1.1 Purpose of this document
We take your privacy seriously. This Policy describes what we do, and what we don’t do, with the Personal Information that we collect via our Application.
1.2 What this document does not cover
1.3 Your consent
You accept the terms of this Policy (and the uses of the technologies and procedures explained in it) by using the Application. Another way of signifying your consent is by choosing to submit Personal Information manually to us.
1.4 Defined Terms etc
Capitalised words in this Policy and the rules for interpreting this Policy are set out in the definitions and interpretation section at the end of this web page.
1.5 Changes to this Policy
We have the right to update this Policy from time to time by posting a new version within the Application or providing a notification and a link to a new version within the Application. Please check this document periodically in order to ensure that you are familiar with any changes. This Policy was last updated on 11 June 2020.
1.6 Contacting us
If you have any questions about this Policy, please contact us using the following information:
The Privacy Officer
Courageous Kids Pty Ltd
44 MacFarlan Street
SOUTH YARRA VIC 3141
2 WE COLLECT MINIMAL INFORMATION
Our Application is stored on your device, and the only information we can collect is a unique, de-identified, identification code which is provided to us by the third-party application store. We explain more about the information which we collect and which we do not collect in Clauses 3 and 4 below.
3 INFORMATION WHICH WE DO NOT COLLECT THROUGH OUR APPLICATION
3.1 Story-Related Information
Our Application enables users to personalise stories for children by entering identifying Personal Information about the people that they choose to include in those stories, including names, ages, locations and photographs. We believe that the use of this Personal Information can increase the effectiveness of the stories for children. This information is stored in the Application on your device, and we cannot access it.
We may one day offer you the opportunity to upload details in your stories to servers that are owned or controlled by us. This will provide you with certain benefits, including allowing you to share your customised stories across multiple devices. However, we will not upload details in your stories to our services without your prior permission.
As an additional measure, you may use various methods to preserve the anonymity of the people in your stories. For example, you may choose to enter first names only, pseudonyms, nick names or ‘pet’ names instead of real or full names. You may also choose to use the illustrations supplied with the Application rather than real photographs. These methods will give you the ability to transfer your stories to our servers without providing us with personal information if that is what you would want to do.
We currently do not have a registration process for our App, and so we do not gather information such as your name, your email address, your mobile number etc as part of a registration process. This may change in the future. You will have an option not to register, but if you do not, you may not be able to access enhanced features and functions of the Application, or upgrades or updates.
4 ACTIVITIES WHICH INVOLVE PROVIDING DIFFERENT TYPES OF PERSONAL INFORMATION TO US
In the course of our interactions with our users and partners, we may collect Personal Information that relates to you, or to people who you know. We do not directly collect Sensitive Information. The types of Personal Information that we collect vary according to the type of activity as follows.
When you purchase our App, or make in-App purchases, you will do so through a third-party store such as Google Play or the Apple App Store. These third-parties collect and store Personal Information from you, but they only provide us with an anonymous unique identification code. If this code is combined with the information kept by the third party operator, then it would be possible to identify you, but we do not have access to that information.
4.2 Usage Data
We capture data about your browsing and usage activities on the Application using event tracking technologies. We do this in our own right and in conjunction with third party providers, including analytics products such as Google Analytics and third party ad servers and networks. The technologies that we and our partners use include cookies, clear GIFs pixel tags and ETags. You have the ability to opt out of the use of some of these tracking technologies as discussed in Section 6 below.
Using these event tracking technologies, we capture ‘clickstream data’. This is data pertaining to your browsing and usage activities based on the links that you choose to click while browsing or the choices you make while using the Application. Clickstream data includes:
- the pages that you visit on the Application;
- the pages, Content or ads that you see or click during your usage of the Application;
- the items that you download to your computer or mobile device;
- the time that you use the Application and the duration of your usage;
- the type of device, operating system and web browser that you use.
4.3 Enquiries and Requests for information from you
You will need to provide Personal Information to us if you choose to contact us through our Website or the Application. The information that you will need to provide will include a name, and one or more means to contact you (whether by telephone, email address, instant messaging, or Skype, Zoom or other media).
We have established partnerships with service providers such as ad network providers, web analytics companies, and social media sites. We may also sponsor Content which is hosted by other parties. These organisations may hold your Personal Information, and they may pass this information on to us.
We may collect Personal Information for purposes or in circumstances not listed above as follows:
- where the use is related to one of the primary purposes listed above and where it could reasonably be expected;
- where you have otherwise consented to the particular use or disclosure;
- where the use or disclosure is required or authorised under a law, or an order from a court or tribunal with relevant jurisdiction and powers;
- where we believe that the collection or use of the Personal Information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body, or
- where a general situation exists which would permit the use or disclosure of the Personal Information, such as where it is in the interests of public health and safety.
5 HOW WE WILL USE THE PERSONAL INFORMATION THAT YOU PROVIDE
We will only store and use your Personal Information for the purposes set out in this Policy, and not for any other purpose. In particular, we do not rent or sell Personal Information to third parties for their own use without your consent.
5.1 Enabling You to Download Versions on Multiple Devices
If you wish to use the Application on more than one device, you will need to download a new instance of the App onto that device. We will verify your right to do this by using the personal identification number provided by the third-party App store.
5.2 To Respond to Your Actions and Requests
We may use Personal Information to respond to specific actions and requests by you, including answering queries that you submit to us, processing your transactions and fulfilling your orders.
5.3 To Provide you with Information and Offers
We may use contact information provided by you to provide offers and promotional information about us, the products and services we offer, as well as companies and events sponsored by us and others that we think may interest you. We may also use information to send announcements, including service-related notifications.
You have the right to opt-out of such information as detailed in Section 6 below.
5.4 To Help us to Understand you and our Other Users
We use your information to generate a holistic picture of our individual users and also of our user base as a whole. For example, we may use information that we collect to assess your level of interest in, and use of, our Application on an individual basis and in aggregate.
In doing so, we may combine Personal Information collected from third parties as well as information gathered directly by us. This information allows us to analyse trends and demographics which helps us to improve upon and add to the services, features and functions that we provide, to provide you with a more personalised service, including personalised offers and personalised product recommendations.
5.5 To Manage our Day-to-Day Business operations
As with nearly all businesses, we keep business records including keeping details of transactions for operational purposes including enabling us to comply with tax and audit requirements and assisting with quality control.
5.6 To Maintain and Develop our Application
We also use non-personally identified information (which may be linked with Personal Information) to help to diagnose problems with our Application and our servers, and to understand usage trends which we would then use to improve how our Application looks and works, and to develop new features and functions.
5.7 To Secure and Protect our Rights and Systems
We may use your Personal Information to protect our systems and rights (including our contractual and intellectual property rights), to exercise or defend a legal or equitable right (including recovering debts), and to prevent fraud. If we believe that the security of your Application or your information in general has been compromised, then (subject to your right to opt-out of such communications) we may notify you of this through the Application itself.
5.8 to Co-operate with Third Party Partners
We use third party partners such as payment processors and web analytics companies, and as part of their service, we allow some of these partners to collect information about your use of our Application, and some may choose to do so.
5.9 To Transfer our Business Assets
At some point in the future, we may decide to transfer or sell the assets of our organisation. This may be as a result of an acquisition, merger, sale or liquidation, or the re-organisation or consolidation of our corporate group. Our databases, which would include your Personal Information, would be included in this sale or transfer. The new owners would also be bound by the terms of this Policy unless you reach a separate agreement with them. We would not sell our customer or user database separately from our other assets.
5.10 For Other Purposes
We may also disclose your Personal Information where required or necessary under the provisions of the Privacy Act 1988 (Cth) (e.g. if it is necessary to prevent a serious threat to public safety, or if it is required by a court order etc).
6 DISCLOSING YOUR INFORMATION TO THIRD PARTIES
During the course of our business, we may disclose your Personal Information to third parties as set out in this Section 4.
6.1 Service Providers
Third party companies and individuals may be engaged from time to time to perform specific business services for us, including operating the Applications. These services include software and web developers, server hosts, data management companies, address list hosting companies, e-mail service providers, third party ad servers and network providers; analytics companies, distribution companies, fulfillment companies, payment processors, business consultants and advisers such as auditors and legal advisers. We may need to provide some of your details to these services providers in order for them to perform their functions.
6.2 Third Party Marketers
With your consent, we may provide you with offers from third parties who offer products and services that might be of interest to you, and we will do so by sharing your Personal Information (usually your name and contact details) with such third parties. If you opt in to accept such communications, but then change your mind, you may opt out at any time as discussed in Section 6 below.
6.3 Credit Agencies
We may provide your information to credit agencies in connection with late payments, missed payments, dishonoured payments, or other defaults on your account.
6.4 Court Orders
We may disclose your Personal Information to comply with court orders including orders for discovery and subpoenas.
6.5 Law Enforcement Authorities etc
We will pass on information relating to suspected fraudulent or other illegal activity to the appropriate law enforcement authorities including the police. If we deem it necessary to protect our own legal or proprietary interests, we may also disclose your Personal Information to other companies and agencies including our lawyers and investigators.
6.6 Transfer of Assets
As detailed above, we might decide to transfer our user database as part of a going concern to a new owner. We would ensure that this owner would also be bound by this Policy unless you reach a separate agreement with them.
7 OPTING OUT
7.1 Precise Location Information
You may opt-out from further allowing us to have access to the precise location information provided by your device by configuring that device so as not to share its location with us. Even if you do this, then we may still capture rough location information based on the IP address used by your device.
7.2 Usage Data
Some web browsers may transmit ‘do-not-track’ or ‘DNT’ signals to us. There are differences in how web browsers incorporate and activate this feature, so it is not always clear whether users intend for these signals to be transmitted. Further, there are no industry standards concerning what websites should do when they receive such signals. Accordingly, we do not currently change our tracking practices in response to DNT settings in your web browsers, and we do not require third party partners to do so. We will review this position if and when a final standard is established and accepted.
8 OVERSEAS DISCLOSURES
The disclosures of information listed in Section 4 above may involve transmitting, storing or processing information across national borders for a number of reasons and purposes. When we do so, we will take reasonable steps to ensure that the overseas recipient handles your Personal Information in accordance with your rights under Australian law.
In particular we have the right to:
- host the data for the Application on servers located in the United States or another country outside of Australia;
- provide Personal Information to third party service providers pursuant to our contracts with those suppliers as detailed above, including those located outside of Australia;
- provide Personal Information to overseas recipients where necessary to perform contracts with you; and
- provide Personal Information to overseas-based third-party purchasers of our business.
You consent to the transmission of data for all of these purposes.
9 UNSOLICITED PERSONAL INFORMATION
If you voluntarily provide us with unsolicited Personal Information, then we will assess whether the holding of the Personal Information could have been collected by us if it had been solicited by us. This requires us to consider whether collecting the information would be ‘reasonably necessary’ for one of our functions or activities.
If the information could have been collected by us, then we will deal with it in accordance with this Policy.
If the information could not have been collected by us, then we will destroy or de-identify the information as soon as practicable providing it is lawful and reasonable for us to do so.
10 YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION
10.1 Our General Obligation to You
We will take reasonable steps to ensure that the Personal Information that we hold about you is accurate, complete and up-to-date.
Subject to the exceptions allowed by law, you have a right to view, change and remove the Personal Information that we store about you.
10.3 Requests for Us to Change or Update
If you are able to establish that your Personal Information is not accurate, complete or up-to-date, then we will take reasonable steps to update that information. If we disagree about the accuracy, completeness or currency of this information, then we will include a statement to this effect if you request us to do so.
Requests for us to assist you to view, change or remove your Personal Information, should be made in writing to firstname.lastname@example.org. We have the right to ask you to verify your identity and to provide us with any details necessary to enable us to comply with your request, including your name and the capacity in which you believe we are storing your Personal Information (i.e. as a customer, newsletter subscriber etc).
If we deny your right to access to the information directly, we will consider the option of using mutually agreed intermediaries to allow sufficient access to meet both your needs and our needs.
10.5 Administrative Charges
If you ask us to attend to your request, we have the right to request a small fee before we can assist you. This is a fee for answering your request, and not for making the request. Before we act on requests of this nature, we will tell you how much this service will cost, and we undertake that this charge will not be excessive. We will respond to your request within 10 business days.
10.6 Right to Receive Reasons
If we refuse to give access, or correct Personal Information, then we will provide you with our written reasons for doing so (unless this would be unreasonable) and the mechanisms available to complain about the refusal.
10.7 Limit on Right to Delete
Your right to delete your information is subject to our obligations under law to keep records for other purposes, including tax purposes.
10.8 Sources of Information
Finally, in addition to the above, you may also request details of the source of the Personal Information that we hold about you. We have the right not to disclose the source of information if it is impracticable or unreasonable for us to have to do so, but if we do provide that information to you, then there will be no charge.
11 DATA SECURITY
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your Personal Information, and to prevent unauthorised access, modification or disclosure of your Personal Information.
We will take reasonable steps to ensure that the Personal Information is deleted or de-identified if it is no longer required for any purpose for which it may be used or disclosed, and if we are not under legal obligations to retain it.
Due to the inherent nature of the Internet as an open global communications vehicle, we cannot guarantee that information will be absolutely safe during transmission through the Internet, while stored on our systems or while otherwise in our care.
If you contact us via email, via a messaging feature or through a ‘contact us’ or similar on our Website you should be aware that your transmission might not be secure. A third party could view information you send by these methods in transit. We have no liability for disclosure of your information due to errors or unauthorised acts of third parties during or after transmission.
12 OTHER PRIVACY INFORMATION
If somebody gains access to your mobile computing device, then they may be able to access your personal information. You are responsible for the security of, and access to, your mobile computing device.
Further Privacy information can be obtained on the website of the Australian Privacy Commissioner, which can be found at: http://www.privacy.gov.au.
If you wish to make a complaint about how we handle your Personal Information, then you must make it in writing to us using the contact details in Section 1 above. You must provide us with sufficient information about the nature and basis of your complaint to enable us to understand it, and the details of the resolution or action sought by you. We will investigate your complaint and respond to you within 30 days.
If you are not satisfied with the response to your complaint, or if (for whatever reason) we have not responded to you within 30 days, then please inform us of this fact. You may have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC).
14 DEFINITIONS AND INTERPRETATION
In this Policy, the following words have the following meanings:
‘Application’ means the Courageous KidsTM software application that is owned, or licensed by us whether directly, or through any third-party application store such as the App Store, or Google Play.
‘Content’ means all text, graphics, images, video, sound and other data displayed on, or made available from, the Application, or which are otherwise included in stories.
‘Personal Information’ means information that identifies you or could be used to identify you.
‘Sensitive Information’ has the meaning defined in the Privacy Act 1988.
‘Website’ means the website located at the domain ‘courageouskids.com.au’ and on all sub-domains, folders and sub-folders of that domain.
This Policy is governed by the following rules of interpretation:
A reference to ‘we’, ‘us’ or ‘our’ is a reference to Courageous Kids Pty Ltd (ACN 641 072 960).