Privacy Policy

Effective: June 7, 2022

SHEQSY Pty Ltd and SHEQSY Limited (referred to as “SHEQSY“, “we”, “our” or “us“) understand that the privacy of your information (including personal information) is important and are committed to protecting the information we collect from your use of the SHEQSY lone worker safety solution, as further described on our website, https://www.sheqsy.com

There are many different ways you can use our services – to share information, to communicate with other people, or to create new content.

When you share information with us, for example by creating an account with us, we can make those services even better – to help you connect with people or to make sharing with others quicker and easier. As you use our services, we want you to be clear how we’re using information and the ways in which you can protect your privacy.

Where our processing of your information is covered by the General Data Protection Regulation 2016/679 (“GDPR”) the sections of this Privacy Policy in Appendix 1 – Your Rights – apply to you.

 

Our Privacy Policy explains:

  • What information we collect and why we collect it.
  • How we use that information.
  • The choices we offer, including how to access and update information.

We’ve tried to keep it as simple as possible, but if you’re not familiar with terms like cookies, IP addresses and browsers, then read about these key terms first. Your privacy matters to us; whether you are new to SHEQSY or a long-time customer, please do take the time to get to know our practices – and if you have any questions, contact us.

Transparency and choice

People have different privacy concerns. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used and control who you share information with. By providing personal information to us, you consent to us collecting, holding, using and disclosing your personal information in accordance with this Privacy Policy. You do not have to provide personal information to us, however, if you do not, it may affect your use of this Site or the products and/or services offered on or through it.

You may also set your browser to block all cookies, including cookies associated with our services, or to indicate when a cookie is being set by us. However, it’s important to remember that many of our services may not function properly if your cookies are disabled. For example, you may not be able to login to SHEQSY or utilise other services.

What information do we collect?

We collect information to provide better services to all of our users – from figuring out basic stuff like which language you speak, to more complex things like what content of ours matters most to you (“Data”).

We collect information in the following ways:

  • Information you give us. We collect information about you and your company as you register for an account with us, create or modify your profile, use, access, or interact with our services or our websites (including but not limited to when you upload, download, collaborate on or share content, including photos and videos). Such content includes any personal information or other sensitive information that you choose to include. For example:
    • Pictures, videos, voice and text messages, edits to messages or deleted messages, and other types of files.
    • Account creation information such as an email address and password to create an account.
    • Billing, credit card and other information collected and stored by our corporate affiliates and third party payment processors on our behalf (or we may do this ourselves). 
  • Personal information. A Customer may choose to enter personal information necessary to facilitate the use of the SHEQSY System, including response to alerts being activated from that usage. Personal information is any information that can be used to identify personnel and nominated contacts, and may include: name, address, a photo, medical notes, occupation and contact details (address, telephone numbers and email address); 
  • Services usage information. This is information about how you are accessing and using the Services, which may include administrative and support communications with us and information about the features, content, and links you interact with, and what third party integrations you use (if any).
  • Information we get from your use of our services. We may collect information about the services that you use and how you use them, like when you visit a website that uses our services or you view and interact with our content. This information includes:
    • Log data. When you use the Services our servers automatically record information, including information that your browser sends whenever you visit a website or your mobile app sends when you are using it. This log data may include: 
      • details of how you used our service;
      • Internet Protocol address;
      • device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL; and
      • cookies that may uniquely identify your browser or your account.
    • Device information. We may collect information about the device you are using the Services on, including what type of device it is, what operating system you are using, device settings, application IDs, and unique device identifiers. Whether we collect some or all of this information often depends on what type of device you are using and its settings.
    • Geo-location information. Precise GPS location from mobile devices is collected only with your permission. WiFi and IP addresses received from your browser or device may be used to determine approximate location.
    • Services integrations. If, when using the Services, you integrate with a third party service, we will connect that service to ours. The third party provider of the integration may share certain information about your account with us.
    • Third party data. We may also receive information from affiliates in our corporate group, our partners, or others that we use to make our own information better or more useful. This might be aggregate level information, such as which IP addresses go with which zip codes, or it might be more specific information, such as about how well an online marketing or email campaign performed
    • Unique application numbers – Certain services include a unique application number. This number and information about your installation (for example, the operating system type and application version number) may be sent to us when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates.
    • Local storage– We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches.
    • Cookies and anonymous identifiers – We use various technologies to collect and store information when you visit our services, and this may include sending one or more cookies or anonymous identifiers to your device. We also use cookies and anonymous identifiers when you interact with services we offer to our partners, such as advertising services or SHEQSY features that may appear on other sites.
    • Contact information – When you choose to use the SHEQSY services to invite members of your contact list to be part of your organisation, we may collect, sync and store certain contact information such as names, phone numbers and email addresses. This information may be sent to our servers for the purposes of providing those members of your contact list with an invitation to participate in the SHEQSY services as directed by you. 

Why does the SHEQSY app use background location and require access to your location ‘all the time’?

In order for SHEQSY to improve the safety of people working alone, SHEQSY will collect your location data:

  • To deliver features such as Activities, Shifts and Quick Panic when the SHEQSY app is running in the foreground and background
  • To provide accurate and timely information to your organisation

How do we use your Data?

We may use the information we collect, including your personal information and transaction information, from all of our services in any one or more of the locations that SHEQSY has operations or otherwise conducts business (these locations currently being Australia, North America, and Europe) for the following purposes:

  • To understand and improve our Services. We carry out research and analyze trends to better understand how users are using the Services and improve them; 
  • To inform you about changes in our Services, our Service offerings, and important Service related notices, such as security and fraud notices. These emails and messages are considered part of the Services and you may not opt-out of them. In addition, we sometimes send emails about new product features or other news about SHEQSY. You can opt out of these at any time;
  • Billing and account management. We use account data to administer accounts and keep track of billing and payments;
  • Communicating with you and marketing. We often need to contact you for invoicing, account management, support and similar reasons. We may also use your contact information for our own marketing or advertising purposes. You can opt out of these at any time;
  • To investigating and prevent abuse and fraud;
  • to promote our services and related services;
  • to analyse information in order to offer aggregated anonymised data products to third parties;
  • to facilitate the sharing of aggregated and anonymised information with third parties, including transaction data. An example of anonymised information would be the number of times a template is used or location data , which may be used by those third parties to inform judgements about the organisation using the software, but not about any individuals whose data is processed using the software;
  • to enforce the Privacy Policy and our terms and conditions for use of our services and websites;
  • to monitor and analyse trends, usage, and activities in connection with our services and for marketing or advertising purposes or to offer you tailored content;
  • to investigate and prevent fraudulent transactions, unauthorised access to or use of our services, and other illegal or unusual activities;
  • to use the name you provide for your SHEQSY profile across all of the services we offer that require a SHEQSY account. In addition, we may replace past names associated with your SHEQSY account so that you are represented consistently across all our services. If other users already have your email, or other information that identifies you, we may show them your publicly visible SHEQSY profile information, such as your name and photo;
  • when you contact us, to keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements;
  • from cookies and other technologies, to improve your user experience and the overall quality of our services;
  • to combine information from one service, including personal information, into other SHEQSY services – for example to make it easier to share things with people you know;
  • as otherwise stated in this Privacy Policy.

This policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified so it is no longer associated with an identifiable user or Customer of the Services. To use the information we collect, we may require our systems to access, screen capture, store, video and/or scan your information. Where appropriate or required by data protection laws, we will ask for your consent before using information for a purpose other than those that are set out in this Privacy Policy.

 

Who do we Share and Disclose Customer Data with? 

There are times when Data described in this privacy policy may be shared by SHEQSY. This section discusses only how SHEQSY may share such information. Customers determine their own policies for the sharing and disclosure of Customer Data. SHEQSY does not control how Customers or their third parties choose to share or disclose Customer Data.

SHEQSY may share Customer Data in accordance with our agreement with the Customer and the Customer’s instructions, including:

  • With third party service providers and agents. We may engage third party companies or individuals to process Customer Data.
  • With affiliates. We may engage affiliates in our corporate group to process Customer Data.
  • With third party integrations. SHEQSY may, acting on our Customer’s behalf, share Customer Data with the provider of an integration added by Customer. SHEQSY is not responsible for how the provider of an integration may collect, use, and share Customer Data. 
  • With third party service providers and agents. We may engage third party companies or individuals, such as third party payment processors, to process information on our behalf.
  • With affiliates. We may engage affiliates in our corporate group to process other information.

SHEQSY may share or disclose Customer Data and other information as follows:

  • During changes to our business structure. If we engage in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of SHEQSY’s assets, financing, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence).
  • To comply with laws. To comply with legal or regulatory requirements and to respond to lawful requests, court orders and legal process.
  • To enforce our rights, prevent fraud and for safety. To protect and defend the rights, property, or safety of us or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud.

We may disclose or use aggregate or de-identified information for any purpose. For example, we may share aggregated or de-identified information with our partners or others for business or research purposes like telling a prospective SHEQSY Customer the average number of messages sent within a SHEQSY workspace in a day or partnering with research firm or academics to explore interesting questions about workplace communications. We may receive a fee for doing this.

Retention of Personal Data 

We will retain your personal information for the time necessary to provide the services we perform for you, or to achieve other purposes outlined in this Privacy Policy, and you can always request that we stop processing or delete your personal information.

We’re required to keep some of your information for certain periods of time under law. When we no longer require your information, we’ll ensure that your information is destroyed or de-identified.

We may need to retain certain personal information after we cease providing you with products or services to enforce our terms, for fraud prevention, to identify, issue or resolve legal claims and/or for proper record keeping.

Children’s information

Our Services are not directed to children under 13. If you learn that a child under 13 has provided us with personal information without consent, please contact us.

Information security

We have put in place robust measures regarding the security of the information we collect and store about you (including through the use of network and database security measures) and will use our reasonable endeavours to protect your personal data from unauthorised access to or unauthorised alteration, disclosure or destruction. In particular:

  • We encrypt many of our services using Secure Sockets Layer (SSL) or Transport Layer Security (TLS).
  • We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.
  • We restrict access to personal information to our employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
  • We have multiple authentication and access control measures to ensure data is only accessed by authorised personnel.
  • We enforce strong encryption of all data at rest through the use of the Advanced Encryption Standard (AES-256).

The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our servers via third party networks; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Application

Our Privacy Policy applies to all of the services offered by SHEQSY and its affiliates, including services offered on other sites, but excludes services that have separate privacy policies that do not incorporate this Privacy Policy.

Our Privacy Policy does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you in search results, sites that may include SHEQSY services, or other sites linked from our services. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our services.

Enforcement

We regularly review our compliance with our Privacy Policy. We also adhere to several self regulatory frameworks. When we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.

Restrict

You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below.

Access

You may request details of the personal information that we hold about you. An administrative fee may be payable for the provision of such information. In certain circumstances, as set out in the Privacy Act 1988 (Cth), we may refuse to provide you with personal information that we hold about you.

 

Correction

If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading or out of date.

Complaints

If you believe that we have breached the Australian Privacy Principles and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint.

Other Websites

Please note that clicking on links and banner advertisements on our websites can result in your browser accessing a third party website, where data privacy practices are different to that of SHEQSY.

We are not responsible for, and have no control over, information that is submitted to or collected by these third parties and you should consult their privacy policies.

Changes

We may revise this Privacy Policy from time to time and will post the most current version on our website. If a revision meaningfully reduces your rights or involves a material change to our processing your personal information, we will notify you.

Contact

If you have any enquiries or if you would like to contact us about our processing of your personal information, please contact us by any of the methods below. When you contact us, we will ask you to verify your identity.

Contact name: Privacy Officer

Email: privacy@safetyculture.io

Telephone: +61 1300 984 245

Post:   
The Privacy Officer
c/o Boardroom
Level 12, 225 George Street
Sydney  NSW  2000

 

Appendix 1 – Your Rights

(a) GDPR

For the purpose of this Privacy Policy the controller of personal data is SHEQSY and our contact details are set out in the Contact section above.

The Legal Basis for Processing your Information 

Under GDPR, the main grounds that we rely upon in order to process personal data collected via our websites and services are the following:

  • Necessary for entering into, or performing, a contract– in order to perform obligations that we undertake in providing a service to you, or in order to take steps at your request to enter into a contract with us, it will be necessary for us to process your personal data;
  • Necessary for compliance with a legal obligation– we are subject to certain legal requirements which may require us to process your personal data. We may also be obliged by law to disclose your personal data to a regulatory body or law enforcement agency;
  • Necessary for the purposes of legitimate interests– either we, or a third party, will need to process your personal data for the purposes of our (or a third party’s) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your personal data protected. Our legitimate interests include responding to requests and enquiries from you or a third party, optimising our website, applications and customer experience, informing you about our products and services and ensuring that our operations are conducted in an appropriate and efficient manner;
  • Consent– in some circumstances, we may ask for your consent to process your personal data in a particular way.

 

Third Party Service Providers

As mentioned above, we will share your personal information with trusted third parties where we have retained them to provide services that you or our clients have requested, and to perform maintenance or respond to technical incidents affecting our services. You can request a list of sub-processors currently engaged by SHEQSY by emailing us at privacy@safetyculture.io.

 

Where we disclose personal information to third parties, we require minimum standards of confidentiality and data protection from such third parties.

Processing Outside of the European Economic Area (“EEA”)

To the extent that any personal information is provided to third parties outside the EEA, or who will access the information from outside the EEA, we will ensure that approved safeguards are in place to ensure that we comply with GDPR, such as the standard contractual clauses approved by the European Commission.

SHEQSY processes personal information on our servers in many countries around the world. We may process your personal information on a server located outside the country where you live, including outside the EEA. We use datacentres operated by our third-party cloud hosting provider, Amazon Web Services (“AWS”) to store user data and data uploaded to our products.

Retention of Personal Data 

We will retain your personal information for the time necessary to provide the services we perform for you, or to achieve other purposes outlined in this Privacy Policy, and you can always request that we stop processing or delete your personal information (see the section below regarding your rights).

Your rights in respect of information we hold about you 

You have certain rights in relation to personal information we hold about you. Details of these rights and how to exercise them are set out below. We will require evidence of your identity before we are able to act on your request.

Right of Access

You have the right at any time to ask us for a copy of the personal information about you that we hold. Where we have good reason, and if the GDPR permits, we can refuse your request for a copy of your personal information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reasons for doing so.

Right of Correction or Completion

 

If personal information we hold about you is not accurate, out of date or incomplete, you have a right to have the data rectified, updated or completed. You can let us know by contacting us at privacy@safetyculture.io.

 

Right of Erasure

 

In certain circumstances, you have the right to request that personal information we hold about you is erased e.g. if the information is no longer necessary for the purposes for which it was collected or processed or our processing of the information is based on your consent and there are no other legal grounds on which we may process the information.

Right to object to or restrict processing

 

In certain circumstances, you have the right to object to our processing of your personal information by contacting us at privacy@safetyculture.io. For example, if we are processing your information on the basis of our legitimate interests and there are no compelling legitimate grounds for our processing which override your rights and interests. You also have the right to object to use of your personal information for direct marketing purposes.

You may also have the right to restrict our use of your personal information, such as in circumstances where you have challenged the accuracy of the information and during the period where we are verifying its accuracy.

Right of Data Portability

 

In certain instances, you have a right to receive any personal information that we hold about you in a structured, commonly used and machine-readable format.  You can ask us to transmit that information to you or directly to a third party organisation.

The above right exists only in respect of personal information that:

  • you have provided to us previously; and
  • is processed by us using automated means.

 

While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third party organisation’s systems. We are also unable to comply with requests that relate to personal information of others without their consent. 

You can exercise any of the above rights by contacting us using any of the methods in the Contact section above.

Most of the above rights are subject to limitations and exceptions.  We will provide reasons if we are unable to comply with any request for the exercise of your rights.

To the extent that we are processing your personal information based on your consent, you have the right to withdraw your consent at any time. You can do this by contacting us using the details in the Contact section above.

Automated decision-making

Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. It is specifically regulated under GDPR where such decisions are taken which have legal or other significant effects on individuals. It is permitted in the following circumstances:

  • Where it is necessary to enter into or perform our contract with you and appropriate measures are in place to safeguard your rights.
  • In limited circumstances, with your explicit written consent and where appropriate measures are in place to safeguard your rights.

You will not be subject to decisions that will have a significant impact on you based solely on automated processing, unless we have a lawful basis for doing so, we have notified you and given you a right to challenge the decision or to require that the decision be taken by a person.

Complaints 

If you are unhappy about our use of your personal information, you can contact us using the details in the Contact section below. You are also entitled to lodge a complaint with the UK Information Commissioner’s Office using any of the below contact methods:

Telephone: 0303 123 11113

Website: https://ico.org.uk/concerns/

Post:    Information Commissioner’s Office
              Wycliffe House
              Water Lane
              Wilmslow
              Cheshire
              SK9 5AF

If you live or work outside the UK or you have a complaint concerning our activities outside the UK, you may prefer to lodge a complaint with a different supervisory authority.  A list of relevant authorities in the EEA and the European Free Trade Area can be accessed here.

 

Discover how easy it is to keep your lone workers safe

Try SHEQSY for free now. No Credit Card. No obligations.