PRIVACY POLICY

MAPS Writing Pty Ltd ACN 630 552 573 (“Scriibi”)
This Privacy Policy applies to Scriibi (“we”, “us”, “our”) and its affiliates in relation to our operations and explains how we handle personal information and comply with the requirements of applicable privacy laws (“Privacy Laws”). If you have further questions relating to this policy, please contact Scriibi direct on the contact details set out in section 16 below.
We recognise the importance of your privacy, and that you have a right to control how your personal information is collected and used.

1. Types of personal information we collect
1.1 We collect personal information from or about customers (existing and prospective), employees (existing and prospective) of customers, students in respect of who we provide services to our customers, employees (existing and prospective) of Scriibi and other individuals for various business and other purposes further listed in section 3.2 below. In this section, we explain the types of personal information which we usually collect and how we collect this information.
1.2 The types of personal information Scriibi will collect will depend on the circumstances in which that information is collected. It may include:
(a) contact details (eg, your name, address, email and phone details);
(b) information required for you to transact with us (eg, place of work, position, authority to transact with us, etc.);
(c) information required for you to open a trading account with us or otherwise do business with us including bank account details, information obtained through credit checks and any other relevant financial information;
(d) information on prior dealings with Scriibi or our customers; and
(e) statistical information and other data regarding the use of the Scriibi websites and software, including website and software users’ IP addresses and the dates, times and page locations of website and software users’ visits.
(f) in cases where you wish to work with/for Scriibi, information about your current and former employment (eg, place of work, position, length of tenure, qualifications, curriculum vitae and any other relevant human resources information);
1.3 The types of personal information listed in section 1.2 above are not intended as an exhaustive list. We may require you to provide personal information about other individuals. For example, when a customer agrees to use our software, we require the customer or its representatives to provide us with information necessary to create the customer’s account in our software. This includes the first name, surname and email of each individual who the customer authorises to use their account (each an Authorised User). Customers or their Authorised Users also provide information about their students in respect of who they intend to use our software and services. This information may include the students’ unique identifier (often a number), first name and surname. It may also include, at the discretion of the customer, year level, home class and other data of each individual student. If we receive personal information regarding other individuals from you, you must inform any such individuals whose personal information you provide to us that you are providing their personal information to us and to advise them about this policy. We accept no responsibility for advising any such individuals of the existence or content of this policy.
1.4 In the course of running our business, we do not usually collect sensitive information (including eg. information about a person’s race, ethnic origin, political opinions, health, religious or philosophical beliefs, sexual preferences, genetics or criminal history. Where we do need to collect your sensitive information, we will only collect it with your consent, and we will only use it for the purpose for which you provided it. Where we obtain such sensitive information from a third party, we obliged the third party to obtain your consent.

2. How we collect personal information
2.1 In this section, we explain how we usually collect your personal information. We usually collect personal information through:
(a) our websites;
(b) our software platforms and systems through which we provide services to customers, including personal information provided by a customer or its Authorised Users regarding an Authorised User, students, staff or other persons;
(c) use of social media
(d) orders for products or services;
(e) employment applications;
(f) third party service providers;
(g) requests for brochures, to join a mailing list or to be contacted for further information about our products or services;
(h) provision of customer service and support;
(i) responses to surveys or research conducted by us or on our behalf; and
(j) publically available materials.
2.2 If you do not provide us with the information we request, we may not be able to fulfill the applicable purpose of collection, such as to supply products or services to you or to assess an application for employment.
2.3 Where practicable, we will collect personal information directly from you. From time to time we may be given information by third party sources, including but not limited to:
(a) your employer;
(b) where you are a student, your school;
(c) your representatives or advisers;
(d) our related entities and business partners; and
(e) third parties who assist us in any aspect of our business.
2.4 We may also collect your personal information from other parties where legally required to do so. If we receive information about you from someone else, we will take reasonable steps to ensure you are aware that we have collected personal information about you and the circumstances of the collection. Where we receive information about you from a customer, or their representative, such reasonable steps involve us obliging the customer to take steps to notify you that such information has been provided to us and, if applicable, obtain your consent, where such notice and/or consent is required by Privacy Laws.
2.5 While we take reasonable steps to ensure that your personal information remains secure, many information security risks do exist, and we always recommend that you take appropriate steps to help safeguard your personal information from such risks.

3.How we use personal information
3.1 We will only use and disclose your personal information in accordance with Privacy Laws and this Privacy Policy.
3.2 Our main purposes for collecting, holding, using and disclosing personal information are the following:
(a) to verify your identity;
(b) to supply products or services to our customers;
(c) to obtain products and services from our suppliers;
(d) to allow our customers to operate our software and systems, including by allowing customers to access and use for their own purposes (as determined by the customer) information that is provided by customers or their Authorised Users and held in our software, which may include uses relating to internal review, analysis, and reporting;
(e) to allow us to support customers in the use of our software and systems, including by providing support and ongoing product development;
(f) to respond to enquiries from existing or prospective customers seeking information about our products or services;
(g) to process and assess employment applications;
(h) to enforce agreements between you and Scriibi;
(i) to undertake research, surveys, and analyse statistical information;
(j) to report on aggregate data;
(k) to conduct market research;
(l) to keep customers informed about our activities, products and services;
(m) to improve our products and services and develop new products and services (whether or not we supply these to you);
(n) to comply with legislative and our policy requirements including in relation to occupational health and safety and environmental matters;
(o) to operate our business efficiently.
3.3 We may use or disclose information that is not personal information, including aggregated, de-identified data, for a variety of purposes subject to Privacy Laws, including to conduct research and prepare reports for customers.

4.When we disclose personal information
4.1 We generally explain at the time we collect personal information how we will use or disclose that information. We will only use or disclose personal information for a purpose other than for which it was collected or a related purpose if you have consented to such different use or disclosure or such use or disclosure is otherwise allowed by the Privacy Laws.
4.2 In carrying out our business, it may be necessary to share information about you with and between our related bodies corporate and organisations that provide services to us (eg, our alliance partners). We would not otherwise routinely disclose personal information to another organisation unless:
(a) required by law;
(b) we believe it is necessary to provide you with a product or service which you have requested;
(c) it is necessary to protect the rights, property or personal safety of any of our customers, any member of the public or our interests;
(d) the assets and operations of our business are transferred to another party as a going concern; or
(e) you have provided your consent.
4.3 We may, from time to time, expand, reduce or sell our business, and this may involve the transfer of certain assets or the whole business to other parties. Personal information will, where it is relevant to any asset so transferred, be transferred along with that asset and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use personal data for the purposes for which it was supplied.

5. Disclosure to Service providers
5.1 We may use a range of service providers and/or independent contractors to help us maximise the quality and efficiency of our services and our business operations. This means that individuals and organisations outside of Scriibi, such as our legal, financial, accounting, engineering, administrative and insurance service providers and mail houses, will sometimes have access to personal information held by us and may use it on behalf of us. We require our service providers to adhere to strict privacy guidelines and not to keep this information or use it for any unauthorised purposes.

6. Disclosure of information outside the jurisdiction of collection
6.1 We will generally not disclose personal information outside of the jurisdiction from which it was collected. If, in the conduct of our business, we transfer to, and hold or access personal information from, other jurisdictions, the privacy laws of those countries may not provide the same level of protection as the privacy laws of the country from which the personal information was collected. However, this does not change our commitments to safeguard your privacy and we will comply with all applicable laws relating to the cross-border data disclosure.

7. Direct marketing
7.1 Like most businesses marketing is important to our business’ success. We therefore, from time to time, send marketing materials to current or prospective customers. We only do so in accordance with applicable laws or with your prior consent.
7.2 If you are receiving promotional information from us and do not wish to receive this information any longer, please contact Scriibi direct on the contact details set out in section 16 below, asking to be removed from our mailing lists, or use the unsubscribe facilities included in our marketing communications.

8. Our website privacy practices
8.1 We sometimes use cookie technology on our websites to provide information and services to web site visitors. Cookies are pieces of information that a website transfers to your computer’s hard disk for record keeping purposes and are a necessary part of facilitating online transactions. Most web browsers are set to accept cookies. Cookies are useful to estimate our number of members and determine overall traffic patterns through our websites.
8.2 If you do not wish to receive any cookies you may set your browser to refuse cookies. This may mean you will not be able to take full advantage of the services on the website.

9. Links to other websites
9.1 Our websites may contain links to third party websites. These linked sites are not under our control and we are not responsible for the content of those sites nor are those sites subject to our Privacy Policy. Before disclosing your personal information on any other website we recommend that you examine the terms and conditions and Privacy Policy of the relevant site. Scriibi is not responsible for any practices on linked websites that might breach your privacy.

10. Employee information
10.1 This Privacy Policy does not apply to our handling of information about our employees. For information about our practices relating to information about our employees, please contact us at the contact details listed in section 16 below.

11. Recruitment to work for Scriibi
11.1 If you send us an application to work for us, this information will be used to assess your application. This information may be disclosed to related bodies corporate and service providers for purposes such as:
(a) aptitude, psychological and medical testing; and
(b) other human resources management activities.
11.2 As part of the application process you may be asked for your specific consent to the use and disclosure of certain personal information about any pre-employment medical examination or any aptitude or psychological testing. We may also ask you to consent to the disclosure of your personal information to those people who you nominated to provide references.
11.3 A refusal to provide any of this information, or to consent to its proposed disclosure may affect the success of the application.
11.4 You may also be asked whether you agree to your personal information being provided to related bodies corporate of Scriibi for other positions relevant to your qualifications and experience.

12. Accessing and correcting the information we keep about you
12.1 If at any time you want to know exactly what personal information we hold about you, you are welcome to request access to your record by contacting us at the contact details listed in section 16 below. Our file of your information will usually be made available to you within 14 days, though the Privacy Laws may envisage certain circumstances in which we may not give you access to the personal information we hold about you (eg. where we cannot give you access if it would unreasonably affect someone else’s privacy or if giving you access poses a serious threat to someone’s life, health or safety).
12.2 If at any time you wish to change the personal information we hold about you because it is inaccurate or out of date, please contact us at the contact details listed in section 16 below and we will amend this record. If you wish to have your personal information deleted, please let us know in the same manner and we will take all reasonable steps to delete it unless we need to keep it for legal reasons.
12.3 There is generally no cost for accessing the personal information we hold about you. However we may apply an administrative charge for providing access in certain circumstances. Any such charge will be reasonable and we will advise you of the charge and obtain your consent before providing you with access to your personal information.

13. Complaints
13.1 If you have a privacy complaint against us (including, for example, if you think that we have failed to comply with the Privacy Laws), you may use the contact details listed in section 16 below to notify us of your complaint. We will promptly acknowledge and address all customer complaints. In most cases we will ask that you put your complaint in writing to us.
13.2 We will investigate any complaint and will use reasonable endeavours to respond to you in writing within 30 days of receiving a written complaint. If we fail to respond to your complaint within 30 days of receiving it in writing or if you are dissatisfied with the response that you receive from us, you may have the right to make a complaint with a relevant regulator.

14.Storage and security of your personal information
14.1 We will endeavour to take all reasonable steps to keep secure any information which we hold about you, and to keep this information accurate, up to date and complete. Your information is stored on secure servers that are protected in controlled facilities. We require our employees and data processors to respect the confidentiality of any personal information held by us.

15. Retention of information
15.1 When we no longer need to use your information, we will take steps to properly de-identify or destroy it.

16. Contacting Us
16.1 If you have any concerns or complaints about how we handle your personal information, or if you have any questions about this policy, please contact info@scriibi.com at Scriibi.

17. Future changes
17.1 We operate in a dynamic business environment. Over time, aspects of our business may change as we respond to changing market conditions. This may require our policies to be reviewed and revised. We reserve the right to change this Privacy Policy at any time and notify you by posting an updated version of the policy on our website. If at any point we decide to use personal information in a manner materially different from that stated at the time it was collected we will notify users by email or via a prominent notice on our website, and where necessary we will seek the prior consent of our users.

Arrow-up