This Privacy statement explains in general terms how we protect the privacy of your personal information under the National Privacy Principles contained in the Privacy Act 1988 (Cth) (Privacy Act).
In summary, ‘personal information’ is information or an opinion relating to an individual which can be used to identify that individual.
By using our web site, you consent to the collection and use of this information by socialface Pty Limited (“socialface”). socialface reserves the right to vary the information contained in this Privacy statement from time to time without further notice to you. We encourage you to regularly check our Privacy statement.
Collection of personal information.
socialface collects personal information as part of the services it provides to its clients. These services involve the management of social media platforms, such as Facebook, on behalf of clients. And management includes interacting with users of those social media platforms on behalf of socialface’s clients. Our clients might ask us to conduct marketing activities such as games and competitions, or to submit content to chat and discussion forums. The type of information we may collect and hold includes (but is not limited to) personal information such as:
• Name and such contact details as might be supplied by users (eg. username, email address);
• your server’s IP address or your personal IP address;
• the date and time of your visit;
• the address of the pages accessed and the documents downloaded;
• the type of browser and operating system you are using; and
• the address of the referring site (eg, the previous site that you visited).
socialface generally collects personal information when users subscribe to the social media platform belonging to our clients. When or before we collect personal information, we will take reasonable steps to inform you of:
• the purposes for which the information is collected;
• where applicable, any law that requires the particular information to be collected; and
• the main consequences for you if all or part of the information is not provided.
socialface may also use personal information to keep users informed of changes to our clients’ social media platforms, new products and services or to let users know about special offers that may be of interest. Users will have the option to unsubscribe at any time if they would rather not receive this information.
We may use and disclose the personal information of users for the primary purpose for which it is collected, for reasonably expected secondary purposes which are related to the primary purpose and in other circumstances authorised by the Privacy Act.
In general, we use and disclose the personal information of users for the following purposes:
• to market our clients and their services on their behalf;
• to communicate with users on behalf of our clients;
• to comply with our legal obligations; and
• to help us manage and enhance our services.
We may disclose the personal information of users to:
• other companies or individuals who assist us in providing services or who perform functions on our behalf (such as agents and/or contractors for the purpose of administration and to service your membership);
• courts, tribunals and regulatory authorities; and
• anyone else to whom users authorise us to disclose it.
Some personal information which we may collect is ‘sensitive information’. Sensitive information includes information relating to a person’s racial or ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences and criminal record, that is also personal information and health information about an individual.
Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless you agree otherwise, or where certain other limited circumstances apply (eg, where required by law).
Protecting personal information.
socialface takes reasonable steps to protect personal information held from misuse and loss and from unauthorised access, modification or disclosure, for example by use of physical security and restricted access to electronic records provided by the social media platforms themselves.
Whilst we endeavour to protect users’ information from misuse, loss or unauthorised access, we cannot guarantee the security of information transmit or receive by users online. These activities are conducted at the risk of users. Once we receive a transmission, we make our best effort to ensure its security.
It is also important for users to protect against unauthorised access to passwords and membership numbers. Users are reminded to always close the browser at the end of a session in order to protect personal information if a computer is shared or used in a public place.
Where we no longer require personal information for a permitted purpose, we will take reasonable steps to destroy it.
We endeavour to ensure that the personal information we hold is accurate, complete and up-to-date. We encourage users to contact us on email@example.com in order to update any personal information we hold.
Subject to the exceptions set out in the Privacy Act, users may gain access to the personal information which we hold by contacting us. We will require users to verify their identity and to specify what information is required.
Links to other sites.
This site may contain links to other sites, including the websites of our clients. socialface is not responsible for the privacy practices or the content of such web sites.
Data Breach Policy.
In the event of a data breach involving the unauthorised access, disclosure, alteration, or destruction of personal information, socialface Pty Limited ("socialface") is committed to taking swift and responsible action to mitigate the impact on affected individuals and comply with applicable privacy laws. This Data Breach Policy outlines the steps we will follow in such circumstances:
1. Notification: Upon the discovery of a data breach that poses a risk to the privacy and security of personal information, socialface will promptly assess the breach to determine the nature and scope of the incident.
2. Data Breach Response Team: We will assemble a Data Breach Response Team, which may include IT personnel, legal advisors, and other relevant parties, to investigate and manage the breach.
3. Containment: We will take immediate steps to contain the breach and prevent further unauthorised access, disclosure, or damage to personal information.
4. Assessment: Our team will assess the severity of the breach, the types of personal information exposed, and the potential harm to affected individuals.
5. Notification: If the breach is likely to result in serious harm to individuals, socialface will notify affected individuals and relevant authorities as required by applicable privacy laws. Notification will be made without undue delay.
6. Assistance: We will provide affected individuals with information on steps they can take to protect themselves from potential harm resulting from the breach.
7. Investigation: We will conduct a thorough investigation into the root causes of the breach and implement measures to prevent similar incidents in the future.
8. Documentation: Details of the breach, our response, and any actions taken will be documented for compliance purposes.
9. Communication: We will communicate openly and transparently with affected individuals, regulatory authorities, and other relevant stakeholders throughout the breach response process.
10. Review and Improvement: After resolving the breach, we will review our data security practices and make necessary improvements to prevent future breaches.
Please note that while we take every reasonable measure to protect personal information, no method of data transmission or storage is entirely secure. Users are encouraged to take precautions to safeguard their personal information, such as using strong passwords and maintaining the security of their accounts.
If you suspect a data breach or have any concerns about the security of your personal information, please contact us immediately at firstname.lastname@example.org.
This Data Breach Policy is subject to change in accordance with evolving best practices and legal requirements. Users are encouraged to review this policy periodically for updates.
For more detailed Privacy information on our information handling practices you can contact us at email@example.com