The Legal Stuff
March 30, 2022
About this Policy
what information we collect;how we use and share that information;how we secure and retain your information;what choices you have, including how to access and control information.
This Policy also explains your choices about how we use your information and how you can access and update certain information about you. If you do not agree with this Policy, do not access or use our Services or interact with any other aspect of our Business.
Where we provide the Services under an arrangement with an organisation (for example, your employer) that organisation controls the information processed by the Services. For more information, please see “Organisation administrators” under the “How we share information we collect” section.
What information we collect
We collect information about you to help provide you with the best possible experience when using Spotto. You do not have to provide information to us, however, if you do not, we may be unable to provide the Services or the support you request. We may collect information in the following ways:
Information you give us
We collect information about you when you input it into the Services or otherwise provide it to us.
We collect information about you and your organisation when you apply or sign up for a Spotto account, create or modify your account, and when you provide information about yourself and individuals associated with your organisation. For example, you provide your contact information and, in some cases, billing information when you purchase or register for the Services. Your name, email address, account photo, job title, and other account information may be displayed to other users in your organisation using the Services.
Spotto Tag Information
When you pair or re-pair any asset or location with an identifying tag you may choose to name it in a way that best enables it to be identified. This information will be associated with your account and organisation.
Content you provide through our Services
Spotto collects and stores locations of assets and the time they were seen.
Content you provide through our website
The Services also include the websites owned or operated by us. We collect other content that you submit to these websites, including social media websites operated by us. For example, you provide content and information to us when you participate in contests or promotions offered by Spotto, request a demo, opt-in to our mailing lists, request support, respond to our surveys or otherwise communicate with us.
Information you provide through support services
The Services also include our customer support, where you may choose to submit information regarding an issue you are experiencing with a Service. You will be asked to provide contact information, a summary of the issue you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.
We may collect certain billing information, such as shipping information, or in some circumstances, payment card details, when you purchase or register for a Service.
Information we collect when you use the Services
We automatically collect information about you when you use our Services, including when you browse our websites.
A main feature of Spotto is being able to see where your things are or have been. In order to deliver this feature, it’s necessary to collect data about your location. When you allow Spotto to have Location Access on your mobile device, we may collect and process information about your actual location using GPS signals, Bluetooth, named RFID or BLE tags, crowd-sourced WI-Fi hotspot and mobile tower locations.
We may collect information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data. How much of this information we collect depends on the type and settings of the device you use to access the Services.
Like many websites and technology services delivered over the Internet, our servers automatically collect information when you access or use our Services and record it in log files. This log data may include the Internet Protocol (IP) address, the address of the web page visited before using the Services, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data.
Information we receive from other sources
We receive information about you from other Service users, from third-party service providers, and from our business partners.
Other users of the Services
Other users of our Services may provide information about you when they submit content through the Services. For example, we may receive your email address from other Service users or your organisation’s administrator when they provide it in order to invite you to the Services.
Third-party apps or services you link to your account
We receive information about you when you or your organisation’s administrator integrate or link a third-party app or service with our Services. For example, you may authorise our Service to access, display or store files from a Forms creation service within the Services interface. The information we receive when you link or integrate our Services within a third-party app or service depends on the settings, permissions and privacy controlled by that third-party service. We encourage you to review the privacy policies of third parties before connecting to or using their services to learn more about their privacy and information practices.
We work with a network of partners who provide consulting, implementation, and other services around our Services. We may receive information from these partners, such as contact information, company name, and what Services you have purchased or may be interested in.
Cookies and Other Tracking Technologies
Cookies are small data files, which may include an anonymous unique identifier. Cookies are placed on your computer’s hard drive or onto your mobile device’s memory.
remember that you have visited us or used the Services before;identify you when you sign-in and authenticate your access;tailor content to you or geographic region;collect anonymous statistical information about how you use the Services so that we can improve the Services and learn which features of the Services are most popular with our users.
Some cookies expire when you close your browser (i.e. session cookies) and others expire after a set period of time (i.e. persistent cookies). The expiration time of cookies that are placed by third parties is determined by the third party, not us.
Although most web and mobile device browsers automatically accept cookies by default, you can disable cookies by changing your browser settings to prevent automatic acceptance of cookies, or to notify you each time a cookie is set. If you disable cookies, some parts of our Services may not work for you.
How we use information we collect
In general, we use your information to provide you with the Services you’ve requested, and to manage our relationship with you. We may also use information we collect about you for the following purposes:
To provide the Services to you
We use the information we collect about you to provide the Services to you, including to authenticate you when you log in, provide you with customer support, process transactions, and operate and maintain the Services. For example, we use the name and email address you provide in your account to identify you to other Service users in your organisation.
To improve the quality of the Services and develop new ones.
We are constantly looking to better your experience with Spotto and to make our Services faster, secure, and useful to you. We use the information we collect about how you use our Services, as well as the feedback you provide directly to us, to identify usage trends and areas for improvement. We then use these learnings to optimise your user experience and provide you with more efficient tools. We may also test certain new features with some users before rolling the feature out to all users.
To communicate with you about the Services
We may use your contact information to send operational communications via email and within the services, including inviting you to the Services, confirming your purchases, notifying you of delivery and expirations, responding to your comments, questions and requests, providing customer support, and sending you technical updates, security alerts, and administrative messages. We also provide tailored communications based on your activity and interactions with us. For example, based on certain actions you take in the Services we may automatically send you a feature suggestion that would make the Services more useful to you. We also send you communications as you onboard to our Services to help you become more proficient in using that Service. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find an option to opt out within the communication itself.
To market and drive engagement with the Services
We use your contact information and information about how you use the Services to send you promotional communications in accordance with your marketing preferences. We may send promotional communications by email and by displaying spotto ads on other companies’ websites and applications, as well as on platforms like Google and Facebook. These communications are aimed at maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think you might be interested in. We also send communications about new product offers, promotions and contests. For more information about how you can opt out of these communications, please see “How to opt out of communications” under the “Your Choices” section.
To protect the Services and our users
We use information about you and your Service use to verify accounts and activity, to investigate fraudulent activity, to prevent unauthorised access to or use of our Services, and other illegal or unusual activities.
To analyse, aggregate and report
We may use the information we collect to create anonymous, statistical and aggregated data reports where individual users are not identified, such as de-identified location information.
How we share information we collect
We are not in the business of sharing information with companies, organisations and individuals outside of Spotto, however there may be times when we need to share your information through the Services and with certain third-parties. We may share the information we collect about you with:
Other Service users in your organisation
Spotto was designed to be collaborative, and so when you create content within the Services, which may contain information about you, other Services users within your organisation may be able to see, share, copy and download that content. For example, when you scan a Thing and create an Event we display your name under the Event so that other Service users can understand who performed the Scan.
Many of our Services are intended for use by organisations. If you register or access the Services using an email address with a domain that is owned by an organisation (such as your employer), certain information about you including your name, account picture, contact information, content and past use of your account may be accessible to that organisation’s administrator. Your organisation’s administrator may also be able to:
change your account password;suspend or terminate your account access;restrict your ability to delete or edit information;change your information, including profile information;install or uninstall third-party apps and services.
Third-party service providers
We may share the information we collect about you with third-party service providers for the purpose of enabling them to support the delivery of or to provide functionality on the Services (such as data storage, web-hosting, server providers), or to market or promote our Services to you (such as marketing automation platforms).
Third-party apps or services
We work with a network of partners who provide consulting, implementation, and other services around our Services. We may share your information with these third parties in connection with their services, for example to provide localised support. We may also share information with these partners where you have agreed to that sharing.
Regulators, law enforcement bodies, government agencies, courts or other third parties
We may share information with regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure.
An actual or potential buyer (and its agent and advisers)
Other people where we have your consent
We share information about you with other people and third parties when you give us consent to do so. For example, we may display customer testimonials on our public websites. With your consent, we may post your name alongside the testimonial.
How we secure and retain information about you
Security is a priority for us when it comes to the information we collect about you, and so we have put in place various systems and procedures to secure the information we collect and store, and will take reasonable measures to protect the information we collect from loss, misuse, theft, unauthorised access, disclosure, alteration, and destruction. In particular:
We encrypt many of our Services using Secure Sockets Layer (SSL) or Transport Layer Security (TLS);we review our information collection, storage and processing practices, including physical security measures, to protect against unauthorised access to systems;our accounts require a user to be invited and require a username and password to log in. Users must keep their username and password secure, and never disclose it to a third party. We do not have access to see a user’s password and we cannot resend forgotten passwords. We will only provide users with instructions on how to reset their password.
Please be aware, however, that these measures cannot absolutely guarantee the security of your information. While we will do our best to protect your information, due to the nature of the Internet, we cannot absolutely guarantee that data, during transmission through the Internet or while stored in our systems or otherwise in our care, is absolutely safe from any wrongdoings, malfunctions, unauthorised access, or other kinds of abuse and misuse.
Retention of information
How long we keep information we collect about you depends on the type of information and whether we we have an ongoing business need to retain it (for example, to provide you with the Services or to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need to process the information we collect about you, we will either delete or anonymise it or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further processing until deletion is possible.
It’s your information and you have rights and choices available relating to it. You have the right to request a copy of the information we hold about you, correct your information to ensure it’s up to date, object to our use of your information (including for marketing purposes), and request the deletion or restriction of your information. The below details how you can exercise your rights and choices.
How to access or update your information
You may access and update information about you by making a request to us using the contact details below, in which case we may need to verify your identity before granting access or otherwise changing your information.
How to deactivate your account
If you no longer wish to use our Services, you or your organisation administrator may contact us using the contact details below. Please be aware that deactivating your account does not delete your information and your information will remain visible to other Service users based on your past activities within the Services.
How to delete your information
You may request that we delete certain information about you by contacting us using the contact details below. Please be aware that certain limitations may apply to the deletion or removal of your information as described below.
How to opt out of communications
You may opt out of receiving any promotional communication or marketing emails from us by using the unsubscribe link within each email or by contacting us using the contact details below. If you decide to opt out from receiving promotional messages from us, you may continue to receive operational communications from us regarding our Services, such as security alerts and technical updates.
How to disable cookies
For information on disabling cookies please see our “Cookies and Other Tracking Technologies” section.
In certain cases your request or choices may be limited. For example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your organisation’s administrator are permitted by law or have compelling legitimate business needs to keep. If you have integrated a third-party app or service with our Services, you will need to contact those third-party app and service providers directly to have your information deleted or restricted.
If you’re not happy with how we are processing your information, please contact us using the details below. We will review and investigate your complaint, and will try to get back to you within a reasonable time frame.
Features and links to other websites
Disclosure of information outside Australia
By providing us with your information, you consent to the disclosure of your information to third parties who reside outside Australia. Where we disclose your information to third parties, we will take reasonable measures to ensure that any overseas recipient will deal with such information in a way that is consistent with the Australian Privacy Principles.