Personal Information (PI) we store about Smidge users:
If you visit our site to read or download information on our pages, or sign-in via Google OAuth, we collect and store only the following information about you:
- The IP address from which you access the Internet and the date and time you access our site
- The Internet address of the website you used to link directly to our site
- Email address (as provided by Google OAuth sign-in)
- First and Last names (as provided by Google OAuth sign-in)
- Avatar (as provided by Google OAuth sign-in)
- Job Role (as provided by you within the Smidge app)
- Usage and interaction data about how you use the Smidge app.
We also store customer data that you provide us for calling your users. However we do not share any of your customers’ information to third parties. This data is stored in Google Firebase and Postgres database hosted with Heroku. We utilise some third-party software to create the best possible experience within Smidge. User data shared with third parties is: email address, name and ip address (we do not share any Smidge customer PI with third-parties).
Third parties with access to our information are:
PI is stored in Postgres database hosted with Heroku. If you identify yourself by sending us an email containing PI, then the information collected will be solely used to respond to your message.
We may ask to use positive testimonials on our website for promotional purposes. From time to time, we may also collect information that you submit when you participate in any online surveys that we conduct via our website. You can withdraw your consent to our collection, use and disclosure of your PI at any time.
We will not obtain PI about you when you visit our site, unless you choose to provide such information to us, nor will such information be sold or otherwise transferred to unaffiliated third parties without your approval at the time of collection.
For PI subject to the GDPR, we rely on several legal bases to process your PI. These are:
- Where you have given your consent
- Our legitimate business interests, such as improving and developing our services and marketing new features or products.
You may at any time refuse to provide the PI that we request. However, this may limit or prohibit our ability to provide our products and services to you. You may withdraw your consent for us to process your PI by contacting us in accordance with our ‘Contact us’ section.
How we use Personal Information:
- Provide, administer and improve our products and services
- Understand how we can update our products and services to better serve our customers
- Fulfil requests you make
- Personalise your experience
- Provide you with customer support
- Provide product and service announcements and provide you with further information and offers about our products and services
- Better protect our products against misuse and illegal activity
- Advertise to you and others, and tailor advertisements to those you are likely to be interested in, including advertisements from our partners
- Improve our marketing activities.
We may use software programs to create summary statistics, which are used for such purposes as assessing the number of visitors to the different sections of our site, what information is of most and least interest, determining technical design specifications, and identifying system performance or problem areas. Company logos and names may be used for promotional purposes.
For site security purposes and to ensure that this service remains available to all users, we use software programs to monitor network traffic to identify unauthorised attempts to upload or change information, or otherwise cause damage.
Disclosure of Personal Information:
Outside of authorised personnel employed by us, we only disclose PI to third parties that meet our data privacy requirements (in accordance with the Australian Privacy Principles and the GDPR). When this occurs, it occurs in a secure and contractually-regulated manner. These third parties include:
- If you opt-in to receive Marketing material via subscription from this website or within our application your details may be stored within a third-party electronic direct messaging service such as Mailchimp. We do not disclose PI to overseas recipients or sell or disclose PI to third party marketing services.
- Government third parties, including government agencies, regulatory bodies and law enforcement agencies as required, authorised or permitted by law
- A third party that acquires or intends to acquire Splitrock Studio or its assets.
The European Commission has the power to determine, on the basis of the GDPR, whether a country outside the European Union offers an adequate level of data protection by making an ‘adequacy decision’. To date, the European Commission has not adopted an adequacy decision in respect of Australia. Instead, we rely on other legal bases to lawfully transfer personal data around the world (including transfers to countries like Australia where an adequacy decision has not been adopted). These bases include your consent and the European Commission-approved model contractual clauses, which require certain privacy and security protections. You may obtain a copy of the model contractual clauses by contacting us in accordance with the ‘Contact us’ section.
Voluntary disclosure of Personal Information:
We may make available on our site, or link to, certain opportunities for our customers and other users to share information online (e.g., on message boards, in chat areas, in file uploads, through events, etc.).
Please be aware that whenever you voluntarily disclose PI online, that information becomes public and can be collected and used by others. We have no control over, and take no responsibility for, the use, storage or dissemination of such publicly-disclosed PI. By posting PI online in public forums, you may receive unsolicited messages from other parties.By posting PI online in public forums, you may receive unsolicited messages from other parties.
Credit Card information:
Correcting or deleting your information:
You may access, review, update, rectify or delete your PI in your profile by logging into your account. Please note that removing your information may limit our ability to provide the service to you. If you opt to completely delete all such information, your account will be deactivated and you will lose access to the service.
You may contact us directly to request data modification outside of our services or if you have additional questions. We’ll take reasonable steps to provide, modify or delete your information as soon as is practicable, but some information may remain in archived/backup copies for legal reasons or to prevent harm, including as described in our above ‘Disclosure of Personal Information’ section. To help us deal with requests appropriately, we ask that all such requests be made via email to support [at] smidge [dot] app. Please provide as much detail as you can as this will help us to retrieve the information. It is our policy to process your request within a reasonable time. Notifying us promptly when any of your personal details change or where you realise that any information we are holding about you is incorrect will assist us in ensuring the information we hold is as accurate as possible.
You may also contact us directly to receive (in a commonly used file format) the personal data you have provided to us.
We may limit or reject your request in certain cases, including without limitation where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, where the rights of other persons would be violated, or as required by law.
We will respond to all requests within 30 days.
If you need further assistance regarding your access and control of your personal data, please contact our Data Protection Officer and we will consider your request in accordance with applicable laws.
If you reside in the European Union, the European Economic Area or Switzerland, and are unhappy with our data practices, you also have a right to lodge a complaint with your local data protection authority.
The security of your personal data is important to us. We follow generally accepted industry standards to protect the personal data submitted to us, both during transmission and once we receive it (including encrypted storage and password protection).
Each of our employees is aware of our security policies, and your information is only available to those employees who need it to perform their jobs.
No method of transmission over the Internet using industry standard technology is 100% secure. Therefore, we cannot guarantee the absolute security of your information.
We keep your account information (such as your name and email address) for as long as you have an account with us, so that we can continue to provide our services to you. We also keep other PI, including data about how you use our products and services, until you request that we delete this data, because we use this data to provide our products and services to you and for the other purposes set out in the ‘How we use Personal Information’ section above.
support [at] smidge [dot] app