Privacy Policy
Last Updated 22 May 2019
1. We respect your privacy
1.1 Paperform Pty. Ltd. ("Paperform", "we" or "us") respects your right to privacy and is committed to safeguarding the privacy of our customers and website visitors. We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) and the General Data Protection Regulation (EU) 2016/679 ("GDPR"). This Policy is part of, and is governed, by the Paperform Terms & Conditions and sets out how we collect, use, transfer and otherwise treat your personal information. Your personal information may be collected via the Paperform website https://paperform.co/ (the "Website") or may be provided to us by third parties. By visiting and using our Website, you acknowledge and agree to the practices described in this Policy.
1.2 For the purposes of this Privacy Policy, "personal information" is defined as information or data that Paperform has in its records which allows you as an individual to be identified directly or indirectly.
1.3 This Privacy Policy describes the following general aspects of our collection and processing of personal information concerning you:
1. We respect your privacy
2. How we collect and use your personal information
3. How we use automated decision making
4. Children's information
5. Disclosure of your personal information
6. International transfer of your information
7. Security of your personal information
8. How long we retain your personal information
9. Your rights in respect of your personal information
10. Complaints about privacy and how to contact us
11. Changes to this Privacy Policy
12. Technology used in collecting personal information
13. Third party sites
2. How we collect and use your personal data
2.1 Paperform is used by "Visitors", "Customers" and "Respondents." For the purpose of this Privacy Policy, Visitors are any persons who visit our Website, Customers are persons that create forms and Respondents are persons who answer or respond to those forms. In relation to the personal information of Customers, Paperform acts as a data controller for the purposes of the GDPR, as we determine the means and purposes of processing of that personal information. Where we process the personal information of Respondents, Paperform mostly acts as a data processor for the purposes of the GDPR, as we only process that personal information on behalf of the Customer and as instructed by the Customer. However, we may still gather certain types of information on Respondents in order to provide our Website and Services (as defined in the General Terms and Conditions of Use).
For the purposes of the GDPR, you acknowledge that by providing your personal information to us, either as a Visitor, Customer or as a Respondent, that the collection of such personal information takes place outside the European Economic Area ("EEA") and that it is necessary for the provision of the Services to Process such personal information outside the EEA and that such personal information may then be stored on servers in the United States. In relation to the collection of such personal information you acknowledge that both these scenarios do not constitute a "transfer" of personal information from within the EEA to outside the EEA by us.
Paperform will, from time to time, receive and store personal information entered onto our Website, provided to us directly or given to us in other forms. We may also collect information you provide while interacting with us. Paperform collects personal information from you in a variety of ways, including when you interact with us electronically or in person, when you access our website and when we provide our services to you. We may also receive personal information from third parties. If we do, we will protect it as set out in this Privacy Policy.
2.2 Visitors
We may process personal information from Visitors on the basis of fulfilling our legitimate interests of improving and developing the quality of our products and services. Under this basis, we may collect such personal information from Visitors, including the following:
(a) Usage data about the Visitors whenever the Visitors interacts with Paperform's Website.
(b) Data from the device and application the Visitor uses to access Paperform's Website, such as Visitor's IP address, browser type and operating system.
(c) Information about the source that referred the Visitor to the Website such as a link on a website or in an e-mail.
(d) Aggregated and other pseudonymous data about Visitors through the use of cookies, page tags and other tracking services.
On the basis of fulfilling our legitimate interests in being able to respond to your questions, we may process such personal information as your name, email address, and/or other contact information. If we did not process your personal information in this manner, we would be unable to receive or provide answers to your questions.
2.3 Customers
On the basis of fulfilling our contract with you, or the preparatory steps in relation to such contract, we may process such personal information as your name, phone number, address, email address, and/or financial or credit card information to enable us to send information, provide updates and process your product or service order. If we did not process your personal information in this manner, we would be unable to provide you with our products and services.
On the basis of fulfilling our legitimate interests in the proper delivery of our products, services and communications to you as well as developing and growing our business, we process personal information in the following manner:
We may request the collection of: feedback pertaining to your experience with Paperform's Services and/or Website, information about the purpose for which you use our services, content changes or email preferences, or communications with our customer support.
On the basis that you have provided your consent to have your personal information processed, we process your personal information in order to:
send you promotional, advertising and other marketing materials or communications including newsletters, surveys and/or promotions.
You may revoke your consent at any time by contacting us, as provided below. Revoking your consent will prevent us from processing your information for the purposes in which we sought consent, but will not affect any other processing of information or the other services we provide to you. Revoking your consent will also not affect the lawfulness of our processing of your personal information for the period before you withdrew your consent.
2.4 Respondents
Respondents, when completing a form, may divulge personal information or data. Paperform is not responsible for the content of the Customer's form, and all processing of Respondents' personal information will be subject to the Customer's own privacy policy.
The Customer is responsible for and manages the processing of data collected from the forms it creates and all Respondents and/or Customers who divulge personal information of third parties are solely responsible for obtaining the consent (if required) and notifying such third parties before divulging their personal information to us. Please contact the Customer directly if you have any questions about the form created by the Customer or the Customer's privacy policy.
While we mostly process personal information on behalf of the Customer, we may still gather certain types of information on Respondents in order to provide our Services. The information we collect includes:
the information Respondent enters into a form, before the Respondent completes or submits the form in order to prevent the inadvertent loss of Respondent's response; and
Respondent's e-mail address if the Customer provides it to us to send the Respondent an invitation to complete a form by e-mail.
If we did not process Respondent's information in this manner, we could not provide these features.
We collect and store this information from Respondents to fulfill both our contract with the Consumer and our legitimate business interests in the proper delivery of our products and Services.
We may also process additional personal information from Respondents on the basis of fulfilling our legitimate interests of improving and developing the quality of our products and Services, and better understanding your needs in an effort to provide our clients with the highest level of services. Under this basis, we may collect such additional personal information from Respondents, including the following:
(a) Usage data about the Respondent whenever the Respondent interacts with Paperform's Services.
(b) Data from the device and application the Respondent uses to access Paperform's Services, such as Respondent's IP address, browser type and operating system.
(c) Information about the source that referred the Respondent to Paperform such as a link on a website or in an e-mail.
(d) Aggregated and other pseudonymous data about Respondents through the use of cookies, page tags and other tracking services.
2.5 Generally
We may process personal information on the basis of our legitimate interest to protect our organization and our customers from cyber threats and fraud in the following manner:
Pursuant to Recital (49) of the GDPR, organizations have a recognized legitimate interest in collecting and processing personal information to the extent strictly necessary and proportionate for the purposes of ensuring network and information security. According to said Recital (49), network and information security means the ability of a network or of an information system to resist events, attacks or unlawful or malicious actions that could compromise the availability, authenticity, integrity and confidentiality of stored or transmitted data, or the security of the related services offered by, or accessible via those networks and systems. Therefore, we process your personal information to the extent necessary and proportionate for the purposes of detecting, blocking, reporting and mitigating cyber-threats.
On the basis of fulfilling our legal requirements:
We may use personal information in order to comply with or respond to a request or requirement pursuant to law, regulation, or from a governmental or judicial body, or to help prevent fraud or for risk management purposes.
We may also use personal information collected for other legal purposes such as to protect our copyright, trademarks, legal rights, property or safety of Paperform, our Website, our Services, our customers or third parties.
We may process personal information on the basis of our legitimate interest of reorganizing or making changes to our business in the following manner:
In the event that we: (i) are subject to negotiations for the sale of our business or part thereof to a third party; (ii) are sold to a third party; or (iii) undergo a re-organization, we may need to transfer some or all of your personal information to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analyzing any proposed sale or re-organization. We may also need to transfer your personal information to that re-organized entity or third party after the sale or reorganization for them to use for the same purposes as set out in this policy.
3. How we use automated decision making
We do not utilize any automated decision making.
4. Children's information
This Website is not directed to nor is it intended for EU individuals under the age of 16 or US individuals under the age of 13 (each individually a "Child" or collectively "Children") and we do not knowingly solicit or collect information from Children. If you are a Child, do not use or provide any information on this Website. If we learn we have collected or received personal information from a Child without parental consent, we will delete that information. If you believe we might have any information from or about a Child, please contact us as provided below.
5. Disclosure of your personal information
5.1 Paperform may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers, analytics and email service providers or subcontractors insofar as reasonably necessary to perform the tasks we request of them and they are not authorized by us to use or disclose your information except as necessary to perform services on our behalf or to comply with legal requirements.. Personal information is supplied to a third party when it is required for the delivery of our services. Certain service providers will use the personal information we provide them to determine your social media account information and ascertain your approximate geographic location.
Some of your personal information may be used for marketing purposes, including being shared with advertising platforms for the purposes of identifying current or potential Customers.
We have contracts in place holding these companies to the same standards of confidentiality by which we are governed.
5.2 Paperform may from time to time need to disclose personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.
5.3 Paperform may also disclose your personal information to third-parties when necessary to protect the copyright, trademarks, legal rights, property or safety of Paperform, our Website, our Services, our customers or third parties.
5.4 If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to disclose to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases based on our legitimate business interests, as discussed above. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.
5.5 By providing us with personal information, you consent to the terms of this Privacy Policy and the types of disclosure covered by this Privacy Policy.
6. International transfer of your information
6.1 Paperform is domiciled in Australia and therefore, your personal information may be accessed by staff or other persons in, transferred to, and/or stored at, countries located outside the EEA in which data protection laws may be of a lower standard than in the EEA. Furthermore, information that we collect may from time to time be stored, processed in or transferred between parties located in countries outside of Australia. These countries may include, but are not limited to Australia, Singapore, and the United States of America. When you create a form or submit information on a form you consent to such transfer of information to these locations.
6.2 Where we transfer personal information from inside the EEA to outside the EEA, we may be required to take specific additional measures to safeguard the relevant personal information. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal information to these jurisdictions. In countries which have not had these approvals (see the full list here http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm), we will establish legal grounds justifying such transfer, such as EU Commission-approved model contractual clauses, or other legal grounds permitted by applicable legal requirements.
7. Security of your personal data
7.1 Paperform is committed to ensuring that the information you provide to us is secure and will implement technical and organisational measures to do so. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorized access, modification and disclosure.
7.2 The transmission and exchange of information is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us, or receive from us, over the Internet. Once we have received your personal information, we will take measures to safeguard against unauthorized disclosures of information.
8. How long we retain your personal information
8.1 Paperform will not hold your personal information for any longer than is necessary for the purposes for which it was obtained, unless it is otherwise necessary to hold your personal information to meet our legal requirements, as discussed above. For example, we may retain certain personal information to comply with regulatory requirements regarding the retention of such data. We shall periodically review and delete/erase personal information that we hold. .
9. Your rights in respect of your personal information
9.1 Rights of Access and Rectification: Subject to certain exceptions, you may request details of your personal information held by Paperform in accordance with the provisions of the Privacy Act 1988 (Cth) Paperform has the right to request the payment of a small administrative fee for the provision of information.
9.2 To the extent that you are based in the EEA, you may also enjoy certain rights under the GDPR including the right to:
- ask us to provide you with information regarding the personal information we process concerning you;
- rectify, update or complete inaccurate or incomplete personal information concerning you;
- delete or request the erasure of personal information concerning you that we no longer have a lawful ground to use;
- in certain circumstances, require us to restrict the way in which we process your personal information;
- withdraw any consent you may have given for us to process personal information concerning you;
- object to our processing of personal information concerning you on the basis of our, or of third-parties', legitimate interests;
- obtain a copy of the personal information that you have provided to us.
If you would like a copy of your personal information stored within Paperform's system or you believe that the personal information we have on record for you is inaccurate, out of date, incomplete, irrelevant or misleading, please e-mail dean@paperform.co.
Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege). Where your exercise of any of the rights above is dependent on our action, we will abide by our legal obligation to take reasonable measures to ascertain your identity and the legitimacy of your request, and may ask you to disclose to us any information necessary for that purpose. We will respond to legitimate requests usually within a month of our receipt of the request.
9.3 Pursuant to any such requests, we may retain certain data necessary to prevent fraud or future abuse or as otherwise required or permitted by law, including to comply with legal obligations we are subject to, as well as to establish, exercise and defend our legal claims.
9.4. We will use reasonable means to ensure that the personal information you provided us remains accurate. You can review and change your personal information by logging into the Website and visiting your Account Details page. In order to assist us in maintaining the accuracy of your personal information, you should notify us of any changes to the personal information you have provided to us.
9.5 Paperform reserves the right to refuse to provide you with your personal information stored within Paperform's system, or to accede to your data protection rights under the GDPR in certain circumstances set out in the Privacy Act and the GDPR.
10. Complaints about privacy and how to contact us
10.1 If you have any questions, comments and/or complaints about our privacy practices, please feel free to contact us at:
Address: 1/1 Prospect St
Leichhardt, NSW 2040
Australia
Email: dean@paperform.co
Phone: +61424619055
For Data Subjects in the EU:
We appointed GDPR-Rep.eu as representative according to Art 27 GDPR. If you want to
make use of your GDPR data privacy rights, please visit: https://gdpr-rep.eu/q/15066192
Contact GDPR-Rep.eu
GDPR-Rep.eu
Maetzler Rechtsanwalts GmbH & Co KG
Attorneys at Law
c/o Paperform Pty. Ltd.
Schellinggasse 3/10, 1010 Vienna, Austria
Please add the following subject to all correspondence:
GDPR-REP ID: 15066192
We take complaints very seriously and will respond shortly after receiving written notice of your complaint. You also have the right to complain to your local data protection supervisory authority.
11. Changes to this Privacy Policy
11.1 Paperform reserves the right to review, alter, update and/or remove portions of this Privacy Policy in the future. We may modify this Privacy Policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check back from time to time to review our Privacy Policy. Changes to this Privacy Policy are effective as of the last updated date provided above. By using our Website and/or the Services, you accept the version of this Privacy Policy in place at that time.
12. Technology used in collecting personal information
12.1 When you visit our website
When you come to Paperform's Website (https://paperform.co) we may collect certain information, including, without limitation the type of browser used to access the Paperform Website, a users' operating system, the website visited immediately before coming to the Paperform Website. This information is used in an aggregated manner to analyze how people use the Paperform Website so that we can improve our Services.
12.2 Cookies
Paperform may use Cookies on the Website. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of Paperform's Website.
Paperform's Website may use Cookies to analyze website traffic and help provide a better website/visitor experience. In addition, Cookies may be used to display relevant ads to website visitors through third party services such as Google Adwords. These ads may appear on Paperform's Website or third party websites you visit. For information on how you can exercise your options regarding these advertisements, please see the below links:
Facebook: https://www.facebook.com/help/568137493302217
Google: https://support.google.com/ads/answer/2662922?hl=en
12.3 Do Not Track "DNT" Signals
There are different ways you can prevent tracking of your online activity. One of them is setting a preference in your browser that alerts websites you visit that you do not want them to collect certain information about you. This is referred to as a Do-Not-Track ("DNT") signal.
We exclude users from our internal analytics processing in response to DNT signals.
12.4 Third-Party use of cookies and other tracking technologies.
Some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
13. Third party sites
13.1 The Paperform Website may include links to third party websites. Paperform does not control nor does it have control over third party websites. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. By using the Paperform Website and Services, or by choosing to integrate the Services with third party services, you agree and acknowledge that Paperform is not responsible for the availability of third party websites and is not responsible and/or liable for any content, advertising, products or other materials on or available from these third party websites. You further acknowledge and agree that Paperform shall not be responsible and/or liable, directly, or indirectly, for any damage or loss caused or alleged to be caused by or in connection with your use of or reliance on any such content, goods or services available on or through any third party website.
13.2 Please be aware that Paperform is not responsible for the privacy practices of third party websites. Paperform encourages its users to be aware, when they leave the Website, to read the privacy statements of each and every website that collects personal identifiable information.