Effective: October 27, 2019
We are committed to protecting your privacy through compliance with the Privacy Act 1988 (Cth) (“Privacy Act”), the Australian Privacy Principles (“APP”), the General Data Protection Regulation (“GDPR”) and any other privacy laws applicable to our platforms.
Where our platforms contain links to third-party websites, these sites are not governed by this Policy. We are not responsible for their operation or their information privacy practices so please check those.
Information Collection and Use
We collect and use the following information to provide, improve, and protect our Services:
Information You Provide
Basic Account Information
We ask you to log in and provide certain personal information (such as your email address, username, and password) in order to be able to save your profile and the accounts, projects, and other data associated with it.
Payment and Billing Information
We also collect credit card or payment information for paid subscriptions. This information will be securely stored with a third party specialized in the handling of such information, such as a credit card payment gateway or other payment vendors.
If you correspond with us, you may also provide us information when you respond to surveys, communicate with our engineering, sales, or support teams about a question regarding the Services, or post a question about your application or our Services in our public forums.
If we telephone you, or you telephone us, to discuss our Services, we may collect personal information from you, including your name, company name, business address, phone number, job title, email address, whether you use the Services, information about your business needs, the number of users of our Services you require, and, if you telephoned us, how you heard about us, and any other information you choose to share with us by telephone.
Information We Collect Automatically
Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. Your devices (depending on their settings) may also transmit location information to the Services. We collect log information when you use our Services–for example, when you create or make changes to your account on the Services.
We collect information related to how you use the Services, including actions you take in your account (like sharing, viewing, and moving files or folders). We use this information to improve our Services, develop new services and features, and protect our Users.
We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Services from certain geographic regions.
Cookies and Similar Technologies
We use technologies like cookies and pixel tags to provide, improve, protect, and promote our Services. A cookie is a small text file containing a string of alphanumeric characters that may uniquely identify your browser that lets us help you log in faster and enhance your navigation through the Services.
A cookie may also convey information to us about how you use the Services (e.g., the pages you view, the links you click, how frequently you access the Services, and other actions you take on the Services), and allow us to track your usage of the Services over time. You can set your browser to not accept cookies, but this may limit your ability to use the Services.
Similarly, we may employ clear gifs (also known as web beacons) which are used to anonymously track your usage patterns on the Services, or place clear gifs in HTML-based emails we send you to track which emails are opened and which links you click. This information allows for more accurate reporting and improvement of the Services.
Information We Collect from Other Sources
We allow Users with certain third-party accounts (i.e. Users who have GitHub, Facebook, Microsoft, or Google accounts) to authenticate on the Services using those third-party accounts (each, an “Identity Provider”). If you authenticate on the Services using an Identity Provider, the Identity Provider may send us your registration or basic profile information on that service and other information that you authorize. This information enables us to authenticate you and improve the Services, and is deleted from Iconic Live within a reasonable period of time of your disconnecting your Identity Provider account from the Services.
Third Party Analytics Services
We may also receive information from third party services to help us better understand you and how you use our Services.
We also process information about end users of our Users’ Events, on behalf of our Users and in accordance with our user agreements. Typically, the information we receive from an end user is the same as a User and may include the end user’s name, email address, and device information, as well as any other information the User elects to share with us in the context of reporting or tracking in a User’s Event.
Information Collected by Third Parties
As noted above, sometimes we receive information about you from third party analytics service providers, such as Google, Intercom, Rollbar, Heap Analytics, and other third party service providers. In order to gain useful insights, these analytics providers may set tracking technologies (like cookies) to collect information about your use of our Services and across other websites and online services. These technologies allow these third parties to recognize your device to compile information about you or others who use your device. This information allows us and other companies to, among other things, analyze and track usage, determine the popularity of certain features, and deliver features or content that may be more targeted to your needs.
Purposes for Collection
We use information about you as mentioned above and for the purposes listed below:
- To provide you the Services, including for example, reporting errors and bugs in your Products and billing you for the Services;
- To maintain, monitor, and improve the Services by adding new features, sharing new use cases, or making the Services easier to use;
- To monitor and analyze trends and better understand how you interact with our Services;
- For our own internal benchmarking, for example, to measure, and gauge the effectiveness of the Services, our advertising of the Services, and to better understand user retention and attrition–for example, we may analyze how many end users created an account after receiving a marketing message or the features used by those who continue to use our Services after a certain length of time;
- To prevent problems with our Services, protect the security of our Services, detect fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of Iconic Live and others, which may result in us declining a transaction or the use of our Services;
- To personalize your experience using our Services, remember your preferences on the Services so that you will not have to re-enter it during your visit or the next time you use the Services, target our marketing messages to groups of our Users, to serve relevant advertisements; and
- To communicate with you, for example through an email, about offers and promotions offered by Iconic Live and others we think will be of interest to you, solicit your feedback, or keep you up to date on what we’re up to and our products. We give users the option to use some of our Services free of charge. These free Services are made possible by the fact that some users upgrade to one of our paid Services. If you register for our free Services, we will, from time to time, send you information about upgrades when permissible. For further information on your choices regarding your choices with regard to the use of your information for marketing purposes, see “Your Choices Regarding Your Information” below.
Legal Basis For Collecting and Using Information
Use and disclosure of your information will only be made in accordance with APP 6. We collect and use the personal data described above based on the following grounds:
- The use is necessary in order to fulfil our commitments to you under our Terms of Service or other agreements with you or is necessary to administer your account–for example, in order to enable access to our Services on your device or charge you for a paid subscription; or
- Compliance with a legal obligation necessitates the use; or
- The protection of your vital interests or those of another person require the use; or
- We have a legitimate interest in using your information–for example;
- to provide and update our Services,
- to improve our Services so that we can offer you an even better user experience,
- to safeguard our Services,
- to communicate with you,
- to measure, gauge, and improve the effectiveness of our advertising, and better understand user retention and attrition,
- to monitor and prevent any problems with our Services, and
- to personalize your experience; or
- You have given us your consent.
Information Sharing and Disclosure
We collect and use the personal data described above based on the following grounds:
Others Working with Iconic Live
We may share information about you within Australia and abroad, with third party vendors who need to know information about you in order to provide their services to us, or to provide their services to you. This group includes vendors that help us provide our Services to you, such as payment providers that process your credit and debit card information, fraud prevention services that allow us to analyze fraudulent payment transactions, postal and email delivery services that help us stay in touch with you, customer chat and email support services that help us communicate with you, those that assist us with our marketing efforts (e.g. by providing tools for identifying a specific marketing target group or improving our marketing campaigns), those that help us understand and enhance our Services (like analytics providers), and those that help us deliver our Services (like hosting and content delivery providers).
Our Services display information like your name, profile picture, and email address to other users in places like your user profile and sharing notifications. You can also share aspects of your Product with other users in certain forums and features of the Services intended to be public if you choose. When you register your Iconic Live account with an email address on a domain owned by your employer, educational institution, or organization, we may help collaborators and administrators find you and your team by making some of your basic information—like your name, organisation name, profile picture, and email address—visible to other users on the same organization.
If your use of the Services is pursuant to an agreement entered into by your employer or other organization to which you belong, your administrator may have the ability to access and control your Iconic Live account. Please refer to your organization’s internal policies if you have questions about this.
Certain features let you make additional information available to others.
You can also give third-party providers access to your information and account—for example, via Iconic Live APIs. Just remember that their use of your information will be governed by their privacy policies and terms.
Law & Order and the Public Interest
Third parties as required to
- satisfy any applicable law, regulation, subpoena/court order, legal process or other government request,
- enforce our Terms of Service, including the investigation of potential violations thereof,
- investigate and defend ourselves against any third party claims or allegations,
- protect against harm to the rights, property or safety of Iconic Live, its users or the public as required or permitted by law and
- detect, prevent or otherwise address criminal (including fraud or stalking), security or technical issues.
Business Transfers and Affiliates.
Aggregated and De-Identified Information.
We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
Your Choices Regarding Your Information
All Iconic Live account holders may review, update, correct or delete the personal information in their registration profile by logging into their account. Iconic Live account holders may also contact us at firstname.lastname@example.org to accomplish the foregoing or if you have additional requests or questions.
Access to Data Controlled by Our Users
Iconic Live has no direct relationship with the end users of our Users’ Events whose personal information is contained within the personal data processed by our Services. An individual who seeks access, or who seeks to correct, amend, or delete personal information provided by our Users should direct their request the specific User. You may also contact us at email@example.com if you have additional questions or concerns.
If you do not wish to receive promotional emails, you can click the “unsubscribe” button on promotional email communications. If you opt out of promotional messages, we may still send you other messages, like those about your account and legal notices. We sometimes contact people who do not have an Iconic Live account. For recipients in the EU, we or a third party will obtain consent before contacting you. If you receive an email and no longer wish to be contacted by Iconic Live, you can unsubscribe and remove yourself from our contact list via the message itself.
As noted above, analytics providers may set tracking technologies (like cookies) to collect information about your use of the Services, and potentially your use of other websites and online services. For more information about how to manage and delete cookies, visit aboutcookies.org. For further information on what information is collected by analytics service providers and why, see “What We Collect and Why.”
Set Your Browser to Reject Cookies
At this time, Iconic Live does not respond to “do not track” signals across all of our Services. However, you can usually choose to set your browser to remove or reject browser cookies before using the Services, with the drawback that certain features of the Services may not function properly without the aid of cookies.
Close Your Account
Of course, while it’s hard to say goodbye, we understand that sometimes you just need to move on. You can delete your information from within your account or close your account and keep in mind that we may continue to retain your information after closing your account, as described in How Store Your Information below–for example, when that information is reasonably needed to comply with (or demonstrate our compliance with) legal obligations such as law enforcement requests, or reasonably needed for our legitimate business interests.
Access and Take Your Data
You can download a copy of your content in a machine readable format as outlined in your account settings. If the export option is ever unavailable for any reason, you can also request a copy of the personal data you provided to us by sending a request to firstname.lastname@example.org.
If You Choose Not To Provide Your Information to Us
We respect your privacy and personal choice when it comes to your data. You can choose not to provide us with your personal information. However, this may mean;
- we will not be able to provide you with our services, or be limited in how we can do so
- we will not be able to interact with you
- we may be unable to process and open an account for you
- we will not be able to properly investigate or resolve any complaint you submit
How We Store Your Information
We use commercially reasonable physical, electronic, and administrative safeguards to protect the information we collect from loss, misuse and unauthorized access, disclosure, alteration, destruction, and to ensure that the information we process is reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the information. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. Please contact us immediately if you have reason to believe that your interaction with us is no longer secure. Our Security and Compliance page describes the measures we take to secure the Services and your data.
Anonymity, destruction and de-identification
We will allow our users to transact with us anonymously or by using a pseudonym wherever that is lawful and practicable.
We destroy or permanently de-identify personal information which is no longer needed in accordance with the APP 11, unless we are otherwise required or authorised by law to retain the information for a period of time.
In some circumstances, we will not attempt to match de-identified or anonymous data collected through surveys or such online devices as “cookies”, without your consent. By providing us your personal information, you consent and agree to our cookies-related activities as set out in this Policy.
Data quality and security
We take reasonable precautions to ensure that the personal information we collect, use, store and disclose is accurate, complete, relevant and up-to-date. However, the accuracy of that information depends to a large extent on the information users provide. That’s why we recommend that you:
- let us know if there are any errors in your personal information
- keep us up-to-date with changes to your personal information such as your name, email or address.
- You may change your personal details by using the relevant facility on our platforms or by contacting us (contact details provided in clause 11).
- We try our best to ensure your personal information is protected from loss, misuse, unauthorised access, modification or disclosure (via measures such as firewalls, data encryption, virus detection methods, and password restricted access). However, we cannot guarantee the absolute security of your personal information (it’s the Internet after all!). In the event of a data breach, we will attend to the reporting requirements that apply to us. We cannot accept responsibility for the misuse, loss or unauthorised access to, your personal information where the security of information is not within our control.
Notifiable Data Breach Scheme (NDBS) and GDPR notification rules
If you reside in Australia, in the event that there is a data breach and we are required to comply with NDBS of the Privacy Act, we will take all reasonable steps to contain the suspected or known breach where possible and follow the process set out in this clause.
If we have reasonable grounds to suspect that the data breach is likely to result in serious harm to any individuals involved, then we will take all reasonable steps to ensure an assessment is completed within 30 days of the breach or sooner if possible. We will follow the guide published by the Office of the Australian Information Commissioner (if any) in making this assessment. If we reasonably determine that the data breach is not likely to result in serious harm to any individuals involved or any remedial action we take is successful in making serious harm no longer likely, then no notification or statement will be made.
In the case of a personal information breach that affects an EU citizen, we shall without undue delay and where feasible, not later than 72 hours after having become aware of the breach, notify you and the Information Commissioner’s Office, unless the breach is unlikely to result in a risk to your right and privacy.
Location of Storage
To provide you with the Services, we may store, process, and transmit information in Australia and locations around the world—including those outside your country. Information may also be stored locally on the devices you use to access the Services.
When you sign up for an account with us, we’ll retain information you store on our Services for as long as your account is in existence or as long as we need it to provide you the Services. If you delete your account, we will immediately initiate deletion of your information. Deletion of your information, including deletion of your information from our backup storage, will be completed within 30 days of your request. But please note we may retain this information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.
Transferring Your Data
Your personal information may be transferred overseas or stored overseas for a variety of reasons (such as to our data hosting and IT service providers based overseas). If your personal information is sent to a recipient in a country with data protection laws which are at least substantially similar to the APP, and where there are mechanisms available to you to enforce protection of your personal information under that overseas law, we will not be liable for a breach of the APP if your personal information is mishandled in that jurisdiction. If your personal information is transferred to a jurisdiction which does not have data protection laws as comprehensive as Australia’s, we will take reasonable steps to secure a contractual commitment from the recipient to handle your information in accordance with the APP.
Assignment, Change of Control, and Transfer
Your personal information is controlled by Iconic Live Pty Ltd. Have questions or concerns about the Services or your privacy? Contact our Data Protection Officer & Privacy Officer at email@example.com. If they can’t answer your question, you have the right to contact your local data protection supervisory authority.