Effective as of 5 May 2021
We adhere to the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Privacy Act) and to the extent applicable, the EU General Data Protection Regulation (GDPR).
If you do not agree with this policy, do not access or use our Services or interact with any other aspect of our business. Where we provide the Services under contract with an organisation (for example, your employer) that organisation controls the information processed by the Services. For more information, please see Organization-Administered Accounts section below.
We collect personal information about you in the following ways:
Personal information that you may provide through the Services or otherwise communicate to us includes:
Our servers may automatically record certain information about how you use the Services, such as your Internet Protocol (IP) address, device and browser type, operating system, the pages or features of the Services that you browsed and the time spent on those pages or features, the frequency with which you use the Services, search terms, the links that you click on or use, and other statistics. We collect this information in server logs and by using cookies and similar tracking technologies to analyse trends, administer the website, track users’ movements around the website, gather demographic information about our user base as a whole, and deliver advertising.
For more information, please see our Cookies Policy, which includes information on how to control or opt out of these cookies and tracking technologies. You may be able to change the preferences on your browser or mobile device to prevent or limit your acceptance of cookies, but this may prevent you from taking advantage of some of our Services’ features.
When you, or an organisation for whom you work or whose premises you attend, uses our Services, camera(s) may capture footage of you for the purpose of automated biometric verification or biometric identification. In order to perform automated biometric verification, the system generates an “embedding” to represent a face. Embeddings are multidimensional numbers used to represent something. They are not human readable. These embeddings are unique to our system and are not useable in any other system. It is also impossible to “reconstruct” a face purely from an embedding.
Other users of our Services may provide information about you when they submit content through the Services. We receive your email address from other Services users when they provide it in order to invite you to the Services.
It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us by emailing us at email@example.com
Data captured by camera(s) or by other means at a customer site is stored on an on-premise server, with video footage having a rolling-delete functionality. Biometric information is also stored in the server as embeddings and metadata.
How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.
We use your information in the following ways:
When you use the Services, we share certain information about you with other Service users, however we do not share biometric information with other Service users, other than for the purpose of provision of the Services and then only to specified members of staff of the customer organisation that you are connected with for the purpose of their use of the Services, which may include the organisation being alerted in certain circumstances, reporting on time and attendance, and collating data for contact tracing if required.
If you register or access the Services using an email address with a domain that is owned by your employer or organization, and such organization wishes to establish an account or site, certain information about you including your name, email address and activity in the Services may become accessible to that organization’s administrator and other Service users sharing the same domain.
We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our Services. We neither rent nor sell your Personal Information to anyone. We share your Personal Information (in personally identifiable form) with third parties only as described below.
In certain situations, businesses or third party websites we’re affiliated with may sell items or provide services to you through the Services (either alone or jointly with us). We may, for example, sell products or provide services jointly with affiliated businesses. You can recognise when an affiliated business is associated with such a transaction or service, and we will share your Personal Information with that affiliated business only to the extent that it is related to such transaction or service. We may share non-personally identifiable information (such as anonymous usage data, referring/exit pages and URLs, platform types, number of clicks, etc.) with interested third parties to help them understand the usage patterns for certain Nirovision Services.
You understand that we cannot control what other users do with any content (including without limitation video, images, captions, and comments) you voluntarily disclose for such users to view on the Service (“User Submissions”). For example, we will share your video content with other users as directed by you via the functionality of the Services. We cannot control if other users you have allowed access to your User Submissions make such User Submissions publicly available and to be collected and used by others, or to be redistributed through the internet and other media channels.
We may release Personal Information when we believe in good faith that release is necessary to comply with that law; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of Nirovision, our employees, our users, or others. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction.
We may choose to buy or sell assets. In these types of transactions, customer information is typically one of the business assets that is transferred. Also, if we (or substantially all of our assets) are acquired, or if we go out of business or enter bankruptcy, Personal Information would be one of the assets transferred to or acquired by a third party.
In some cases we may ask for your consent to collect, use or share your personal information, such as when you let us post your testimonials or endorsements in the Service. Except as set forth above, you will be notified when your Personal Information may be shared with third parties, and will be able to prevent the sharing of this information.
Nirovision Holdings Pty. Ltd. will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.
We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.
We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it. We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose.
We will keep your data safe and secure.
We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation. We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law.
We do not collect or process any personal information from you that is considered “Sensitive Personal Information” under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or if it is being collected subject to and in accordance with the GDPR.
You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children without consent.
If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. Nirovision Holdings Pty. Ltd. complies with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU
Except as otherwise provided in the GDPR, you have the following rights:
Information that we collect may from time to time be stored, processed in or transferred between parties or sites located in countries outside of Australia. These may include, but are not limited to Australia and U.S.A.
We and our other group companies have offices and/or facilities in Australia and U.S.A. Transfers to each of these countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from Nirovision Holdings Pty. Ltd’s Data Protection Officer.
The hosting facilities for our website are situated in Australia and U.S.A. Transfers to each of these Countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from Nirovision Holdings Pty. Ltd’s Data Protection Officer.
Our Suppliers and Contractors are situated in Australia and U.S.A. Transfers to each of these Countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from Nirovision Holdings Pty. Ltd’s Data Protection Officer.
You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
We are committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
We limit access to personal information about you to employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs.
Where we employ data processors to process personal information on our behalf, we only do so on the basis that such data processors comply with the requirements under the GDPR and that have adequate technical measures in place to protect personal information against unauthorised use, loss and theft.
The Services may contain links to other websites and services operated by third parties, such as social media platforms, advertising services and other websites and applications. These links are not an endorsement of, or representation that we are affiliated with, any third party. We do not control third party websites, applications or services, and are not responsible for their actions. Other websites and services follow different rules regarding their collection, use and disclosure of your personal information. We encourage you to read their privacy policies to learn more.
You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act 1988 (Cth), and to the extent applicable the EU GDPR.
If you would like a copy of the information which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at firstname.lastname@example.org. We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act or any other applicable law.
Where the Service is provided to you through your employer or another organisation, that organisation is the administrator of the Service and we act only as its service provider. We are not responsible for the privacy or security practices of these organisations, which have their own privacy policies, and we encourage you to contact them with your privacy-related questions or requests to access, correct or delete your personal information.
Please note that your organisation’s administrator may be able to:
Please contact your organisation or refer to your administrator’s organisational policies for more information.
If you would like to make a complaint about the way we collect, use, disclose, store or administer your personal information, or otherwise consider there may be a breach of the Privacy Act or the APPs, you may lodge a complaint by contacting our Privacy Contact Officer using the contact details set out below.
All complaints will be treated seriously and dealt with promptly.
You may also make a complaint directly to the Office of the Australian Information Commissioner (OAIC) online, by mail, fax or email. Please visit the OAIC website at http://www.oaic.gov.au/privacy/making-a-privacy-complaint for more information.
Nirovision Holdings Pty. Ltd. 2/120 Sussex Street Sydney, NSW 2000. Australia