Privacy policy
This policy was last updated 4 July 2023
The website www.crikey.com.au and Crikey emails and newsletters are published by Private Media Pty Ltd. In this policy, “us” “we” or “our” means Crikey and Private Media.
In this policy, “Private Media” “us” “we” or “our” means Private Media and its related bodies corporate, partnerships and joint venture entities.
This Privacy Policy is intended to explain our obligations as a service provider and your obligations as a consumer in connection with our collection, use, disclosure, retention and protection of your personal information. Please read it carefully. This Privacy Policy applies across all websites that we own and operate and all services we provide, including any online and products, and any other applications or services we may offer (for example, events). For the purpose of this Policy, we refer to them as our ‘Services’.
1 Privacy Policy Scope
We are bound by the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (Privacy Act) (subject to exemptions that apply to us under that Act) and any other applicable data protection laws.
Private Media takes its obligations under the Australian Privacy Principles as contained in the Privacy Act very seriously, and has implemented practices, procedures and systems to ensure we comply with those laws.
When we refer to ‘personal data’ or ‘personal information’ in this Policy we mean identifiable information or an opinion relating to an individual. Examples include your name, email, address, telephone number, bank account details, payment information, support queries, community comments including identifiers, professional or employment-related information, financial account information, commercial information, visual information, and internet activity information. If you can’t be identified (for example, when personal data has been aggregated and anonymised) then this notice doesn’t apply. Check out our terms and conditions of use for more information on how we treat your other data.
2 Collection of your personal information
2.1 Types of information collected
2.1.1 Identifiable information:
We may collect the following types of personal data or information: * name; * mailing or residential address; * email address; * telephone number and other contact details; * age or date of birth; * credit card information; * your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information; * details of the Services we have provided to you or that you have enquired about, including any additional information necessary to deliver those Services and respond to your enquiries; * any additional information relating to you that you provide to us directly through our websites or indirectly through your use of our websites or online presence or through other websites or accounts from which you permit us to collect information; * information you provide to us through customer surveys; or * any other personal information that may be required in order to facilitate your dealings with us.
We may collect these types of personal information either directly from you, or from third parties.
2.1.2 Cookies
When you visit our websites, we or our business partners may also collect information about your use of those websites or apps (usage data) through the use of cookies and other tracking software. This usage data enables us to provide you with an improved and more effective and personalised service, keep track of the products and services you use, analyse trends, measure transaction and search patterns, administer our website, diagnose problems, test and improve the quality of our products and services, gather broad demographic information and enable us to conduct targeted online advertising.
You can manage the use of cookies on your computer or mobile device. If you do not wish to receive cookies you can set your browser so that your computer or device does not accept them. You can also clear stored cookies from that browser or device at any time. Please note however that blocking cookies may affect your browsing experience and result in our services not operating as efficiently or effectively as they could.
The usage data we collect and use in cookies is generally not of itself personally identifiable information but if it is linked to personal information about an individual, it may become personally identifiable usage data. In those circumstances we will treat that usage data as personal information and only use it in accordance with our Privacy Policy, the Privacy Act and any other applicable data protection legislation.
2.2 Why we collect this information from you
We hold, use and disclose your personal information for various purposes relating to our business, which include the following:
- To enable you to use our websites and Services. We process your personal information to perform our contract with you for the use of our websites and Services and to fulfill our obligations under the applicable terms of use; if we have not entered into a contract with you, we base the processing of your personal information on our legitimate interest to operate and administer our Services and to provide you with content you access and request (e.g., to download content from our websites)
- Managing user registrations: If you have registered for an account with us, we process your personal information by managing your user account for the purpose of performing our contract with you according to applicable terms of service;
- To communicate with you. This may include:
- providing you with information you’ve requested from us or information we are required to send to you
- To send to you operational communications, like changes to our websites and services, security updates, or assistance with using our websites and services
- marketing communications (about our products or services we think you might be interested in) in accordance with your marketing preferences
- asking you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with).
- To support you: This may include assisting with the resolution of technical support issues or other issues relating to the websites or Services, whether by email, in-app support or otherwise.
- To bill and collect money owed to us by you. This includes sending you emails, invoices, receipts, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and those third parties collect billing information to track your orders and credit card payments.
- To enhance our websites and Services and develop new ones: For example, by tracking and monitoring your use of websites and Services and the personal information of Contacts so we can keep improving, or by carrying out technical analysis of our websites and Services so that we can optimise your user experience and provide you with more efficient tools.
- To protect: So that we can detect and prevent any fraudulent or malicious activity, and make sure that everyone is using our websites and Services fairly and in accordance with our terms of use.
- To market to you: In addition to sending you marketing communications, we may also use your personal information to display targeted advertising to you online – through our own websites and Services or through third party websites and their platforms.
- To analyse, aggregate and report: We may use the personal information we collect about you, Contacts and other users of our websites and Services (whether obtained directly or from third parties) to produce aggregated and anonymised analytics and reports, which we may share publicly or with third parties
- Complying with legal requirements: We may use personal information for the purpose of complying with legal requirements, and facilitating the safety and security of our Services (including authenticating users, facilitating secure payments, enforcing our terms and policies, responding to a legal request or claim, protecting against fraud and abuse, and conducting audits
2.3 How this information is collected
2.3.1 Identifiable Information
When you visit or use some parts of our websites and/or Services we might ask you to provide personal information to us. For example, we ask for your contact information when you sign up for a demo or trial, respond to a job application or an email offer, participate in community forums, join us on social media, take part in training and events, contact us with questions or request support.
If you purchase Services, you may need to provide us with payment and billing information, such as your credit card details and billing address. In order to use certain parts of the Services, you also provide us with information about individuals, such as their names and email addresses. We use and process this information to provide the Services in accordance with your instructions.
If you don’t want to provide us with personal information, you don’t have to, but it might mean you can’t use some parts of our websites or Services.
2.3.2 Non-identifiable information
We collect some information about you automatically when you visit our websites or use our Services, like your IP address and device type. We also collect information when you navigate through our websites and Services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our websites and Services so that we can continue to provide the best experience possible (e.g., by personalising the content you see).
Some of this information is collected using cookies and similar tracking technologies. This information will be considered personal information where we can link this information to your account or to an identifiable individual. If you want to find out more about the types of cookies we use, why, and how you can control them, take a look at our cookie notice..
2.3.3 Unsolicited personal information
If we receive your personal information from a third party without having asked you for it, then within a reasonable time, we will determine whether we could have collected it in the ways outlined above. If we determine that it could not have been collected in one of those ways and it is legal and reasonable to do so, then as soon as practicable we will:
- destroy the information; or
- ensure that it is de-identified before storing in our systems.
You are not obliged to provide your personal information to us, but if you choose not to do so, then we may not be able to provide some or all our Services to you. You may however use a pseudonym during some interactions and where it is not necessary for us to identify you. For clarification on circumstances where you must identify yourself, please contact our Privacy Officer at privacy@crikey.com.au. You may use a pseudonym or not identify yourself when making such a request.
Sensitive information (e.g. information about your race, ethnicity, health or criminal record) is subject to additional legal protections. We will only collect your sensitive information with your consent or when permitted under Australian law.
We use a third-party intermediary to manage credit card processing. This intermediary is not permitted to store, retain or use your billing information for any purpose except for processing credit card payments on our behalf.
We will not adopt a government related identifier as your identifier unless we are required or authorised by law or it is reasonably necessary to verify your identity for the purposes of our activities or functions or necessary to fulfil our obligations to an agency or State or Territory authority.
We will take such steps (if any) as are reasonable in the circumstances to ensure that your personal information we collect, use or disclose is accurate, up-to-date, complete and relevant.
2.4 How this data is stored
Our websites are published, hosted and managed in Australia by Private Media with web servers in Sydney. Our marketing automation tool, SalesForce Marketing Cloud, is hosted in the Cloud and managed and provided by Salesforce.com Inc in the United States, also hosted in the United States.
We use strict computer and user access mechanisms to protect this data you provide in a secure way. For the purpose of protecting your data we use:
- Secure Socket Layer (ssl) on crikey.com.au that will encrypt your data being transmitted between the web form on the site and our servers.
- Firewalls protect our websites and other systems storing data 24/7
- 2 factor authentication (2FA) is used for systems storing your data so that only authorised employees have access to this.
- Daily backups that are securely stored in the Cloud are taken daily to protect any data loss as part of a system failure.
We take reasonable steps to ensure that any overseas recipients of your personal information do not breach the privacy obligations relating to your personal information. These overseas recipients may be required to disclose information we disclose to them under a foreign law. In those instances, we will not be responsible for that disclosure.
2.5 How long we keep your data for
Your personal information will only be retained for as long as it is reasonably necessary to fulfil the purposes for which it was collected or as required for a legal, accounting or reporting purpose.
2.6 How this data is used
2.6.1 Marketing
We may collect, hold, use and disclose your personal information to send you marketing communications about our product and services and the products and services of our business partners that you may be interested in. We may do this through mail, phone, SMS, social media, email, app notifications and advertising through our websites or third-party websites..
2.6.2 Opting-out of direct marketing
We will always provide a simple means for you to “opt-out” from receiving direct marketing, which typically involves an “opt-out”, “unsubscribe” or “manage subscription preferences” link on emails.
If at any time in the future you do not want us to send you direct marketing material, then you can simply inform our Privacy Officer using the contact details below at the end of this policy.
If you receive communications from us that you believe have been sent to you other than in accordance with this Privacy Policy, or in breach of any law, please contact us using the details provided below.
Your personal information will not be shared or disclosed other than as described in this Privacy Policy.
3. Sharing your information
There will be times when we need to share your personal information with third parties. We will only disclose your personal information to:.
- our employees, related bodies corporate, business partnerships and joint venture entities;
- our external service providers including without limitation web hosting providers, third party marketing platforms (including social media platforms), advertisers, IT systems administrators, mailing houses, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisers such as accountants, solicitors, business advisors and consultants;
- our existing or potential agents and/or business partners;
- our sponsors, or promoters of any competition that we conduct or promote via our services;
- specific third parties authorised by you to receive information held by us;
- the police, any relevant government authority or enforcement body, or your Internet Service Provider or network administrator, for example, if we have reason to suspect that you have committed a breach of any of our terms and conditions, or have otherwise been engaged in any unlawful activity, and we reasonably believe that disclosure is necessary;
- as otherwise required or permitted by law (including the Privacy Act)
- an actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business or our websites (or any of them); or
- a subsequent operator of any of our websites; or
- other people, where we have your consent.
4. Your Rights
It’s your personal information and you have certain rights relating to it.
You may request access to any personal information we hold about you by contacting us (see “contact us”). You may also contact us to request that we delete information that we hold about you or that we delete your account. We will respond to your request within a reasonable period. We will give access in the manner you have requested if it is reasonable to do so. We will not charge for simply making a request and will not charge for making any corrections to your personal information. However, depending on the nature and scope of the personal information you have requested, we may charge you a reasonable fee to provide access to this information.
If you make an access request, we will ask you to verify your identity. There may be instances where, for legal reasons, we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others, or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal and information on how you can complain about the refusal.
We take reasonable precautions to ensure that the personal information we collect, hold, use and disclose is correct, complete and up-to-date. However, the accuracy of that information depends to a large extent on the information you or others provided to us. If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it. We will also give you written reasons for any refusal and information on how you can complain about the refusal.
Members or subscribers to our websites or other media will generally be able to access and update their details online. We request that you keep your information as current as possible so that we may continue to improve our service to you.
5. Privacy Complaints
If you have a concern or complaint relating to our handling of your personal information or any breaches of the Australian Privacy Principles, please send a written note outlining the nature of the complaint to the Privacy Officer using the contact details below at the end of this policy.
We will endeavour to respond to your complaint within 10 business days of receipt. If unresolved, the complaint may be referred to an external complaints resolution entity and finally, if necessary, taken to the Office of the Australian Information Commissioner (OAIC). The OAIC can be contacted at either www.oaic.gov.au or by calling 1300 363 992.
6. Contact us
If you would like a copy of this Privacy Policy sent to you, or if you have questions about this privacy policy, please contact us via email or mail:
Privacy Officer, Crikey
PO Box 5239 380 Bourke St
MELBOURNE VIC 3000
Email: privacy@crikey.com.au