Privacy Policy
Cliffside Security Pty Ltd CAN 600 983 140 (Cybereen) takes your privacy seriously and is committed to responsible privacy practices.
Cybereen seeks to comply with relevant laws, including the Privacy Act 1988 (Cth) (Privacy Act) and the EU General Data Protection Regulation (GDPR), where applicable.
This policy describes how Cybereen manages your personal information including details of what types of personal information Cybereen collects, how Cybereen collects your personal information, the purposes for which Cybereen uses your personal information and to whom your personal information is disclosed.
What is personal information?
In this policy “personal information” has the meaning set out in the Privacy Act. Essentially, personal information is information or an opinion about an individual who is reasonably identifiable.
What types of personal information do we collect?
The types of personal information Cybereen collects about you will depend on the purpose for which the information is collected. Cybereen may collect the following types of personal information:
- first name and last name; and
- email address.
Cybereen also collects general analytics and other technical information (such as your IP address, device type, unique device identification numbers, browser types, Internet Service Provider details, geolocation data, browsing preferences, searches, and usage of Cybereen’ websites or products) arising from your use of Cybereen’ websites or products.
In addition to the types of personal information identified above, Cybereen may collect personal information as otherwise permitted or required by law.
How do we collect personal information?
Often Cybereen will collect your personal information directly from you, including when you:
- use Cybereen’ website, products or services;
- apply to work with Cybereen or are engaged by Cybereen as a contractor;
- communicate with Cybereen by email, by telephone, in person, via a website or otherwise.
In some cases Cybereen may also collect personal information from:
- publicly available sources;
- entities with which Cybereen conducts business; and
- other third parties (for example, from referees if you apply for a position as an employee or contractor with us).
Cookies
Cybereen uses cookies and similar technologies to recognise you and/or your devices across our website, products or services. You can control your cookie preferences using the consent box when you first visit our website or at any time.
Why do we collect, use and disclose personal information?
In general Cybereen collects, uses and discloses your personal information for purposes connected with its business operations.
Cybereen will only collect, use, and disclose personal information about you if it has lawful basis to do so, for example:
- where you have given Cybereen your consent;
- where processing of your personal information is necessary for the performance of a contract with you;
- to meet Cybereen’ legal obligations; and
- to pursue Cybereen’ legitimate business interests.
Cybereen may use or disclose your personal information:
- for the purposes for which Cybereen collected it (and related purposes which would be reasonably expected by you);
- for other purposes to which you have consented; and
- as otherwise authorised or required by law.
Some of the specific purposes for which Cybereen collects, uses and discloses personal information are as follows:
- to provide its products and services to its users;
- to enable the proper operation and functionality of its products and services;
- to improve its products and services;
- to verify your identity (for example, if you request access to the personal information Cybereen holds about you);
- to consider you for a job at Cybereen (whether as an employee or contractor) or other relationships with Cybereen;
- to provide goods or services to you or to receive goods or services from you;
- to address any issues or complaints that Cybereen has or you have regarding our relationship;
- to comply with its legal obligations;
- to develop and improve the quality of its websites and products and customise its websites and products according to your preferences, tailor search results, and show relevant advertising;
- for direct marketing purposes (see the “Direct marketing” section below); and
- to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.
If Cybereen is unable to collect your personal information then Cybereen may not be able to provide you with the products, services and opportunities that depend on the collection of that information.
To whom do we disclose personal information?
Cybereen may disclose your personal information to third parties in connection with the purposes described above.
This may include disclosing your personal information to the following types of third parties:
- its related companies;
- any potential third party acquirer of Cybereen or its business or assets, and advisors to that third party;
- its professional advisers (such as lawyers, accountants or auditors) and insurers;
- its employees, contractors and third party service providers who assist Cybereen in performing its functions and activities e.g. payment systems operators and financial institutions, cloud service providers, data storage providers, telecommunications providers and IT support services providers;
- organisations authorised by Cybereen to conduct promotional, research or marketing activities;
- third parties to whom you have authorised Cybereen to disclose your information (e.g. referees); and
- any other person as required or permitted by law.
If Cybereen discloses your personal information to third parties it will use reasonable commercial efforts to ensure that such third parties only use your personal information as reasonably required for the purpose of disclosure and in a manner consistent with applicable laws, for example by (where commercially practical) including suitable privacy and confidentiality clauses in Cybereen’ agreement with a third party service provider to which Cybereen discloses your personal information.
Does personal information leave Australia?
Cybereen stores personal information in servers located in Australia. However, Cybereen may disclose your personal information to overseas recipients for the sole purpose of billing and our internal customer relationship management (CRM) systems and processes.
Except where an exception applies under the Privacy Act or other relevant legislation, Cybereen will take reasonable steps to ensure that overseas recipients to whom Cybereen discloses personal information do not breach the Australian Privacy Principles stated in the Privacy Act, and any other relevant legislation relating to privacy and data security, in relation to such information.
How do we protect your personal information?
Cybereen engages service providers to store your personal information, including Amazon Web Services. Cybereen recommends that you review these companies’ privacy policies to understand how they use and store your personal information.
Cybereen will take reasonable steps to keep any personal information it holds about you secure.
However, you acknowledge that the security of personal information transmitted over the internet cannot be guaranteed. Cybereen cannot guarantee that any personal information you disclose to Cybereen will not become publicly available. Except to the extent liability cannot be excluded due to the operation of statute, Cybereen excludes all liability (including in negligence) for the consequences of any unauthorised access to, disclosure of, misuse of or loss or corruption of your personal information.
Nothing in this policy restricts, excludes or modifies or purports to restrict, exclude or modify Cybereen’ obligations under the Privacy Act and any other applicable legislation or any statutory consumer rights you may have under any applicable law including the Competition and Consumer Act 2010 (Cth).
Please notify Cybereen immediately if you become aware of any breach of security.
Direct marketing
Cybereen may use and disclose your personal information for the purpose of direct marketing to you if:
- you have consented to Cybereen doing so; or
- it is otherwise permitted by law.
Direct marketing involves communicating directly with you for the purpose of promoting goods or services to you. Direct marketing can be delivered by a range of methods including mail, telephone, email or SMS. You can unsubscribe from Cybereen’ direct marketing, or change your contact preferences, by contacting Cybereen (see the “How to contact us” section below).
How long do we keep your personal information?
Generally, Cybereen will retain your personal information for the period necessary for the purposes for which your personal information was collected (as outlined in this policy) unless a longer retention period is required by law.
This means that Cybereen will store your personal information for the following periods:
– if your personal information is provided to Cybereen by a subscriber or re-seller: only for so long as Cybereen requires it for the purpose of its agreement with the subscriber or re-seller;
– if you unsuccessfully apply for a job at Cybereen (whether as an employee or contractor): up to 6 months;
– if you work at Cybereen (whether as an employee or contractor): up to 6 years after you cease working with Cybereen;
– if Cybereen processes your personal information in connection with you being a supplier to Cybereen (or an employee or contractor of a supplier) or in connection with you being a subscriber or re-seller (or an employee or contractor of a subscriber or re-seller): up to 6 years from your last interaction with Cybereen; and
– if Cybereen processes your personal information for direct marketing purposes or processes your personal information based on your consent, Cybereen may process the information until you ask Cybereen to stop and for a short period after that (to allow Cybereen to implement your request). Cybereen will indefinitely keep a record of the fact that you have asked Cybereen not to send you direct marketing or to process your information so that Cybereen can respect your request in future.
Cybereen may retain your personal information for a longer period of time if it is reasonably necessary to comply with Cybereen’ legal obligations, resolve a dispute or maintain security.
When personal information is no longer required, Cybereen will take reasonable steps to delete the personal information from Cybereen’ systems or de-identify the personal information.
Your rights
How you can seek to access and correct personal information we hold about you
You may seek access to personal information Cybereen holds about you by contacting Cybereen as described in the “How to contact us” section below.
Cybereen will provide access to that information in accordance with applicable legal requirements, subject to certain exemptions which may apply. Cybereen may require that the person requesting access provide suitable identification and where permitted by law Cybereen may charge a fee for giving access to your personal information.
If the personal information was provided to Cybereen by any of Cybereen’ subscribers or re-sellers, Cybereen may advise the relevant subscribers or re-sellers of your request and liaise with them about it.
If you become aware that any personal information Cybereen holds about you is incorrect or if you wish to update your information, please contact Cybereen as described in the “How to contact us” section below.
How you can complain about a privacy issue
You may make a privacy complaint in relation to personal information Cybereen holds about you by contacting Cybereen as described in the “How to contact us” section below.
If you make a privacy complaint, Cybereen’ Data Protection Officer or another suitable staff member of Cybereen will investigate the matter and attempt to resolve it as soon as reasonably possible.
If you consider your privacy concerns have not been resolved satisfactorily by Cybereen, or you wish to obtain more information on privacy requirements:
- you can contact the Office of the Australian Information Commissioner on 1300 363 992 or visit their website at oaic.gov.au; and
- if you are located in the European Union you can contact your local data protection authority: https://edpb.europa.eu/about-edpb/board/members_en.
Individuals located in the EU
If you are located in the European Union, you may have the following rights:
- The right to access, rectify or update the personal information Cybereen holds about you.
- The right to request erasure of personal information Cybereen holds about you, for example if the personal information is no longer necessary to provide services to you.
- The right to require Cybereen to stop using all or some of your personal information (for example, if Cybereen no longer has a legal right to keep using it) or to restrict its use of your personal information (for example, if you consider that the personal information Cybereen holds about you is inaccurate or if it is unlawfully held).
- The right to data portability. In some circumstances you have the right to be provided with a copy of the personal information Cybereen has about you in a structured, machine-readable and commonly used format.
- The right to withdraw consent. You may withdraw your consent at any time where Cybereen relied on your consent to process your personal information.
Cybereen may ask you to provide suitable identification when you seek to exercise any of these rights.
Local exemptions and inconsistency with law
Where local laws allow for an exemption to compliance with certain legal obligations (for example, the employee records exemption in Australia), Cybereen may rely on such an exemption.
This policy will not apply to the extent that it is inconsistent with any applicable law.
Changes to this policy
Cybereen may change this policy from time to time at its discretion. This policy was last updated in Jan 2022. If Cybereen makes further updates to this policy, Cybereen will post the amended policy on its websites. Your continued dealings with Cybereen, for example use of its websites, products or services, will signify your agreement to this policy as amended.
How to contact us
If you have a query, concern or complaint about the manner in which your personal information has been collected or handled by Cybereen or would like to request access to or correction of the personal information Cybereen holds about you please contact Cybereen’ Data Protection Officer via email to [email protected].