2. Why we collect Personal Information
2.1 When you visit our Website, create an Account or use our App, we collect Personal Information so that we can provide you with products and services and improve and customise your experience with us. We only collect Personal Information if it is reasonably necessary for us to carry out our functions and activities.
2.2 The purposes for which we collect and hold your Personal Information include:
(a) to deliver our products and services to you;
(b) to improve our products and services to you;
(c) to manage our relationship with you, evaluate our business performance and build our customer database;
(d) to respond to your requests and seek your feedback;
(e) to provide and improve technical support and customer service;
(f) to conduct research, compare information for accuracy and verification purposes, compile or analyse statistics relevant to the operations of our business;
(g) to facilitate our internal business operations, including fulfilment of any legal and regulatory requirements and monitoring, analysing and improving the performance and functionality of our Website and investigating breaches of or enforcement of any legal terms applicable to our Website;
(h) to protect our property, our Website, App or legal rights including to create backups of our business records;
(i) to manage risk and protect our Website and App from fraud by verifying your identity and helping to detect and prevent fraudulent use of our Website and App;
(j) for the direct marketing and promotional purposes as set out below; and
(k) to manage our business, including analysing data collected from our Website and App concerning visits and activities of users on our Website or of our App including the Analytics Services. This analysis helps us run our Website and App more efficiently and improve and personalise your experience online.
3. What Personal Information do we collect?
3.1 The kinds of Personal Information we collect will depend on the type of interaction you have with us. Generally, the kinds of Personal Information we collect may include:
(a) your name, address (postal and residential), email address, telephone number(s), date of birth and gender when you register an account with us or download our App;
(b) information from third party sources such as data providers, where permitted by law, including public blockchain data such as your nominated public key for a digital asset wallet (including any wallet address);
(c) details of the device you have used to access any part of our Website or App, including carrier/operating system, connection type, IP address, browser type and referring URLs and other information may be collected and used by us automatically if you use our Website, through the browser on your device or otherwise;
(d) demographic information;
(e) location data;
(f) your connections with others whose personal information we may collect or hold;
(g) online payment details which may include third party payment systems, credit or direct debit details for your bank account in order to process transactions contemplated by our services; and
(h) transaction details relating to your use of our products, services or rewards including data regarding your feature usage patterns, interactions on our Website and App and interactions with us.
3.2 Telephone calls to us may also be recorded for training and quality assurance purposes.
4. With whom do we share Personal Information?
4.1 We may disclose Personal Information collected from you:
(a) to our related entities, employees, officers, agents, contractors, other companies that provide services to us, sponsors, government agencies or other third parties to satisfy the purposes for which the information was collected (as outlined in clause 2.2 of this policy) or for another purpose if that other purpose is closely related to the primary purpose of collection and an individual would reasonably expect us to disclose the information for that secondary purpose;
(b) to third parties who help us to verify the identity of our clients and customers, and other software service providers and third parties who assist us to provide the services we provide to you;
(c) to third parties who help us analyse the information we collect so that we can administer, support, improve or develop our business and the services we provide to you including cloud hosting services, off-site back ups and customer support;
(d) to merchants that use our Website or App and the recipients of funds to identify you as the sender of the funds and to a party whom sends you funds in connection with a transfer to you of funds;
(e) to customers that use our Website or App and the recipients of goods to identify you as the sender of the goods and to a party whom sends you goods in connection with a transfer to you of goods;
(f) if the disclosure is required by a law, or legal process, requested by a government agency or other third parties pursuant to a subpoena, court or other legal process with which we are required to comply, including in relation to our obligations under the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth);
(g) if disclosure is required to enforce the terms of this policy or to enforce any of our terms and conditions with you;
(h) to our professional advisers such as consultants, bankers, professional indemnity insurers, brokers and auditors so that we can meet our regulatory obligations, and administer, support, improve or develop our business;
(i) to debt recovery agencies who assist us with the recovery of debts owed to us;
(j) to any other person, with your consent (express or implied);
(k) to facilitate the sale of all or a substantial part of our assets or business or to companies with which we propose to merge or who propose to acquire us and their advisers;
(l) to protect the interests of our users, clients, customers and third parties from cyber security risks or incidents and other risks or incidents; and
(m) to maintain the integrity of our Website and App and protect our rights, interests and property and those of third parties;
4.2 In addition to the above recipients, we will disclose your Personal Information if we are required to do so under law or if the disclosure is made in connection with either the normal operation of our business in a way that you might reasonably expect, for example, if such disclosure is incidental to IT services being provided to our business or for the resolution of any dispute that arises between you and us. This disclosure may involve your Personal Information being transmitted Overseas.
4.3 In the event of a proposed restructure or sale of our business (or part of our business) or where a company proposes to acquire or merge with us, we may disclose Personal Information to the buyer and their advisers without your consent subject to compliance with the Privacy Law. If we sell the business and the sale is structured as a share sale, you acknowledge that this transaction will not constitute the ‘transfer’ of Personal Information.
4.4 We may disclose de-identified, aggregated data with third parties for marketing, advertising, and analytics purposes. We do not sell or trade your personal information to third parties.
5. How we collect and store data and transmit Personal Information
5.1 We usually collect and store information including in electronic form provided by you when you communicate with us by telephone, email, web-based form or other means, including when:
(a) you contact us over the phone;
(b) we provide you with our services via our App or our Website;
(c) we provide you with assistance or support for our products or services;
(d) you participate in our events or activities or on our social media pages;
(e) you request that we provide you with information concerning our products or services;
(f) you upload or submit information to us or our App or Website; or
(g) you complete any forms requesting information from you, including on registration with us, complete any survey or provide feedback to us concerning our products or services.
5.2 Where practicable, we will only collect information from you personally. However, we will also collect your Personal Information through our partners (including but not limited to merchants) and third parties who supply services to us.
5.3 Please note that we use our own and third party computer servers including our Website and Apop hosts, data backups and payment gateway(s), which may be located Overseas and your Personal Information will likely be stored and transmitted Overseas as part of the normal operation of our business.
5.4 We also collect information from your computer or mobile device automatically when you browse our Website or use our App. This information may include:
(a) the date and time of your visit;
(b) your domain;
(d) operating system;
(e) the server your computer or mobile is using to access our Website;
(f) your browser and version number;
(g) search terms you have entered to find our Website or access our Website;
(h) pages and links you have accessed both on our Website and on other websites;
(i) the last website you visited;
(j) the pages of our Website that you access;
(k) the device you use to access our Website; and
(l) your IP Address.
5.5 While we do not use some of this information to identify personally, we may record certain information about your use of our Website such as which pages you visit and the time and date of your visit and that information could potentially be used to identify you.
5.6 It may be possible for us to identify you from information collected automatically from your visit(s) to our Website. If you have registered an account with us, we will able to identify you through your user name and password when you log into our Website or App. Further, if you access our Website via links in an email we have sent you, we will be able to identify you.
5.7 The device you use to access our Website or App may collect information about you including your location using longitude and latitude co-ordinates obtained through GPS, Wi-Fi or cell site tri-angulation. For information about your ability to restrict the collection and use of such information, please use the settings available on your device.
5.8 We may use statistical analytics software tools and software known as cookies which transmit data to third party servers located Overseas. To our knowledge, our analytic providers do not identify individual users or associate your IP Address with any other data held by them.
5.9 We will retain your Personal Information for anytime period we consider necessary to provide our products and services to you and to comply with our legal obligations. The period may vary depending on the type of Personal Information we hold.
6. How we protect your Personal Information
6.1 We will endeavour to take all reasonable steps to keep secure and protect any Personal Information which we hold about you, including:
(a) securing our physical premises and digital storage media;
(b) using computer safeguards such as Secure Socket Layer (SSL) technology to ensure that your information is encrypted and sent across the Internet securely;
(c) placing password protection and access control over our information technology systems and databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure; and
(d) taking regular back-ups of our electronic systems.
6.2 Notwithstanding that we will take all reasonable steps to keep your Personal Information secure, data transmission over the internet is never guaranteed to be completely secure. We do not and cannot warrant the security of any information you transmit to us or from any online services.
7.6 Our Website may contain web beacons (also called single-pixel gifs) or similar technologies (Web Beacons) which are electronic images that we use:
(a) to help deliver Cookies;
(b) to count users who have visited our Website; and
(c) in our promotional materials, to determine whether and when you open and act on them;
7.7 We may also work with third-parties:
(a) to place Web Beacons on their websites or in their promotional materials as part of our business development and data analysis; and to
(b) to allow Web Beacons to be placed on our Website from Analytics Services to help us compile aggregated statistics about the effectiveness of our promotional campaigns or other operations.
7.8 The Web Beacons of Analytics Services may enable such providers to place Cookies or other identifiers on your device, through which they may collect information about your online activities across applications, websites or other products.
8. How we use Personal Information for communicating with you and direct marketing
8.1 We may communicate with you by email, SMS or push notification, to inform you about existing and new products and services that may be of interest to you including administering contests, promotions, surveys or other site features.
8.2 We will ensure that any email we send as direct marketing complies with the SPAM Act 2003 (Cth) and contain an ‘unsubscribe’ option so that you can remove yourself from any further marketing communications. To opt-out of communications via SMS, reply with “STOP”. You may decline marketing messages sent by push notifications by refusing the relevant permission in your phone or tablet settings, however this setting will prevent you from receiving other messages from us via push notification. You may also opt-out of receiving marketing materials from us using the contact details set out below or adjusting your user dashboard on our Website.
8.3 You can also call or write to us to request that your details be removed from our direct marketing list. We will endeavour to remove your details from our direct marketing list within a reasonable time (ordinarily 5 working days).
8.4 Our direct marketing list may be operated by software and servers located Overseas and your Personal Information may be sent Overseas as part of our marketing.
8.5 We will also send communications that are required or necessary to send to users of our Website that contain information about important changes or developments to or the operation of the Website or as well as other communications you request from us. You may not opt out of receiving these communications but you may be able to adjust the media and format through which you receive these notices.
9. Not identifying yourself
9.1 It may be impracticable to deal with you on an anonymous basis or using a pseudonym.
9.2 We may be able to provide you with limited information in the absence of your identifying yourself but generally we will be unable to provide you with any information, goods and/or services unless you have identified yourself.
10. How to access or correct your Personal Information or make an enquiry or complaint
10.1 If you have any queries in relation to this policy, you wish to access or correct the Personal Information we hold about you, or make a complaint, please contact us in writing at:
Email: email@example.com; or
Mail: Privacy Officer
Black Tie Holdings Pty Ltd
Suite 903, North Tower,1-5 Railway Street, Chatswood, NSW 2067
10.2 We aim to acknowledge receipt of all privacy complaints from you within 5 working days and resolve all complaints within 30 business days. Where we cannot resolve a complaint within that period, we will notify you of the reason for the delay as well as advising the time by which we expect to resolve the complaint.
10.3 In order to disclose information to you in response to a request for access we may require you to provide us with certain information to verify your identity. There are exceptions under the Privacy Law which may affect your right to access your Personal Information – these exceptions include where (amongst other things):
(a) access would pose a serious threat to the life, health or safety of any individual;
(b) access would have an unreasonable impact on the privacy of others;
(c) the request for access is frivolous or vexatious;
(d) the information relates to existing or anticipated legal proceedings between you and us and the information would not otherwise be accessible by the process of discovery;
(e) giving access would reveal our intentions in relation to negotiations with you;
(f) giving access would be unlawful;
(g) denying access is required or authorised by or under an Australia law or a court/tribunal;
(h) the information relates to commercial sensitive decision making process; or
(i) giving access would prejudice enforcement related action.
10.4 We may (depending on the request) charge you a fee to access the Personal Information. We will inform you of any fees payable in respect of accessing your Personal Information prior to actioning your request. All requests for Personal Information will be handled in a reasonable period of time (within 14 days if possible but otherwise within 30 calendar days after the request is made).
10.5 If you wish to have your Personal Information deleted, please contact us using the details above and we will take reasonable steps to delete the information (unless we are obliged to keep it for legal or auditing purposes). To the extent that any Personal Information is stored on a blockchain it may be impracticable, unfeasible or impossible to delete.
10.6 In the event that you believe that there has been a breach of the Privacy Law, we invite you to contact us as soon as possible.
10.7 If you are not satisfied with our handling of a complaint or the outcome of a complaint you may make an application to:
(a) the Office of the Australian Information Commissioner by visiting www.oaic.gov.au, emailing firstname.lastname@example.org; or writing to GPO Box 5218 Sydney NSW 2001; or
(b) the Privacy Commissioner in your State or Territory.
10.8 You may also view, access, edit or delete (to the extent possible) your Personal Information through your user dashboard on our Website or App. There will be certain data or information that may not be edited or deleted for you to be able to access our Website, for example your digital wallet address.
11. Notifiable Data Breach
11.1 We are bound by the Privacy Act and are committed to complying with the Notifiable Data Breaches Scheme (NDB) established by the Privacy Amendment (Notifiable Data Breaches) Act 2017.
11.2 The NDB requires that where a data breach is likely to result in serious harm to any individuals to whom the information relates, we are required to notify those individuals and the Office of the Australian Information Commissioner.
11.3 The NDB provides greater protection to the personal information of consumers, greater transparency in the way organisations like us respond to data breaches and give you the opportunity to minimise the damage caused by any unauthorised use of your Personal Information.
(a) business developments; or
(b) legal or regulatory developments.
13. Definitions used in this policy
(a) Analytics Services means any third party website analytics provider and includes Google Analytics.
(b) App means the B4Biz App, made available by Black Tie Holdings.
(c) Australian Privacy Principles or APPs means the principles set out in Schedule 1 to the Privacy Act.
(d) IP Address means a number automatically assigned to your computer which is required when you are using the internet and which may be able to be used to identify you.
(e) Overseas means any place or country other than Australia and includes the following countries: United States of America.
(f) Personal Information has the meaning set out in the Privacy Act.
(g) Privacy Act means the Privacy Act 1988 (Cth) as amended from time to time.
(h) Privacy Law means such laws as may place requirements on the handling of Personal Information under the Privacy Act and the Australian Privacy Principles.
(i) Third Party Sites means online websites or services that we do not own or control, including websites of our partners
(j) Website means www.b4real.digital
(k) we, our, us and similar terms means Black Tie Holdings Pty Ltd ACN 122572490 and our related entities.
(l) you, your and similar terms means, as the context requires (1) you, when you use our Website; and/or (2) you, during your dealings with us as a customer; and/or (3) any agent providing your Personal information to us; and/or (4) any agent dealing with us on your behalf.