Privacy
Effective starting: 9 October 2024
This privacy policy ("Privacy Policy") applies to Ansarada (“Ansarada”, “us”, “we” and “our”) and details our commitment to protecting the privacy of our customers and users.
This Privacy Policy describes how and why we collect Personal Information about you, how we use, manage, store, and disclose that information, and how you can exercise your privacy rights. This Privacy Policy also outlines how you can contact us to access and update your Personal Information and/or how you can raise any privacy concerns.
We recommend that you read this Privacy Policy in full to ensure you are fully informed. However, if you wish to only access a particular section of this Privacy Policy, then you can click on the relevant link below to jump to that section.
“Ansarada Services” refers to any of the products and services we may provide to you.
When referenced in this Privacy Policy, “Personal Information” means any information or data that identifies you, or that could reasonably be used (for instance, in combination with other data) to identify you directly or indirectly, including but not being limited to identifiers such as names, identification numbers, location data, and/or online identifiers. Personal Information can include information you provide to us (for example, through our websites and your use of the other Ansarada Services), publicly available information, and/or information we collect from other sources as described in this Privacy Policy. We also acknowledge that Personal Information means any definition within any Privacy Laws that relate to you.
We may update this Privacy Policy from time to time by posting a new version on any of our websites. When an updated Privacy Policy is posted, we will change the “Effective Starting” date at the top of the policy accordingly.
Where our changes are material and have a material impact upon your material rights as a data subject, we will do all that is possible to notify you – this may be by way of an email or a notice on our websites, or an alert on the login screens for the Ansarada Services that will appear for at least 30 days. We may not notify you if the way in which we use your Personal Information has not changed, or where any changes are not material, or where such changes do not change your material rights as a data subject.
If you do not agree with its terms or any of the changes we make, you should may exercise whatever rights you may have, as described in this Privacy Policy or otherwise as provided in any Privacy Laws that relate to you, to opt out of how we use your Personal Information.
We collect your Personal Information to supply you with the Ansarada Services and to further develop, enhance and safeguard those services. We may also use your Personal Information to:
If we do not collect Personal Information from you, you might not be able to use the Ansarada Services or otherwise create an account or profile with us. Additionally, some of the functions comprising the Ansarada Services may not be available to you, and/or we might not be able to communicate with you (including through marketing communications).
We may also collect, use, store and disclose your Personal Information for purposes and for recipients additional to those that are set out in this Privacy Policy. Where we do so, we will disclose those purposes and recipients to you when you provide your information to us.
The Personal Information we may collect includes information that you provide voluntarily to us, information that we collect automatically and information that we obtain from third party sources. This may include, but is not limited to:
We may also process Personal Information incorporated in the content that users create, provide, post, host, upload, store, communicate or display when you use the Ansarada Services (“User Content”). This may include sensitive information, such as but not limited to personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. Where we process Personal Information in content, we do so on behalf of our customers and users and it is their responsibility to have lawful grounds to use that Personal Information, and to provide that Personal Information to us to process. Given we will not be responsible for obtaining consent for the use of any sensitive information that is incorporated in any User Content, we state it is in your best interests to not provide us any sensitive information.
We collect Personal Information in a number of ways, including:
We may disclose the Personal Information we collect:
to related entities of Ansarada Pty Ltd for the purposes of performing the Services and operating our group’s business;
Some of the recipients described above, including our service providers, other users of the Ansarada Services, any new owner of Ansarada, are or may be located offshore.
We retain Personal Information we collect from you where we have an ongoing legitimate business need to do so, where deletion of your Personal Information would not be technically feasible, or where you have not requested us to delete your Personal information, pursuant to any privacy laws that apply to Your Content. Examples of legitimate business needs include but are not limited to continuing to provide you access to the Ansarada Services or to comply with applicable legal, regulatory, tax or accounting requirements.
You have a right to request a copy of your Personal Information, to object to our usage of your Personal Information, to request the correction of Your Personal Information, or to request the deletion or restriction of your Personal Information. Your requests and choices may be limited in certain cases such as, but not limited to situations where your request would reveal information pertaining to another person, or where you ask us to delete Your Personal Data, and we are permitted by law to retain Your Personal Data or have a compelling legitimate reason for doing so.
Subject to any privacy laws that apply to your content, when we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
We only retain Personal Information for such time as permitted by our contracts with our customers, or for such time as those customers otherwise instruct or permit us to do so, or pursuant to any privacy laws that apply to Your Content.
We use cookies and similar tracking technology (collectively, “Cookies”) to collect and use Personal Information about you, and to otherwise make interfaces more user-friendly, to provide you a better experience, and to target advertising to you that may be of interest. You can control or reset your cookies through your web browser, which allows you to customise your cookies preferences, to refuse all cookies, or to indicate when a cookie is being sent. Note that some elements of the Ansarada Services may not function properly if the ability to accept cookies is disabled.
For further information about the types of Cookies we use and why, as well as further information on how you can control Cookies, please see our Cookie Policy.
Links to other websites
Ansarada’s website may contain hyperlinks to websites that are not operated by us. These hyperlinks are provided to enhance your experience and for your reference, and do not imply any endorsement of the activities of these third-party Websites or any association with their operators. We do not control these websites and are not responsible for their operation, data, or privacy practices. We ask you to review any privacy notice posted on any site you visit before using the site or providing any personal data about yourself.
Security
In storing your Personal Information, we use a number of security and organisational measures and technologies to safeguard your Personal Information from unauthorised access, modification or disclosure and misuse, interference or loss. We have personnel tasked with protecting your information, developing new security features, and identifying and mitigating vulnerabilities. Our existing security measures include encryption, two-factor authentication, and notifications when new devices and apps are connected with your user account. We also have in place security measures and policies focused on restricting access to sensitive information to authorised personnel, and we consistently review our security procedures and architecture with a consideration of new technologies and updated methods. Despite our reasonable efforts however, no system is ever perfect.
Whilst we hold your information on a secured server behind a firewall and we encrypt data transfer using 256bit SSL encryption, please be aware that there are inherent risks in transmitting information using the internet.
The Ansarada Services are certified to meet ISO 27001 information security standards. Please contact us for further information on the scope of our ISO 27001 certification.
If you are a visitor from the European Economic Area, Switzerland or the United Kingdom, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.
However, we will normally collect Personal Information from you only where we have your consent to do so, where we need the Personal Information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Information from you or may otherwise need the Personal Information to protect your vital interests or those of another person (e.g. other users).
If we ask you to provide Personal Information to comply with a legal requirement or to perform a contact with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not (as well as of the possible consequences if you do not provide your Personal Information).
Similarly, if we collect and use your Personal Information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
Most of the ways in which we use your personal data are based on our legitimate interests in:
When we rely on our legitimate interests as a lawful ground to process your Personal Information, we do so taking into account the potential impact on your privacy and we offer the right to object to or opt out from processing as described below in the “Your privacy rights” section below.
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us using the contact details provided under the “Contacting Ansarada about Privacy” heading below.
Your Personal Information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have privacy laws that are different to the laws of your country (and, in some cases, may not be as protective).
Specifically, third-party service providers and partners operate around the world and, in particular, in Australia and the United States of America. This means that when we collect your Personal Information we may process it in any of these countries, pursuant to any privacy laws that apply to Your Content. Notwithstanding this, we have entered into a Data Processing Agreement with relevant third-party service providers and partners where any associated data transfer does not occur to a country that has benefited from an adequacy decision by the EEA, Swiss, or UK authorities.
We currently host our servers for the Ansarada Services using a third-party hosting provider, Amazon Web Services (“AWS”).
Californian users of the Ansarada Services will have additional rights afforded to them under California Privacy Rights Act (“CPRA”).
The CPRA provides California users various rights with respect to the personal information we collect, including the right to, with certain limitations:
California users of the Ansarada Services may make a request with respect to any of these rights by contacting us by using the contact details provided under the ‘Contacting Ansarada about Privacy’ heading below.
You have the following privacy rights, regardless of the legal jurisdiction of Your Content:
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable privacy laws.
Please note that we do not offer any of the rights described above with respect to any Personal Information that is incorporated in any User Content. We process such content on behalf of our customers and if your Personal Information is contained in any such content, you should contact the customer on whose behalf we have stored the information.
Please contact us using the below details if you have queries about our Privacy Policy and privacy practices, or the way we deal with your Personal Information. You may also contact us using these details if you wish to exercise any of your privacy rights described in the section entitled “Your privacy rights” above.
Postal Address:
Ansarada
Level 2, 80 George Street, The Rocks
Sydney NSW 2000
Australia
Telephone: +61 2 8241 0888
Email: [email protected]
Position title and name: Renato Calderani, IT Operations and Compliance Manager
Where you are located in the European Economic Area (EEA) or the United Kingdom, you may also contact Ansarada UK Limited:
Postal Address:
34-37 Liverpool Street,
EC2M 7PP
London, UK
Telephone: +44(0) 20 3058 1060
Email: [email protected]
Position title and name: Maddie Saunders, Head of Client Services
When you request that we access or correct your Personal Information, we will need to locate the relevant information, so it would greatly assist us if you could supply as much supporting detail as possible. Where we refuse any access or correction request, we will comply with any requirements under applicable laws to notify you of our reasons for doing so and the mechanisms through which you may complain. Where we deny a request to correct information after you have made a request to us, we will comply with any applicable legal requirements to advise you of any inaccuracies or lack of necessary detail within your request.
We take your privacy complaints seriously at all times. Where you inform us that you have a complaint about our handling of your Personal Information, we will contact you to let you know which of our team members will investigate your matter and the timeframe within which they will aim to respond to you.