Privacy Policy

This privacy policy explains how we handle ‘personal information’ under the Privacy Act 1988 (Cth) (Privacy Act), and how we process ‘personal data’ about people in the European Union (EU), as required under the General Data Protection Regulation (GDPR).

Our privacy promise is that we will aim for best practice in the handling of personal information, by following the Australian Privacy Principles in the Privacy Act, and the Principles relating to processing of personal data in Article 5 of the GDPR, unless authorised or required by law to depart from them.

We will review this policy regularly, and we may update it from time to time.  If you have any enquiries about this privacy policy, or if you wish to make an access or amendment request or lodge a privacy complaint, please contact us.

The purposes for which we collect, hold, use and disclose personal information

We collect, hold, use and disclose personal information for the following purposes:

  • Sales and marketing of our products and services to current and prospective customers, including responding to enquiries
  • Service provision and maintenance functions, including responding to support issues from end users
  • Managing our staff, contractors, suppliers and resellers

The ‘lawful processing’ grounds on which we process personal data under the GDPR will depend upon the situation, but will typically be legitimate interests (Article 6.1(f)), for the performance of a contract (Article 6.1(b)), or with the consent of the data subject (Article 6.1(a)).

The types of personal information we hold

We hold personal information about our staff, contractors and resellers, as well as the contact details of individuals who work for current, past and prospective customers, suppliers, and other types of professional associates and personal contacts. We may hold additional information about our customers, if an end user submits a support issue to our help desk, or if a registered user of our websites participates in an online fora.

We collect information about users of our websites, including via cookies, for diagnostic, analytic and marketing automation purposes. You can opt out of our marketing cookies from our website at any time.

Our third party service providers

The personal information of individuals with whom we have a relationship (including our staff, and individuals who work for our customers, suppliers and others) may be held on our behalf offshore, including ‘in the cloud’, by our third party service providers. Our third party service providers are SugarCRM (CRM data), Xero (accounts information for customers and suppliers), PayPal (billing information for customers and suppliers), GoToMeeting/GoToWebinar, Campaign Monitor, Office 365 and Microsoft Azure Web.

Limiting our collections

We will only collect personal information if:

  • it is for a lawful purpose that is directly related to one of our functions, and
  • it is reasonably necessary for us to have the information.

How we collect personal information

We will collect personal information directly from the individual concerned unless it is unreasonable or impractical. We will not collect personal information by unlawful means. We will not collect personal information that is intrusive or excessive. We will take reasonable steps to ensure that the personal information we collect is relevant, accurate, up-to-date and complete.

Transparency

When collecting personal information, we will take reasonable steps to inform the person:

  • what part of Janusnet will hold and/or have access to their personal information
  • what it will be used for
  • what other organisations (if any) routinely receive this type of personal information from us
  • how the person can access their personal information held by us
  • whether the collection is required by law, and
  • what the consequences will be for the person if they do not provide the information to us.

We will enable anyone to know, upon request, whether we are likely to hold their personal information, and if so:

  • what type of information we hold about them
  • the purposes for which it will be used, and
  • how they can access their own personal information.

Security safeguards

We will take reasonable security measures to protect personal information from loss, unauthorised access, use, modification or disclosure. We will take reasonable steps to ensure personal information is stored securely, not kept longer than necessary, and disposed of appropriately.

Access and amendment

We will allow people to access their personal information without unreasonable expense or delay. We aim to respond to access requests within 30 days. We will only refuse access where authorised by law, and we will provide written reasons. We will allow people to update, correct or amend their personal information where necessary, to ensure it is accurate, relevant, up-to-date, complete or not misleading. Where possible, we will notify any other recipients of any changes.

Data quality

Before using or disclosing personal information, we will take appropriate steps to ensure that the information is relevant, accurate, up-to-date, complete, and not misleading.  We do not engage in automated decision-making or profiling.

Use and disclosure

We will use or disclose personal information only for the primary purpose for which it was collected, unless one of the following applies:

  • the person has consented, or
  • it is for a directly related secondary purpose within the reasonable expectations of the person, or
  • it is to a related or associated company for the purpose of providing a service, or
  • it is for another purpose authorised or required under law.

We transfer personal data about customers, suppliers and resellers in the EU to our Australian operations under one or more grounds in Article 49 of the GDPR, including with the consent of the data subject, as necessary for the performance of a contract, or for the establishment, exercise or defence of legal claims.  In any case, those data transfers concern only a limited number of data subjects, and are necessary for the purposes of our compelling legitimate interests and are not overridden by the interests or rights and freedoms of the data subject.

Links to other sites

We may provide links to third party websites. These linked sites are not under our control, and we cannot accept responsibility for the conduct of companies linked to our website. Before disclosing your personal information on any other website, we advise you to examine the terms and conditions of using that website and its privacy policy.

More information

If you have any enquiries about this privacy policy, or if you wish to make an access, amendment or erasure request or lodge a privacy complaint, please contact us.

For more information about your privacy rights see the website of the Office of the Australian Information Commissioner at www.oaic.gov.au.  If you are in the EU, you can choose to instead contact your local Data Protection Authority; see http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.