1. What does this policy cover?
We are committed to maintaining your confidence and trust to protect the personal data you provide to us or which we collect about you via our website www.lacimagroup.com or via any other method. This policy describes how we use, store and protect your personal data, including but not limited to data from your use of our website.
Where applicable, this policy should be read alongside Lacima’s Website Terms & Conditions which tell you about the terms on which you may access and use the website.
Further information about how we collect and process your personal data as well as your rights in relation to your personal data is detailed in our Privacy FAQ annexed to this Policy.
2. What personal data is collected?
We collect personal data that is required for providing software and services to our clients. We also collect personal data for marketing purposes.
Providing personal data is usually optional; however, in order to provide you with access to some of our services and other resources such as whitepapers and demos, providing certain personal data (e.g., contact information and name, log-in details) is necessary in order to receive these services and resources. You may choose whether or not to receive electronic marketing communications from us and we will only send you such communications where we have the appropriate consents to do so (to the extent required by applicable law).
(i) Personal data collected from you:
We normally collect your personal data directly from you. For example, we collect personal data when you deal with us over the telephone, send us correspondence by letter, fax or email, when you have contact with us in person, when you transact with us, when you fill in forms on the website or on other web based applications we use in our interaction with you, report a problem to us, submit user-generated reviews or ratings to us, and engage in any social media with us. The categories of personal data we collect, include, but not limited to:
- Personal Identification Information: such as, your name, and title;
- Contact Information: such as, email address, mailing address and telephone number;
- Demographic Information: such as, postcode;
- Financial information: such as, credit / debit card numbers; and
- Your marketing preferences, including any consents you have given us.
(ii) Personal data collected about you:
Although we generally collect personal data directly from you, we also collect certain categories of personal data about you from other sources. In particular:
- From Others:
- Credit checks from credit reporting agencies to enable us to process a transaction;
- From a marketing event organisation;
- Publicly maintained records; and
- Financial and / or transaction details from payment providers in order to process a transaction;
- Automatically Collected Information: such as, web browser type and version, operating system, the website you came from and exit to, your IP (Internet Protocol) address, your browser settings, the date and time of your visits, and details regarding your interaction with the website (including which pages or resources on the website you access) or other web based services that we provide you with access to or invite you to use for example for training and webinar purposes; and
- Cookies Information: in accordance with the Cookies section below.
3. How is your personal data used, and what is the legal basis for this use?
We use your personal data for the following purposes:
- Contractual Necessity: As required to establish and fulfil a contract with you, for example: if you make a purchase from us (this will include taking payments); communicating with you and providing customer services.
- Legitimate Interests: As required by us to pursue our own legitimate interests, in particular:
- to provide you with information that you have requested from us;
- to receive services from you or the business which employs you;
- to undertake marketing activities;
- to notify you are about similar products and/or services that you may be interested in that are similar to those you have previously purchased or shown an interest in purchasing from us;
- undertake research and development for future products and services;
- facilitating the creation of, and securing, online registered accounts;
- managing, operating and improving online registered services (incl. enabling you to manage your marketing preferences), and customer journeys on the website;
- monitoring any online feedback/reviews to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law;
- we will use data in connection with legal claims which concern our company, group or partners, compliance, regulatory and investigative purposes as necessary (including disclosure of such data in connection with legal process or litigation);
- creating user / customer insights based on transactional behaviour segments to drive targeted direct marketing;
- creating user / customer insights based on demographic segments to drive targeted email direct marketing and also carrying out market research and surveys;
- communicating with you; and
- investigating and handling any complaints received from you about our privacy practices, our website, or our services.
You can obtain further information on the legitimate interests balancing exercises which we have carried out by contacting us using the contact details provided below.
- Legal Compliance: To ensure compliance with applicable laws and legal processes including, but not limited to, use in connection with legal claims, compliance, regulatory, tax, investigative purposes (including disclosure of such data in connection with legal process or litigation and to law enforcement agencies).
- Consent: Subject to the following, we will send you direct marketing by email, SMS, telephone, post, in-App and online about Lacima services which we think may be of interest to you. This will only be sent where you have given your consent to Lacima during any online sign-up process, or where you have provided your details to us as part of an ongoing relationship with us, and the marketing is directly related to that relationship and (where permissible under applicable laws) you have been given an opportunity to opt out. You will be able to opt-out of electronic direct marketing by clicking the unsubscribe link contained in the email itself and, in all other cases, by contacting us directly using the contact details provided below.
- Legal Permission: As otherwise permitted by applicable laws.
Visitors under 16 years of age are not permitted to subscribe to our services, use and/or submit their personal data on any of our website or applications. We do not knowingly solicit or collect personal data from visitors under 16 years of age. We encourage parents and guardians to spend time online with their children and to participate and monitor the interactive activities of their children.
5. Who will your personal data be shared with, and where?
We will share your personal data with:
- members of our group of companies being Lacima Group Pty Ltd, LG UK Pty Ltd and Lacima Group (US) Inc;
- third party service providers, who will process it on our behalf for the purposes above. Such third parties include, but are not limited to, “mailing houses”, customer service operations, and marketing providers;
- government authorities and/or law enforcement officials if required for the purposes specified above in section 3, if mandated by law or if required for the legal protection of our own legitimate interests in compliance with applicable laws; and
- purchasers or prospective purchasers of all or part of our assets or our business, and their professional advisers, in connection with the purchase.
Where such data is shared with members of our group of companies or third parties, we will ensure appropriate safeguards are in place to protect your personal data.
We may also share your personal data as permitted or required by applicable laws.
We take reasonable steps to help ensure the security of your personal data and protect it from misuse, interference and loss, and from unauthorised access, modification or disclosure.
What cookies will be used on the website?
We don’t have access to the cookies which third parties place on the website; other than allowing them to be served. Such third parties have their own privacy policies which we encourage you to review.
(i) Strictly Necessary Cookies
Some cookies are essential for the operation of the website. For example, some cookies allow us to identify registered users and ensure they can access the website. If a registered user opts to disable these cookies, the user may not be able to access all of the content of the website.
(ii) Performance Cookies
Other cookies may be used to analyse how users use the site and to monitor site performance. This allows us to provide a high quality experience by customising the offering and quickly identifying and fixing any issues that arise. For example, performance cookies may be used to keep track of which pages are most popular and to determine why some pages are receiving error messages.
(iii) Targeting Cookies
Targeting cookies are used to serve users with adverts, and to collect information about users’ browsing habits and usage of the website in order to make adverts more relevant to users and their interests. We may use remarketing technologies to enable third parties to display relevant and personalised ads to users through their networks. They are also used to limit the number of times users see an advert as well as help measure the effectiveness of an advertising campaign.
(iv) Social Media Cookies
These cookies allow users to share what they’ve been doing on the website on social media. These cookies are not within our control. Please refer to the respective social media privacy policies for how their cookies work.
(v) Google Analytics
Users are always free to decline cookies if their browser permits, although doing so may interfere with their use of the website. Please find detailed information on how to disable cookies here (http://www.allaboutcookies.org/manage-cookies/).
8. Changes to this policy
Any changes we may make to this policy in the future will be posted on the website and, where appropriate, notified to you by email or otherwise. The changes will be also available in hard copy at our premises.
9. How to contact us
If you wish to gain access to your personal data or make a complaint about our breach of your privacy, or if you have any query on how your personal data is collected, stored or used, please find contact details below
(i) Contact outside of the EU and UK
If you are located outside of the European Economic Area (the “EEA“) (i.e. all 27 EU Member States plus Iceland, Liechtenstein and Norway) or the UK:
Telephone: +61 (02) 8320 7440
Fax: +61 (02) 9475 0984
Mail: Suite 7.01, Level 7, 56 Pitt Street Sydney 2000 Australia
(ii) Contact in the UK and EU
Under the UK GDPR we are required to provide a contact in the UK and under the EU GDPR we are required to provide a contact in the EU that will act as our representative should you wish to contact us with regards to how we handle your personal information.
You can contact our UK Representative to exercise your rights under the UK GDPR or our EU Representative to exercise your rights under the EU GDPR or to discuss any sort of data protection issue relating to our company.
Our UK Representative is:
UK GDPR Representative UK office
NEW MARKETING SYSTEMS LTD
20-22 Wenlock Road London, N1 7GU
Tel: +441772 217800
Support website: https://eugdprrep.com
Our EU Representative is:
EU GDPR Representative Dublin office
INSTANT EU GDPR REPRESENTATIVE LTD
69 Esker Woods Drive, Lucan, Co. Dublin Ireland
Tel: +353 1 554 9700
Support website: https://eugdprrep.com
10. Unsatisfied with our response to your enquiry?
If you are not satisfied with the manner in which we deal with any privacy complaint or query you may have, you can refer your complaint to the relevant data protection authority in your country of habitual residence, place of work, or place of the alleged infringement.
For Australia, you can contact the Office of the Australian Information Commissioner using the online complaint form available here https://www.oaic.gov.au/privacy/privacy-complaints/ or by:
Mail: Office of the Australian Information Commissioner, GPO Box 5218, SYDNEY NSW 2001 Australia
Fax: 02 9284 9666
For the UK, you can contact the Information Commissioner’s Office, the UK supervisory authority for data protection issues (www.ico.org.uk).
If outside of Australia or the UK, you can contact the applicable supervisory body in your country.
ANNEX – Privacy FAQs
1. What rights do I have in relation to my personal data?
- EU (EEA)/UK Citizens:
You are entitled to ask us:
- for a copy of your personal data;
- to correct your personal data (if it is inaccurate, incomplete or not up-to-date);
- to ‘port’ your personal data (i.e. to transfer in a structured, commonly used and machine-readable format, to you or another data controller);
- to erase your personal data; or
- restrict its processing (i.e. processing will temporarily stop (save to the extent that personal data will continue to be stored)).
You also have rights to object to some processing that is based on our legitimate interests, and to processing for direct marketing purposes. Further, where we have asked for your consent to process your data, you are entitled to withdraw this consent as more fully described above.
These rights are limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your personal data. In some instances, this may mean that we are able to retain data even if you withdraw your consent.
Where we require your personal data to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us.
If you have unresolved concerns you also have the right to complain to EU or UK data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.
- Non-EU (EEA)/UK Citizens:
Under the Privacy Act 1988 (Cth) (“Privacy Act”), you have the right to seek access to your personal data handled by us. You also have the right to ask us to update or correct your personal data when it is inaccurate, incomplete or out of date.
Except where we may refuse access to your personal data under the Privacy Act, we will, after receiving your written request, provide you with access to the personal data we hold about you.
If we refuse to provide you with access to all or any part of your personal data, or to provide you with access to all or any part of your personal data in the manner requested, we will provide you with written reasons for our refusal and inform you of any exceptions relied upon under the Privacy Act.
2. How long will you hold my data?
Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We will refresh any consents on a regular basis to check you still wish to hear from us. We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data indefinitely so that we can respect your request in future.
Where we process personal data for site security purposes, we retain it until you request that it be removed from our site.
Where we process personal data in connection with performing a contract, we keep the data for the duration of the contract that you have with us plus a minimum of 5 years thereafter.
3. Where will you send my data?
Lacima may transfer (including store) your personal data to countries outside of the EEA or UK, which may not provide the same level of protection as those countries within the EEA or UK, including to Australia.