THE EVOLVED GROUP – POLICY INFORMATION HANDLING AND PRIVACY
1. Introduction
Evolved Insights Pty Ltd is an Australian company that provides market research services and technologies including:
- Human Listening – market and customer insights platform
- Evolved Thinking – research design and development
- Evolved Communities – online communities of interest
- Tailored, industry listening solutions including for employees, brand insights and new product development
Some of these services are provided through our websites (Sites) and some are provided in-person. All of our services, products and Sites are collectively referred to as our Services.
This Policy describes how we collect and handle personal information through our Services, and through other engagements, with our customers and clients and (Clients), Clients’ registered platform users (Platform Users) and individuals who complete surveys (Survey Respondents). In this Policy, we, us and our means Evolved Insights Pty Ltd ACN 141 289 705 and our related companies (which are also referred to collectively as Evolved Insights Pty Ltd).
This Policy applies generally to all personal information we collect, with section 5 of this Policy applying specifically to all personal information we collect from market and social research. This information is protected by the Australian Privacy Act 1988 (Cth). Information about this Act can be found on the website of the Office of the Australian Information Commissioner (OAIC) – https://www.oaic.gov.au/. In addition, information we collect from market and social research is protected by the Association of Market and Social Research Organisations’ Privacy (Market and Social Research) Code 2021 (AMSRO Code). A copy of the AMSRO Code can be found at the following link ASMRO Code
2. What is considered personal information
When used in this policy, the term personal information or Personal Data means: any information relating to a person who can be directly or indirectly identified by reference to an identifier such as a name, an identification number, financial/payment information, social media information, location data, or an online identifier. In general terms, it means any information that can be used to personally identify you.
3. What personal information we collect and hold
We may collect data from Clients, Platform Users and Survey Respondents in different ways, including through their actions in directly providing it to us and through other methods where it is collected automatically through use of our Services.
3.1 Information Clients and Platform Users provide us
- Account Data
Clients and Platform Users provide this data directly to us when creating an account on our Services (Account), when you administer your organisation’s account or when you purchase a service or subscription from us.
We may collect the following Account Data from our Clients and Platform Users:
(a) name;
(b) mailing or street address;
(d) email address;
(e) social media account information;
(f) telephone number;
(g) age or birth date;
(h) profession, occupation or job title;
(i) employee number.
The legal basis for this collection and processing is based on:
- consent through:
- voluntary submission of a registration form and agreeing to these terms including by clicking a “Register User button”; or
- by executing a contract with us that refers to this Policy.
(b) the Personal Data being necessary for the performance of a contract with Clients;
(c) for carrying out pre-contractual measures; and/or
(d) any other legitimate interests as detailed in this Policy.
The registration of an account and voluntary provision of Personal Data is for us to offer you Services that may only be available to Platform Users.
- 2. Interaction Data
If a Client or Platform User provides us feedback or contact us via an online form, e-mail, or other means including by phone call or by contracting with us, we will collect your name and e-mail address, as well as any other content included in the form, e-mail or conversation, in order to send you a reply. We will store and process your communications and information as needed.
This Interaction Data also includes:
(a) details of the Services the Client has purchased from us or which you have enquired about, together with any additional information necessary to deliver those Services and to respond to your enquiries;
(b) any additional information relating to the Client or Platform User that they provide to us directly through our Sites or indirectly through use of our Site or online presence through our representatives or otherwise;
(c) information provided to us through our service centre, customer surveys or visits by our representatives from time to time.
The legal basis for this processing is based on:
(a) voluntary submission of a registration form and agreeing to these terms by clicking a “Register User button”;
(b) by voluntary submission of data to us in other means;
(c) the Personal Data being necessary for the performance of a contract with the Client or Platform User;
(d) for carrying out pre-contractual measures (this includes for stages where the Client or Platform User requests to learn more about our services); and/or
(e) any other legitimate interests as detailed in this Policy.
By submitting a registration form or making contact with us such Personal Data is transmitted on a voluntary basis and you consent to its collection.
- Subscription Data
On the Site the Client and Platform Users may have the ability to subscribe to various newsletters or other notifications. We may collect the data when the individual’s details are input for subscription purposes.
The Personal Data is processed for the purpose of providing information regularly by means of a newsletter or other notification. The Personal Information collected during the subscription will only be used for marketing purposes or for reasons made known on the form.
The legal basis for this processing is based on:
(a) consent through voluntary submission of the form and agreeing to these terms including by clicking an “I Agree button” or “Subscribe button” or similar; and/or
(b) any other legitimate interests as detailed in this Policy.
By submitting subscribing to a newsletter or other notifications and voluntarily providing us with Personal Data, the Client and Platform Users are providing consent to the use of such data by us. For the purpose of revocation of consent there is a corresponding unsubscribe link found in each subscription email.
- Public Data
Clients and Platform Users should keep in mind that if they directly disclose personal information or personally sensitive data through Evolved Insights Pty Ltd public message boards and/or communities, this information may be collected and used by others outside the control of Evolved Insights Pty Ltd.
This Personal Data includes information such as profile information, time zone and any other information the individual inputs. Clients and Platform Users are responsible for what they make public.
The legal basis for this processing is based on consent through voluntary submission to the public message board and/or community, and agreeing to these terms including by clicking an “I Agree” or similar button.
We may also collect Personal Data at other points in our Site that state that Personal Data is being collected and Clients or Platform Users voluntarily provide it. In some circumstances, Personal Data is provided to us by third parties such as our related entities, service providers or other organisations conducting activities on the Client or Platform User’s behalf where express consent has been given to that third party, for the Personal Data to be used and disclosed to us in this way. We are entitled to presume that Clients and Platform Users have given their consent to third parties disclosing to us and using their Personal Data in this way. The purposes as outlined above may include the processing of such Personal Data to the extent necessary for us to comply with a law, regulation or legal request or to protect the safety of any person or to prevent fraud.
3.2 Information Survey Respondents provide us
The way we collect, use and process personal information provided by Survey Respondents is detailed in section 5.
3.3 Information we collect through use of our Services
- Log Data
Evolved Insights Pty Ltd automatically collects information about your computer hardware and software. This may include: IP address, browser type, domain names, access times and referring site addresses. This information is used by Evolved Insights Pty Ltd to understand and analyse trends, to administer the Site, to learn about user behaviour on the Site, for the operation of the Services, to maintain quality of the Services, and to provide general statistics regarding use of the Site.
The legal basis for this processing is based on:
(a) the Personal Data being necessary for the performance of a contract to which the Client or Platform User is a party;
(b) for carrying out pre-contractual measures; and/or
(c) the legitimate interests of carrying out our business, providing personalised Services to you and any other legitimate interests as detailed in this Privacy Policy.
Evolved Insights Pty Ltd keeps track of the pages our customers visit within our Sites, in order to determine what Services are the most popular. This data is used to deliver customized content and advertising within our Sites to Clients, Platform Users and Survey Respondents whose behaviour indicates that they are interested in a particular subject area.
- Google Analytics
We currently use Google Analytics as well as Google Analytics for Display Advertising. Google Analytics collects information anonymously and reports Site trends without identifying individual visitors. Google Analytics uses its own cookie to track visitor interactions. Site owners can view a variety of reports about how visitors interact with their site so they can improve their site and how people find it. Please see the following links for more information about Google Analytics: http://www.google.com/analytics/, : http://www.google.com/privacy.html and http://www.google.com/analytics/tos.html. Anyone can also opt-out of Google Analytics for Display Advertising by going to the Google Ads Preferences Manager.
4. How we collect, hold, use and disclose personal information
The primary purpose for which we collect personal information is to enable us to perform our business activities and functions and to provide best possible quality of customer service. We collect, hold, use and disclose your personal information for the following purposes:
For Clients:
(a) to provide Services to you;
(b) for market or social research projects that have been agreed with the Client;
(c) to provide you with news, information or advice about our existing and new Services;
(d) to communicate with you including by email, mail or telephone;
(e) to manage and enhance our Services;
(f) to personalise and customise your experience;
(g) to provide you with access to protected areas of our Sites;
(h) to verify your identity;
(i) to provide as part of business data to third parties if you have authorised us to do so;
(j) to conduct business processing functions for operation of our Sites or our business;
(k) for our administrative, marketing (including direct marketing), promotional, planning, Service development, quality control and research purposes, or those of our contractors or external service providers;
(l) to provide your updated personal information to us, our contractors or external service providers;
(m) to enforce this Policy;
(n) to investigate any complaints about or made by you, or if we have reason to suspect that you are in breach of any of our terms and conditions or that you are or have been otherwise engaged in any unlawful activity;
(o) to comply with our legal obligations, a request by a governmental agency or regulatory authority or legally binding court order;
(p) to combine or aggregate your personal information with information we collect from third parties and use it for the purposes set out this Policy;
(q) to aggregate and/or make anonymous your personal information, so that it cannot be used, whether in combination with other information or otherwise, to identify you;
(r) to resolve disputes and to identify, test and resolve problems;
(s) to notify you about the Site and updates to the Site from time to time;
(t) to supply you with generalised, targeted or personalised marketing, advertising and promotional notices, offers and communications, and measure and improve our marketing, advertising and promotions based on your ad customisation preferences; or
(u) to protect a person’s rights, property or safety.
For Platform Users
(a) to provide Services to you;
(b) for market or social research projects that have been agreed with the relevant Client;
(c) to provide you with news, information or advice about our existing and new Services;
(d) to communicate with you including by email, mail or telephone;
(e) to manage and enhance our Services;
(f) to personalise and customise your experience;
(g) to provide you with access to protected areas of our Sites;
(h) to verify your identity;
(i) to provide as part of business data to third parties if you have authorised us to do so;
(j) to conduct business processing functions for operation of our Sites or our business;
(k) for our administrative, marketing (including direct marketing), promotional, planning, Service development, quality control and research purposes, or those of our contractors or external service providers;
(l) to provide your updated personal information to us, our contractors or external service providers;
(m) to enforce this Policy;
(n) to investigate any complaints about or made by you, or if we have reason to suspect that you are in breach of any of our terms and conditions or that you are or have been otherwise engaged in any unlawful activity;
(o) to comply with our legal obligations, a request by a governmental agency or regulatory authority or legally binding court order;
(p) to combine or aggregate your personal information with information we collect from third parties and use it for the purposes set out this Policy;
(q) to aggregate and/or make anonymous your personal information, so that it cannot be used, whether in combination with other information or otherwise, to identify you;
(r) to resolve disputes and to identify, test and resolve problems;
(s) to notify you about the Site and updates to the Site from time to time;
(t) to supply you with generalised, targeted or personalised marketing, advertising and promotional notices, offers and communications, and measure and improve our marketing, advertising and promotions based on your ad customisation preferences; or
(u) to protect a person’s rights, property or safety.
Evolved Insights Pty Ltd does not sell, rent or lease its client or customer lists to third parties. When we process Personal Data, we do so with consent (or where section 5.4 applies, in line with our obligations as a data processor) and/or as necessary to provide the Services, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests of Evolved Insights Pty Ltd as described in this Policy.
Evolved Insights Pty Ltd may, from time to time, contact Clients and Platform Users on behalf of external business partners about a particular offering that may be of interest to them. In those cases, your unique personally identifiable information (email, name, address, telephone number) is not transferred to the third party without consent. In addition, Evolved Insights Pty Ltd may share data with trusted partners to help us perform statistical analysis, send emails, social media messages or postal mail, provide customer support, or arrange for deliveries to Clients and Platform Users. All such third parties are required to agree to only use personal information disclosed to it to provide these services to Evolved Insights Pty Ltd, and to maintain the confidentiality of the information.
Evolved Insights Pty Ltd does not collect, use or disclose sensitive personal information, such as medical information, race, religion, or political affiliations, without your explicit consent. Personal information will not be shared, sold, rented or disclosed other than as described in this Policy or with express consent of the individual.
4.1. Direct marketing materials
We may send Clients their Platform Users direct marketing communications and information about Services that we consider may be of interest to them. These communications may be sent in various forms, including mail, SMS or email, in accordance with applicable direct marketing laws. If the Client or Platform User indicates a preference for a method of communication, we will endeavour to use that method whenever practical to do so.
In addition, at any time, Clients and Platform Users may opt-out of receiving marketing communications from us by contacting us (details in section 14) or by using the opt-out facilities provided (e.g. an unsubscribe link). We will then ensure that the Client or Platform User’s name is removed from our mailing list. We do not provide personal information to other organisations for the purposes of direct marketing.
If a Client or Platform User receives communications from us that they believe has been sent other than in accordance with this Policy, or in breach of any law, please contact us using the details in section 14.
4.2 How we disclose your personal information
We may disclose personal information of Clients, Platform Users and Survey Respondents in accordance with this section 4.2 and as otherwise allowed under this Policy.
- Affiliates and Acquisitions
We may share some or all of the Personal Data disclosed to or collected by us with our employees, our existing or potential agents, business partners, joint venture entities, partners, subsidiaries, or other companies under a common control, in which case we will require them to honour this Policy. In the event we are involved in a merger, acquisition or sale of assets we may disclose Personal Data collected by us to such entities that we propose to merge with or be acquired by, and will assume the rights and obligations regarding Personal Data as described in this Policy. This includes the disclosure of data to our Clients where allowed under section 5.4 where we act as a data processor.
- Service Providers
We may share Personal Data with services providers (and if legally required, data processors) including:
(a) independent contractors or external service providers for the purposes described in this Policy;
(b) information technology service providers such as web hosting providers, IT systems administrators, electronic network administrators;
(c) financial service providers such as payment processing providers and debt collectors;
(d) professional advisers such as accountants, solicitors, insurers, business advisors and consultants;
(e) marketing providers, such as email marketing distributors; or
(f) your social media account provider, if you connect your account with Evolved Insights Pty Ltd and your social media account.
These service providers are not permitted to use Personal Data other than to provide the services requested by us.
3. Third parties with your consent
We may disclose Personal Data to other third parties to whom the individual expressly asks us to send the Personal Data, to or to third parties the individual consents to us sending Personal Data to.
We may also, with consent or at the individual’s direction, disclose Personal Data to their authorised representatives.
- Other disclosures
Regardless of any choices the individual makes regarding your Personal Data (as described below), Evolved Insights Pty Ltd may disclose Personal Data if it believes in good faith that such disclosure is necessary or legally required:
(a) in connection with any legal investigation;
(b) to comply with relevant laws, regulations, enforceable governmental requests or to respond to subpoenas or warrants served on Evolved Insights Pty Ltd;
(c) to protect or defend the rights or property of Evolved Insights Pty Ltd or users of the Services;
(d) to investigate or assist in preventing any violation or potential violation of the law or any of our policies or procedures;
(e) to protect the safety of any person or to protect the safety or integrity of our platform including for security reasons;
(f) to detect, prevent or otherwise address fraud, security, technical issues or any other act that poses a risk of being illegal, unethical or legally actionable;
(g) to respond to an emergency; or
(h) as otherwise permitted under the Privacy Act 1988 (Cth).
We may share Personal Data with such third parties subject, to the extent permitted by law, to obligations consistent with this Policy and any other appropriate confidentiality and security measures, and on the condition that the third parties use Personal Data only on our behalf and pursuant to our instructions.
We will take reasonable steps to ensure that anyone to whom we disclose personal information to respects the confidentiality of the information and abides by the Australian Privacy Principles, the GDPR (if applicable), the Australian Market & Social Research Society’s Code of Professional Behaviour or equivalent privacy laws.
Where we act as a data processor the Client may also provide us with instructions to disclose information to other third parties and we may comply with such requests.
4.3 If we can’t collect your data
If Clients, Platform Users or Survey Respondents do not provide us with the personal information described above, some or all of the following may happen:
(a) we may not be able to provide the requested Services, either to the same standard or at all;
(b) we may not be able to provide the Client, Platform User or Survey Respondent with information about Services that they may want; or
(c) we may be unable to tailor the content of our Sites to the preferences of the Client or Platform User and the experience of our Sites may not be as enjoyable or useful.
5. Market and Social Research
This section 5 applies to our management of information in the context of market and social research and Survey Respondents. See also sections 8, 11, 12 and 15 of this Policy, which also apply in this context.
5.1 Definitions
In this section 5, the following terms have the corresponding definitions:
Client means an organisation, agency etc that requests, commissions or subscribes to a given Market and Social Research project; ie the ultimate beneficiary of the research findings.
Contact Details means a record of identifying information such as names, companies, position titles, addresses, email addresses and phone numbers, collected and retained in order to contact individuals in a research sample.
De-identification or De-identify means a process of ensuring that Identifiable Research Information is rendered permanently non-identifiable, i.e. without retaining a means by which the information could be re-identified. De-identification is thus a permanent and irreversible process.
Identifiable Research Information means Personal Information about Survey Respondents It includes Contact Details, Research Status and Research Data. It does not include any unsolicited information.
Market and Social Research means consensual investigation of the behaviour, needs, attitude, opinions, motivations or other characteristics of a whole population or a particular part of the population, in order to provide accurate and timely information to Clients (government, commercial and not-for-profit organisations) about issues relevant to their activities, to support decision-making processes.
Research Data means a record of the responses provided by individuals participating in Market and Social Research at the time of collection in order to obtain a representation of a population’s or sub-population’s behaviour, needs, attitudes, opinions and motivations at a given point in time.
Research Purpose means the handling of information in order to carry out any function considered essential to the conduct or communication of the results of a Market and Social Research project.
Research Status means information in relation to whether or not an individual has been contacted or has participated in a Market and Social Research exercise, but does not include Research Data.
Survey Respondent or you means survey participants, respondents, or subjects to which the AMSRO Code applies.
5.2 What Identifiable Research Information we collect and hold
Identifiable Research Information we collect and hold may include the information specified in section 3.1 of this Policy, specifically Interaction Data.
5.3 How we collect, hold and use Identifiable Research Information
The primary purpose for which we collect Identifiable Research Information about you is to enable us to perform Market and Social Research on behalf of our Clients. We will not use or disclose your Identifiable Research Information for any other purpose, including direct marketing, except:
(a) with your consent;
(b) if required by law; or
(c) if otherwise permitted under the AMSRO Code.
1. Anonymity and pseudonymity
Wherever it is lawful, you have the option of not identifying yourself, or of using a pseudonym when dealing with us unless it is impracticable for us to deal with you if you do not identify yourself or if you use a pseudonym.
2. Personal information other than sensitive information
We will not collect Identifiable Research Information from you (other than sensitive information) unless the information is reasonably necessary for our Research Purpose.
3. Sensitive information
We will only collect your sensitive information where you have consented, and the information is reasonably necessary for a Research Purpose, or if the collection is required by Australian law or a court/tribunal order.
4. Means of collection
We will collect Identifiable Research Information only by lawful and fair means.
We will collect Identifiable Research Information about you only from you unless it is unreasonable or impracticable to do so, in which case we may collect information about you from third parties, for example where a Client provides us with your personal information in order for us to send you a survey.
5. Unsolicited personal information
In the unlikely event that we receive unsolicited Identifiable Research Information from you, we will, within a reasonable period after receiving the information, determine whether or not we could have lawfully collected the information if we had solicited the information. We may use or disclose the information for the purpose of making the determination.
If we determine that we could not have lawfully collected the Identifiable Research Information we will, as soon as practicable destroy the information or ensure it is De-identified or, if it is not lawful or practicable to do either, we will handle the information in accordance with applicable privacy laws.
5.4 Information we collect as a data processor
Client Data
We may collect Personal Data about you that Clients have chosen to share with us, that is collected by their services or applications (Client Data).
As a data processer, Evolved Insights Pty Ltd does not choose the information and Client Data that will be sent to it by Clients, who are acting as the data controller, and follows the instructions of the Client in connection with the processing of such information.
5.5 Notification of the collection of Identifiable Research Information
At or before the time (or, if that is not practicable, as soon as practicable after) we collect Identifiable Research Information about you from you, we must take reasonable steps to ensure that you are aware of the important matters set out below.
Important matters you should be aware of
- Identifiable Research Information about you is being collected for Research Purposes.
- The Identifiable Research Information collected will be used only for Research Purposes and no other use will be made of the information, either during the research or afterward.
- Unless you agree otherwise, Identifiable Research Information is routinely De-identified.
- The Identifiable Research Information provided is likely to remain identified for three (3) years.
- Your name and contact details are likely to be retained to enable re-contact for research purposes for three (3) years.
- Having participated in research, there is a reasonable likelihood that you will be re-contacted for research purposes except where we and/or our Client have reasonable grounds to decide that there are genuine research concerns.
- While the Identifiable Research Information remains identifiable, you may, at your discretion: access that information and/or have part or all of that information destroyed, corrected, deleted or de-identified. See section 10 for further details.
- You may contact us and obtain further information about the research, via: support@theevolvedgroup.com
- The source of our research samples is the Client.
- The Client is the organisation that has requested we undertake the research project in respect of which you have received an invitation.
- We will disclose information to our Client to be used for research purposes. You have consented to this disclosure by electing to participate in this research through a survey or otherwise.
- The Client may be located overseas.
- The organisations (or the types of organisations) to which we usually disclose your information are our Clients who represent a wide variety of industries.
- The main consequences (if any) for you if all or part of the Identifiable Research Information is not provided is that your information will not form part of the research data.
- If it is reasonable to do so, we must collect Identifiable Research Information about you only from you.
- We may collect information about you from third parties.
5.6 Security of your Identifiable Research Information
Section 8 of this Policy sets out details of how we ensure the security of personal information and the same security standards apply in relation to your Identifiable Research Information.
5.7 Managing your Identifiable Research Information
Section 10 of this Policy sets out details of how we manage your personal information, and the same provisions apply in relation to management of your Identifiable Research Information, except that in respect of deletion the provisions below apply.
- Deletion
We will retain your Identifiable Research Information only while the details of your identity continue to be necessary for Research Purposes.
If we wish to De-Identify the Identifiable Research Information that exists in a physical form that makes de identification impracticable (eg on paper), the information will be moved to another medium and the physical records destroyed.
We will take reasonable steps to destroy or permanently de-identify the Identifiable Research Information if it is no longer needed for any purpose for which the information may be used or disclosed under the AMSRO Code unless we are required by or under an Australian law or a court/tribunal order to retain the information.
Where it is necessary to retain Identifiable Research Information, we will, where practicable, store identifying details separately from other information, with measures in place to ensure the identity of the individuals cannot be readily revealed from other information.
5.8 Client acknowledgement
Clients acknowledge and agree that we will manage personal information of Survey Respondents in accordance with this section 5 (and as otherwise allowed under this Policy) and agree to comply with any actions and decisions we take regarding this information.
6. Retention of Data from Clients and Platform Users
We keep personal information from active accounts as long as it is reasonably needed for our operations and to fulfil the purposes set out in this Policy. We will also keep personal information from accounts that have been deactivated where we are legally required to and also where it is necessary to stop fraud, collect outstanding fees, troubleshoot problems, or otherwise enforce our other policies accessible on the Site.
The remaining sections of this policy (sections 7 to 15) apply to Clients, Platform Users and Survey Respondents.
7. Cookies Policy
In some cases we may also collect your personal information through the use of cookies. When you access our Site, we may send a “cookie” to your computer.
1. What are cookies?
Cookies are small data files containing small amounts of information that are placed on your device when you visit the Site. Cookies are widely used by site owners to help them remember things about your visit to the site such as preferred language choices.
Cookies set by us are called “first party cookies”. Cookies set by other parties other than us are called “third party cookies”.
2. Why do we use cookies?
We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site. This enables us to recognise your computer when you visit our Site, without bothering you with a request to register or log-in. It also helps us keep track of Services you view, so that we can send you news about those Services. We also use cookies to measure traffic patterns, to determine which areas of our Sites have been visited, and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online products and services. We may also log IP addresses (the electronic addresses of computers connected to the internet) to analyse trends, administer the Site, track user movements, and gather broad demographic information.
We may also collect anonymous data (which is not personal information) relating to your activity on our Sites (including IP addresses) via cookies, or we may collect information from you in response to a survey. We generally use this information to report statistics, analyse trends, administer our services, diagnose problems and target and improve the quality of our Services. To the extent this information does not constitute personal information because it does not identify you or anyone else, the Australian Privacy Principles (and other relevant privacy laws) do not apply and we may use this information for any purpose and by any means.
- Do we serve targeted advertising?
Third parties may serve cookies on your computer or mobile device to serve advertising through our Site. These companies may use information about your visits to this and other websites in order to provide relevant advertisements about goods and services that you may be interested in. They may also employ technology that is used to measure the effectiveness of advertisements. This can be accomplished by them using cookies or web beacons to collect information about your visits to this and other sites in order to provide relevant advertisements about goods and services of potential interest to you. The information collected through this process does not enable us or them to identify your name, contact details or other personally identifying details unless you choose to provide these.
4. How do you control cookies?
Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of Evolved Insights Pty Ltd services or websites you visit. As the means by which you can refuse cookies through your web browser controls vary from browser-to-browser, you should visit your browser’s help menu for more information.
8. Security of your personal information
We use reasonable organisational, technical, and administrative measures to secure your personal information from unauthorised access, use or disclosure. We use multiple layers of security to protect personal information. Evolved Insights Pty Ltd seeks to secure the personal information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use or disclosure. When personal information (such as a credit card number) is transmitted to other websites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol.
Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. By providing us with any personal information you expressly and unconditionally release and hold harmless Evolved Insights Pty Ltd and our subsidiaries, affiliates, directors, officers, employees and agents from any and all liability for any injuries, loss or damage of any kind arising from or in connection with the use and/or misuse of your collected personal information. In addition, while we take efforts to ensure the proper and appropriate use of data provided by us to third party companies, promotional partners or vendors, we are not liable for any injuries, loss or damage of any kind arising from or in connection with the use and/or misuse of your collected personal information by us or the above-mentioned third parties.
This section operates to the fullest extent allowed by law. If this section is wholly or partly unenforceable under applicable laws, the offending section will be severed from this Policy and the remaining sections not affected.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account with us has been compromised), please immediately notify us.
9. Notifiable Data Breach
We take data breaches very seriously. Depending on where you reside our policy is:
- If you reside in Australia
We will notify of any data breach where legally required to do so. This will include mandatory reporting of any notifiable data breaches in accordance with the Notifiable Data Breach Scheme under Australian law.
In the event that there is a data breach and we are required to comply with the notification of eligible data breaches provisions in Part IIIC of the Privacy Act 1988 (Cth) or any other subsequent sections or legislation which supersede this Part IIIC, we will take all reasonable steps to contain the suspected or known breach where possible and follow the following process set out in this section.
We will take immediate steps to limit any further access or distribution where possible. If we have reasonable grounds to suspect that the data breach is likely to result in serious harm to any individuals involved, then we will take all reasonable steps to ensure an assessment is completed within 30 days of the breach or sooner if possible. We will follow the guide published by the Office of the Australian Information Commissioner (if any) in making this assessment.
If we reasonably determine that the data breach is not likely to result in serious harm to any individuals involved or any remedial action we take is successful in making serious harm no longer likely, then no notification or statement will be made unless required by law.
Where, following an assessment and undertaking remedial action (if any), we still have reasonable grounds to believe serious harm is likely, as soon as practicable, we will provide a statement to each of the individuals whose data was breached or who are at risk. The statement will contain details of the breach and recommendations of the steps each individual should take. We will also provide a copy of the statement to the Office of the Australian Information Commissioner.
- If you reside in the European Union or EFTA States:
We will endeavour to meet the 72 hour deadline as imposed by the GDPR, to report any data breach to the supervisory authority where a data breach occurs that will likely be a risk to you.
Further, where there is likely to be a high risk to your rights we will endeavour to contact you without undue delay.
We will review every incident and take action to prevent future breaches.
10. Managing Your Personal Data
Subject to the privacy laws which apply to your Personal Data, you may request to access the Personal Data we hold about you by contacting us using the contact details set out in section 14. All requests for access will be processed within a reasonable time.
1. Accessing or Rectifying your Personal Data
If required by law and if reasonably practicable, we may provide you with tools and account settings to access or rectify (where Personal Data is inaccurate or incomplete) the Personal Data you provided to us. You can download and access certain information you provide to us by emailing us. In the event that you are unable to access your account to access or rectify your Personal Data, you may submit a request to us to correct, or modify your Personal Data and we can download the data for you.
2. Deletion
We keep data for as long as it is needed for our operations. If you deactivate and delete your account your data will no longer be visible on your account. Please keep in mind that third parties may still retain copies of information you have made public through our Site.
If required by law we may provide you with the tools to delete the Personal Data you provided to us.
If you wish to have us delete your Personal Data please contact us.
3. Object, Restrict, or Withdraw Consent
You may submit a request to us if you object to any Personal Data being stored, or if you wish to restrict or withdraw any consent given for the collection of your Personal Data.
You may withdraw your consent to the processing of all your Personal Data at any time. If you wish to exercise this right you may do so by contacting us.
You may withdraw your consent or manage your opt-ins by either viewing your account on the Site or clicking the unsubscribe link at the bottom of any marketing materials we send you.
4. Portability
We may provide you with the means to download the information you have shared through our services in a structured, commonly used and machine-readable format. If you require such information, please email us. You may also have the right to transmit that data to another controller.
Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We will not charge for simply making a request and will not charge for making any corrections to your personal information. However, we may charge an administrative fee for the provision of information in certain circumstances such as if you make repeated requests for information or where the information is held by a third party provider. If you make an access request, we will ask you to verify your identity. There may be instances where we cannot grant you access to the personal information we hold. If that happens, we will give you written reasons for any refusal.
Where we act as a data processor, we do so on behalf of our relevant client, who is acting as the data controller, and in accordance with their instructions. This means that should you wish to access, review, correct, transfer, modify or delete any Personal Data we process on behalf of a client you should contact the client with your request.
11. Disclosure of personal information in other countries
Evolved Insights Pty Ltd primarily processes personal information in Australia, however your personal information may be collected in any country where you give us the data from and may be stored and processed in any country where we have facilities or in which we engage service providers.
Where we transfer Personal Data of people located in the European Union outside of the European Union or EFTA States, we ensure an adequate level of protection for the rights of data subjects based on the adequacy of the receiving country’s data protection laws.
Where we act as a data processor Evolved Insights Pty Ltd complies with our Client’s, acting as a data controller, requests in respect of how we deal with end customer data.
12. Links
Our Site may contain links to other sites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party site and we are not responsible for the privacy policies or the content of any third party site. Third party sites are responsible for informing you about their own privacy practices. Please be aware that the terms of this Policy do not apply to these outside sites or content, or to any collection of data after you click on links to such outside sites.
13. Children
Our service is not offered to persons under the age of 16. We do not knowingly collect Personal Data from such visitors without parental or guardian consent and require our clients to fully comply with applicable law in the data collected from children under the age of 16.
If you become aware that a child has provided us with information please contact us. Any information that is in breach of this provision will be deleted.
14. Contact Information
If you believe your privacy has been breached by us or have any questions or concerns about this Policy please contact us using the contact information below and provide details of the incident so that we can investigate it.
Once Evolved Insights Pty Ltd receives a complaint, whether it is in writing or verbal means, we will commence an investigation. The investigator will endeavour to determine the nature of the breach and how it occurred. We may contact you during the process to seek any further clarification if necessary. If a breach is found, we will escalate the matter to management so that the process can be rectified to prevent any further breaches from taking place. We will also contact you to inform you of the outcome of the investigation. We will endeavour to resolve all investigations within a reasonable time.
We will treat your requests or complaints confidentially. A representative of Evolved Insights Pty Ltd will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.
Please contact Evolved Insights Pty Ltd at:
Email: support@theevolvedgroup.com
Phone: +61 3 9670 1909
Address: Level 3, 176 Wellington Parade, East Melbourne, Victoria 3002, Australia
Attention: Privacy Officer
If we do not resolve your enquiry, concern or complaint to your satisfaction or you require further information in relation to any privacy matters, please contact the Office of the Australian Information Commission at:
Telephone: 1300 363 992
Email: enquiries@oaic.gov.au
Office Address: Level 3, 175 Pitt Street, Sydney NSW 2000
Postal Address: GPO Box 5218, Sydney, NSW 2001, Australia
Website: www.oaic.gov.au
15. Changes to our Privacy Policy
We may change this Policy from time to time, in our sole discretion. Any updated versions of this Policy will be posted on our Site and become effective immediately upon posting. It is your responsibility to check this Policy periodically for changes. Continued use of our Services shall indicate your acknowledgement of that it is your responsibility to review this Policy periodically and become aware of any modifications. You may obtain a copy of our current policy from our Site or by contacting us at the contact details above.
If we make significant changes to this Policy, we will notify you by email.