What personal information we collect, and why we collect it;
How we use personal information;
How we protect that information;
How you can control your information, including accessing, updating and deleting what we store; and
How and with whom we may share the information we collect.
Our Role as a Data Processor
Types Of Information Collected
How We Collect Automatically Collected Information
How We Use The Information We Collect
Disclosure Of Collected Information To Others
Do Not Track
Transfer and Storage of Information
Securing Collected Information
Updating or Correcting Your Personal Information
Your Rights Regarding Your Personal Information
Website Users from Outside Australia
Retention and Storage
Links To Third-Party Websites
How To Contact Us
OUR ROLE AS A DATA PROCESSOR
In other words, we operate as a service provider, and provide the Services on behalf and at the direction of our customers. In these circumstances, and for purposes of applicable data privacy laws, SenSen is acting as a “Data Processor” and our customers remain the “Data Controller” with regard to any personal information that we collect, or they provide, for processing through use of our Services.
As the data processor, we process personal information inputted into, provided or collected via the Services on behalf of our customers, and in accordance with our customers’ written instructions as well as the terms of our contracts with our customers. This also means that where instructed or authorized by our customers, we will share personal information with third parties to carry out further processing of personal information on our customers’ behalf. Further, as a data processor, we will assist our customers in complying with applicable data privacy laws to the extent any such laws cover the personal information we process on their behalf, including where relevant protection, security of processing and maintenance of personal information. As such, we do not respond directly to any requests from individuals who desire to exercise their data privacy rights (as described herein, below) with regard to their personal information for which we are only a processor, except as required by law. Rather, we will refer any such requests to the customer who is the data controller of such personal information.
TYPES OF INFORMATION COLLECTED
SenSen collects certain personal information when you use the Website or Services, as well as from the use of the Services by our customers. We describe the types of personal information we collect and process in further detail, below. Notwithstanding those personal information types described below, there is certain personal information that we do not deliberately process, monitor, aim to collect, or otherwise use either through the Website or our Services. These information types include an individual’s race or ethnic origin; political opinions, membership of a political association; religious beliefs or affiliations; philosophical beliefs; membership of a professional or trade association membership of a trade union; sexual preferences and practices; criminal record; or health information. Please note that it is possible that we may still inadvertently collect the types of information listed above, for example if you or a third-party discloses it to us, or incidentally through the Services. However, we will never request that you or any other party provide us with these categories of information, and if collected incidentally we do not use or otherwise perform any further processing – such as profiling or categorizing – of these categories of personal information.
Information You Provide To Us
Certain features of the Website may enable or require you to provide personal information. SenSen is the data controller of the personal information it collects through the Website. Some common ways you may provide us with personal information include when you contact us through the Website, such as by submitting online forms, contacting us through the “Contact” page of the Website or through sending us an e-mail, subscribing to our Newsletter or other online distribution list we manage, or applying for employment with us. Depending on the nature of your interaction with us, the personal information collected on the Website may consist of information including, but not limited to:
first and last name;
details or information of your request;
employment application data may additionally include:
employment / work history;
tax file or tax ID number;
When we ask you to provide personal information on the Website, we will explain, or otherwise make it evident, the reasons why you are asked to provide that information. Generally, and unless otherwise indicated, any required information that you may be asked to provide is needed to enable your use of certain features of the Website, or provide you with services or information you request from us. In some instances, if you choose not to provide us with your personal information, you may not be able to use certain features of the Website.
Information Provided or Collected About You Via our Services
As described above, SenSen is a service provider, and, through the provision of our Services, we collect and process data, including personal information, on behalf, and at the direction, of our customers. SenSen is the data processor of the information we collect and process through the Services. The Services we provide to our customers include intelligent transportation, retail, and gaming solutions. Through the provisions of our Services, we collect personal information from you on behalf of our customers in the following ways, when you engage in an activity monitored by our products such as parking in a space or driving on a road that is monitored by our products.
Through the provision of the Services, we collect the following types of personal information from or about you:
First and last name;
Date of birth;
Professional Title and Company Name
Contact details, which may include:
postal code, residential, or business address;
telephone number, facsimile number;
Photo or video footage of you / your likeness;
Geographic location data;
Intelligent Transportation System products may additionally collect:
Vehicle details including tag/registration;
Insurance policy information
Retail products may additionally collect:
Your consumer preferences;
In some instances we will collect, or be provided with, some of the information types about you, listed above, from third parties. Information from third parties is solely for use with the Services, and may be combined with other information about you that is processed through the provision of the Services on behalf of our customers in order to predict your retail, automotive, and gambling preferences. When we process personal information provided by a third party we do so in our role as a data processor. The third parties that provide us with this information are the data controllers of the information, and may only disclose it to us for processing where they have obtained any necessary consent from the individual data subjects, or are otherwise permitted to make such disclosures under any applicable data protection laws. Some third party sources from which we receive personal information about you include:
· Our vendors or service providers may provide us with your personal information from websites, mobile sites, social media sites, other technology-based sources, location-based sources and composites of any of these sources;
· Your employer may give us your details in relation to a supply or sales contract, or in connection with our provision of a product or our Services, or related to your participation in an event;
· Information received from government or municipal highway, road, transportation, and traffic authorities, or their associated vendors and service providers.
Information That We Collect Automatically
This Automatically Collected Information allows us to better understand the visitors to our Website, where they come from, and what content on our Website is of interest to them. It also helps us to maintain the security and operation of our Website. We only ever use this Automatically Collected Information for our internal analytics purposes, to diagnose problems with our servers, and to improve the quality, performance, and functionality of the Website.
HOW WE COLLECT AUTOMATICALLY COLLECTED INFORMATION
The online targeted advertisements described in this Section are different from marketing communications you will receive if you are on our promotional mailing list, which is discussed below.
HOW WE USE THE INFORMATION WE COLLECT
We may use both Automatically Collected Information and your personal information to help diagnose problems with the Website, to analyze performance and usage patterns on the Website, and to improve the Website and the services offered to you through the Website.
As described in more detail, below, when we process your information through the provision of our Services we do so at the direction of our customers, for the purposes described by our customers.
Our Lawful Basis for Processing Your Information
Where required by applicable data protection laws, we will only use your personal information where we have a lawful basis to do so. In such cases, we generally process personal information either to perform a contract for requested services with you, or for our legitimate interests. Any processing of personal information we perform in our role as a data processor is done in accordance with the instructions of our customers, who, as the data controllers, are responsible for establishing the lawful basis for such processing where required by applicable data protection laws. We also use the information we collect or are provided for the following purposes:
· For our legitimate interests: To improve Website performance and user experience, we use the information provided to us, as well as automatically-collected information, to analyze trends and statistics, as well as to update and improve our Website and the services and features that we provide. We also use this information to generally run the Website and for internal operations, including to help diagnose problems with the Website, in order to provide you with an up to date, efficient and reliable service. In some cases we may use this information for certain marketing purposes (as described in greater detail in the Marketing Purposes section, below).
· To comply with our legal obligations: In certain situations we may disclose the information provided to us, as well as automatically-collected information, to any competent law enforcement body, regulatory or government agency, court, or other third party if (i) we believe we are legally obligated to do so, including under applicable data protection laws, (ii) we believe disclosure is necessary to protect, establish, or exercise our legal rights or defend against legal claims, or (iii) we believe disclosure is necessary to help prevent fraudulent or criminal activity, or to protect you, our customers, third parties, or our employees, property, or business.
· With your consent: If you request to be put on our promotional mailing list, or otherwise provide your consent to receive marketing messages from us, we may use the information you voluntarily provide to us, as well as automatically-collected information, to send you announcements and other materials from time-to-time. More information about our marketing and advertising practices are described in greater detail in the Marketing Purposes section, below.
Information You Provide To Us
We use personal information you provide to us to provide you with services or information that you request from us. Specific uses of your personal information you provide to us may include communications to keep you up to date on the latest SenSen products and services, as well as offers, events, or promotions you may be interested in, as described in the Marketing Purposes section, below. This may include information from other business operators that can add value to your experience of SenSen products and services.
Information Provided or Collected About You via our Services for Our Customers
As a service provider, we use the information provided or collected about you through the provision of the Services to our customers for the sole purpose of providing the Services to, or on behalf of, our Customers. Our customers are the data controllers with respect to this information, and are responsible for instructing us on how to process it, as well as for establishing a lawful basis for processing any personal information (where required by applicable data protection laws). Depending on the data processing instructions we receive from a customer, we may disclose to the customer all or part of the personal information processed through the provisions of Services on their behalf, or data or information derived therefrom.
Unless lawfully instructed by a customer, or required for legal or regulatory purposes, we will never disclose information processed through the provision of the Services to any third party, or use such information for marketing purposes.
Information We Collect Automatically
As described in the sections on Automatically Collected Information above, we use Automatically Collected Information in an effort to ensure that our Website will appear and function appropriately on your computer, to help us improve the Website, and to determine which website referred you to our Website. We may also use Automatically Collected Information to track what our Website users are looking at most frequently so we can recognize and deliver more of the features, products, and services that our users desire.
How we use Information for Marketing Purposes
SenSen does not use personal information collected or processed through the Services on behalf of its customers for its own marketing purposes. However, if you provide your consent to receive our newsletter, for example through the Website or at an event you attend, we will contact you to provide information about products or services that may be of interest to you, or to provide other information regarding SenSen, upcoming events and promotions, new products, and other general information about our products and/or services.
With each marketing communication, you will be given the opportunity to opt-out of receiving future marketing notices by using the unsubscribe mechanism provided through the marketing communication. You may also unsubscribe from SenSen’s various marketing communications by contacting us per the contact details below. If you request that we not contact you for marketing purposes, we reserve the right to retain your contact information and to contact you for non-marketing purposes relating to your use of the Website and any of your purchases from us. We further retain the right to use your contact information to comply with our legal obligations, resolve disputes, and enforce our agreements.
DISCLOSURE OF COLLECTED INFORMATION TO OTHERS
· As a data controller we do not share, sell, or otherwise transfer or disclose your personal information to any third party.
· As a service provider and data processor acting at the direction of its customers, SenSen discloses the personal information that it collects or processes through the Services to its customers and to third parties if directed by its customers.
Third-Party Service Providers
We provide your personal information and Automatically Collected Information to third parties that provide us with data processing services. We only make such disclosures to the extent they are necessary and appropriate, in our discretion, to perform certain services on our behalf. For example, SenSen may disclose personal information to the third-party service providers it uses for improving Website security, services and features, directing mailings, fulfilling orders, conducting Website analytics, or other data processing as described in this statement or described to you when we collect your information. These third parties are required to keep the information confidential and are not authorized to process your personal information or Automatically Collected Information for any other purpose other than as instructed by us. We will not make third-party disclosures of any personal information we process in our role as a data processor for our customers, unless we are instructed or authorized to do so by our customers.
Merger, Acquisition, or Sale
We may share and transfer any and all personal information and Automatically Collected Information with and to a third party (whether affiliated or not), in the event of a sale or transfer of assets, or other disposition of all or any portion of our business, whether as a going concern or as part of a bankruptcy, liquidation, or similar proceedings in which information of users is among the assets transferred. Note that personal information and Automatically Collected Information will be shared in connection with evaluating any such transaction before it happens, and as part of the transferred assets.
Required by Law
Notwithstanding anything to the contrary in this Privacy Statement, we may also use and/or disclose your personal information and Automatically Collected Information, to any competent law enforcement body, regulatory or government agency, court, or other third party if (i) we believe we are legally obligated to do so, (ii) we believe disclosure is necessary to protect, establish, or exercise our legal rights or defend against legal claims, or (iii) we believe disclosure is necessary to protect our customers, third parties, or our employees, property, or business.
If you engage with SenSen using social media, please note that any information you disclose through these social media becomes subject to the privacy statement and practices of the social media platform you use. We cannot control any policies or terms of such third party platforms. As a result, we cannot be responsible for any use of your information or content by a third party platform, which you disclose at your own risk. We encourage you to review the privacy statements of these platforms prior to use.
De-identified and Aggregate Automatically Collected Information
We may share anonymized and/or aggregated Automatically Collected Information without restriction, where such information will no longer be able to identify you.
DO NOT TRACK
The Website does not track your online activities over time and across third-party web sites or online services, and so does not respond to browser “Do Not Track” signals. As described below, the Website may contain links to other websites not owned or operated by SenSen. These websites may set cookies that obtain information about the fact that a web browser visited the Website from a certain IP address. These websites are not authorized to collect any other personal data from the Website unless you provide it to them directly.
The Website is not directed at nor intended for use by children under the age of 18, and we do not knowingly collect any personal information directly from children under the age of 18. At times, in our role as a data processor, a customer may instruct us to use the Services in a manner that processes data from an individual under the age of 18. In such instances, the customer is the data controller, and its privacy policies govern the use of such data. Notwithstanding the foregoing, we will never use or disclose any personal information of a child under the age of 18 for marketing or advertising purposes. If you are under age 18, you should not use this Website and you should not send us personal information about yourself.
TRANSFER AND STORAGE OF INFORMATION
Your use of the Website may involve your personal information being transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).
Specifically, we are headquartered in Australia, and our Website is hosted in Australia, and we also have staff located in the USA, Canada, India and Singapore. This means that if you use our Website and if we collect your personal information through the means described in this Statement, your personal information will be processed in Australia, which (in the absence of an adequacy decision from the EU Commission or similar body from another country or territory) may not have the same level of data protection as in your country. SenSen takes reasonable steps to ensure that all Personal Information is handled in a manner that is consistent with the Australian Privacy Principles.
All data handled by SenSen on behalf of its customers is processed in the country of origin.
SECURING COLLECTED INFORMATION
SenSen is committed to protecting personal information. We utilize a combination of industry-standard security technologies, procedures, and organizational measures to help protect your personal information from unauthorised access, use or disclosure.
While we strive to protect your personal information, we cannot ensure the security of the information you transmit. No data storage system, or system of transmitting data over the Internet or wireless network, can be guaranteed to be 100% secure, and no security system can prevent all security breaches. As a result, we do not and cannot guarantee the security of our servers, the means by which personal information is transmitted between your computer or device and our servers, or any personal information provided to us or to any third party to or in connection with the Website or otherwise.
We hold your personal information in: computer systems; electronic databases; and digital records. These storage mechanisms may be managed or administered internally by SenSen or by a third party storage provider with whom SenSen has a contractual relationship. Further, these systems may be managed either or both locally and/or overseas.
SenSen will take all reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure. The ways we do this include:
· limiting physical access to our premises;
· restricting electronic and physical access to personal information we hold;
· maintaining backups to deal with major business interruptions;
· maintaining technology security products;
· performing security audits; and
· destroying or de-identifying personal information pursuant to the law and our internal record retention policies.
UPDATING OR CORRECTING YOUR PERSONAL INFORMATION
You may update your personal information we hold about you in our role as a data controller as follows. You may update personal information associated with your account by logging into your account and editing your account information. Please note that your account and all features of the Website may not function properly if you remove any or all of your personal information.
If you have voluntarily given us personal information through our Website or by contacting us with a request or inquiry, you may update or change your personal information by sending an email request to firstname.lastname@example.org.
If you request that your personal information be changed or deleted from our databases, we will use commercially-reasonable efforts to remove your personal information from our databases, but see below regarding Retention and Storage as to why we might maintain some information. Please note that before carrying out your request, we may ask you to verify your identity and/or provide further details about your request.
Where we hold personal information about you on behalf of our customers in our role as a data processor, you should make any request to update or correct such personal information directly to the customer who is the data controller.
YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION If you are based in certain jurisdictions, you may also, in some circumstances, have the following rights in relation to the personal information we hold about you in our capacity as a data controller. You can request to:
obtain details as to what personal information is held by us on you and how it is used and to whom it is disclosed. You may also be entitled to a copy of any personal information that is held;
rectify any incorrect or incomplete personal information we hold about you
delete, restrict the use of or remove the personal information we hold about you (in certain circumstances)
transfer the personal information we hold about you to another party (if technically feasible)
object to any further processing of your personal information, if we are processing your personal information on the basis of our legitimate interests (see above), or for direct marketing;
withdraw any consents you may have given in relation to processing of your personal information.
You also have the right to object or raise a concern in relation to how we collect, process or otherwise deal with your personal information.
For more information about these rights, visit here.
To exercise any data privacy rights you might have, please e-mail us at email@example.com, or write to us at the address provided in the Contact Us section below. Although we hope that we can resolve any issues for you, you also have the right to lodge a complaint with the relevant data protection authority in your jurisdiction at any time. We will attempt to respond to your requests within one month or otherwise within a reasonable time and free of charge. Please note that with regard to all these rights, we reserve the right to:
refuse your request based on the exemptions set out in the applicable data protection laws;
where we process your data on behalf of our customers in our role as a data processor, ask you to make the request directly to the customer / data controller;
request proof of your ID to process the request or request further information (to avoid taking action in respect of your personal information at the direction of someone other than you);
charge you a reasonable administrative fee for any repetitive, manifestly unfounded, or excessive requests.
If we refuse your request to exercise these rights, we will give reasons for our refusal and allow you to challenge our decision. If we have shared your personal information with others, we will tell them about your request to rectify, erase, restrict or object to the processing where possible. If you ask us, where possible and lawful to do so, we will also tell you with whom we shared your personal information so that you can contact them directly.
Please note that, in certain cases, we may continue to process your personal information after you have withdrawn consent and/or requested the deletion of personal information, where we are required to comply with any relevant legal obligation, if we require the personal information for lawful purposes for which the personal information was obtained or if it is necessary to pursue our legitimate interest in keeping our Services and operations safe and secure.
If a data breach or suspected data breach occurs, we will undertake a prompt investigation, which will include an assessment of whether the incident is likely to result in serious harm to any individuals. In such a situation we will comply with the requirements of relevant privacy laws and regulations, which may require notification to the Office of the Australian Information Commissioner (OAIC), relevant European Data Protection Authority and affected individuals. Please contact us if you have reason to believe or suspect that a data breach may have occurred, so that we can investigate and, if necessary, undertake appropriate containment, risk mitigation and notification activities as required. Lodging a Privacy Complaint
If you have any concerns about how we handle your personal information or believe that a breach of your or another’s privacy has occurred, please contact us at firstname.lastname@example.org, or by mail at the address in the “Contact Us” section, below. In order for us to properly and efficiently respond to your privacy complaint, please include the following:
1. What happened?
2. When did it happen or come to your attention?
3. Where did it happen?
4. Who was involved?
5. What Privacy Policies do you believe have been breached?
6. How do you believe your personal information has been mishandled?
7. What outcome are you seeking?
If you are not satisfied after we’ve tried to resolve your issue, and as permitted by applicable data protection laws, you’ll be entitled to lodge a complaint with the data protection regulator for your country of residence, such as the Australian Information Commissioner:
Your California Privacy Rights
If you are a California resident, you have the right to request information from us regarding the manner in which we share certain categories of your personal information with third-parties. Specifically, California law provides you the right to submit a request to us at the designated address in the “Contact Us” section below to receive the following information:
· the categories of information we disclosed to third-parties for the third-parties’ direct marketing purposes during the preceding calendar year;
· the names and addresses of third-parties that received such information; and
· if the nature of a third-parties’ business cannot be reasonably determined from the third-parties’ name, examples of the products or services marketed.
You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually.
WEBSITE USER FROM OUTSIDE AUSTRALIA
It is important that you know that no matter where you live or where you happen to access and use the Website from, the personal information and Automatically Collected Information we handle will be collected from or transferred to, stored in, and processed in Australia.
In particular, if you are based outside Australia, this means that your personal information will be transferred to a country with different data protection laws, which may not offer the same protections or rights as the data protection laws in your country. Where we are responsible for such transfers, we will ensure that such transfers are made subject to appropriate safeguards as required by applicable data protection laws to ensure that a similar degree of protection is afforded to your personal information.
Note that where you provide your personal information directly to third-party Linked Sites and our third party service providers, as discussed herein, such international transfers will be made in accordance with that third party’s applicable privacy practices, including in relation to the safeguarding of international transfers of data.
RETENTION AND STORAGE
We may retain all personal information and Automatically Collected Information in our databases for as long as necessary to meet the relevant purposes for which we’ve collected it, including for the purposes of performing our duties in our role as a data processor for our customers, as well as satisfying any applicable legal, accounting, or regulatory requirements. To determine the appropriate length of time for holding your personal information, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purpose for which we process your data and whether we can achieve those purposes through other means, along with the applicable legal requirements. As described above, you may also be able to ask us to remove your information from our databases, unless applicable laws require otherwise.
Further, even after you request that we remove your information from our databases, we may retain personal information and Automatically Collected Information for a limited time to comply with any applicable law, rule, regulation, or guideline, to prevent fraudulent activity, to protect ourselves against liability, and to allow us to enforce our contractual or other rights and to pursue available remedies and limit any damages we might sustain.
LINKS TO THIRD-PARTY WEBSITES
HOW TO CONTACT US
Or write to us at:
Information Security Manager sensen.ai Ltd
Level 1, 9 Harper St, Abbotsford