Privacy Policy
So that you are fully aware of how and why we are using your information, it is important that you read this Privacy Notice any collection notice or other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal information about you. This Privacy Notice explains how personal information will be treated by dorsaVi.
dorsaVi’s Privacy Obligations
The website www.dorsavi.com (the, ‘Website’) is operated by or on behalf of dorsaVi Ltd ABN 15 129 742 409 or entities within the dorsaVi corporate group as listed in clause 13 below (‘Related Entities’), trading as dorsaVi (‘dorsaVi, ‘we’, ‘us’ or ‘our’). A reference in this Privacy Notice to dorsaVi, we, us or our also refers to our Related Entities.
dorsaVi respects the privacy of your personal information as a visitor to the Website and is bound by the Australian Privacy Principles under the Privacy Act 1988 (Cth) (the ‘Act’) the Data Protection Act 2018(UK) and the General Data Protection Regulation (together, the ‘GDPR’) and the Health Insurance Portability and Accountability Act (‘HIPAA’) and other laws which may be enacted to protect your privacy from time to time (together ‘Privacy Laws’).
All personal information held by us will be governed by our most recent Privacy Notice, posted on the Website. We will post any changes to this Privacy Notice on the Website, including to cover new laws, regulations, practices and technology. Please check this Privacy Notice for updates from time to time. In addition to the Privacy Notice, there may also be specific and additional privacy provisions that apply to certain sections of the Website and/or your interactions with dorsaVi – you should read and consider these wherever they appear. In the event of any inconsistency between this Privacy Notice and the specific provisions, the specific provisions will apply.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us. We have appointed a Privacy Officer who is responsible for overseeing questions in relation to this privacy notice. If you wish to make any inquiries regarding this Privacy Notice, you should contact our Privacy Officer in any of the ways specified in clause 11 below.
Personal Information received by us
In the provision of our services, we either collect personal information directly from a customer, an employee of a customer, an agent of a customer, or from a third party. For example, we may receive personal information about an individual from our customer where that customer, or a related entity to that customer, has contracted dorsaVi to provide services.
We rely on our customers to provide the necessary notices to each individual, and to obtain their consent, as required by applicable Privacy Laws, to enable that customer to provide personal information to us to enable us to provide services in accordance with terms applicable to that service and this Privacy Notice.
We enter into Model Contractual Clauses/Data Privacy Processing Agreements/Business Associate Agreements with each customer that addresses relevant cross border transfers, sharing or disclosure of personal information and customer confidential information between a dorsaVi Related Entity (that provides services to a customer) and each dorsaVi Related Entity and sub-contractor that assists in provision of these services to that customer, and each parties obligations in accordance with applicable Privacy Laws.
We may require a customer to assist us in taking all reasonable steps to verify that the customer is permitted to use and disclose personal information they provide to us.
Collection and Use of Personal Information
When referring to ‘personal information’, we mean information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified individual or an individual who is reasonably identifiable. Your name, age, postal and email address, phone number, payment details (such as your credit card details and billing address) as well as your resume, skills, qualifications and residency status are examples of personal information.
-
- Information collected
dorsaVi may require basic personal information which identifies you as an individual such as your name, email address and phone number, in order to transact business with you, on behalf of the company you work for, as our customer. We will only use this personal information for the purposes of providing information which you have requested, fulfilling business transactions, or for other purposes set out in this Notice.
We may also collect personal information indirectly from third parties, such as our business partners or third party providers of marketing lists.
We may collect the following information:
-
-
- Name and job title
- Company or organisation
- Contact information including email address and telephone number(s)
- Demographic information such as postal code, preferences and interests
- Language spoken
- Other information relevant to customer surveys and/or offers
- health related information, where applicable, as supplied by you to allow dorsaVI to provide the service
- IT information required to provide access to systems and networks such as IP addresses, log files and login information
- Information pertinent to fulfilling business transactions on a customer’s behalf, including customer and technical support.
-
We do not collect sensitive information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, or data concerning health (other than in the provision of certain services we may collect health data for the purposes of preventative or occupational medicine) or sexual orientation.
Financial data
We may ask you for financial information, including payment card details, if you choose to order any paid goods or services from us, including via the Website. This information is used by our payment provider, Metro Bank, Bank of America, NAB, Paypal to obtain payment for goods and services you have ordered from us. This information is submitted to Stripe, Payeezy, NAB Transact, and never actually stored by us.
Google Analytics
We use Google Analytics to help analyse how you use our Website. Google Analytics generates statistical and other information about website use by means of cookies. Google will store this information.
If you do not want your website visit information reported by Google Analytics, you can install the Google Analytics opt-out browser add-on. For more details on installing and uninstalling the add-on, please visit the Google Analytics opt-out page at https://tools.google.com/dlpage/gaoptout.
Click Stream Information
In common with many website, when you read, browse or download information from our Website, we or our internet service provider may also collect information such as the date and time of your visit to the Website, the pages accessed and any information downloaded. This information is used for statistical, reporting and website administration, maintenance and improvement purposes only.
Cookies
Like many websites, our Website may use ‘cookies’ from time to time. For more information about the cookies we use, please see our Cookie Notice.
Cookies are small text files that we transfer to your computer’s hard drive through your web browser to enable our systems to recognise your browser. Cookies may also be used to record non-personal information such as the date, time or duration of your visit, or the pages accessed, for website administration, statistical and maintenance purposes. Any such information will be aggregated and not linked to particular individuals.
Cookies may also be used for other purposes on our Website but in each case none of the information collected can be used to personally identify you. The default settings of browsers like Internet Explorer always allow cookies, but users can easily erase cookies from their hard-drive, block all cookies, or receive a warning before a cookie is stored. Please note that some parts of the Website may not function fully for users that disallow cookies.
While we take great care to protect your personal information, unfortunately no data transmission over the Internet can be guaranteed to be 100% secure. Accordingly, we cannot ensure or warrant the security of any information you send to us or receive from us online. This is particularly true for information you send to us via email. We have no way of protecting that information until it reaches us.
Security of your information on the Website
Once we receive your transmission, we make our best effort to ensure its security in our possession. The Website may contain links to other sites. We are not responsible for the privacy practices or policies of those sites.
-
- Use of personal information
dorsaVi will only use the information we collect about you for purposes connected with our business operations. Below we set out a description of the ways we plan to use your personal information and the legal bases we rely on to do so.
Purpose/Activity | Type of Information | Lawful basis for processing |
---|---|---|
Conducting our business functions |
|
Necessary for our legitimate interests (for running our business)
Necessary to comply with a legal obligation |
Marketing and selling our products and services, including via telephone, Website and social media. |
|
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
Verifying your identity and Contacting you |
|
Performance of a contract with you, fraud protection and recruitment. |
To email you newsletters or other updates (where you have consented to receiving them) by signing up to receive email updates from dorsaVi |
|
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
Providing you with ongoing information that we believe you may be interested in receiving, including for purposes which would be reasonably expected by you |
|
Necessary for our legitimate interests (to develop our products/services and grow our business) |
Personalising and customising your experiences on our Website, including to remember your details when you visit our Website multiple times |
|
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our Website updated and relevant, to develop our business, to inform our marketing strategy and to market and sell our products) |
Enabling you to enter a competition or promotion |
|
Performance of a contract with you
Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business) |
Processing your payments for purchasing any products |
|
Performance of a contract with you
Necessary for our legitimate interests (to recover debts due to us) |
Providing purchased goods or services to you |
|
Performance of a contract with you |
Responding to questions about our products and services |
|
Performance of a contract with you
Necessary for our legitimate interests (to assist you with enquiries about our products and services, policies and Website). Necessary to comply with a legal obligation |
Developing and improving our products and business |
|
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our Website updated and relevant, to develop our business and to inform our marketing strategy) |
Assessing your suitability for employment with dorsaVi (if you apply for a job) |
|
Necessary for our legitimate interests in assessing suitability for employment |
We may also use your personal information for other more specific purposes for which it was collected which were notified to you at the time of collection.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
If you choose not to provide your personal information to us for the purposes set out in this Privacy Notice, we may not be able to undertake certain activities for you such as providing you with requested information or products or services.
-
- Disclosure of personal information
dorsaVi will not otherwise disclose your personal information without your permission, unless the disclosure is:
-
-
- In accordance with this Privacy Notice or any agreement you enter into with us; or
- Required or authorised by law, including without limitation under the Acts, the GDPR and HIPAA.
-
dorsaVi may disclose, or provide access to, your personal information to third parties in connection with the purposes described in 3(b) of dorsaVi’s Privacy Notice.
We may disclose your personal information:
-
-
- To third party service providers appointed by dorsaVi to perform services for us or on our behalf (such as order fulfilment, reference and police checks, website and data hosting providers and payment processing services);
- To Related Entities;
- As required or authorised by law;
- To third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets; or;
- Otherwise with your consent.
-
We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
For customers and other data subjects located in the European Economic Area (‘EEA’), your personal information will be transferred outside the European Economic Area (‘EEA’).
dorsaVi, its Related Entities and some of our third-party service providers may be based outside of the EEA.
Whenever we transfer your personal information out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
-
-
- We transfer personal information pursuant to binding corporate rules of dorsaVi and its Related Entities.
- We use specific contracts, or data protection clauses, which have been adopted or approved by the Information Commissioner’s Office or the European Commission which give personal information the same protection it has in Europe.
- Where we use providers based in the US, we may transfer information to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between the Europe and the US
-
Please email privacy@dorsavi.com if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.
Opt out
If you decide that you no longer want to receive dorsaVi emails or other marketing messages then please use the unsubscribe feature set out in the email or write to:
The Privacy and Data Protection Officer
dorsaVi Ltd
Unit 3, 11-13 Milgate Street,
Oakleigh South, Victoria 3167 Australia
privacy@dorsavi.com
Where you opt out of receiving marketing messages, we may still need to contact you as a result of a product purchase.
Security of personal information
Irrespective of whether personal information is stored electronically or in hard copy form, dorsaVi will take reasonable steps to protect the personal information we hold from misuse, interference, loss, unauthorised access, modification or disclosure. However, except to the extent liability cannot be excluded due to the operation of statute, we exclude all liability for the consequences of any unauthorised access.
In addition, we limit access to your personal information to those employees, agents and contractors who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Information Retention
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Accessing and updating your personal information and further information
Under certain circumstances, you will have certain rights in relation to your personal information, including to give you the right to access or correct your personal information.
In certain circumstances, as set out in the Privacy Laws we may not be required by law to provide you with access or to correct your personal information. If that is the case, we will give you our reasons for that decision to the extent that it is reasonable to do so. We take reasonable steps to make sure that the personal information we collect, use and disclose is accurate, complete and up-to-date.
You have the right to:
Request access to your personal information. This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new information you provide to us.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete, deidentify, or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase or deidentify your personal information to comply with local law.
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information in the following scenarios: (a) if you want us to establish the information’s accuracy; (b) where our use of the information is unlawful but you do not want us to erase it; (c) where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your information but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal information to you or to a third party. We will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time
where we are relying on consent to process your personal information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
No Fee Usually Required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights listed in clause 7). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What We May Need From You
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our responses.
Time Limit To Respond
We try to respond to all legitimate requests within 1 month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Concerns about Privacy
If you:
- have a query or are concerned that dorsaVi may have breached the Acts, GDPR, HIPAA or this Privacy Notice;
- wish to make a complaint in relation to a breach of your privacy;
- would like to access your personal information held by us;
- would like to correct your personal information held by us; or
- would like to opt out of direct marketing,
please contact our Privacy Officer in any of the following ways:
by mail at:
The Privacy and Data Protection Officer
dorsaVi Ltd
Unit 3, 11-13 Milgate Street,
Oakleigh South, Victoria 3167 Australia; or
by phone at:
Australia:
1800 367 728
USA:
800-961-0772; or
by email at:
privacy@dorsavi.com
We will investigate your queries and complaints within a reasonable period of time of receiving the complaint and will notify you of the outcome of our investigation.
For information about privacy generally, or if your concerns are not resolved to your satisfaction, you can contact the relevant privacy, data protection or information office in your country of residence:
Australia
Office of the Australian Information Commissioner
1300 363 992 or via www.oaic.gov.au.
United Kingdom
Information Commissioner’s Office
Via www.ico.org.uk
United States
Federal Trade Commission
Via www.ftc.gov
Third-Party Links
The Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share information about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the privacy notice of every website you visit.
dorsaVi and Related Entity Details
https://www.dorsavi.com/locations/
Copyright
The whole of the contents on this Website is the subject of copyright owned or licensed by dorsaVi. All rights are reserved, and any unauthorized copying, storage, or reproduction in any form is strictly prohibited by the copyright owner.
Links to other website
This website may contain links to other websites, some of these which are not operated by dorsaVi. We provide these links for your convenience, but we do not review, control, or monitor the materials on any other websites. We are not responsible for the performance of those websites or for your business dealings with them. Your use of other websites is subject to the terms of use of those websites, including the privacy policies of those websites.
Indemnity
You agree to defend, indemnify, and hold dorsaVi, its officers, directors, employees, and affiliates harmless from and against any claims, actions or liabilities and settlements including, without limitation, reasonable legal and accounting fees resulting from, or alleged to result from your violation of the Terms of Use and Privacy Policy or from claims made by third parties including claims regarding ownership, copyright, plagiarism, slander, libel, rights abuse, right to submit, or privacy violation.