Velpic collects your personal information
The Velpic Services involve the storage of data about a company or individual. That data can include personal information. In this Policy, “personal information” has the meaning set out in the Australian Privacy Act 1988 (Cth). Essentially, personal information is any information or opinion that we know (or are reasonably able to determine) is about an identifiable individual and may include information such as the individual’s name, email address and telephone number. We will only collect and store personal information about you when it is reasonably necessary for our business activities.
Velpic may collect personal information directly from you when you:
- register to use the Velpic Services;
- use the Velpic Services;
- contact the Velpic support team; and
- visit our Sites.
You can always choose not to provide your personal information to Velpic or to limit the personal information you provide to us, but it may mean that we are unable to process your application, fulfil your request, or provide you with the Velpic Services.
Velpic may receive personal information from you about others
If you are an End User of the Velpic Services, please note that your provider may provide your personal information to us relating to your use of the Velpic Services. If you are a customer of ours, you may have to provide us with personal information about your End Users in order for you and/or your End Users to use the Velpic Services. If you provide Velpic with personal information about someone else, you must ensure that you are authorised to disclose that information to Velpic and that, without Velpic taking any further steps required by applicable data protection or privacy laws, Velpic may collect, use and disclose such information for the purposes described in this Policy.
This means that you must take reasonable steps to ensure the individual concerned is aware of and/or consents to the various matters detailed in this Policy, including the fact that their personal information is being collected, the purposes for which that information is being collected, the intended recipients of that information (including Velpic), the individual's right to obtain access to and, if necessary, correct that information, Velpic’s identity, and how to contact Velpic.
Where requested to do so by Velpic, you must also assist Velpic with any requests by the individual to access or update the personal information you have collected from them and entered into the Velpic Services.
Velpic collects, holds, and uses your personal information for limited purposes
Velpic collects your personal information so that we can provide you with the Velpic Services and any related services you may request. In doing so, Velpic may use the personal information we have collected from you for purposes related to the Velpic Services including to:
- verify your identity;
- administer the Velpic Services;
- notify you of new or changed services offered in relation to the Velpic Services;
- carry out marketing or training relating to the Velpic Services
- assist with the resolution of technical support issues or other issues relating to the Velpic Services;
- comply with laws and regulations in applicable jurisdictions; and
- communicate with you.
By using the Velpic Services, you consent to your personal information being collected, held and used in this way and for any other use you authorise. Velpic will only use your personal information for the purposes described in this Policy or with your express permission.
It is your responsibility to keep your user name and password to the Velpic Services safe. You should notify us as soon as possible if you become aware of any misuse of your user name and/or password, and immediately change your password within the Velpic Services.
Velpic can aggregate your non-personally identifiable data
By using the Velpic Services, you agree that Velpic can access, aggregate and use non-personally identifiable data Velpic has collected from you. This data will in no way identify you or any other individual.
Velpic may use this aggregated non-personally identifiable data to:
- assist us to better understand how our customers are using the Velpic Services;
- provide our customers with further information regarding the uses and benefits of the Velpic Services; and
- otherwise to improve the Velpic Services.
Velpic holds your personal information on servers located in the U.S.
Velpic stores personal information on computer databases and/or in hard copy, and we engage third party service providers to assist in storing and processing data for us. All data, including personal and non-personal information, that is entered into the Velpic Services by you, or automatically imported on your instruction, is transferred to Velpic’s servers hosted by third-party service providers who may be located overseas, or use facilities located overseas to provide us with services (“our servers”) as a function of transmission across the Internet. By using the Velpic Services, you consent to your personal information being transferred to our servers as set out in this Policy.
Currently our servers are located in the United States of America (“U.S.”) and are primarily hosted by Amazon Web Services, Inc. (“AWS”), and your personal information will be routed through, and stored on, those servers as part of the Velpic Services. AWS has obtained approval from EU data protection authorities of the AWS data processing agreement and model clauses so that all AWS customers can use AWS in full compliance with the EU Data Protection Directive (Directive 95/45/EC). For more information, see http://aws.amazon.com/compliance/eu-data-protection/. If the location of our servers change in the future, we will update this Policy. You should review our Policy regularly to keep informed of any updates.
By providing your personal information to Velpic, you consent to Velpic storing your personal information on servers hosted in the U.S. While your personal information will be stored on servers located in the U.S., it will remain within Velpic’s effective control at all times. The server host’s role is limited to providing a hosting and storage service to Velpic, and we’ve taken steps to ensure that our server hosts do not have access to, and use the necessary level of protection for, your personal information.
If you do not want your personal information to be transferred to a server located in the U.S., you should not provide Velpic with your personal information or use the Velpic Services.
Velpic takes steps to protect your personal information
Velpic is committed to protecting the security of your personal information and we take all reasonable precautions to protect it from unauthorised access, modification or disclosure. Your personal information is stored on secure servers that have SSL certificates, and all data transferred between you and the Velpic Services is encrypted.
However, the internet is not in itself a secure environment and we cannot give an absolute assurance that your information will be secure at all times. Transmission of personal information over the internet is at your own risk and you should only enter, or instruct the entering of, personal information to the Service within a secure environment. Except to the extent that liability cannot be excluded by law, we exclude all liability (including in negligence) for the consequences of any unauthorised access to, or use of, your personal information. Please notify us immediately if you become aware of any breach of security.
We will advise you at the first reasonable opportunity upon discovering or being advised of a security breach where your personal information is lost, stolen, accessed, used, disclosed, copied, modified, or disposed of by any unauthorised persons or in any unauthorised manner.
Velpic only discloses your Personal Information in limited circumstances
Velpic will only disclose the personal information you have provided to us to entities outside the Velpic group of companies if it is necessary and appropriate to facilitate the purpose for which your personal information was collected pursuant to this Policy, including the provision of the Velpic Services. In the course of our ordinary business operations we disclose personal information to:
- external service providers (such as third-party hosts of our servers);
- commercial partners; and
- our advisors and consultants.
Some of the third parties to whom we disclose your personal information may be located outside Australia. The countries in which these third parties are located will depend on the circumstances.
However, in the course of Velpic’s ordinary business operations, we commonly disclose personal information to third parties located in the U.S.. Velpic will not otherwise disclose your personal information to a third party unless you have provided your express consent. However, you should be aware that Velpic may be required to disclose your personal information without your consent in order to comply with any court orders, subpoenas, or other legal process or investigation including by tax authorities, if such disclosure is required by law. Where possible and appropriate, we will notify you if we are required by law to disclose your personal information.
The third parties who host our servers do not control, and are not permitted to access or use your personal information except for the limited purpose of storing the information. This means that, for the purposes of Australian privacy legislation and Australian users of the Service, Velpic does not currently “disclose” personal information to third parties located overseas.
Velpic does not store your credit card details
Your credit card details are not stored by the Velpic Services and cannot be accessed by Velpic staff. Your credit card details are encrypted and securely stored by Braintree (a division of PayPal Inc.) to enable Velpic to automatically bill your credit card on a recurring basis. You should review Braintree’s Security Policy to ensure you are happy with it.
You may request access to or correction of your personal information
You have a right to request access to or correction of any personal information we hold about you, by setting out your request in writing and sending it to us at email@example.com.
Velpic will process your request as soon as reasonably practicable, provided we are not otherwise prevented from doing so on legal grounds. If we are unable to meet your request, we will let you know why. For example, it may be necessary for us to deny your request if it would have an unreasonable impact on the privacy or affairs of other individuals, or if it is not reasonable and practicable for us to process your request in the manner you have requested. In some circumstances, it may be necessary for us to seek to arrange access to your personal information through a mutually agreed intermediary (for example, the account owner). If we refuse to correct the personal information as requested by you, you may request that we associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, and we will make reasonable steps to associate the statement in such a way that will make the statement apparent to users of the information.
We’ll only keep your personal information for as long as we require it for the purposes of providing you with the Velpic Services. However, we may also be required to keep some of your personal information for specified periods of time, for example under certain laws relating to corporations, money laundering, and financial reporting legislation.
Our website places a cookie on the hard drive of your computer. A "cookie" is a file which allows us to track and target the interests of users. In addition, our website uses third party cookies from Google Analytics for Display Advertisers, including the following features:
- Google Display Network Impression Reporting - which gives us additional insight into who has viewed our paid digital advertising on other websites. This will help us optimise and tailor our advertising.
- DoubleClick Platform integrations & Remarketing with Google Analytics – the integrations between both our web analytics and paid advertising platforms together to give us additional insight. This allows us to tailor our advertising to ensure the right types and offers are shown to you while you are using the internet outside our website.
- Google Analytics Demographics and Interest Reporting - which gives us insight into behaviour information relating to visitor age, gender and interests on an anonymous and aggregate level. This will help us to understand browsing behaviour to give you a better experience whilst visiting our sites.
While we recommend that users enable cookies on their browsers in order to enjoy all the features of our website, the decision remains in the hands of the individual. Most browsers allow you to control management of cookies, this will be different depending on each user's PC - refer to your browser help menu for further information.
You can opt-out of any email communications
Velpic sends billing information, Velpic Services updates, Velpic Services notifications and other information in relation to your use of the Velpic Services to you via email. Our emails will contain clear and obvious instructions describing how you can choose to be removed from any mailing list not essential to the Velpic Services. Velpic will remove you at your request.
You are responsible for transfer of your data to third-party applications
If you are our customer, you undertake not to use the Velpic Service to transfer personal information of your End Users to third parties unless permitted by law or where you have the consent of your End Users to do so.
Velpic has a privacy complaints process
If you wish to complain about how we have handled your personal information, please provide our Privacy Officer with full details of your complaint and any supporting documentation:
- by email at firstname.lastname@example.org; or
- by letter to The Privacy Officer, Velpic, 243 Hay Street, Subiaco WA 6008, Australia.
Our Privacy Officer will endeavour to:
- provide an initial response to your query or complaint within 10 business days; and
- investigate and attempt to resolve your query or complaint within 30 business days or such longer period as is necessary and notified to you by our Privacy Officer.
This policy may be updated from time to time
Velpic reserves the right to change this Policy at any time, and any amended Policy is effective upon posting to the Sites. You should check this Policy regularly for changes. Velpic will make every effort to communicate any significant changes to you via email or notification via the Velpic Services. Your continued use of the Velpic Services will be deemed acceptance of any amended Policy.
Last updated: February 2016