Legal & Privacy Policy

Privacy Policy

The Activeport group of companies, being Activeport Group Ltd and its subsidiaries (“Activeport”, “we”, “us” or “our”) is committed to protecting the privacy of personal information (being any information relating to an identified or identifiable human being, as defined by applicable personal data and privacy laws)– more specifically, the privacy of each individual whose personal information we control the processing of in the course of our business (Data Subject or you).

With respect to personal information transferred from the Europe Economic Area (“EEA”) or Switzerland to ActivePort Group Limited, we will process personal information in accordance with applicable privacy laws as applicable.

The General Data Protection Regulation (GDPR) grants EU residents greater protections over what personal information is used, as well as how, and for how long. Our Privacy Policy was implemented with GDPR in mind and our commitment is to comply with the GDPR in its current state and as it evolves.

Specific questions about our policy may be directed to [email protected].

Please read this privacy policy carefully to understand how we handle personal information.

This Privacy Policy (“this Policy”) explains how ActivePort companies collect, use, share, store and retain (i.e., ‘processes’) personal information when they do so as the ‘controller’ thereof (as such term is understood in Article 4 No. 7 EU Regulation 2016/679 (“GDPR”)). (This means that details of how ActivePort facilitates the transmission of our customers’ data as part of our services to them are not set out here, but are instead contained in our Services Agreement.)

As we process personal information in different contexts and for different reasons, this Policy is divided into different Sections, with our relevant controlling entity being specified in each Section.

More specifically:

Section 1 relates to our customers and prospective customers;

Section 2 relates to our recruitment of future employees;

Section 3 relates to all visitors to the ActivePort website/s, including the use of cookies;

Section 4 relates to our vendors and other business partners;

Section 5 contains general provisions affecting all categories of personal information, setting out where it is stored or shared, how it is protected, and what your rights as a data subject are.

Updates: Activeport may update this Policy from time to time by posting the revised version on our website.

IMPORTANT: Activeport’s services are aimed at corporate customers who act through their duly authorised representatives. We have no need for, and do not knowingly process, any data related to minors. If you are under 18 years of age you should not use our website or attempt to register an account with us.

Section 1: CUSTOMERS

1.1 – Customers:

In order to subscribe to any of our services, an account needs to be created on our customer-facing portal (“Portal”), from where the customer can provision the services it would like. So, for purposes hereof, a ‘customer’ is any company with a Portal account and the personal data processing details relating to customers are as follows:

Data Controller: The controller of customer-related personal information is the Activeport entity providing the services to that customer, alternatively the ActivePort entity operational in the relevant region.

Personal Information:

customer contact details, including the name, position, email address and phone numbers of customers’ employees and representatives;
customer credit card details and credit information (to the extent that it relates to any individual);
customer passwords and usernames for accessing the Portal; and records of each customer’s use of our services and its communications with Activeport; and
records of each customer’s communications with ActivePort, including any participation in customer surveys.

How we collect it:

From our customers via their representatives, be it in person, via phone, email, or by actively submitting it via our website/s. Customers are responsible for the completeness and accuracy of the personal information so provided and for ensuring that the people to whom the information relates (i.e., customer’s employees or other representatives) have been notified and, where required by law, have consented. If a customer does not provide ActivePort with the personal information requested, our services to that customer may be restricted or prevented; and
Pursuant to Section 1.2 (Prospective Customers) below.

Why we collect it: Although Activeport’s business is not consumer-facing and our customers are corporate entities, we collect such personal information to promote, explain and provide our services, including to carry out functions incidental thereto, like account management and service support. Doing so falls within ActivePort’s legitimate and legally-protected interests^[2]. More specifically, we use such personal information to:

deal with customer enquiries and providing customer support;
administer our agreement with each customer;
provision or connecting each customer’s services;
process a customer’s application, including carrying out checks for credit-worthiness;
manage each customer’s services, including account management, billing, processing payments and collecting debts;
investigate complaints and carry out dispute resolution;
product research and development, business planning and staff training;
communicate with our customers about our services and promotions relating thereto (in the latter case, provided you have not opted-out of receiving such promotional material, which can be done via the unsubscribe links within those communications or by contacting [email protected]);
communicate with our customers about third-party promotions or news, provided we have prior opt-in consent thereto as required by applicable direct marketing laws.

How we share it: To the extent necessary for the above purposes (or otherwise permitted by law), within the Activeport Group and with other organisations such as:

our service-related suppliers, resellers and agents;
our outsourced service providers who perform functions and services on ActivePort’s behalf, such as contact centre services, mailing functions, credit card payment processing, marketing, or IT services; (e.g.,: Salesforce, Xero, and Stripe);
credit reporting bodies, credit providers or debt collection agencies (where permitted by law);
other telecommunications and information service providers;
our business partners and marketing partners who may also process it in their capacities as controllers (subject to privacy laws and direct marketing laws) provided that you are entitled to opt-in/opt-out to us sharing your data in this manner and that, if you are Japanese, we will only do so with your prior consent;
our legal, accounting and financial advisers;
customer’s other authorised representatives.

How long we keep it: As long as needed to satisfy the above purposes, normally being for so long as customer’s Global Services Agreement is effective and for such period thereafter as required or permitted by law.

1.2. – Prospective Customers:

For purposes hereof ‘prospective customers’ are those companies that have not yet created any account on our Portal and the personal data processing details relating to them are as follows:

Data Controller: TheActivePort entity operational in the relevant region, hoping to provide services to the prospective customer.

Personal Information:

prospective customer contact details, including the name, position, email address and phone number of its employees and representatives
records of any communications between us and the prospective customer

How we collect it: Directly and indirectly in various ways, i.e., via the prospective customer’s representatives’ participation at conferences, trade shows, networking events, seminars and product demos; our Website (as detailed in Section 3 hereof); publicly available sources (e.g., prospective customer’s website; LinkedIn); our referral/sales agents, and sometimes our business partners.

Why we need it: To promote and explain our services to prospective customers (in accordance with applicable direct marketing laws) and to carry out functions incidental thereto i.e., responding to enquiries, complaints and/or disputes, doing product research and development, business planning, and staff training. Doing so falls within ActivePort’s legally protected legitimate interests.

How we share it: To the extent necessary for the above purposes (or otherwise permitted by law), ActivePort may share such personal information within the ActivePort group and with other organisations being:

our service-related suppliers, resellers and agents;
our outsourced service providers performing functions on ActivePort’s behalf, such as contact centre services, mailing functions, marketing, or IT services (e.g.: Salesforce, Xero, and Stripe);
our business partners who may also process it in their capacities as controllers (subject to privacy laws and direct marketing laws) provided that you are entitled to opt-in/opt-out to us sharing your data in this manner and that, if you are Japanese, we will only do so with your prior consent;
our legal and other professional advisers.

How long we keep it: As long as needed to satisfy the above purposes i.e., for so long as we are engaging in discussion with the prospective customer prior to becoming a customer (in which case Section 1.1 above applies to the continued retention of such personal data) or until 5 years after discussions have ceased.

SECTION 2: RECRUITMENT

The personal data processing details relating to our recruitment activities are as follows:

Data Controller: The relevant ActivePort entity that will be employing the successful candidate.

Personal Information: The specific personal information collected depends on what a candidate chooses to provide to us. If we do not receive the specific information we need, we may not be able to assess or proceed with their job application further. The types of personal information processed include:

contact details (such as your name, physical address, email address and phone number);
employment-related information (such as information in your resume regarding previous work experience, qualifications and referees, as well as your working rights and your police clearance, to the extent permitted under relevant employment laws); and
records of the candidate’s communications with us (including information gathered during interviews).

Note that we do not require, and candidates should not submit, any sensitive personal data (that is data relating to racial or ethnic origin, political opinions, religious or other beliefs, political or trade union membership, philosophical beliefs, health, biometrics, sexual orientation or criminal convictions).

How we collect it: Usually directly from the candidates, such as when candidates provide information to us in person, by phone or email, via our Website, or when they provide their details via our recruitment websites or social media accounts (including via job portals like Seek or LinkedIn). We may also collect information about candidates more indirectly from our recruitment agencies, candidates’ referees, and from other public sources (e.g., LinkedIn profile).

Why we need it: Activeport will only process a candidate’s personal information to the extent necessary for the job application process and/or their subsequent employment with Activeport, as required by our legitimate, legally-protected interests or applicable laws. More specifically, your personal information is used to assess and process your job application; to make a decision about whether to employ you; to deal with your queries and defend against potential claims in relation to the recruitment process; to consider you for future job opportunities with us (if you have consented to us retaining your details for such purpose); and, if you are hired, to make decisions about your employment with us.

How we share it: For the above purposes and to the extent permitted by law, we may share such personal information within the ActivePort group of companies, as well as with recruitment agencies and other third parties we engage to provide recruitment services on our behalf; your referees; third parties who conduct background and police checks; and the institutions that issued your qualifications.

How long we keep it: Activeport deletes unsuccessful candidates’ personal information after the application process is finished (i.e., once a suitable candidate is hired) save for those who have consented to their data being retained for future employment offers, or applicable laws entitle or require ActivePort to retain the information for longer (e.g., to defend against potential legal claims related to the recruitment process). The successful candidate’s personal information will be retained and processed in accordance with ActivePort’s internal employee-facing policies and processes.

SECTION 3: VISITORS TO THE ACTIVEPORT WEBSITES

This section applies to all visitors to the website www.activeport.com.au or any other Activeport website properties, including our Portal (Websites), whether visited by job applicants, customer or supplier representatives, or anyone else.

Data Controller: The relevant Activeport entity servicing the customer it represents (if applicable) or the region in which you are based, such ActivePort entity being the relevant data controller under this Section 3.

Personal Information: We may collect and process the following personal data about you via the Websites:

your name, address, e-mail address, phone number, live web chat content and possibly your financial and credit card information (“Submitted Data”);
technical information, including the Internet protocol (IP) address used to connect your computer to the Internet (from which we can infer your generalised location), your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform (“Technical Data”); and
information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Websites (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, videos watched, and mouse-overs), and methods used to browse away from the page (“Behavioural Data”).

How we collect it:

Submitted Data is actively provided by you directly when you fill in forms on the Websites or correspond with us via online chat, e-mail or otherwise (e.g., the phone number used to contact our customer service). This includes information you provide when you register with the Websites, subscribe to our Services and when you report a problem with any Website.
Technical Data and Behavioural Data is automatically collected during each of your visits to the Website. This is enabled by various common tracking technologies like cookies (small files stored on an individual’s browser or computer hard drive to optimize the individual’s interaction with a website) and web beacons (tiny graphics files containing unique identifiers to recognize someone as having received an email or visited our website before). Some cookies are purely technical and necessary for the Website to work properly and others track user behaviour in an aggregated anonymous fashion. However, where cookies are designed to track your behaviour in a personally identifiable manner, they will only be deployed on your device if you consent thereto during your first visit to our Website. You can find more information about the individual cookies, which data is processed by them, how we use them and why, and how to give or withdraw your consent to them here.

Why we need it: We use such personal information to:

enable you to use the Website and to provide our services, including by sending you promotional communications if you have opted-in thereto;
administer the Website and for internal operations (including troubleshooting, data analysis, testing, research, statistical and survey purposes);
improve the Website to ensure that content is presented in the most effective manner for you and your computer (e.g., logging page visits indicates missing pages or other web server problems);
keep the Website safe and secure (e.g., authentication cookies make sure you are the same person over a given “session” time); and
deliver relevant advertising to you and to measure or understand the effectiveness of advertising we serve to you and others.

We use the above personal information only to the extent required for these legally protected legitimate interests,^[3] or where this is necessary to provide requested services.^[4]

How we share it: To the extent required for the above purposes, we may share such personal information within the ActivePort group of companies and with suppliers and sub-contractors we use for our Websites, services and marketing activity. Note specifically:

The cookies on our Website include those of our third-party service providers (e.g., Google Analytics or Intercom cookie) and possibly other third parties over which we have no control (such as advertising networks and providers of external services like web traffic analysis services). These cookies are likely to be analytical/performance cookies or targeting cookies;
Third party advertisers, advertising networks, analytics- and search engine providers will only receive pseudonymised technical information from us (e.g., IP addresses) unless directly identifying information is needed to process a specific request of yours (including any services) or you otherwise give your prior consent; and
Our Websites may incorporate social media features enabling you to share content on social media (e.g., a Facebook ‘like’ button) and in doing so, you will be sharing your IP address and the page you are visiting with such social media site, subject to its privacy policy and practices.

How long we keep it: ActivePort retains such personal information only to the extent required for the above purposes and as required or permitted by law.

SECTION 4: VENDORS & OTHER BUSINESS PARTNERS

Data Controller: For each of our service providers, suppliers, independent contractors and other business partners (each a “Vendor”), the controller of any relevant personal information is the ActivePort entity holding the relevant account or business relationship with it, possibly in joint control with one or more other ActivePort affiliates.

Personal Information: The personal data processed in relation to Vendors include their contact details (i.e., the name, position, email address and phone numbers of their employees/representatives and of the Vendors themselves if they are sole proprietorships or partnerships); their communications with ActivePort; and, if they are sole proprietorships or partnerships, their banking details, invoices and service history.

How we collect it: Such personal information is collected directly from the Vendor via their websites or representatives (be it in person, via phone or email). Vendors are responsible for the completeness and accuracy thereof and for ensuring that the people to whom the information relates have been notified and, where required by law, have consented. Personal information related to prospective Vendors is collected from publicly available sources (e.g., prospective Vendor’s website or LinkedIn), via participation at conferences and other networking events, or via referrals from our existing business associates.

Why we need it: We need such personal information to appropriately engage with the Vendor for purposes of managing our relationship with it, as required by our contract with it, alternatively in our legitimate and legally-protected interests. More specifically, we use it for prospective Vendor assessment and contract negotiation purposes as well as the ongoing administration of our agreement with each Vendor (including for paying invoices and raising service-related queries or complaints);

How we share it: To the extent necessary for the aforesaid purposes (or otherwise permitted by law), Activeport may share a Vendor’s personal information within the ActivePort group, with Vendor’s other authorised representatives, and with our outsourced service providers who perform functions and services on our behalf (such as our financial and billing systems, mailing functions, IT services, and professional advisors).

How long we keep it: Vendor-related personal information is stored only as long as needed to satisfy the above purposes, normally being for so long as the Vendor’s business relationship with us is effective and for such period thereafter as required or permitted by law.

SECTION 5: GENERAL PROVISIONS

Where personal information is stored and processed: Activeport operates in various countries globally and the organisations that ActivePort may share personal information with may be located in countries both within and outside of the European Union (“EU”), including the United States, Canada, Australia, New Zealand, Hong Kong, Japan and the United Kingdom. Note that the personal data protection and privacy laws in certain non-EU countries may not be as protective of personal data as they are within the EU and may thus expose you to certain risks (such as a lower standard of protection applying to the processing of your personal information, or your having fewer rights to access your personal information, or there not being a regulatory body dedicated to personal data protection in that country that you can approach). ActivePort will take all reasonable steps to ensure that recipients in such countries comply with a level of data protection that is considered to be adequate from the perspective of EU data protection laws (such as being subject to standard contractual clauses approved by the European Commission), but you nevertheless acknowledge the aforesaid potential risks to your data being processed in such countries.

How else we may share personal information: Activeport may further disclose personal information as follows:

Regulatory and Contractual Compliance: To government, law enforcement and regulatory bodies, where required, to comply with our legal obligations or to enforce our agreements, as well as to other companies and organizations who assist us with fraud protection and credit risk reduction;
Mergers and Acquisitions: to a specific third party and its advisors in order to facilitate an acquisition or sale of assets between such third party and ActivePort. This is most likely to occur in relation to a purchase (or potential purchase) by such third party of any Activeport entity or its business or assets (as customer-related data and employee-related data may be part of the assets so sold); and
Other: Save for the above and for sharing certain personal information with our business partners (as explained in Section 1), Activeport does not generally share or sell any personal data to third parties to use for their own purposes, but if we should decide to do so for any reason, it will be on the basis of our overriding legitimate interests, on prior notice to you, and with you being entitled to object thereto (unless you are Japanese, in which case we will only do so with your prior consent). ^[5]

How we protect personal information: Activeport stores personal information electronically and sometimes in hard copy form, treating it all as confidential. We take a range of measures to protect the security of personal information, including by storing electronic information in password-protected servers that are in restricted and monitored areas. We do not store full credit card details on our own systems, but instead makes use of a PCI DSS-compliant payment service provider.

How to access and correct your personal information: Activeport takes all reasonable steps to ensure that the personal information we hold is accurate, complete and up to date. Customer representatives can access and correct most Customer-related personal information (such as contact details) directly via the customer’s Portal account. Otherwise, personal information can be accessed and corrected by contacting Activeport at [email protected].

Your other rights:

You have the right to not receive any direct marketing messages from us.
You have the right to request information about the personal data of yours we process (including as to who we may have shared it with and why, and the safeguards implemented for any transfers),^[6] to get copies thereof,^[7] to demand the correction of incorrect data,^[8] to demand its deletion^[9] or the blocking or restriction of the processing thereof,^[10] and to data portability in certain situations.^[11]
You may also be entitled to object to the processing of your personal data, provided the reason for the objection relates to your special situation and provided it is data we process based on one of our protectable legitimate interests.^[12] In some territories (e.g., France), you may be entitled to direct how you wish your personal data to be used after your death. If our personal data processing is based on your consent, you may at any time freely withdraw your consent to the future processing thereof.

You can exercise such rights at any time by contacting us at [email protected]. You may also lodge a complaint with your local data protection supervisory authority

Anonymous data: We do not permanently anonymise any personal data save (a) as part of producing certain aggregated anonymous survey result reports (in which case, if customer-related, the reports may be shared with our sales agents or business partners) or (b) as an alternative to deletion where deletion is not reasonably possible.

Links to third party websites: Our Websites may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Contact us: If you have an enquiry regarding privacy, or you wish to raise a complaint, please contact [email protected].

^[1] E.G. by Art. 4 (1) of the GDPR.

^[2] E.G. under Art. 6 para 1 lit f) of the GDPR

^[4] E.G. under Art. 6 para 1 lit c) of the GDPR.

^[5] If you’re Californian, note that we do not currently meet the specified thresholds for the applicability of the California Consumer Protection Act of 2018.

^[6] E.G. under Art. 15 of the GDPR.

^[7] E.G. under Art. 13.1(f) of the GDPR

^[8] E.G. under Art. 16 of the GDPR.

^[9] E.G. under Art. 17 of the GDPR.

^[10] E.G. under Art. 18 of the GDPR.

^[11] E.G. under Art 20 of the GDPR

^[12] E.G. under Art. 21 of the GDPR.

If you are unsure whether any contemplated use or action in relation to our Services and/or Software is permitted, please submit questions or comments to [email protected]

Effective date: 01 June 2021

Last reviewed: 01 June 2021

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.