions, religious beliefs or affiliations, philosophical beliefs, health data, or other similar categories.
We take utmost care in handling your personal and sensitive information, collecting, using, or disclosing it in accordance with this Privacy Policy and as permitted by law. For instance, sensitive information will only be used or disclosed where we have received consent to do so (if consent is legally required), or the collection is required by law.
Remember that your provision of personal or sensitive information to Zezamii is entirely voluntary. However, failure to provide certain information might limit your ability to fully utilise our services.
Consent and confirmation
By using our websites, our Zezamii platforms, any of our mobile applications, or otherwise providing us, directly or through others, with personal or sensitive information, you:
•Acknowledge and agree with the terms and conditions outlined in this Privacy Policy;
•Give your consent for the collection, use, and disclosure of your information in accordance with this Privacy Policy and the applicable privacy laws; and
•Affirm that you have secured all necessary permissions for the disclosure of personal or sensitive information to Zezamii, especially in cases where such information pertains to third parties.
•Please note, your acceptance of these terms is a prerequisite for using our services. We encourage you to thoroughly review and understand these provisions before submitting any personal or sensitive information.
Remember: It is always your right to withdraw your consent at any time. However, doing so may affect your ability to use our services. For information on how to withdraw your consent, please refer to the 'Contact Us' section of this Privacy Policy.
Retention of Information
We will retain your personal information only as long as it serves a valid business purpose, is legally permissible, and is necessary to fulfill our service obligations. We have stringent protocols in place to safeguard your information from unauthorized access, loss, misuse, or alteration. Post this period, your information will be securely deleted from our servers.
Upon the termination of your subscription or at your explicit request at an earlier date, we will erase your personal information, unless we are legally obligated to retain certain data for a specific duration.
Should we need to send personal information outside the country specified in your order, we will do so under the following conditions:
•If we are authorized to do so by law;
•If the action aligns with the purposes set out in this Privacy Policy (only to parties that are subject to obligations concerning personal information that are no less onerous than those stated in this Privacy Policy); or
•If we have your consent to do so.
As part of our regular business operations, we often store personal information with trusted third-party data storage providers. At present, these providers are primarily located in Australia.
Integration with Third-Party Hardware and Systems
Zezamii integrates with third-party systems to provide a comprehensive and seamless service experience. However, it is important to note that some of these systems may be hosted outside of Australia. In such cases, Zezamii acts as a proxy, ensuring that any personal or private data is securely masked within our Australian-hosted solution. This approach is designed to protect user privacy and adhere to Australian privacy laws.
Data Masking
Zezamii employs a data masking process to protect user privacy. This involves transforming the original data into a masked data version, thus securing any personal or private data. This process is particularly crucial when integrating with third-party systems, ensuring no personally identifiable data is ever exposed.
Deletion of Personal Data
In the event a user requests their personal data be deleted, Zezamii will execute this request in our system. It's important to note that since any personal data shared with third-party systems is masked, there is no personally identifiable information stored within those systems, thus respecting user privacy and autonomy.
Cross-Border Data Transfers
We will only send personal information outside the country specified in your order:
•if we are authorised to do so by law;
•for any of the purposes set out in this Privacy Policy (but only to parties that are subject to obligations in relation to personal information no less onerous than those in this Privacy Policy); or
•if we have obtained consent to us doing so.
In the event of data transfers to third-party systems located outside Australia, the transferred data is always in its masked form, ensuring no personal data is exposed.
Passive information collection
As you interact with our websites, our Zezamii platforms, and our mobile applications, certain information can be collected passively (that is, collected without you actively providing the information). This data collection can occur via various technologies such as cookies, internet tags or web beacons, and navigational data collection.
Our platforms may use and combine such passively collected anonymous information to provide better services to our users, customize our platforms based on user preferences, compile and analyze statistics and trends, and improve the overall user experience on our websites, our Zezamii platforms, and mobile applications. Please be assured that we do not merge this information with personally identifiable information collected elsewhere on our platforms unless we have received explicit consent from you.
If you do not want us to collect this type of information, you can control this through your browser's settings or other privacy tools. Please note, however, that doing so may impact the performance and functionality of our platforms.
How we collect personal information
We collect personal information that is necessary for our business activities, to provide, maintain, and develop our services. The methods of collection can include but are not limited to:
Directly from you when you provide it to us or our Related Parties. This includes but is not limited to when you use our services, complete forms, communicate with us via phone, email, or in-person, or participate in any of our promotions, competitions, or surveys.
Directly from your systems when you facilitate an electronic connection to our system or the systems of any of our Related Parties. By analyzing our own records of your use of our services, websites, and mobile applications. From publicly available resources or third-party platforms with your consent or as allowed by law. When we are legally required to do so. Please note that we always aim to collect information directly from you wherever possible. If we collect information about you from someone else or from a publicly available source, we will take reasonable steps to ensure you are aware of the collection.
What personal information do we collect and why?
The types of personal information we collect may include names, addresses, postcodes, telephone numbers, email addresses, licences, and details about how Subscribers use and express preferences regarding our products and services. For certain product features to function effectively, we may request access to device Bluetooth details and location services. Please note that while this access is necessary to enable certain functionalities, we do not store identifiable information pertaining to Bluetooth and location services.
If we are not provided with the personal information that we request, we may not be able to fulfill the requests of our Subscribers or deliver our products or services to Subscribers.
The personal information Subscribers provide us may be used for a number of purposes connected with our business operations, which include to:
· Verify identity;
· Facilitate provision of our products and services;
· Address or respond to any requests from Subscribers;
· Inform Subscribers of existing and proposed products and services which we provide;
· Better understand Subscribers' needs in relation to the products and services that we provide; and
· Develop and improve the quality and scope of the products and services we provide, and seek feedback.
We will not use this information for purposes other than those described above unless we have obtained consent, or as permitted or required by law (including for law enforcement or public health and safety reasons).
Sharing personal information
We may disclose personal information in certain circumstances, including when we are compelled by law, or when we have obtained explicit consent from the individual in question. Additionally, we may share personal information in the following situations:
· In response to a request from the individual whose information is involved, following their informed consent;
· With our Related Parties and business partners, following explicit and informed consent and under strict data protection agreements;
· With our data storage providers, who are bound by stringent data protection obligations and only for the purpose of data storage;
· With professional, business, technology, and corporate service providers that support our services, under strict data protection agreements and only when reasonably necessary for them to provide their services to us.
In any instance where we disclose personal information, we undertake all reasonable measures to ensure that the recipient respects the privacy of the data and is bound by relevant data protection laws and contractual obligations to protect the data.
Except in the scenarios listed above, we will not share personal information with third parties without obtaining explicit, informed consent from the individual. We maintain strict protocols and processes to uphold this commitment.
Retention of information
We generally retain personal information for as long as we consider it potentially useful and then we securely delete the information, however we only retain personal information for as long as we are legally entitled to. Unless legally prohibited from doing so, we will delete this information from our servers following termination of a Subscriber’s subscription or at an earlier date if Subscribers request.
We will only send personal information outside the country specified in your order:
· if we are authorised to do so by law;
· for any of the purposes set out in this Privacy Policy (but only to parties that are subject to obligations in relation to personal information no less onerous than those in this Privacy Policy); or
· if we have obtained consent to us doing so.
In the course of our ordinary business operations we commonly store personal information with third party data storage providers located in the following countries:
· Australia (in which case the backup location is Australia).
Access and correction
Subscribers have the right to request access to their personal information that we hold, as well as the personal information of their Related Parties or Users. Such requests can be made by contacting us as specified in our contact section. Where it is legally permissible, we may charge a reasonable fee to cover the administrative costs associated with retrieving and supplying the requested information.
We are committed to ensuring the accuracy, completeness, and timeliness of the personal information we collect, use, or disclose. As such, we encourage Subscribers to promptly notify us of any errors or changes in their personal information. Upon notification, we will take appropriate steps to update or correct the information in our possession.
We respect the importance of maintaining accurate personal data and appreciate our Subscribers' cooperation in helping us fulfill this obligation.
Storage and security
We offer an array of data storage solutions, tailored to cater to various requirements, including data sovereignty for stored and backup data, and enhanced encryption options for securely storing data. As a default protocol, all data is encrypted at rest, enhancing the security measures in place.
Our commitment is to protect the integrity and privacy of the information provided by our Subscribers. We deploy robust security measures intended to safeguard your information from loss, misuse, interference, unauthorized access, modification, or disclosure. This includes the use of advanced technology measures, secure servers, and encryption techniques.
However, it's important to remember that no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
Subscribers can also play a key role in maintaining the security of their data. We advise all Subscribers to keep their usernames and passwords confidential, not to share them with anyone, and to regularly update them.
Links to other websites
Our website, Zezamii platforms, and mobile applications may feature links or references to external websites and applications. It is important to note that our Privacy Policy does not govern these external platforms.
When you interact with these external websites or applications, they may collect, use, and share your personal information in accordance with their own privacy policies. As such, we strongly recommend that you review the privacy policies of any external websites or applications before providing your personal information.
We cannot control or assume responsibility for the content, privacy policies, or practices of any third-party websites or services. Interaction and engagement with any such linked websites or applications is strictly at your own risk.
Complaints
Should Subscribers have any questions, concerns, or complaints regarding our collection, usage, or disclosure of personal information, or if Subscribers suspect that we have not adhered to this Privacy Policy or the Act, we encourage them to get in touch with us using the contact details provided below. A designated senior employee will be responsible for investigating the complaint, ascertaining if a breach has occurred, and determining the appropriate course of action. In the event of an identified breach of this Privacy Policy, we will act in accordance with our internal Privacy Breach Policy and all applicable laws.
At Zezamii and our Related Parties, we take privacy complaints very seriously. Our goal is to resolve any issues in a timely and efficient manner, with a target response time of 5 business days.
We are confident that our procedures can address and resolve complaints fairly and promptly. Nevertheless, should Subscribers remain dissatisfied with the outcome, they are entitled to file a formal complaint with the official authority for privacy and information in their service location jurisdiction as specified in their Order. For Australian Subscribers, this authority is the Office of the Australian Information Commissioner, the regulator responsible for privacy in Australia, and they can be contacted as follows:
Phone: 1300 363 992
Mail: Director of Compliance Office of the Australian Information Commissioner GPO Box 5218 Sydney NSW 2001
Website: www.oaic.gov.au
How to contact us
Subscribers wishing to exercise rights to opt-out of receiving our marketing materials, or having any questions or concerns about this Privacy Policy or our information practices (including whether and what type of health information we hold about them or their Related Parties), should contact us by:
Office Location: 8 Prospect Street, Fortitude Valley, 4006, QLD
Email: support@zezamii.com