This Privacy Policy applies to the management of your personal identifiable information (PII) by or on behalf of PI.EXCHANGE PTY LTD (ACN 613 811 671) and its related entities (“PI.EXCHANGE”, “we”, “us”, “our”), when you contact us or you use our products and/or services (“Products”). In this policy, “PII” means “personal information”, as that term is defined in the Privacy Act 1988 (Cth) which you provide to PI.EXCHANGE from time to time.

We have created this privacy policy in order to demonstrate our firm commitment to the Privacy Act 1988 (Cth) and the Australian Privacy Principles (together, the “Australian Privacy Law”) as well as the privacy laws of other countries which may apply including the EU General Data Protection Regulation(2016/679), UK GDPR and the UK Data Protection Act 2018 and the Swiss Federal Data Protection Act (together, the “Data Protection Laws”).

The type of PII we collect depends on your relationship with us, as follows:

Public: If you submit a query via our online “Contact Us” form (or other forms of similar purposes), or otherwise email or call us, we may collect your name, email address, phone number, address and location.

User: When you visit, download and/or create an account via our Products, we will collect your name, password, address, email address and phone number. We also collect PII necessary to provide our Products to you, such as your date of birth, gender, and payment details. We may also collect PII from third parties where you consent to us doing so, for the purpose of providing our Products to you.

We collect your PII as part of us offering or providing our Products. This includes when you provide us your PII when making purchases via our Products or website, during phone calls, or when making customer enquiries.

Generally, we collect your PII directly from you but may also collect your PII via third party applications or other web based applications (with your consent). We may also collect PII from publicly available sources (such as websites and directories), and from other people or organisations (where you have given consent for them to do so).

If you are located in the European Economic Area (EEA), Switzerland or United Kingdom (UK) and:
a. you provide your PII to us as an individual user and not through your employer or as part of an organisation, then you are considered our customer and we collect and store your PII as controller in accordance with the applicable Data Protection Laws; or
b. you provide your PII to us and you use our Products through your employment or another organisation, then we process your PII as a processor on behalf of your employer or other organisation, which is our customer. The way your PII is processed will by governed by the privacy policy of that customer and we process your PII in accordance with our Data Processing Agreement which we have in place with the customer.

We need your PII to provide you with our Products which includes informing you (including by direct marketing) about our Products, creating and updating our database(s), ensuring compliance with our contractual and other legal obligations to you, and generally administering our relationship with you including by responding to your enquiries (Main Purposes).

If you do not provide us with your PII we may not be able to carry out some or all of the Main Purposes.

If you are located in the EEA, Switzerland or UK, the legal bases upon which we collect, use and disclose your PII as a controller will depend on the information collected and the Products you use.

We generally use your PII in the following circumstances:
• to provide the Products to you and fulfil our obligations to you under the agreement with you, including the end user licence agreement. For example, this includes creating and maintaining your account, providing customer support, obtaining payment for our Products;
• for our legitimate interests (where these are not overridden by your data protection interests) including for our research and development, to promote and market our Products, collecting and analysing information on usage so that we can improve our Product and improve the experience of our users;
• where you provide your consent to us for a specific purpose; and
• to comply with our legal obligations including where we are required to disclose your PII in response to law enforcement requests and to retain your PII for our record keeping purposes.

By submitting your PII to us, you consent to us using it for the Main Purposes or any purpose that could be reasonably expected at the time your PII was collected and this might include providing you with or improving our Products, sending you direct marketing about our Products, managing our relationship with you, sending you electronic newsletters and surveys, monitoring how you interact with us on our website or other contact points, helping you to complete an activity that you have chosen to undertake, or doing some other act that we are required or authorised to do by law.

We may also use your PII:
a. for any the purpose disclosed to you in an information collection statement at the point where we collect your PII; or
b. for a purpose related to one of the Main Purposes.

We may also disclose your PII to other businesses with which we are associated or affiliated.

We will, if practicable, allow you to use a pseudonym or to not identify yourself (unless this is impractical or against the law (including the Australian Privacy Law). In some instances, if you do not provide us with certain PII we may not be able to provide you with the relevant Product or information. This may have an effect on whether we can continue any ongoing contract or projects with you or allow you to participate in other activities (such as surveys).

Generally speaking, we may disclose your PII to suppliers and agents in order to assist us in providing our Products to you. Some of our service providers, or the services they provide (like cloud-based storage solutions), may be based outside of Australia. This could include places like Europe, Asia and the US. In order to protect your information, we take care where possible to work with service providers who we consider maintain acceptable standards of data security compliance, and we do our part to meet those standards as they apply to PI.EXCHANGE.

We may also disclose your PII in other ways with your consent or as required by law (including the Australian Privacy Law and the Data Protection Laws).

If you are located in the EEA, Switzerland or UK, we may transfer your information to a third-party service provider that is not located in Europe, to a country which may not have the same level of data protection as the EEA, Switzerland or UK. Your PII will continue to be governed by this Privacy Policy. By using our Products, you consent to your PII being transferred to a third party service provider located outside of the EEA, Switzerland or UK. As at the date of this Privacy Policy, our third party service providers are located in Australia and the United States of America.

Where we are the processor of your PII, we will only process your PII in accordance with the controller’s directions.

We take all reasonable steps to keep the PII we hold secure and to ensure it is protected against misuse, loss, unauthorised access, modification or inappropriate disclosure. We may hold PII in both hard copy and electronic forms in secure systems accessible only to authorised personnel.

Where the EU, Swiss and UK Data Protection Laws apply, and where we are a controller, we’ll only keep your PII for as long as we need it. This doesn’t apply if we are required to retain it for longer to comply with our legal, accounting, or regulatory obligations. When we are a processor of your PII, and the EU, Swiss and UK Data Protection Laws apply, we’ll retain your personal data for the period set by our customer, which in that case will be the controller.

When you visit our website(s), the server may attach a "cookie" to your computer's memory. A “cookie” assists us to store information about how visitors to our website use it and to make assumptions about what information may be of most interest to you. This information is generally not linked to your identity. We may use knowledge of your user experience to better understand what Products may be of interest to you and to collect statistical information. We may also use cookies to store a user’s name and password on their computer for future visits to our website.

Our website may contain links to other websites. Unless the other website is one of our sites, we are not responsible for the privacy practices of the owners of those websites. We recommend that you read the privacy policy of any website that asks you to provide your PII.

You can access your PII subject to certain limitations under the applicable Data Protection Laws. If you would like to access or update your PII, please contact us on the details set out below. In most cases, a summary of your PII is available free of charge.

We encourage you to contact us to update your PII to ensure it is accurate, current and complete. We will take reasonable steps to process your request.

To protect all PII held by us, we may require you to confirm your identity before access to your PII is granted. If necessary, reasonable costs may be charged to you in accessing your PII, subject always to the relevant Data Protection Laws.

You may contact us using the details below to complain about a breach of the Australian Privacy Principles. We will review all queries and complaints received and respond to each query/complaint upon due consideration (which may require further information to be provided).

In addition to your right to access and rectify your PII held by us, if you are located in Europe or the UK, you have the following rights:
• the right to erasure: also known as the right to be forgotten – you can request that we delete your PII – our contact details are set out below. Subject to our legal and regulatory obligations, we may not always be able to comply with such requests;
• the right to restrict processing: you can also request that we change how we process your PII such as where you believe the PII is inaccurate, or no longer needed for our stated legal bases for holding your PII, however if we comply with such requests, we may not be able to provide you with our Products;
• the right to data portability: you can request that we transfer your PII to another organsation; and
• the right to object: you may object to our processing of your PII, however if we comply with such requests, we may not be able to provide you with our Products.

Where you request us to delete your PII, unless we’re required to keep it for legal or regulatory reasons or have compelling legitimate interests to keep it, then we’ll either anonymize or delete it.

If we have not dealt with your complaint or query in a satisfactory manner, you may contact the relevant authority set out below:
• Australia: Office of the Australian Information Commissioner (OAIC)
• EEA: European Data Protection Supervisor
• Switzerland: The Federal Data Protection and Information Commissioner (FDPIC)
• United Kingdom: Information Commissioner's Office (ICO)

For more information, PI.EXCHANGE can be contacted via:

Contact: Manager, Operations and Administration

Post: Suite 228, Tenancy 111, Camberwell Place Shopping Centre, 793 Burke Road, Camberwell, VIC 3124, AUSTRALIA
‍
Phone: +61 3 9034 3456

Email: privacy@pi.exchange