Last Updated: 30th of March 2021
As a provider of MSPMagic Services, we process Partner Data. Partner Data is information, which may include personal information, provided to us in connection with our processing of information on behalf of our Partners. Our Partners are those who contract with us to acquire our MSPMagic Services. The personal information which our Partners may collect, hold, use and disclose is a matter solely for our Partners. While we may become aware of some of it in connection with the provision of our MSPMagic Services, and while we have standards we require our Partners to observe regarding our Partners’ appropriate data-related conduct, we do not control the management of personal information which our Partners may collect, hold, use and disclose about our Partners’ customers (who might be referred as customers, tenants, clients or users).
Communications about privacy-related matters concerning Partner Data should be directed to the relevant Partner. Our Partners’ privacy and security practices are a matter for our Partners and may differ from those we adopt. While our Partners may be subject to privacy laws, we make no representations about their privacy law compliance.
1. Respecting your privacy
- the kinds of personal information we collect and hold;
- how we collect and hold it;
- the purposes for which we collect, hold, use and disclose it;
- your right to access and seek correction of it;
- how you may complain about privacy matters; and
- our sharing of personal information overseas.
2. Who are we?
3. What kinds of personal information do we collect and hold?
Our business functions and activities are those connected with the services we provide. Those services are described at www.mspmagic.com (MSPMagic Services).
The personal information we collect and hold is what is reasonably necessary for our business functions and activities. When we collect and hold personal information, it is generally limited to the following:
- such information as is appropriate to establish and manage Partner accounts. This may include, for example
- business contact information such as name, telephone number, email and other addresses
- subscription, payment and access authority information (such as credentials of authorised users)
- information about Partner access to the MSPMagic Service
- details uploaded to our sites. Examples concern information submitted to us via forms and online communications and in the context of support and service requests
- customer use details where reasonably necessary to provide the MSPMagic Service requested by Partners
- information automatically collected as a result of device or browser settings. Examples are IP addresses, date, time and length of site access and pages visited. You generally have the option of not identifying yourself or of using a pseudonym when dealing with us. But not where this is impractical or where the law or a court order provides otherwise.
4. How do we collect and hold personal information?
Collection of personal information: When we collect personal information, we may make a record of it. We may do this when:
- individuals communicate with us by any means (including online) and
- individuals subscribe to any information materials we make available (for example Partner newsletters/updates).
We may also collect non-sensitive personal information by automated means, for example through use of technologies which may not be apparent, sometimes known as cookies. There is a lot of information publicly available about how cookies work and how to change your device’s browser settings. For example, see materials published by the Australian Government’s Australian Signals Directorate’s Australian Cyber Security Centre. These include materials regarding cookies and security: https://www.cyber.gov.au/acsc/view-all-content/guidance/cookies-and-security.
We may acquire data from third parties. Sometimes this may include or enable us to identify personal information. Datasets may be publicly available datasets, or those acquired from others in connection with our services. Doing this may help us to analyse and improve our data, identify potential new MSPMagic Services partners and make changes which may improve our MSPMagic Services.
Holding of personal information: Personal information we hold is generally stored in computer systems. These may be operated by us or by our service providers. In all cases, we aim for rigorous information security requirements with the goal of eliminating risks of unauthorised access to, and loss, misuse or wrongful alteration of, personal information.
5. Why do we collect, hold, use and disclose personal information?
When we collect, hold and use personal information, we do so primarily for purposes in connection with our processing of Partner Data; to promote our services and to assist in investigating any enquiries or complaints.
We disclose personal information we collect for those purposes, and for incidental purposes. For example, we may disclose personal information within our company group and to our infrastructure and other service providers.
We may collect, hold, use and disclose your personal information for other purposes which are within reasonable expectations or where permitted by law. For example, there may be occasions when we use and disclose personal information to defend our rights, to prevent potential harm, when we may infer an individual’s consent, in connection with business transfers (for example a sale of assets) or when an exception relevantly applies under privacy law.
We do not use personal information which privacy laws treats as sensitive for marketing purposes. You may opt out of our direct marketing to you. Our direct marketing materials will tell you how to do this.
We may de-identify personal information. We may do this for use and disclosure of pseudonymous or anonymous data for various data analytics purposes.
6. How can you enquire about, access and correct your personal information?
Access: We will provide you with access to any of your personal information we hold, which does not include personal information to which we have access only as a processor on behalf of those who control your personal information. This is except in circumstances recognised by law. If you wish to access your personal information or have an enquiry about privacy, please email us at [email protected] or call us on +61 (03) 9016 9550
Before we provide you with access to your personal information we may require some proof of identity. We may charge a reasonable fee for giving access to your personal information if your request requires substantial effort on our part.
Correction: If you need to correct personal information we hold, please contact us at one of the above contact points.
How can you complain about our management of personal information?
If you wish to complain about a breach of the privacy rules that bind us, you may contact us at one of the above contact points. We may ask you to put your complaint in writing and to provide details about it. We also may ask for information to satisfy ourselves that your claimed identity is correct. We may discuss your complaint with our Partners, personnel, service providers and others (for example regulators) as appropriate.
We will investigate the matter and attempt to resolve it in a timely way. We will inform you in writing about the outcome of the investigation. If we do not resolve your complaint to your satisfaction and no other complaint resolution procedures are agreed or required by law, we will inform you that your complaint may be referred to the Australian Information Commissioner for further investigation and will provide you with the Commissioner’s contact details.
7. Our sharing of your personal information overseas
It is our policy to require all of our overseas sharing of personal information to be done in a way which requires observance of strict privacy and security laws, both during transit and at the overseas destination. We may allow your personal information to be shared with those who are in countries other than your own location. We do this:
- where we have made a business decision to store our data with a trusted service provider who is in the business of providing data storage and processing services. These services commonly involve diverse geographic locations which change from time to time for reasons which include data protection and processing efficiency. Where these services are used by us, it is not practical for us to notify you of which country your personal information may be located in
- for disclosures between our companies and service providers. Our main business location is in Australia but some of these others may be based in other countries from time to time and
- when our business which collected your personal information is in a different country to your location.
9. Other privacy terms and limits of this policy
This is a policy only. There may be additional privacy notices and terms relevant to you depending on the nature of your dealings with us. We have separate terms concerning our employees – this policy does not apply to the personal information of our employees in their capacity as such.
10. More information
More information about privacy law and privacy principles is available from the Australian Information Commissioner.
The Commissioner may be contacted at www.oaic.gov.au (email [email protected])