Last updated May 2020
iStaySafe’s commitment to maintaining your privacy.
We take the privacy and security of your Personal Information very seriously and are committed to ensuring that we collect, use, disclose and store your Personal Information in accordance with applicable data protection and privacy laws.
Any reference to “iStaySafe”, “we”, “us” and “our” refers to iStaySafe Pty Ltd ACN: 159 734 764, a company duly incorporated in the State of Queensland Australia and having its principal office at 23 Halford Street Newstead Queensland 4006 Australia, and each of its Rrelated Bodies Corporate.
“Cookie Information” is information automatically collected about website visitors by the Cookies, as described further below. Cookie Information does not identify you personally but could be combined with your device’s IP address to target communications to you based on what’s in such Cookie Information.
“DPIA” Data Protection Impact Assessment which identifies and minimises data protection risks.
“GDPR” means the EU General Data Protection Regulation.
“iStaySafe Device” is a device sold by iStaySafe.
“Mobile Software” the software and/or applications designed for mobile devices made available by us as part of the Services.
“OAIC” is the Office of the Australian Information Commissioner.
“Personal Information” is personal information that identifies or can be used to identify an individual, directly or indirectly, such as first and last name, date of birth, email address, physical address, telephone number, gender or other demographic information. In relation to Wearer’s, this information includes Wearer’s Information.”
“Related Body Corporate” is as defined in section 50 of the Corporations Act 2001 to mean that where a body corporate is a holding company of another body corporate, a subsidiary of another body corporate, or a subsidiary of a holding company of another body corporate, the first mentioned body and the other body are related to each other.
“User” or “you” is a reference to a customer of iStaySafe who accesses or uses the Services, a visitor or user and others to our Websites or any other person whose information is held by iStaySafe.
“Wearer” means the individual registered to wear any of the iStaySafe Devices.
“Wearer Information” means details of the Wearer’s nominated contacts, data generated through the Wearer’s use of the iStaySafe Device (such as location data, physical activity such as falls, speed of movement, etc), alerts issued by the iStaySafe Device and the general performance of the iStaySafe Device.
“Websites” mean www.istaysafe.com.au, and/or www.tictoctrack.com.au, and/or www.kitsolutions.com.au, and/or any other website/s operated by iStaySafe.
Collection of your Personal Information
You are not required to provide the Personal Information that we have requested, but, if you chose not to do so, in many cases we will not be able to provide you with our products and services or respond to any queries you may have. There are many aspects of our Websites which can be viewed without providing Personal Information, however, for access to future customer support features you are required to submit Personal Information. This may include but not limited to your contact information including email address, demographic information such as your postcode, a unique username and password, or provide sensitive information in the recovery of your lost password or other information relevant to customer offers.
We collect the location of devices connected to our Mobile Software to allow monitoring and provide alerts such as when Users of the service arrive and leave. If you turn off location sharing on one or more of your devices or turn off your device completely, we will not be able to share your location. (For Personal Information we may collect on location-based services see ‘Mobile Apps Privacy Policies’ section below)
We do not knowingly collect information from children
If you are under 18 or equivalent minimum age in your relevant jurisdiction (for more information see Age Restrictions [https://www.tictoctrack.com.au/age-restrictions/] on www.tictoctrack.com.au website), do not send any information about yourself to us, including your name, address, telephone number, or e-mail address without your parental or guardian consent. In the event we learn that we have collected Personal Information from anyone under the age of 18 or equivalent minimum age in your relevant jurisdiction without your parental or guardian consent, we will delete that Personal Information as quickly as possible. If you believe that we might have any Personal Information from or about anyone under the age of 18 or equivalent minimum age in your relevant jurisdiction without parental or guardian consent, please contact us at firstname.lastname@example.org.
The Parent may contact us to access, rectify, delete and/or restrict any Personal Information we have collected from the child, or to withdraw permission for us to collect any additional information from the child (see “Accessing Your Personal Information” section below). Please contact us at email@example.com if you have questions about your child’s account.
Sharing of your Personal Information
We may occasionally hire other companies to provide products and services on our behalf, including but not limited to information technology consultants to provide hosting, support and development services in relation to our systems and databases, handling customer support enquiries, processing transactions or customer freight shipping. Those companies will be permitted to obtain only the Personal Information they need to deliver the products and services. We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your Personal Information.
We also use third party providers to facilitate certain communications on our behalf, such as mail-outs and monitoring, which requires them to access contact data. All such third parties are vetted by us to ensure they provide adequate levels of security when processing data. In some circumstances, we may need to share your Personal Information where necessary with other third parties (including legal or other advisors, regulatory authorities, courts and government agencies) to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
We require third parties to maintain appropriate security to protect Personal Information from unauthorised access or processing.
Use of your Personal Information
We require your Personal Information to understand your needs and provide you with better products and services, and in particular for the following reasons:
- Fulfilling a contract we may have with you, such as a subscription contract and/or where you make a purchase from us.
- Internal purposes such as auditing, data analysis, customer communications and record keeping to enable us to exercise governance of rights.
- We may use the Personal Information to help us create, improve, operate and deliver our products and services.
- We may periodically send promotional emails about new products, special offers or free information about products and services which we think you may find specifically interesting, using the email address which you have provided. You can opt-out of receiving these communications at any time by using the ‘unsubscribe’ link that we provide in all emails, or by contacting us using the details provided below.
- We may occasionally (though rarely) use your Personal Information to contact you for market research purposes. We may contact you by email or mail for this purpose. We may use your Personal Information to customise our Websites according to your interests. You can opt-out of receiving these communications at any time by using the ‘unsubscribe’ link that we provide in all emails, or by contacting us using the details provided below.
- For each User to reach our Websites, we expressively collect the following non-Personal Information, including but not limited to browser type, version and language, operating system, pages viewed while browsing our Websites, page access times and referring website address. This collected information is used solely for the purpose of gauging visitor traffic, trends and delivering personalised content to you while you are at our Websites.
- In delivering our services, we may use the Personal Information to assist with our technical and/or customer support (for example we may use your Personal Information to verify identity, assist with identification of the Users, and to determine appropriate services) or to allow us to perform diagnostics on your device including historical and tracking record reports to analyse the performance of your device.
Storage of Personal Information
The security of your Personal Information is important to us. We take all reasonable steps to ensure the security of our systems and to protect your information from misuse, interference and loss as well as unauthorised access, modification or disclosure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the Personal Information we collect. When you enter sensitive Personal Information (such as credit card numbers) on our Websites, we encrypt that Personal Information using secure socket layer technology (SSL). When credit card details are collected, we simply pass them on in order to be processed as required. We never permanently store complete credit card details. We follow generally accepted industry standards to protect the Personal Information submitted to us, both during transmission and once we receive it and is regularly tested to ensure security provisions remain adequate. Bank account information is never accessible, either by our employees or by third parties.
Data files shared by us with third parties are password protected. Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure. As a result, although we strive to protect your Personal Information online, including through use of encryption and other measures, we cannot guarantee the security of any internet communication or transmission. If you have reason to believe that your interaction with us is not secure, please notify us of the problem immediately by contacting us using the details provided below.
Prior to introducing new systems or technologies relevant to the processing of Personal Information, we will undertake the necessary DPIAs with a particular focus on any associated risks.
If you have any questions about security on our Websites, you can email us at firstname.lastname@example.org
How we use the Cookies
The Cookies are small files which ask permission to be placed on your computer’s hard drive. Once you agree, the files are added and the Cookies help analyse web traffic or let you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log Cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our Websites in order to tailor it to the Users’ needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, Cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. The Cookies in no way give us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline the Cookies. Most web browsers automatically accept the Cookies, but you can usually modify your browser setting to decline the Cookies if you prefer. This may prevent you from taking full advantage of the website.
Accessing Your Personal Information
Right to Access
You have a right to access your Personal Information, subject to exceptions allowed by law. In accordance with data protection laws, the Users also have the right to receive a copy of any Personal Information we hold about them in connection with the performance of our contracts with them. You may be required to put your request in writing for security reasons. We will provide the Users with copies of their Personal Information in a convenient format (via electronic means or otherwise). We reserve the right to charge a fee for searching for, and providing access to, your Personal Information on a per request basis.
Rectification, erasure, and restriction
You have the right to ask us to limit or cease processing or erase Personal Information we hold about you in certain circumstances. In responding to such requests, we will communicate to the User concerned the impact of such restrictions or deletions.
We take reasonable steps to ensure that the Personal Information we hold about you is accurate and up-to-date and we will comply with any requests to rectify any inaccurate Personal Information we may hold about you. We do ask that you notify us immediately if you change any part of your Personal Information, so we can update our records.
Right to object
You have the right to object to our Websites using your Personal Information on the basis of its legitimate interests and the right to ask us not to process your Personal Information for marketing purposes, where relevant (see “Use of Your Personal Information” section above).
We are committed to respecting individuals’ rights. You may action your rights by contacting us using the details provided below and we will comply with your requests unless we have a lawful reason not to do so. We will endeavour to handle any requests within a reasonable period and, in any event, within thirty (30) days of the original request.
Controlling your Personal Information
You may choose to restrict the collection or use of your Personal Information in the following ways:
- whenever you are asked to fill in a form on our Websites, look for the boxes and tick only those categories which you are interested in and wish to receive information about;
- if you have previously agreed to us using your Personal Information for direct marketing purposes, you may change your mind at any time by writing to or emailing us using the details provided below.
Links to other websites
What is our legal basis for data processing?
By law, we may only process Personal Information where we have a legal justification or requirement to do so.
In accordance with that law, we process Personal Information as described above because it is necessary for;
- the performance of our subscription contracts with the Users or where you make a purchase from us: and/or
- the purposes of our legitimate interests, namely to fulfil our Website’s functions in accordance with applicable laws and regulations and to conduct and manage our relationship with specific individuals. Where we use your Personal Information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. If we believe your interests or fundamental rights and freedoms override our legitimate interests then we won’t use your Personal Information on this basis and may seek your specific consent, and/or
- compliance with our legal obligations.
How long do we retain Personal Information for?
We will only retain Personal Information for as long as is necessary to provide our products and services or for as long as we reasonably require to retain the Personal Information for our lawful business purposes or comply with statutory or other legal requirements.
In the event of any breach of our Websites systems impacting on the security of a User’s or any other individual’s Personal Information, we will inform the affected User/s at the earliest opportunity describing the nature of the breach, the possible consequences and the measures being taken to remedy the situation in accordance with our procedures and applicable law.
We have a cross-functional approach to privacy governance. Privacy governance covers all areas and includes both Personal Information and employee data. All our employees are required to take induction training on business conduct of which privacy training is an essential part.
If you are unhappy with the way in which we process your Personal Information, please contact us using the details provided below.
If we do not respond within thirty (30) days, or if you are dissatisfied with our response, you have the right to lodge a complaint before the OAIC, the Australian data protection authority. Their contact details are as follows: The Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001 Australia; Tel: +61 1300 363 992;
Email: email@example.com or see their website at: https://www.oaic.gov.au/.
If a complaint is able to be resolved, then the terms of resolution will be recorded in writing, signed and dated by the parties and if required provided to the OAIC. If a complaint is unable to be resolved, then we will refer the matter to the OAIC for investigation and resolution.
MOBILE APPS PRIVACY POLICIES
TicTocTrack – Admin app
In order to verify your identity when accessing the TicTocTrack mobile app we capture a User’s Personal Information. How the Personal Information is used and the features on your phone that we may require access to, are listed below:
||For direction and map operations
||To check network connectivity and network speed
||To access images for profile pictures and device avators
||To playback alert tones
|Device ID & Call information
||To make calls to GPS devices
||Save/Download generated reports
Personal Information captured
Username, email address and phone number – For account management, contact and identification.
User’s images – For use as profile pictures and device avatars.
User’s password will be captured securely in the TicTocTrack Admin app.
Security and Compliance
All Personal Information including location data is transferred through an SSL connection.
No credit card information is captured by the mobile application or stored on the server.
TicTocTrack Watch, Generation 2 Watch & K.I.T
Our devices allow the parent/carer/employer to monitor their family member’s/employee’s (individual wearing the watch) activity, receive regular location updates and alerts all the time the User’s device is turned on and in network coverage. This information is NOT shared with others outside of the monitoring app user unless you have given permission to do so for example to a third party monitoring company used by us.
The TicTocTrack App collects your unique user identifier and precise or approximate location information as determined through data such as GPS and WiFi positioning. During the following scenarios the watch will not send location details: no coverage, no data service on the SIM in the watch, or if you turn the watch off or the battery goes flat.
Family members or any other person/s that you or a third party monitoring company have assigned as ‘emergency contacts’ will receive alert notifications regarding your activity when you arrive or leave assigned location points and when the SOS is activated.
In delivering our services, we may use the Personal Information to assist with our technical and/or customer support (for example we may use your Personal Information to verify identity, assist with identification of the Users, and to determine appropriate Services) or to allow us to perform diagnostics on your device including historical and tracking record reports to analyse the performance of your device. When doing so we will ask your permission to access your data via our customer service team, unless you have provided permission through a third party such as a third party monitoring company or an employer.
TicTocPhone & TicTocAlert – Mobile device monitoring app
The TicTocPhone/Alert Service allows TicTocTrack Admin App user’s to monitor their family members activity, receive regular location updates and alerts all the time the user’s device is turned on and the TicTocPhone/Alert app is installed on the User’s phone. This information is NOT shared with others outside of the monitoring app user. In the event a mobile device monitoring application is used between an employer and employee, the access of Personal Information will be between the employer and the employee. However, the employee may turn off the tracking and other features when required.
The TicTocPhone & TicTocAlert Apps collect your unique user identifier and precise or approximate location information as determined through data such as GPS and WiFi positioning when you have Location Settings turned on in mobile settings. During the following scenarios the phone will not send location details: no coverage, no data service on the phone, flight mode or if you uninstall the app.
In addition to that iPhone users can turn off location ‘Always’ by going to settings>tictocphoneapp>location>setting to change from ‘Always’ to ‘Never’, or by settings>tictocalertapp>location>setting to change from ‘Always’ to ‘Never’. This will stop sending location updates to the server.
In Android you can go into the app and under permission the User can turn off location services.
Emergency contacts will receive alert notifications regarding your activity when you arrive or leave assigned location points. Also, when the SOS is activated, real time tracking is turned on or off and on an Android phone, when the Sudden Impact Alert is triggered during real time tracking.
In delivering our services, we may use the Personal Information to assist with our technical and/or customer support (for example we may use your Personal Information to verify identity, assist with identification of the Users, and to determine appropriate services) or to allow us to perform diagnostics on your device including historical and tracking record reports to analyse the performance of your device.
If you purchase a product or Service from us, we may request certain Personal Information from you. You may be required to provide contact information (such as name, Email, and postal address) and financial information (such as credit card number, card expiry date). We use this Personal Information for billing purposes and to fill your orders. If we have trouble processing an order, we will use this Personal Information to contact you.
Data Security Policy
All payments are fully automated with an immediate response. Your complete credit card number cannot be viewed by us or any outside party. All transactions are performed under 128 Bit SSL Certificate.