Your privacy is important to us
Both are owned and operated by Magneto Communications Pty Ltd [ABN 43 109 565 614], Sydney, Australia.
We respect the EU’s General Data Protection Regulations (GDPR) and the principles it stands for. This policy explains how we collect and treat any information you give us. You won’t find any complicated legal terms or long passages of unreadable text. We’ve no desire to trick you into agreeing to anything that might compromise your information security or that of your company.
We value your privacy as much as we do our own, so we’re committed to keeping your personal and business information safe. We’ll never use your personal information for any reason other than the reason you gave it, and we’ll never give anyone access to it unless we’re forced to by law.
Confidentiality of written communication
When you upload a document or text to Credosity Online here’s what happens, and how we keep your writing secure:
All text analysis is processed within the memory of the Credosity SaaS (on Microsoft Azure Australian servers). We send performance statistics, not written content, securely via SSL to our Microsoft Azure servers via an encrypted HTTPS connection. The document and text are discarded from secure server memory once the session has ended (i.e. it’s not stored to disk or retained on disk). At no stage can a human see, collect, read or keep your document or text.
How we collect information
We may collect personal information from you when you use our website, products or services. This information may be collected when you tell us about yourself, e.g. by subscribing to us, completing an online form, attending a training course or learning session we run, entering details about our products or services, accepting an invitation from us, or when you call us or send us an email.
Personal information is information that identifies you or could identify you, such as:
- your name, email address or contact details
- your interests in our products, services or events
- information about your dealings with us
- any other information we may need to supply or promote our goods or services.
All data is deemed ‘Commercial in Confidence’ unless otherwise requested, in writing. Don’t send us, email us, or upload to our website or software, any SPI (Sensitive Personal Information) or any unauthorised PII (Personally Identifiable Information).
Information about someone else
Cookies may automatically record details about any computer used to access the website such as the date and time of access, the IP address, domain name and details of the information accessed.
Use of information
We may occasionally send you information on our products and services. When we do, you have the option to unsubscribe from these communications. We might also email or phone you about our products and services, but if you tell us not to, we won’t get in touch again. We may use your information to send you invoices, statements, or reminders.
We won’t disclose your personal information to any third parties without your consent, unless we’re required to by law or to the extent we use third parties to capture or manage your personal information on our behalf.
Where we store your information
When you contact us by email or through this website, we store your information in our Customer Relationship Management (CRM) software. If you sign up for our e-zines, we store your name and email address in MailChimp, our email-marketing platform. When you buy something, your information is processed by PayPal or Stripe, our ecommerce platforms. And if we do business, we store your information in our accounts software, Xero. We chose these systems partly for their commitment to security.
Security of Personal Information
We take all reasonable steps to protect information we hold (including your personal information). We also take reasonable steps to hold information securely in electronic or physical form.
Internally, we use password vaults to generate and store complex, encrypted passwords for our software and marketing infrastructure. Vault access is assigned by individual role to our team members. We use a different, randomly generated password for each service, and never use the same password twice.
When available, we use two-factor authentication for all our software and marketing infrastructure.
Security of Payment Information
We use Stripe and PayPal to process credit-card payments online. Both are PCI compliant. (Note: PCI compliance is required for all merchants that store, transmit, or process payment card information.)
Please note that third parties have their own privacy policies. Although our agreement with them doesn’t allow the other transacting party to use this information for anything other than providing payment services, we’re not responsible for their actions, including their information-protection practices.
If you don’t want to use your credit card online, we offer alternative payment methods.
Who has access to information about you
When we store information, only the people who need it can access it. Our management team has access to everything you’ve provided, but individual team members have access only to what they need to do their job.
If we change the contents of this policy, those changes will become effective the moment we publish them here.
Access to your information
You may request access at any time to personal information we hold about you by emailing us at firstname.lastname@example.org. We’ll delete your personal information on your written request.
Questions, complaints or need more details about our information security?
If you have any reason to complain about or question how we handle your privacy, please contact Petrina Buckley by email at email@example.com or by phone on +61 410 519 705. If you’re responsible for Enterprise IT Security, Petrina can give you a detailed copy of our Security Guide and Policy for Credosity Online.
Need us to sign a bespoke Confidentiality Agreement or Statement of Work with your organisation?
Petrina’s the right one to contact about that, too (details above).
This policy sets out generally how we endeavour to deal with personal information. It’s not intended to represent that we’re bound by the Australian Privacy Act 1988. That’s not because we’re not committed to privacy, but because we’re below their private company annual turnover limits.