Defibnet | info@3.26.49.77

Privacy Policy

  1. Home
  2. Legal
  3. Privacy Policy

Privacy Policy
May 2019

CommHealth Systems Pty Ltd ACN 629 299 038 ('we', 'our' and 'us') regards personal privacy and compliance with our obligations under the Privacy Act 1988 (Cth), including the Australian Privacy Principles, as an important part of our relationship with Defib Managers and users of our services. We will also endeavour to comply with the EU General Data Protection Regulation for Customers who access our site from within the EU.

This privacy policy ('Policy') sets out how we collect, use and handle Personal Information that we collect from:
Visitors, people who visit or browse our website,
Defib Managers, people who establish an account with us,
Subscribers, people who subscribe for information on products or services that we may periodically make available,
Customers, people who access our services to purchase products or any other defib-related registration or otherwise access our services, including downloading or using our mobile applications.

In this Policy:
- we refer to Visitors, Defib Managers, Subscribers, Customers and all other persons who access or use our services as ‘Users’ or ‘you’;
- 'Personal Information' means information or an opinion about an identified individual, or an individual who is reasonably identifiable (whether the information is true or not or recorded in any form or not)'. This may include name, identification number,location data, online identifiers (internet protocol addresses and cookie identifiers), and any factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person.
- ‘Sensitive information’ includes information about a person’s health, sexual orientation, sex life, racial or ethnic origin, political opinions, membership of a political association, professional or trade association or trade union, religious beliefs or affiliations, philosophical beliefs and biometric or genetic data.

This Policy applies to the domain name of Defibnet.com and tb.tk only and to our mobile applications.  It does not apply to, and we are not responsible for, the use of, or the protection of information provided to, other websites or services linked to our website or that you use to access our website, applications or services.

If you have any questions not addressed in this Policy, please feel free to contact us using the methods at the end of this Policy under the heading “Complaints and how to contact us”.

Please note, if you do not agree to our Privacy Policy and the Terms of Service, you can choose to discontinue using the products and services, and close your Defibnet account. If you are a parent or guardian, you are responsible for your child’s use of Defibnet services, including purchases.

Information that you provide to Defibnet
We may collect different Personal Information from you depending on the circumstances in which that information is collected.

For Visitors
We do not ask you to provide Personal Information if you are only a Visitor.

For Defib Managers
If you register as a Defib Manager and create an account on our website, we will require you to provide your name, email address, work phone or other contact number, account username and password, and for paid events, financial information such as bank account details.

For Subscribers
For Subscribers, we may collect your name, contact telephone number, organisation name, and email address.

For Customers
As a Customer, you may be required to provide certain Personal Information to complete a registration which may include your name, address, telephone number and email address. If you make a payment for an event, we may also collect financial information from you including your credit card number and expiration date. As part of our compliance with the Payment Card Industry Standard (“PCI”), we will only store partial credit card numbers. We will retain the transaction details for an event on our website for audit purposes.

In addition, a Defib Manager may require us to collect additional Personal Information required by them. Such information may include Sensitive Information. If this information is provided by the Customer, we will also have access to it and we will hold, use and disclose that information in accordance with this Policy. If and to the extent the Customer is providing such information on third parties, the Customer represents and warrants that Customer has consent from such third parties to disclose such information. 

If you download or use our mobile applications, we may collect your name and location.

In addition to collecting Personal Information via our website and mobile applications, we may collect Personal Information from Users by telephone or in correspondence from you (including by email, telephone, live chat, mail, fax or in person).

Information that Defibnet collects about you
Our website collects information about the use of our site by all Users, including:
- The website pages that you visit
- Your internet protocol address;
- The type of browser you are using;
- Your operating system;

Our website also uses cookies to assist in providing our services to all Users of the site.

Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can change your cookie settings via your browser settings.

For more information on the cookies we collect, please see our cookie policy.

Processing and disclosure of Personal Information
We use the Personal Information we collect to provide Users with a high level of service. In particular, we use Personal Information:
- to email Defib Managers to activate their account;
- to email information for which a User has subscribed;
- to email a Customer to confirm data;
- to deal with queries from Users.

We will not share your Personal Information with third parties without your consent other than as set out in this Policy. Certain employees have access to Personal Information as part of their user access to the Defibnet site.

Sharing Customer Data with Defib Managers
We share Customer's personal information as part of their registrations with the Defib Manager including Personal Information that the Defib Manager has requested that we collect as part of their deployment or other defib-related registration requirements.

Defib Managers are not bound to treat your information in accordance with this Policy and you agree that we are not responsible for their actions. Please review the relevant Defib Manager’s privacy policies and terms and conditions before providing your Personal Information in relation to a particular deployment.

For Subscribers
By submitting your contact details through our website, you consent to us displaying or sending such material to you. For material that we email to you, we provide a functional opt out facility with all promotional emails. You can let us know if you no longer wish to receive this sort of information by emailing us at info@3.26.49.77 and we will remove your details from the distribution list.

Third parties and sub-processors
We may disclose Personal Information to third party service providers (including IT service providers, data storage and handling facilities, payment systems operators, mail houses and legal or financial advisers) to the extent necessary for them to assist us in providing services to you. We engage service providers who do not use or disclose your Personal Information for any purpose other than the services for which they are engaged to provide. Please see our list of sub-processors for more information.

We may disclose Personal Information to other persons or organisations if required to do so by the order of a court or tribunal or if the disclosure is otherwise authorised or required by law. For example, Personal Information may be disclosed where it is necessary to eliminate or minimise a risk to public health or safety, investigate or deal with unlawful activity or serious misconduct or establish or defend a legal claim.

Direct marketing

For Customers
We do not engage in any third party marketing. We do not use any of the Personal Information we hold to engage in direct marketing with Customers, we may use the emails sent to Customers as part of any confirmation to inform them about Defibnet products and services.

For Subscribers and Defib Managers
We may use your Personal Information to provide you with further information about our products and services. Direct marketing from us generally takes the form of direct mail or electronic marketing (email, SMS, MMS, social media or other electronic means). In rare cases, we may use telemarketing, in which case we will comply with any applicable legislation.

By submitting your contact details through our website or by opting-in to be contacted through our marketing materials, you consent to direct marketing to you of our products and services. We may continue to contact you indefinitely until you indicate otherwise.

If you do not wish to be contacted with such information, you may opt out of receiving our direct marketing at any time by emailing info@3.26.49.77 or by updating your preferences at www.defibnet.com.

Retention and storage of collected information

For Customers
Defibnet retains personal information for a period of 4 years from the date of your last interaction with the site.

The security of your Personal Information is important to us. We are Level 1 Payment Card Industry (PCI) Compliant. We do not store full Credit Card numbers, only the first six and the last four digits of the Credit Card are retained.

For Defib Managers
We may retain your information for so long as you maintain an account with us.

For All Users
Any Personal Information that may be used by our site in order to carry out its necessary functions is stored on a secured server.

We will take all reasonable measures to ensure the security of your Personal Information. Our systems are hosted in Australia.  Our information is stored on Amazon Web Services (please see our list of sub-processors). The countries where your Personal Information may reside presently include the United States of America.

Defibnet complies with the Australian Privacy Act (1988) and the Notifiable Data Breaches (NDB) scheme (Part IIIC of the Privacy Act 1988). In line with the NDB, Defibnet has a data breach policy in place. In the event of a serious data breach, Defibnet will notify the Office of the Australian Information Commissioner and the affected individuals where required. Notification of a data breach may take the form of an email or a notice on our website.

If you have any questions about security on our website, you can email us at info@3.26.49.77.

Access to and rectification of Personal Information
Subject to any legal restrictions, we will let you know what Personal Information we hold about you if you ask us to. If your request is particularly complex, or requires detailed searching of our records, there may be a cost to you in order for us to provide this information.

For Defib Managers
Your records can be accessed and updated by you at www.defibnet.com. You can also delete your account at www.defibnet.com which will have the effect of removing your personal information from our systems up to 12 months later.

For Customers
To have your data rectified, please contact the Defib Manager and they will be able to edit your data. 

Non-personal information that is collected by Defibnet
Whenever anyone uses the Defibnet Site, our sub-processor Lucky Orange, collects information on how certain features of the Site are used, what general area Users are contacting us from and how many people visit the Site at any given time. This information does not contain any personal information of Users visiting or using the site. This information will only ever be used to aid us in any technical issues that may arise or for statistical analysis to help us identify and improve the use of the Site to the benefit of all Users. To unsubscribe from Lucky Orange tracking, please visit their website.

Processing of children’s data
If you are under the age of thirteen (13), please do not use Defibnet without the consent of your parent or legal guardian. We ask that parents and legal guardians help enforce our Privacy Policy by telling their children not to provide Personal Data through services online without their permission. If you believe your child (under the age of 13) has provided Personal Data to us online, please contact us on info@3.26.49.77 so we can react accordingly and delete or obfuscate your child’s data.

Data protection law
Data protection law gives people certain rights in connection with the way in which their personal information is used. If organizations do not comply with data protection law, they may be subject to sanctions and penalties imposed by the national data protection authorities and courts. When Defibnet collects and uses personal information, this activity and the personal information in question is covered and regulated by the local data protection law.

Complaints and how to contact us
If you would like further information on this Policy, or if you have any concern about the protection of your Personal Information, please email info@3.26.49.77 or contact our Privacy Officer at +61 2 9498 2228.

If you believe your privacy has been interfered with and wish to make a complaint, please contact our Privacy Officer. The Privacy Officer will investigate your complaint and notify you of the outcome. If your complaint indicates that there has been an interference with your privacy by a person other than us, the Privacy Officer may discuss the complaint with that other person in an attempt to resolve it.

If you are not satisfied with the outcome of your complaint or the way we handle it, you may make a complaint to the Office of the Australian Information Commissioner at www.oaic.gov.au.

Changes to Privacy Policy
We reserve the right to modify this Policy at any time, so please review it frequently. The updated version of the Privacy Policy will become effective immediately. If we make material changes to this Policy, we will notify you by email or by means of a notice on our homepage.