This policy also explains your choices surrounding how we use information about you, which include how you can object to certain uses of information about you and how you can access and update certain information about you. If you do not agree with this policy, do not access or use our Services or interact with any other aspect of our business.
What Data We Collect
We collect your personal information in the course of providing our service offerings to you. We rely on the following principles when collecting your personal information:
- Our clients’ data is our most important asset, and our IT systems are built with this in mind.
- We only hold data while it’s required to provide our services.
- We never share information with third parties or transfer data outside of Australia without first seeking our clients’ consent and making sure it’s adequately protected.
- When requested by an individual, we will disclose all information held on that individual.
Your use of the Services:
We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use; the links you click on; the type, size, and filenames of attachments you upload to the Services. If you use a server or data center version of the Services, the information we collect about your use of the Services is limited to clickstream data about how you interact with and use features in the Services.
- When you become a client of ThreatDefence, we will use your personal information to provide the services you have purchased. The details we collect from you when you sign up to our services are: name, address, email address, organisation, phone number, and details required for making payment.
- To complete your purchase and provide the services to you, we share your personal information with our payment processing and data storage subcontractors; on some occasions, we may share business details with credit reference agencies who we use to assess fraud, credit, and/or security risks.
When you phone us or use our website chat service:
- When you phone us or contact us by email with general queries, we may also handle your personal information (your name, contact details, and the other details you provide to us) in order to provide the customer services you have asked us to. This could be when you ask us to provide more information about our software or explain how our search tools work.
We rely on your consent to handle your personal information in this way. If you do not provide us with the personal information we request from you for customer services purposes, we may not be able to fully answer your queries.
When you have expressed an interest in ThreatDefence:
- This section applies if you have opted in to receive marketing communications from us or have previously expressed an interest in ThreatDefence and not opted out.
We will handle your personal information (such as your name, email address, postal address, telephone number, and preferences) to provide you with marketing communications in line with any preferences you have told us about.
- When we send you marketing emails because you have opted-in to receive them, we rely on your consent to contact you for marketing purposes.
- If you have not opted-in and we send you marketing emails, we do this because of our legitimate interest to promote our business.
- Every email we send to you for marketing purposes will also contain instructions on how to unsubscribe from receiving them.
- You are not under any obligation to provide us with your personal data for marketing purposes.
- You can tell us that you do not want your personal information to be processed in this way at any time by contacting us at firstname.lastname@example.org or, where relevant, by following the unsubscribe link shown in every marketing communication you receive from us.
To make our website better:
- We will also use your personal information to provide you with a more effective user experience (such as by displaying articles and links we think you will be interested in).
Our use of your information in this way means that your experience of our site will be more tailored to you and that the articles and links you see on our site may differ from someone accessing the same site with a different history or browsing habits.
- We also share your aggregated, anonymous data with third-party analytics and search-engine providers that assist us in the improvement and optimisation of our site.
- We will also use your personal information for the purposes of making our site more secure and to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical, and survey purposes.
- We process your data for this reason because we have a legitimate interest to provide you with the best experience we can and to ensure that our site is kept secure.
- You can prevent us from using your personal information in this way by using the ‘do not track’ functionality in your internet browser. If you enable ‘do not track’ functionality, our site may be less tailored to your needs and preferences.
We collect information automatically when you:
- visit, interact with, or use our services;
- download content from us;
- open emails or click on links in emails from us; and
- interact or communicate with us (such as when you attend a ThreatDefence event or when you request customer support).
Examples of the information we automatically collect include:
- network and connection information, such as the Internet protocol (IP) address used to connect your computer or other device to the Internet and information about your Internet service provider;
- computer and device information, such as device, application, or browser type and version, browser plug-in type and version, operating system, or time zone setting;
- the location of your device or computer;
- authentication and security credential information;
- content interaction information, such as content downloads, streams, and playback details, including duration and number of simultaneous streams and downloads;
- Service Offering metrics, such as offering usage, occurrences of technical errors, diagnostic reports, your settings preferences, backup information, API calls, and other logs;
- the full Uniform Resource Locators (URL) clickstream to, through, and from our website (including date and time), content you viewed or searched for, page response times, download errors, and page interaction information (such as scrolling, clicks, and mouse-overs);
- email addresses and phone numbers used to contact us; and
- identifiers and information contained in cookies.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer. We only use (and store) non-essential cookies on your computer’s browser or hard drive if you provide your consent.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. Except for essential cookies, all cookies will expire after 2 years.
How We Store Personal Information
Where you are a client of ThreatDefence, we will retain your data for a period of 2 years to ensure that we are able to assist you should you have any questions, feedback, or issues in connection with your membership or if any legal issues arise.
In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
How We Secure Personal Information
- We protect the security of your information during transmission to or from our websites, applications, products, or services by using encryption protocols and software.
- We follow the Payment Card Industry Data Security Standard (PCI DSS) when handling credit card data.
- We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of personal information. Our security procedures mean that we may request proof of identity before we disclose personal information to you.
You have various rights under the data protection laws, which you can exercise by contacting us.
If you have any concern about privacy at ThreatDefence, please contact us at email@example.com with a thorough description, and we will try to resolve it.
Right of access
You are entitled to receive confirmation as to whether your personal information is being processed by us, as well as various other information relating to our use of your personal information. You also have the right to access your personal information which we are handling.
Right to rectification
You have the right to require us to rectify any inaccurate personal information we hold about you. You also have the right to have incomplete personal information we hold about you completed, by providing a supplementary statement to us.
Right to restriction
You can restrict our processing of your personal information where:
- you think we hold inaccurate personal information about you;
- our handling of your personal information breaks the law, but you do not want us to delete it;
- we no longer need to process your personal information, but you want us to keep it for legal reasons; or
- where we are handling your personal information because we have a legitimate interest (as described in the “How We Use Your Data” section above) and are in the process of objecting to this use of your personal information.
- Where you exercise your right to restrict us from using your personal information, we will then only process your personal information when you agree, except for storage purposes and to handle legal claims.
Right to data portability
You have the right to receive your personal information in a structured, standard machine-readable format and to send this to another organisation controlling your personal information.
This right only applies to your personal information we are handling because you consented to us using it or because there is a contract in place between us.
Right to erasure
You have the right to require us to erase your personal information which we are handling in the following circumstances:
- where we no longer need to use your personal information for the reasons we told you we collected it for;
- where we needed your consent to use your personal information, you have withdrawn your consent, and there is no other lawful way we can continue to use your personal information;
- when you object to our use of your personal information, and we have no compelling reason to carry on handling it;
- if our handling of your personal information has broken the law; and
- when we must erase your personal information to comply with a law we are subject to.
Our business changes constantly, and our Privacy Notice may also change. You should check our website frequently to see recent changes. You can see the date on which the latest version of this Privacy Notice was posted. Unless stated otherwise, our current Privacy Notice applies to all personal information we have about you and your account. We stand behind the promises we make, however, and will never materially change our policies and practices to make them less protective of personal information collected in the past without informing affected customers and giving them a choice.