1. What personal information about me does Loop collect or hold?
We may hold the following personal information about you:
• user names
• email addresses
• title or role description
• phone number
• name of any employer, workplace, organisation, class, body, group or sub-group
• where a user’s access to the Service is in connection with a particular organisation (e.g. the user’s employer), the name of that organisation (Customer)
• information about you contained in communications by you or other users (whether or not sent to you) via the Service (Communication), including but not limited to opinions, feedback, scoring and other responses of any kind about you.
We may be unwilling to provide our Service to you if you do not provide some personal information. For example, without name and email details it is impractical for us to provide the Service to you.
We may use, or engage other service providers who use, ‘cookies’ to collect data (typically not personal information) relating to your device, system, software, peripherals and general usage of the Service. This data may include IP addresses, geographic location, browser versions, number of visits and similar such data relating to your navigation of our Service and linked services and online stores. Cookies help us to improve and deliver a better and more tailored Service.
You may refuse to accept cookies by activating settings on your device. However, please note that if you select such settings you may be unable to access certain parts of our Service.
2. Collection and storage of personal information
We may collect and store personal information in circumstances including:
• when a person signs up to become a user of the Service
•for the purpose of assigning a User ID to a user
• when a user interacts via the Service in a way that reveals their identity or the identity of another person
• when a person sends an enquiry through or makes a comment or other post through our website, through an email or via a social media platform
• when a person enters into a transaction with us using a credit card or method other than cash
• when a person responds to a customer survey from us
• tracking usage (e.g. movement between activities on our apps or website)
3. Use and disclosure of personal information
We use the personal information about you for the purposes for which it was provided or collected, including the following purposes:
• to provide the Service to you and other users, and the other purposes listed above in section 2
• to respond to enquiries received from you
• to perform authorised financial transactions with you
• to verify your identity and to assist you if you have forgotten any user ID, user name or password
• for our internal administrative, marketing, planning, product development and research requirements
• to communicate with you and provide you with information (whether by email, post or other means) about our products or Service (including to notify you of changes to the Service), where you have requested or consented to receiving this from us or where this provision is otherwise permitted by law
• to seek and respond to user or Customer comments on our Service
• to receive and address complaints about us, our Service or any user (including regarding alleged misuse of the Service or offensive Communication)
• to protect our legal interests and fulfill our regulatory obligations (if and to the extent necessary).
All users and others with whom we interact may opt-out of receiving communications from us except as necessary or desirable for the operation of the Service.
In relation to disclosure of personal information about you, it is convenient to break this into 2 separate cases:
• disclosure to other users
• overriding permitted disclosures.
Disclosure to other users
If you provide a Communication via the Service then the Service will make it clear whether or not the Communication will be provided on an anonymous basis to any other user able to view the Communication via the Service (Reader), in which case we handle the Communication as follows.
If you provide a non-anonymous Communication, then your name and Communication (including any personal information in the combined user name and Communication) will be disclosed to any Reader.
If you provide an anonymous Communication, then we do not provide your name to any Reader in connection with that Communication. However we do not vet the Communication to prevent you disclosing personal information (including your identity or the identity of any other person) when you provide a Communication, which could occur in any of the following ways:
• (express) by you expressly providing the personal information in the Communication
• (inferred from content) by you providing other information in the Communication from which your identity or personal information can be inferred or
• (inferred from limited numbers) by reason of your identity being able to be inferred due to a single or low number of users having been sent a previous Communication to which you are responding, and as a result in the above circumstances any such personal information (whether express or inferred) may be disclosed or apparent to a Reader.
In addition, we may disclose the following to the admin user of a group on our Service that you have joined:
• the names of users in the group who have sent Communications (but not with the corresponding content of those Communications)
• general information regarding the level, nature and timing of usage of the Service by users (but not with the content of any Communication)
We do not control the subsequent use or any disclosure (including to any Customer) that may be made by any Reader of any Communication (whether anonymous or non‑anonymous) from you that is made available to the Reader as above.
Overriding permitted disclosures
Despite any other provision of this policy, we may (but are not obliged to) disclose personal information, including your name or any Communication by you, to any third party (including, where applicable, another user or a Customer):
• where we have your express permission to do so
• where it can reasonably be inferred from the circumstances that you consent to the disclosure to the third parties
• where the third party provides goods or services to us in connection with our provision of the Service (Service Provider) and it is necessary or desirable that we provide the personal information to them to enable or facilitate them doing so. All disclosures to Service Providers are subject to us being satisfied as to their reputation, and the Service Provider agreeing to keep personal information confidential
• if we are under a duty to do so in order to comply with any law (including if required by law in relation to any freedom of information request)
• if in our opinion it is necessary or desirable in order to respond to any allegation or query by any Customer (or by any user not connected with a Customer) of misuse of the Service (including any alleged offensive Communication)
• if in our opinion it is necessary or desirable in order to protect the health or safety of any person (including you) or to prevent, report or investigate the damage or destruction of any property or breach of any law
• in order to enforce or apply our terms and conditions or to protect the rights, property, or safety of Loop, its personnel, customers or users (including exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction)
• in connection with a sale or proposed sale of Loop, or substantially all of its assets, to a third party, in which case any personal information about you that we disclose will be subject to the same constraints on use and disclosure as under this policy.
We may publish case studies in relation to use of Loop, but any such case study will not specifically refer to you without your consent.
Where practicable, users of the Service and others have the right to interact with us anonymously.
We may provide (either for a fee or free) data analysis services and information to users, customers, potential customers or the public generally that is based on aggregated Communications without identifying the individuals who have provided the relevant Communications. Although we will not disclose the names of users as part of the results of these services, it may be possible in some circumstances for the identity of a relevant user due to be determined for one of the reasons listed above (i.e. express or inferred disclosure within a Communication or limited numbers of users inferring the identity of the relevant users).
We may assign users a unique identifier for internal or data analytics purposes. These identifiers do not reveal any personal information about the corresponding individual. Details of the individual assigned the unique identifier are not disclosed outside Loop and cannot be used to identify an individual by others who do not have access to our private database which correlates the details of an individual with their unique identifier.
5. Disclosure and transfer of information overseas
We do not disclose or transfer personal information outside Australia, except where a user makes use of our Service overseas, in which case personal information may be sent to that user’s device as a necessary part of their use of the Service (but we still do not store personal information on any server overseas).
We store personal information on a secure server in Australia operated by a third party.
We hold personal information in our databases.
We take reasonable steps to protect our databases, including by internal and external security and restricting access within the organisation to personal information to those who have a need to know. We implement and maintain technological products to protect against unauthorised computer access and regularly review our technology to maintain security.
We treat website and credit card security seriously and endeavour to provide a secure, safe platform through which to conduct transactions (if any).
7. Access and correction
You may request access to personal information we hold about you by writing to Loop’s Privacy Officer at the address below. Please provide sufficient detail about the information in question to help us locate it.
If we hold personal information that you are entitled to access, then within a reasonable period after your request we will provide you with access. If we refuse your request then we will give you a written statement setting out the reasons for the refusal (unless unreasonable to give them), and the process we provide if you wish to complain about the refusal.
We will provide access in the manner you request if it is reasonable and practicable to do so. If it is not reasonable and practicable to provide access in that manner then we will endeavour to provide you with a suitable range of choices as to how you access it (e.g. emailing or mailing it to you).
If you believe that personal information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, then you may request amendment of it. We will consider if the information requires amendment and respond to you within a reasonable period after your request. If we do not agree that it should be amended, then we will add a note to the personal information stating that you disagree with it and will also give you a written statement setting out the reasons for the refusal (unless unreasonable to give them), and the process we provide if you wish to complain about the refusal.
Our contact details are:
Mail: The Privacy Officer
Loop Platform Pty Ltd
Level 19, 567 Collins Street
Any questions about this policy, or any complaint regarding treatment of your privacy by Loop, should also be made in writing to the address above.
If you lodge a complaint, we will let you know the name of the individual responsible for taking care of it, and will tell you when we will provide a full response.
In this policy “personal information” has the same meaning as under the Privacy Act and “including” means “including but not limited to”. References to “Loop”, “we” or “us” are to Loop Platform Pty Ltd (ACN 610 813 648), which has issued this policy.
We encourage you to review this policy from time to time.
Last update: September 2017