Your Privacy and Foundd Legal Pty Ltd (ACN 162 433 294 ) trading as Foundd Legal and www.founddlegal.com (collectively and individually referred to as “Foundd Legal”, “we”, “our” or “us”).
Effective Date 14 August 2019
Who we are and how you can contact us
We will only use your personal information in compliance with Australian Privacy Laws (Privacy Act (Cth), Australian Privacy Principles and to the extent applicable, with the EU General Data Protection Regulation (GDPR) and any replacement legislation or regulation or guidelines and standards governing the use, storage or transmission of personal data.
Our Role in your Privacy
As we are the providers of the products and services on this Site, we determine how and why your data is processed. We do not sell or rent your details to any third parties. We are committed to protecting your privacy and we want you to know exactly what information is collected and how we use it.
When and How we collect Data
From the moment you visit our Site, we are collecting data, sometimes you might provide this data by completing a form or setting up an account, otherwise we might collect the data automatically. We have set out some examples below of how we may collect data from you:
- When you send us an enquiry form
- When you complete a questionnaire
- When you subscribe to our newsletter
- When you set up an account
- When you attend a seminar or other event we may organise
- When you instruct us to act for you and we open a file and conduct a conflict check
Types of Data we may collect
- Contact details (name, address, email)
- Financial Information (bank details when you are making a purchase)
- Data about the products or services you purchase
- Data that identifies you (your IP address, login, browser type, time zone, browser plug ins, geolocation, what operating system and version)
- Data on how you use our Site (URL clicks, products and services views, how long you are on our pages and other actions)
- Data about your experience and satisfaction with our Site and the legal products and/or services that you have purchased from us or others
- Data about any information we gather that relates to your attendance at seminars or other events held by us (including webinars and podcasts)
- Data relating to your circumstances and such other information that is relevant to the matter(s) in which we are instructed by you
- If you are an employee or prospective employee, data relating to your qualifications, skills and experience
- If you are a supplier of goods and services or a prospective supplier, information about your products, services and pricing
How and why we use your Data and disclosure
Under data laws, we are only allowed to use your data for specific reasons and where we have the legal basis to do so.
We will use your data for the purposes it was collected and related purposes included:
- To run our Site
- provide you with products, information and services
- Customer support
- Track your purchase history
- Detect and prevent fraud
- Improve our Site
- Marketing (with your consent)
- Make your experience on our Site more efficient and enjoyable
- Market research e.g. we may contact you for feedback about our products and services
- Provide you with information about events, other products or services or opportunities that may be of interest
We may disclose your data for the purposes it was collected and also:
- As required by law subject to our obligations
- With your consent
- Within our business
- In order to sell our business (if we were to ever sell, we may need to transfer data held to the new owner)
Google Analytics and Facebook
What are your choices?
Don’t provide us with personal data
You can choose not to provide us with any personal data. However if you do this, we will not be able to provide you with any products or services, however, you can continue to use our Site and browse the pages of our Site.
Turning off cookies
Don’t want marketing?
We will always let you know before we collect any data from you what the intended use is and if we intend to use it for marketing and if third parties are involved we will obtain your consent (which you can withdraw at anytime). You can change your mind about marketing material by opting out by (a) completing the contact us form on our contact page or by unsubscribing within the email if you have previously subscribed to our newsletter.
What are your rights?
You can exercise your rights at anytime by contacting us via the contact us page on our Site here or via email email@example.com.
You can access information we hold about you
We will provide you with the information within 30 days of your request, unless doing so would adversely affect the rights and freedoms of others (e.g. another person’s confidentiality or intellectual property rights). We will tell you if we cant comply with your request and why.
You can contact us to ask us to correct any information we hold about you, that you believe is inaccurate.
Objections to using data for profiling or automated decisions
We may use your data to determine what products and services are relevant to you (e.g. tailoring our emails based on your behaviour. Otherwise, the only circumstances in which we will use this data is to provide our products and services to you.
You have the right to be forgotten
You have the right to request for your data to be erased. This means we have to delete all information that we hold about you, except to the extent of any information we are required to hold due to our legal obligations.
You have the right to make a complaint regarding the use of your data
If you have any complaints regarding how your data is handled, please contact us via our contact us page or via email to firstname.lastname@example.org. If you are not satisfied with our response to your complaint you may seek a review by contacting the Office of the Australian Information Commissioner using the information available at https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint
How secure is the data collected
We realise that our customers trust us to protect their personal information. We take that task seriously and maintain reasonable and appropriate physical, electronic and procedural safeguards to help protect your personal information. For example this includes:
- Password access to accounts
- Storing electronic data with reputable third party storage providers who have appropriate security protections
- Limit access to personal information to individuals who need to know.
Where do we store data
We use service providers based around the world. Consequently, your data may be processed in countries outside of Australia. If we transfer personal data outside of Australia, we will ensure that your privacy rights are adequately protected by ensuring these service providers have the same or similar measures in place to protect data shared.
How long do we store data
We will keep your data for as long as we need it and this period will also depend on your interactions with us. If you have made a purchase with us, we will keep a record of your purchase for the period necessary for invoicing and tax purposes. When we no longer need to keep your information, we will delete it.
Third parties who process your data
We share data with third parties in the following circumstances:
- Other companies in our group of companies, as necessary to operate our Site
- Our suppliers and service providers working for us e.g. payment processors
- Our professional and legal advisors
- Third parties engaged in fraud prevention and detection
- Law enforcement or other government authorities
- Where we have your consent to do so or otherwise where we are legally permitted to do so.
Our Site is hosted on Shopify Inc. They provide us with the ecommerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
Age of consent
By using this Site, you represent that you are at least the age of majority in your State or Territory of residence. Our Site should not be used by anyone under the age of majority and we do not knowingly collect data from anyone under the age of majority.
Cookies and how to block them
What are cookies?
Unfortunately they are not the edible kind! “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. The HELP function in your browser will tell you how to restrict or block the cookies. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.