Last updated: 9 November 2015.

1.0 Introduction

This Privacy Policy (Policy) governs the use of Personal Information collected by CloudFileSync Pty Ltd (Company) in the process of installation and deployment of the CloudFileSync (CFS) software suite.

2.0 Recitals

Company may, in the process of registering a Reseller, Storage Provider, Purchaser or User, collect Personal Information from such entities intending to directly use CFS or deploy CFS on third-party IT infrastructure.

This Policy is drafted in accordance with international frameworks, such as the OECD Guidelines, as relevant to the foundation for the development of national privacy laws in Australia, as well as other nations.

This Policy is governed, executed, and resolved in accordance with relevant laws of Commonwealth of Australia and State of Victoria therein.

Company may amend this Policy at its discretion at any time based on legal compliance requirements. Any change will be effective from the date the revised Policy is posted electronically on the Company corporate website https://www.cloudfilesync.com (Website).

3.0 Definitions

Australian Privacy Principles (APPs) means the amended Privacy Act 1988 (Cth.) that includes a set of harmonised privacy principles that regulate the handling of personal information by Australian and Norfolk Island Government agencies and private sector organisations as defined in Schedule 1 of Privacy Act 1998 (Cth.).

OECD Guidelines mean the 2013 OECD (Organisation for Economic Cooperation and Development) Privacy Guidelines, in particular, the Recommendation of the Council concerning Guidelines governing the Protection of Privacy and Transborder Flows of Personal Data (2013); [C(80)58/Final, as amended on 11 July 2013 by C(2013)79].

Personal Information is as defined in s 6 of Privacy Act 1988 (Cth.), which cites “means information or an opinion about an identified individual, or an individual who is reasonably identifiable: a) whether the information or opinion is true or not; and b) whether the information or opinion is recorded in a material form or not.

Relevant legislation means all relevant precedents, codes, statutes, transition legislation, Commonwealth, State and Territory Acts and international convention treaties where relevant in determining privacy rights.

4.0 Policy Statement

  1. Electronic acceptance of Company Terms of Agreement to use CFS is an automatic acknowledgement of acceptance to this Policy.
  2. Acceptance to this Policy by the authorized representative binds the accepting entity’s directors, officers, employees, contractors, agents, consultants and successors towards complying with this Policy requirement.

5.0 Collection of data

5.1 Collection of data from users

Company may automatically collect information on the deploying entity’s IT infrastructure specifications through the CFS software suite once that entity deploys CFS (e.g. IP address, gateway configurations et al.). The purpose of this collection, in accordance with APPs, is to determine conformance to minimum IT infrastructure requirements for functional deployment of CFS.

5.2 Collection of other types of data

Company may automatically collect information on the deploying entity’s IT infrastructure specifications through the CFS software suite once that entity deploys CFS (e.g. IP address, gateway configurations et al.). The purpose of this collection, in accordance with APPs, is to determine conformance to minimum IT infrastructure requirements for functional deployment of CFS.

6.0 Use of collected data

In accordance with the APPs, data collected by Company is handled internally within the organization by in-house staffs that have a need to know basis of accessing such data. Data, if accessed, is purely for CFS product design enhancement and future business partner identification purposes.

Collected data is not sold to third-party entities.

With respect to recent amendments to the Privacy Act 1988 (Cth.), the scope of ‘trading in personal information’ does not apply to Company as the company does not collect user information for selling to third parties for profit. Company does not, and shall not, advertise or market to users, as well as share their details to third parties for marketing and advertising.

7.0 Disclosure of collected data

Company will not disclose collected data to any third-party legal entity unless explicitly ordered by a competent Australian legal authority through the issuance of subpoenas, court orders et al.

Users using or deploying CFS has the right to request information it has supplied to Company, in which case, based on the APPs, Company shall provide the information to the entity within a reasonable time frame.

8.0 Governance of collected data

Collected data is governed in accordance with industry-standard best practices. Company has implemented information security management systems and frameworks within its organization along the lines of being compliant to ISO 27001:2013, which is used in governing collected data.

Company manages all collected data securely and ensures continuous adoption of technology to enhance security and encryption of collected data.

Company retains the collected data until the user’s account is terminated, unless required to enforce the Company Terms of Agreement, resolve disputes or comply with legal obligations.

Company shall retain collected data to the maximum extent required by governing legislation unless explicitly advised by the user, in which case Company shall hand back to the user all its relevant collected data at costs borne by the user.

Company shall not send collected data outside Australian borders without explicitly obtaining consent from users.

9.0 Reporting of collected data

Company does not publicly report data collected from users. Reporting is restricted only to users with only that information they have provided. Company may report collected data to law enforcement agencies or legal institutions upon explicit judicial orders.

10.0 Compliance obligations

Company is compliant to the APPs cited in the amended Privacy Act 1988 (Cth.) that set the minimum standards for handling personal information.

11.0 Technology policies governing Privacy

11.1 Cookie Policy

The deployment of CFS currently does not download cookies on user devices.

Company’ Website is currently controlled for third-party cookie presence and uses cookies to a limited extent to enhance user experience. Company’ Website does not expose user devices to uncontrolled cookies.

Company uses third-party analytics software tools for use in the source code of the Company corporate website to understand website traffic and website usage based on the policy that such services do not identify individual users or associate individual IP addresses in accordance with the legal theory of the Telecommunications (Interception and Access) Act 1979 (Cth.). By using this website, the user consents to the processing of data about itself in accordance with the legal theory of the aforementioned legislation

Company uses Google Analytics and the user consents to the processing of data about itself by Google in the manner described in Google's Privacy Policy and for the purposes set out above. The user can opt out of Google Analytics at any time if the cookie is disabled; JavaScript disabled, or use the opt-out service provided by Google.

11.2 Third-party advertising policy

Company does not endorse third-party vendors on advertising on the Company Website. Company’ policy in this aspect prohibits unsolicited referral programs, sponsored links, or advertisements on the Company Website.

11.3 Internet marketing policy

Company has a robust social media use and monitoring policy. Currently Company has limited presence social media platforms, including but not limited to, Facebook, Twitter and LinkedIn. Company limits access of third-party external cookies found in social media sites to the Company Website.

11.5 Privacy issues escalation
Department of Legal, Regulatory & Corporate Affairs
CloudFileSync Pty Ltd
PO Box 131, Camberwell VIC 3124, Australia
Telephone: +61 3 9021 2013
Email: legal@cloudfilesync.com

About CloudFileSync

CloudFileSync was founded to help businesses improve their productivity by making it easier for staff to securely access and share files and to collaborate on documents using any device.

Based in Melbourne, Australia our team builds innovative security and File Sync and Share technologies that empower businesses to choose, and to have full visibility over, where their data is stored, who has access to this data and who can share this data.