Date: 22 October 2021
Coral Harbour Pty Ltd t/as Socialsuite has obligations concerning the collection, use, disclosure and storage of personal information. These obligations are set out in the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) (Privacy Act), and other applicable State and Territory privacy laws.
You consent to us collecting, holding, using and disclosing your personal information in accordance with this policy.
What is personal information?
“Personal information” is information or an opinion about an identified individual or reasonably identifiable individual, whether true or not or whether recorded in material form or not.
What personal information do we collect and hold?
The personal information we collect and hold includes information about prospective and existing customers, partners, employees, and contractors.
The personal information that we collect and hold may include an individual's:
What is Sensitive information
“Sensitive information” is a sub-category of personal information which includes information about an individual’s racial or ethnic origin, political opinions, membership of political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or trade union, sexual preferences or practices, criminal record, health information, genetic or certain biometric information.
What is Sensitive information do we collect and hold?
We may also collect sensitive information, including information about your gender identification.
How do we collect and hold personal information?
We may collect personal information from the individual concerned or from a third party.
We may collect this information when you communicate with us through our website, our apps, by telephone, by e-mail or through a written application.
We have processes in place to ensure that our records remain accurate, complete and up to date, including by verifying the information with you each time you use our services or from other sources.
These records are retained for up to 7 years.
If the information is no longer required by us for any purpose for which it was collected and is no longer required by law to be retained by us, we will destroy or de-identify the information. We will initiate deletion of the information after 30 days. But please note: (1) there might be some latency in deleting this information from our servers and back-up storage; and (2) we may retain this information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.
Where we collect personal information about a vulnerable segment of the community, such as children, additional policies and procedures will be followed in collecting and holding that personal information.
Can I remain anonymous?
You can always choose to deal with us anonymously or by using a pseudonym.
However, please note that if you choose to remain anonymous, this may affect your ability to access or use certain functions of our website, apps, or services.
If you wish to remain anonymous when dealing with us via a telephone call, please advise the call operator assisting you. Providing your personal details enables us to provide you with a contact record reference number which allows you, and other authorised persons, to retrieve information about that call at a later date.
Why do we collect, hold, use and disclose personal information?
We collect, hold, use and disclose personal information for the following purposes:
We use your personal data only when we have a valid legal basis to do so. Depending on the circumstance, we may rely on your consent or the fact that the processing is necessary to comply with law. We may also process your personal data where we believe it is in our legitimate interests, taking into consideration your interests, rights, and expectations. If you have questions about the legal basis, you can contact the Data Protection Officer at firstname.lastname@example.org.
To whom do we disclose personal information?
We may disclose personal information to the trading partners and service providers of Coral Harbour for the purposes listed above, and so that they may perform services for us or on our behalf.
When we disclose personal information to third parties, we make all reasonable efforts to ensure that we disclose only relevant information and that it is accurate, complete and up to date and that the third party will comply with the Privacy Act in relation to that information.
We may disclose personal information in other circumstances, where the person concerned has consented to the disclosure, or where we are expressly permitted to do so by the Privacy Act.
These other disclosures may include where:
Disclosure of personal information outside Australia
Some of the third parties to whom we may disclose personal information may be located overseas. The countries in which those third parties may be located are India and Canada for quality assurance purposes.
Where we disclose the personal information of Australian residents outside of Australia, we will take reasonable steps to ensure that any such person to whom personal information is disclosed will deal with that information in a way that is consistent with the Privacy Act and the APPs.
Disclosure of personal information outside UK and the EU
Some of the third parties to whom we may disclose personal information may be located outside UK and the EMEA. The countries in which those third parties may be located are India and Canada.
Where we disclose the information of EU or UK residents outside of the EMEA or UK respectively, we will take reasonable steps to ensure that any such person to whom personal information is disclosed will deal with that information in a way that is consistent with all applicable legislation including the Data Protection Act 2018 (UK) and the EU General Data Protection Regulation 2016/679.
Do we use your personal information for marketing?
We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to. These products and services may be offered by us, our related companies, our other business partners or our service providers.
A “cookie” is a small file stored by the web browser software on a computer when you access our website. It can only be read by the server that sent it to you. This information does not identify you personally. (Further explanation of cookies can be found at the website of the Australian Information Commissioner at www.oaic.gov.au.)
We use a persistent cookie for tracking a user's browsing behaviour upon return to our website, for statistical purposes, for marketing purposes and to improve our website. Cookies help us improve the Socialsuite website and products, optimize your experience, store information about your preferences, speed up your searches and to recognize you when you return to the Socialsuite site.
Socialsuite may use automatically collected data for various purposes including analyzing trends and statistics, assessing patterns of use, developing and diagnosing problems on the Socialsuite site and/or products, or our servers, planning and evaluating marketing initiatives, and optimizing your experience on the Socialsuite site. This information is not used to inform decisions about individuals, only to understand how different categories of users interact with the Socialsuite website.
The information generated by the cookie about your use of the website (including their IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of compiling reports on the website activity and providing other services relating to the website and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate a person's IP address with any other data held by Google.
You can opt out of the collection of information via Google Analytics by downloading the Google Analytics Opt-out browser add here.
Our website uses Google Analytics and Google AdWords cookies to advertise our products and services through Google AdWords and/or other third-party vendors to persons who have previously accessed our website.
We use Google Ads to improve our presence online, and help measure the effectiveness of our advertising. Google Ads helps Socialsuite to make sure our ads are shown to the right people. It collects data that helps you track conversions from Google ads, optimize ads, build targeted audiences for future ads and remarket to people who have already taken some kind of action on your website.
When you visit our website, a record is made of your visit, including the following information:
We analyse this non-identifiable website traffic data (including through the use of third-party service providers) on an aggregated basis to improve our services and for statistical purposes.
No attempt will be made to identify users or their browsing activities except in the unlikely event of an investigation, where a law enforcement agency may exercise a warrant to inspect the Internet Service Provider's log files.
We use the Facebook pixel - a piece of code that you put on your website that allows you to measure the effectiveness of your advertising by understanding the actions people take on your website.
Pixels helps Socialsuite to make sure our ads are shown to the right people. It collects data that helps you track conversions from Facebook ads, optimize ads, build targeted audiences for future ads and remarket to people who have already taken some kind of action on your website.
We use Autopilot to send marketing communications. Autopilot will capture identifiable information (e.g. Name, Email). Autopilot collects information to help us better segment audiences, and serve you relevant marketing communications.
We use Mixmax to improve our email communication. Personally identifiable information will be captured in Mixmax (e.g. email). The application is used to improve our email communications.
We use the LinkedIn pixel - a piece of code that you put on your website that allows you to measure the effectiveness of your advertising by understanding the actions people take on your website. Pixels helps Socialsuite to make sure our ads are shown to the right people. It collects data that helps you track conversions from LinkedIn ads, optimize ads, build targeted audiences for future ads and remarket to people who have already taken some kind of action on your website.
We use Zapier to send collected information between multiple applications. When you submit your details on our website, these details may be passed via Zapier to other applications. This helps us understand how you use our website.
Typeform is used to collect survey data. We use collected survey data to improve our products, create educational content, create marketing content.
Demio is a webinar platform we use to engage, communicate, and build relationships with our prospects and customers. We use Demio to host webinars and collect personally identifiable information in relation to webinar engagement data.
We use Unbounce to create marketing web pages. We capture personally identifiable information such as names, emails, and addresses so we can best communicate with users interested in our products.
We use Amplitude to report on our product usage. We capture non-identifiable, and identifiable information in Amplitude. This is primarily used to aggregate data and generate reports on how our products are being used. This helps us improve our products, and operations.
We use Segment to pass information between applications. Segment is used to pass information between applications. Your information, identifiable and non-identifiable, may flow through segment.
Notion is used as an internal wiki. Occasionally, information you provide may be included in Notion for the purposes of improving our products and operations.
We use Salesforce as our Customer Relationship Management (CRM) system. This houses all information stored internally relating to our prospects and customers. We capture personally identifiable information so we can best segment our users, communicate with our users, improve our products, and our operations.
Drift is used to provide a chat-bot and real-time conversation with our team, on our website. We may capture personally identifiable information such as names and email. This is so we can best communicate with the user.
Security of your personal information
To protect personal information from misuse and loss, and from unauthorised access, modification or disclosure:
The personal information of our employees, systems and most of the third parties we share information with are located in Australia, with some of this personal information stored in secure cloud systems.
Our sites may have links to other websites not controlled or owned by us. We are not responsible for these sites or any consequence of a person's use of those sites. In particular, we are not responsible for the privacy policies or practices of the operators of other websites. We recommend that you review the privacy policies of those external websites before using them.
How can I access or correct my personal information?
We have measures in place to ensure that the information we hold about individuals is accurate, complete and up to date. If you learn that personal information we hold about you is inaccurate, incomplete or not up to date you should contact us so that the information can be updated.
If you wish to see what information we hold about you, you can ask us for a copy.
Sometimes it may not be possible to give you a copy of the information if it was provided anonymously, if it contains details about other people, or if it would be unsafe to provide the information (for instance, if it may lead to harm being done to another person).
If we refuse to provide you with access to your record or to update your record in the way you request, we will provide you with written reasons.
If we refuse to correct or update your information, you may request that we make a note on your record that you are of the opinion that the information is inaccurate, incomplete, out of date, irrelevant or misleading, as the case may be.
There is no charge for requesting access to your personal information, but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs or costs for time spent on collating large amounts of material).
You will be notified of any likely costs before your request is processed.
How can I make a complaint?
If you have a complaint or concern regarding our handling of your personal information or think that your privacy has been affected, you should contact us as detailed below for an examination of your complaint or concern. You have the right to complain to a data protection authority about our collection and use of your personal information. If you remain unsatisfied with the way in which we have handled a privacy issue, you may approach an independent advisor or contact the relevant authority:
For Australian residents, with the Office of the Australian Information Commissioner at: http://www.oaic.gov.au; or
For residents of the European Economic Area and the UK, with the relevant supervisory authority. A list of EU national data protection authorities can be found on the European Commission website at: https://ec.europa.eu/info/strategy/justice-and-fundamental-rights/data-protection_en.
If we are involved in a reorganization, merger, acquisition, or sale of our assets, your data may be transferred as part of that deal. We will notify you (for example, via a message to the email address associated with your account) of any such deal and outline your choices in that event.
Phone: +61 3 9028 2183
Postal address: Level 12, 31 Queen Street, Melbourne 3000
Privacy Officer: Brad Gurrie