Introduction and Scope
simPRO Group Pty Ltd, its subsidiaries and any other entity which may be acquired now or in the future (collectively referred to in this policy as “simPRO”, “we”, “our” or “us”) considers the protection of your Personal Data a paramount corporate responsibility.
This Personal Data Protection Policy (“Policy”) describes the privacy practices of simPRO’s websites, web applications, mobile applications (including our fleet management software) and desktop applications (“Products and/or Services”). This Policy sets out important information to assist you with a transparent understanding of the Personal Data we collect from you, why we collect it, how it is used and shared and your choices regarding the use of Personal Data we collect.
In order to provide our Products and/or Services to you, we need to collect, use and disclose to certain third parties information that may identify you personally. Simply put, all the information we collect is related to providing you with simPRO Product and/or Services.
By utilising simPRO Products and/or Services, you consent to the privacy practices described in this Policy. If you do not agree with any part of this Policy, please do not provide your Personal Data to us.
If you do not provide us with your Personal Data, or if you choose to exercise any of your rights in relation to this Policy including withdrawing consent that you have given under this Policy (in accordance with clause 11) then this may affect our ability to provide our Products and/or Services to you or it may negatively impact the Products and/or Services we can provide to you.
simPRO operates in Australia, New Zealand, United Kingdom and the United States of America and accordingly, we may disclose your Personal Data between our locations which may or may not be located in your country of residence. All simPRO related entities are subject to the privacy practices set out in this Policy and any applicable jurisdictional legislation.
For the purposes of the General Data Protection Regulations 2016/679 (“GDPR”) in the European Union simPRO is both a “data controller” and a “data processor” of Personal Data you provide to us for the primary purposes of providing you with Products and/or Services.
What is Personal Data?
Personal Data is data which contains any information relating to:
We will only control and/or process Personal Data where the collection of Personal Data is necessary to deliver our Products and/or Services to you. Specifically, we only collect Personal Data under the following circumstances:
Special Categories of Personal Data
Our Products and/or Services do not require us to collect ‘Special Categories’ of Personal Data from you. A Special Category of Personal Data is information which is of ‘sensitive nature’ such as information relating to:
What type of Personal Data do we Collect?
We may collect the following types of Personal Data from you:
Information required to establish your customer account with us, such as:
Financial billing information that we require to process payment for our Products and/or Services. For example; we may require financial information for the purposes of invoicing you for payment or to provide to third party payment processors if you have provided us with a direct debit authority.
Example: We may collect Personal Data such as your name, address, email or phone number so that we can provide you with a product demonstration through our website or issue you with a product proposal.
What Personal Data do we Process?
We will always process Personal Data lawfully, fairly and in a transparent manner. Processing means any operation we perform on Personal Data that is considered collection, storage, transfer, dissemination or erasure of the Personal Data.
We will only process Personal Data, where:
If you sign up to a simPRO Enterprise and enter a customer’s personal contact details into a job, simPRO will only use the Personal Data (contact details) you enter to store the Personal Data or to enable simPRO Enterprise to carry out the tasks you request it to do such as create an invoice or run a report. simPRO will not control or use that Personal Data.
How do we use your Personal Data?
The primary purpose for which we control and process your Personal Data is to provide you with our Products and/or Services or to assist you with determining whether or not you would like to use our Products and/or Services.
This includes using your Personal Data for the following purposes:
We may also (upon obtaining your express permission) utilise your Personal Data for secondary purposes, such as:
On occasion we use customer’s names, organisations and testimonials on our websites or on our social media. Your consent will always be obtained prior posting a testimonial.
Purposes Outside of Our Control
Any Personal Data that you choose to submit or post on our social media pages or any other public forum (“Forums”) may be read, collected, or used by others who visit these Forums and may be used to send you unsolicited messages. We are not responsible for the Personal Data you choose to submit in these Forums.
How do we collect your Personal Data?
Information collected from you directly
We will only collect Personal Data directly from you with your consent and through:
Information collected from you indirectly
We may also collect Personal Data from you when you interact with our websites or social media accounts.
We may collect this data by using Cookies (small files that are stored on your computer or mobile device). We utilise Cookies so that we can record how many times you have visited our website and which parts of our website you have visited before. Cookies may be used to provide you with information that you are interested in or to deliver our advertisements on other web sites and services.
Many web browsers allow you to manage your preferences regarding Cookies. You can set your browser to block cookies or delete certain Cookies. You may be able to manage other technologies in the same way that you manage Cookies using your browser’s preferences.
Do we ever disclose your Personal Data to third parties?
We may disclose your Personal Data to third parties in accordance with this clause, however any disclosure must be directly in relation to the primary purpose of providing Products and/or Services to you in accordance with this Policy. Please note that we do not engage in the sale or trade of Personal Data under any circumstance.
For the purposes of this Policy, “Disclose and Disclosure” means to transfer, share (including verbally and in writing), send, or otherwise make available or accessible your personal data to another person or entity. Third Party/Parties mean a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process your Personal Data.
We may Disclose your Personal Data to third parties performing services for us for the purposes described in this Policy. These services include processing and storing information on servers that may be located in jurisdictions outside of your country of residence.
Other instances where we might be required to Disclose your Personal Data to a third party:
Your Personal Data may therefore be subject to privacy laws that are different from those in your country of residence. Personal Data collected within the European Union (including the United Kingdom and Switzerland) may be transferred to and processed by third parties, located in a country outside of these areas, where your Personal Data may be subject to reduced rights. All third parties engaged by us must deal with the information we Disclose in accordance with our legal obligations (including entering into vendor agreements), privacy, confidentiality and security standards.
Under no circumstances are third parties authorised by us to use or control the Personal Data they receive from us for any other purpose for which we engaged them.
If you have concerns about the transfer of your Personal Data to third parties for the purpose of Processing, please contact us in accordance with clause 13 below.
How do we keep Personal Data safe?
We have an obligation to ensure that your Personal Data is protected from unauthorised processing, accidental disclosure, access, loss, destruction or alteration. Accordingly, we have a range of technical security measures and procedures in place to ensure that your Personal Data is protected appropriately. These measures have been implemented and are reviewed regularly to protect your Personal Data from scenarios which may result in the accidental or unauthorised disclosure of your Personal Data as mentioned above.
Security measures, processes and encryption algorithms (including SSL protocols) are also audited by a third party on a monthly basis to ensure that we are adhering to and applying best practices to our implementation, management and use of security protocols.
In the unlikely event there is a data breach, we will (without delay) notify the relevant data protection authority, unless the breach is not likely to present any risk to your rights.
How long do we keep your Personal Data for?
We will only keep your Personal Data for as long as necessary to fulfil the purposes for which we are processing your Personal Data unless the law requires us to retain it for longer. For example, if required by local legislation or in the event we required it to defend legal proceedings.
What are your rights in relation to the Personal Data we collect?
You have rights in respect of your Personal Data. Specifically, you may exercise your right to:
If you wish to exercise any of the above rights, please send your request to our Data Protection Officer using the contact details set out below.
If you are in the European Union, you may also have the right to complain to the Information Commissioner or to your local data protection supervisory authority if you are unhappy with our privacy practices.
If you have any questions or complaints in relation to this Policy or our use of your Personal Data, or if wish to inform us of a change or correction to your personal information or would like a copy of the information we collect on you in relation to this Policy or our use of your Personal Data, please contact our Data Protection Officer using the following details:
Data Protection Officer
Attention: Data Protection Officer
simPRO Software Ltd
If you are not satisfied with simPRO’s response the regulatory body that governs privacy in your jurisdiction, may be able to help you. Please contact our Data Protection Officer for details of the regulatory body that applies to you.
We will ensure that your question, concern or complaint is dealt with as soon as practicable. We reserve the right to verify your identity before complying with the request.
Changes to this Personal Data Protection Policy
We may amend this Policy from time to time in order to continue ongoing compliance with applicable Privacy regulations. If there are significant changes made to this Policy, we will ensure we notify you.
This policy was last updated on 04 May 2018.