Dystech Australia Pty Ltd (ACN 617 116 518) (“we”, “us” or “our”) of Shop 1, 19-23 Seymour Street, Traralgon VIC 3844, and the operation of the website at www.dystech.com.au (“Website”) and mobile application (“Application”)(collectively, the “Platform”) is committed to respecting your privacy.
Our privacy policy (“Privacy Policy”) sets out how we collect, use, store, share and disclose your Personal Information on our Platform. You can view our terms and conditions at dystech.com.au/terms-and-conditions (“Terms”) and contact us at hello@dystech.com.au. Definitions within this Privacy Policy have the same meaning as in the Terms.
Openness and transparency
Information
Section 6 of the Privacy Act defines ‘Personal Information’ as ‘information or an opinion about an identified individual, or an individual who is reasonably identifiable’. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Your Personal Information:
Information we may collect
The type of Personal Information we collect from a User of the Platform (such as you) includes, without limitation, the following:
your full name;
email address;
phone number;
your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information;
any additional information relating to you that you provide to us directly through our Platform or indirectly through your use of our website or app or online presence or through other websites or accounts from which you permit us to collect information;
information you provide to us through customer surveys;
billing and payment method information; and/or
any other Personal Information that may be required in order to facilitate your dealings with us.
(collectively, the “Personal Information”).
“De-identified Data” or “De-identifiable Data” refers to data in respect of which all personally identifiable information has been removed and/or anonymised, so that the information is no longer identifiable as belonging or relating to a reasonably identifiable individual.
We collect both Personal Information and De-Identified Data from Users of the Platform. The type of information we collect specifically about each Assessee when producing Reports is De-identifiable Data and includes, but is not limited to, information relating to the Assessee’s:
gender;
age;
language skills;
writing and comprehension abilities;
experience with learning difficulties such as dyslexia, dyscalculia and dysgraphia;
experience with visual and hearing impairments; and
other relevant information to provide Reports and Services on our Platform.
What is our legal basis?
Under applicable Privacy Laws, including the GDPR, we must have a legal basis to process Personal Information collected from individuals, including sharing such information with third parties. We rely on several legal bases to collect, process and share your Personal Information, including:
where it is necessary to provide the User and/or Assessee with access to, and use of our Platform and Services;
for our legitimate interests in providing, operating and improving our Platform and Services;
in accordance with a User’s or Assessee’s consent to the collection and processing of Personal Information by us, and such consent must be freely and expressly given and may be withdrawn at any time; or
where we are under a legal obligation to collect and/or process such Personal Information.
We use, process and disclose your Personal Information for the purposes for which the information is collected, or for a directly related purpose, including (but not limited to):
providing our Platform and Services to you;
providing you with Reports;
administering, protecting, improving or optimising our Platform, products and services (including performing data analytics, conducting research and for advertising and marketing purposes);
creating industry reports from de-identified data;
informing you about our Platform, products, memberships, services, surveys, contests or other promotional activities or events sponsored or managed by us;
responding to any inquiries or comments that you submit to us;
verifying your identity;
any other purpose you have consented to; and
any use which is required or authorised by a relevant Privacy Law.
Where we:
have your express consent (which you may withdraw at any time by contacting us in writing at hello@dystech.com.au);
have a legal basis; or
are otherwise permitted by relevant Privacy Laws,
we may use and process your Personal Information to send you information about Services we believe are suited to you and your interests or we may invite you to attend special events.
At any time, you may opt out of receiving direct marketing communications from us. Unless you opt out, your consent to receive direct marketing communications from us and to the handling of your Personal Information as detailed above will continue. You can opt out by following the unsubscribe instructions included in the relevant marketing communication, or by contacting us in writing at hello@dystech.com.au.
Disclosure of Personal Information
We may disclose your Personal Information to third party recipients located in or outside of the European Economic Area and Australia.
We may disclose your Personal Information to:
third parties we ordinarily engage from time to time to perform functions on our behalf for the above purposes;
any person or entity to whom you have expressly consented to us disclosing your Personal Information to;
our external business advisors, auditors, lawyers, insurers and financiers;
our payment processing service provider Stripe; and
any person or entity to whom we are required or authorised to disclose your Personal Information to in accordance with the relevant Privacy Laws.
As at the date of this Privacy Policy, such third-party recipients (“Recipients”) are located in countries including the United States, United Kingdom, France, Australia and other countries whose laws may not be recognised by the EU Commission as providing an adequate level of protection to Personal Information.
When engaging with our Platform, you expressly and freely consent to your Personal Information being disclosed or transferred to such Recipients. We will take steps reasonably necessary to ensure your Personal Information is treated securely and in accordance with this Privacy Policy. We use reasonable endeavours to ensure that each Recipient receiving your Personal Information is bound by the relevant Privacy Laws (including the standard contractual clauses approved by the European Commission). The standard contractual clauses are available on the European Commission’s Website at https://ec.europa.eu/info/law/law-topic/data-protection_en
Dystech Platform
When transmitting Personal Information from your computer to our Platform, you must keep in mind that the transmission of information over the internet is not always completely secure or error-free. Other than liability that cannot lawfully be excluded, we will not be liable in any way in relation to any breach of security or any unintended loss or disclosure of that information.
Our Platform may use 'cookies' or other similar tracking technologies that help us track your usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but if you do so, you may not be able to fully experience the interactive features of our Platform.
Security and Data Storage
We may hold and store your Personal Information in either electronic or hard copy. We take reasonable steps to protect such Personal Information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect Personal Information. For example, our security is managed by Amazon Web Services (“AWS”) and we utilise SSL/TLS across all our cloud hosting infrastructure for the transmission of Personal Information. Further all Personal Information is stored on AWS secure servers which are fully encrypted.
However, we cannot guarantee the security of any Personal Information transmitted over the internet and therefore you disclose information to us at your own risk. We will not be liable for any unauthorised access, modification or disclosure, or misuse of your Personal Information
Access
Under the GDPR, an individual residing in the European Union has enhanced privacy rights, including the right to:
require us to correct any Personal Information held about that individual that is inaccurate or incomplete;
require the deletion of Personal Information concerning that individual in certain situations;
data portability for Personal Information provided to us by that individual;
object or withdraw consent to the processing of their Personal Information at any time;
object to decisions being taken by automated means which produce legal effects concerning, or significantly affecting them; or
otherwise restrict our processing of their Personal Information in certain circumstances.
Subject to some exceptions provided by the relevant Privacy Laws, you may request access to your Personal Information in our customer account database or seek a correction to such information, by contacting us in accordance with clause 11 below. Should we decline your request to access some Personal Information, we will provide a written explanation setting out our reasons for doing so.
We may charge a reasonable fee that is not excessive to cover the charges of retrieving your Personal Information from our customer account database. However, we will not charge you for making the request.
If you believe that we hold Personal Information about you that is not accurate, complete or up-to-date then you may request that your Personal Information be corrected. We will respond to your request to correct your Personal Information within a reasonable timeframe and we will not charge you a fee for correcting your Personal Information.
If we no longer need your Personal Information for any of the purposes set out in this Privacy Policy, or as otherwise required by the relevant Privacy Laws, we will take such steps as are reasonable in the circumstances to destroy your Personal Information or to de-identify it.
Contact information and complaints
If you require further information regarding our Privacy Policy or wish to make a privacy complaint, please contact us by email addressed to hello@dystech.com.au or by post addressed to 1, 19/23 Seymour Street, Traralgon VIC 3844.
If we receive a formal written complaint about our privacy practises, we will contact the complainant regarding his or her concerns and attempt to resolve the complaint as soon as possible.
If you are dissatisfied with the outcome of our handling of your complaint, you can lodge a privacy complaint with the Office of the Australian Information Commissioner (“OIAC”) or the European Data Protection Supervisor (“EDPS”). For further information about the EDPS or OAIC’s privacy complaint handling process, please see: http://www.oaic.gov.au/privacy/making-a-privacy-complaint or https://edps.europa.eu/node/75_en.
Notices and Revisions
We reserve the right to modify this Privacy Policy in whole or in part from time to time without notice. Non-material changes and clarifications will take immediate effect, and material changes will take effect 30 days after the posting of the amended Privacy Policy on the Platform.
Enforcement
We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personally identifiable information that cannot be resolved between us and the individual.
Dated: 26 August 2020
Cookie | Duration | Description |
---|---|---|
__hssrc | session | This cookie is set by Hubspot whenever it changes the session cookie. The __hssrc cookie set to 1 indicates that the user has restarted the browser, and if the cookie does not exist, it is assumed to be a new session. |
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
elementor | never | This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. |
__hssc | 30 minutes | HubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. |
Cookie | Duration | Description |
---|---|---|
__hstc | 1 year 24 days | This is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session). |
_hjAbsoluteSessionInProgress | 30 minutes | Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie. |
_hjFirstSeen | 30 minutes | Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user. |
_hjIncludedInPageviewSample | 2 minutes | Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit. |
_hjIncludedInSessionSample | 2 minutes | Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit. |
ajs_anonymous_id | 1 year | This cookie is set by Segment to count the number of people who visit a certain site by tracking if they have visited before. |
ajs_user_id | never | This cookie is set by Segment to help track visitor usage, events, target marketing, and also measure application performance and stability. |
CONSENT | 2 years | YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data. |
hubspotutk | 1 year 24 days | HubSpot sets this cookie to keep track of the visitors to the website. This cookie is passed to HubSpot on form submission and used when deduplicating contacts. |
vuid | 2 years | Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website. |
Cookie | Duration | Description |
---|---|---|
_fbp | 3 months | This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website. |
fr | 3 months | Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin. |
NID | 6 months | NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads. |
VISITOR_INFO1_LIVE | 5 months 27 days | A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface. |
YSC | session | YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt-remote-device-id | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt.innertube::nextId | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
Cookie | Duration | Description |
---|---|---|
__tld__ | session | No description |
__wpdm_client | session | No description |
_hjSession_2026228 | 30 minutes | No description |
_hjSessionUser_2026228 | 1 year | No description |
intercom-id-yxpxypq3 | 8 months 26 days 1 hour | No description |
intercom-session-yxpxypq3 | 7 days | No description |