Privacy Policy

Privacy Policy.

Note: The TeLoRa Platform provides various functionality that enable Sub-Admin Users to communicate with Workers. Such functionality includes real time location tracking and notification features that allow Sub-Admins, selected Workers (such as Incident Managers and Incident Responders) and Clients to obtain regular updates and location tracking of Workers during an active rostered Worker shift (Worker Shift). Real time location tracking is only available to Clients and not Sub-Admins (Sub-Admins are only provided with a Worker’s last known location in the event of an emergency). Workers use the TeLoRa Worker App by sending notifications and requests to their Incident Managers and/or Incident Responders during a Worker Shift, they are notified if their requests for Worker status updates are not responded to, if the Worker sends requests for help or if the Worker has not arrived at a Client’s designated location. Sub-Admins may also receive a geo-fence notification when the Worker is not within a certain location during a Worker Shift. The TeLoRa Platform provides a range of other functions. It is your responsibility to ensure that you comply with all applicable laws in connection with your use of the TeLoRa Platform, including any applicable workplace surveillance and privacy laws.

The TeLoRa Platform collects and processes a wide variety of personal data from its Users, ranging from names and email addresses of Workers to their sensitive health data. Personal data collected via the TeLoRa Platform is disclosed to our Sub-Admins, their Clients and/or Incident Responders, in connection with the operation of the TeLoRa Platform, as described in this Privacy Policy. Additionally, we may trade in (i.e sell) the names and email addresses of Workers to third parties (where we have the express consent of Workers to do so) and otherwise collect, use, disclose and process personal data for the purposes and lawful bases described in our Privacy Policy.

If you are a Worker, failure to switch on the location services function on your smartphone device when accessing or using the TeLoRa Worker App will cause the TeLoRa Worker App to cease functioning. Switching off the location services function on your smartphone device during a Worker Shift will result in the Client and/or Sub-Admin and/or Incident Manager receiving a notification notifying them that you have switched the location services function off. By switching off the function, you will not be able to use the TeLoRa Worker App.

This Privacy Policy describes how TeLoRa Trading Pty Limited ACN 635 385 545 of PO Box 556, Kensington, New South Wales 1465 Australia and its related entities, (TeLoRa), collects, holds, transfers, discloses and otherwise processes personal data through its operation of the TeLoRa Platform and the steps that we take to secure that personal data. We administer and provide the TeLoRa Platform. We also trade in personal information for the purposes described in our Privacy Policy.

In this Privacy Policy, “we“, “our” and “us” are all references to TeLoRa and ““you”, “your” or “they” refers to any Users who use or access the TeLoRa Platform, as a Sub-Admin, Client or Worker (as applicable). Terms used in this Privacy Policy commencing with a capital letter have the meanings given to them in our Terms of Use located at [https://www.telora.com.au/terms-ofuse] or as otherwise defined in this Privacy Policy.

Our Platform may contain links to a number of third party websites. However, this Privacy Policy does not govern those websites and only governs the TeLoRa Platform. We recommend that you carefully read the privacy policies or notices of each third-party site that you visit for information on their privacy, security, data collection and disclosure policies.

We are committed to complying with our privacy obligations in accordance with all applicable data protection laws, including the Australian Privacy Principles contained in Schedule 1 to the Privacy Act 1988 (Cth) (the Privacy Act). We also comply with the EU General Data Protection Regulation (GDPR) in relation to all personal data that we collect, hold, disclose and otherwise process, to the extent the personal data is within the territorial scope of the GDPR pursuant to Article 3 of the GDPR (GDPR Data).

If we decide to change this Privacy Policy, we will post the updated version on this webpage so that you will always know what personal data we gather, how we might use that information, and whether we will disclose it to anyone.

This Privacy Policy does not provide a detailed description of the functionality provided by the TeLoRa Platform.

 

In this Privacy Policy, “personal data” has the meaning given to the term “personal information” in the Privacy Act (except in relation to GDPR Data – in which case “personal data” has the meaning given to it in the GDPR). “Sensitive information” has the meaning given to it in the Privacy Act and “special categories of personal data” has the meaning given to it in the GDPR.

The Privacy Act defines “personal information” as information or an opinion about an identified individual, or an individual who is reasonably identifiable (a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not. The Privacy Act defines “sensitive information” to include, among other things, health information about an individual.

GDPR Data includes both personal data and special categories of personal data. Article 4(1) of the GDPR defines “personal data” as any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. “Special categories of personal data” is referred to in the GDPR as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

We collect personal data governed by the Privacy Act if it is reasonably necessary for our functions or activities – or where we have consent to the collection. We will not collect sensitive information regulated by the Privacy Act unless we have the relevant data subject’s consent and the information obtained is reasonably necessary for one or more of our functions or activities. We hold personal information for the primary purpose of enabling Users to access the functionality of the TeLoRa Platform and for the secondary purpose of trading in personal data.

Under Article 6 of the GDPR, GDPR Data can only be processed where there is a lawful basis to do so. When we collect, use, disclose or otherwise process GDPR Data via the TeLoRa Platform, we do so on the following lawful bases:

Lawful basis (GDPR Article 6)How it applies to us

The data subject has given consent to the processing of his or her personal data for one or more specific purposes

All Workers are requested to provide their consent to our collection of health data via the TeLoRa Platform where necessary in order for the TeLoRa Platform to transmit health data so that incident responders can access medical conditions, medications and health insurance information of Workers recorded in the TeLoRa Platform.

We also request the consent of Workers to our processing of their email addresses for the purposes of trading their email addresses with third parties for our commercial benefit. We do not trade Worker email addresses with third parties without that consent.

Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract

We are required to process personal data of all Users in order for the functionality of the TeLoRa Platform to operate, in accordance with our obligations under the Terms of Use. We cannot provide Users with the functionality of the TeLoRa Platform without their personal data.

Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

We are required to process personal data of all Users in order for the functionality of the TeLoRa Platform to operate, in accordance with our obligations under the Terms of Use. The TeLoRa Platform is not designed to collect or otherwise process personal data of children.

Vital interests

We collect and process health information of individuals so that Sub-Admins and Clients can provide it to third party emergency services where necessary for the health and safety of Workers.

We only collect personal data that is adequate, relevant and limited to what is necessary for the purpose for which it is to be processed and only where we are entitled by law to collect it. The primary purpose for which we collect personal data is to provide the functionality of the TeLoRa Platform. We may also use collected personal data for other related, directly related or compatible purposes (for example – in order to sell Worker names and email addresses where we have Workers’ consent). You are solely responsible for ensuring that any content you upload and/or submit to the TeLoRa Platform is accurate, kept up to date and complies with any applicable laws and third-party rights. We collect the following types of personal data:

  • User registration data: When Users register, or are registered on the TeLoRa Platform, their personal data is entered into the TeLoRa Platform, including names, contact details and credit card details of Sub-Admins. Some of the User registration data that we may collect may be of a sensitive nature and may include location information, health records and financial information. Sub-Admins provide us with Client names and contact details and Worker name, titles, genders, email addresses, job titles, contact details, employment details, health records, medical conditions, Medicare card details, private health insurance cards, drivers licences, first aid and other certificates, medications, emergency contact details, addresses and dates of birth.
  • Transactional and Financial Data: We collect transactional details about payments to and from Sub-Admins, receipts, invoices, credit card details, details of the number of Client and Worker TeLoRa Accounts added and removed by a Sub-Admin from their TeLoRa Account, and any other financial records that we are required to retain under the Corporations Act 2001 (Cth) or any other applicable law concerning any services that we provide to a User.
  • Geo-Location Data: If you are a Worker, we may collect geo-location information from your smartphone device when you use the TeLoRa Worker App during a Worker Shift and use it to provide the following functionality via the TeLoRa Platform:
    • The Client can use the TeLoRa Client App to see the location of a Worker at any time in real-time when the Worker is rostered to the Client’s site and during a Worker Shift;
    • An Incident Manager can use the live tracking feature to locate a Worker in the event of an emergency such as when the Worker does not provide a response to a notification;
    • An Incident Responder can use the live tracking feature to respond and provide assistance to a Worker in the event of an emergency;
    • A Sub-Admin can see a Worker’s last known location in the event of an emergency; and
    • A Sub-Admin can set a geo-fence at a specific site and receive an automated alert when the Worker leaves that site, only during a Worker Shift.
The TeLoRa Platform is not designed to disclose the location of any Worker unless during a Worker Shift.

  • Data entered into the TeLoRa Platform: We collect any submitted, uploaded or transmitted content, material, communications entered into the TeLoRa Platform by any User including Worker Shifts and time schedules, Worker Shift start and end dates and times, photos, client 6 work site locations, notification and message content, videos, audio clips, marketing, notification and communication preferences. We will process such personal data in order to administer our relationships with our Users or as necessary for the provision of the functionality provided by the TeLoRa Platform.
  • Analytics data: We collect and process personal data known as analytics data for analytical purposes, designed to measure and monitor how the TeLoRa Platform is being used and to highlight any areas for improvement, optimisation and enhancement of the TeLoRa Platform, including geo-location, IP addresses, log files, cookie data, information about your devices accessing the TeLoRa Platform (IP address, other applications on the device, time zone, network status, browser type, browser identifier, unique device identification number, network provider user ID, Media Access Control address, mobile advertising identifier, location, device capabilities, the type of device used to access the TeLoRa Platform, associated links and the operating system), the amount of time you spend on the TeLoRa Platform and in which parts of it, and the path you navigate through it. We will process this personal data in order to monitor and detect unauthorised use of the TeLoRa Platform, and to establish how the TeLoRa Platform is being used and to highlight areas for potential improvement of the TeLoRa Platform. We often aggregate this data with other data. Where the aggregated data is classified as personal data we treat it in accordance with this Privacy Policy.
  • Cookies and other Tracking Technologies: We use cookies and other tracking technologies (such as traffic analytics, tracking cookies, web beacons, mobile advertising identifiers, tags and scripts) on the TeLoRa Platform and third party sites to assist with marketing purposes. We will not place such tracking technologies on your computer, smartphone or other electronic device without your consent. Cookies are pieces of information that a website transfers to a computer’s hard disk for record-keeping purposes. We may use session cookies, which are only stored for a limited amount of time and persistent cookies that remain indefinitely until they are deleted. Such cookies may be installed by us or by our third contractors. Cookies enable us to remember and recognise you to better facilitate your user satisfaction when you visit the TeLoRa Platform by helping us tailor and improve the information we present to you. The use of cookies is common in the Internet industry, and many major websites use them to understand usage of websites and smartphone apps. We may use cookies to customise the TeLoRa Platform user experience for you, for statistical purposes and to provide useful relevant features, products, advertisements and services. A cookie may be used to tell when your computer or device has contacted the TeLoRa Platform and extracts information such as your IP address, browsing pattern, content that you have viewed and browser type. We may also use information collected by our cookies to determine whether you have seen, clicked on, or otherwise interacted with an online ad or promotion that we are working on to help provide 7 better services for our Users. If you wish, you can choose not to consent to cookies or choose not to accept cookies by adjusting your web browser’s privacy settings to delete cookies upon exiting websites or when you close your browser. You may also configure your browser to block cookies. Refusing to provide consent, deleting cookies or blocking cookies may negatively impact your user experience.

We hold personal data that we collect in our offices, computer systems, and third party owned and operated hosting facilities. If we need to use your personal information for another purpose, we will seek your consent prior to doing so. If we are unable to obtain your consent before sending our communication, we will give you the opportunity to opt out of any future direct marketing campaigns at the time of mailing to you by notifying us. We use and/or disclose personal data as follows:

  • we provide access to personal data (that we collect through Worker and Client registrations on the TeLoRa Platform) to Clients and Sub-Admins and Incident Managers and Incident Responders;
  • when we validate submitted registration information from Users;
  • to investigate, prevent or detect suspected fraudulent activity, violation of our Terms of Use or violation of another party’s rights;
  • to notify Clients, Sub-Admins, Incident Managers and Incident Responders when the functions of the TeLoRa Platform are hindered due to the Worker disabling their smartphone location tracking functionality;
  • to respond to duly authorised information requests of governmental authorities or where required by law;
  • upon the sale, assignment, or other transfer of our business or assets;
  • when we outsource our functions to our hosting providers and other third party service providers who perform our obligations under the Terms of Use on our behalf;
  • in connection with the lawful request of public authorities, to meet statutory conditions, national security or law enforcement requirements and otherwise where required by law;
  • when we believe that disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with suspected or actual illegal activity;
  • in order to verify a person’s identity when we are contacted to ensure that we know who we are communicating with;
  • to provide our Users with our services and to administer, maintain and answer questions about the TeLoRa Platform;
  • in order for us or other third party marketers to send newsletters and other communications to our Users concerning our the TeLoRa Platform, services, events, recruitment and other business opportunities;
  • to enforce our rights and comply with our contractual and other legal obligations;
  • to issue bills and invoices to our Sub-Admins, and to enforce the payment obligations of our Sub-Admins to pay our fees;
  • when conducting marketing and/or publicity campaigns;
  • to handle requests, messages, complaints and when processing an application for the TeLoRa Platform;
  • to identify Users and other individuals when we are contacted with questions or concerns regarding the products and services we provide;
  • in order to configure a new services and/or surveys for potential customers or when conducting research and development of our products and services.

Your registration and participation in the TeLoRa Platform is subject to our Terms of Use located at [https://www.telora.com.au/terms-of-use]. Participation on the TeLoRa Platform is completely voluntary.

We collect personal data via the TeLoRa Platform in the following ways either directly or indirectly:

  • when a Sub-Admin applies to register, or a Client or Worker is registered on the TeLoRa Platform and their personal data is provided to us in the course of that application;
  • when a Worker, Client or Sub-Admin voluntarily uploads and submits the personal data onto the TeLoRa Platform during their access and use of the TeLoRa Platform following registration;
  • when a Worker consents to our collection of their personal information;
  • when it is sent to us by Sub-Admins and/or Clients and third parties for the purpose of providing us with instructions or information necessary for us to process in order to provide the functionality of the TeLoRa Platform;
  • when the TeLoRa Platform automatically collects information about User activity of the platform.

We hold personal data that we collect in our offices, computer systems, and third party owned and operated hosting facilities. If we need to use your personal information for another purpose, we will seek your consent prior to doing so. If we are unable to obtain your consent before sending our communication, we will give you the opportunity to opt out of any future direct marketing campaigns at the time of mailing to you by notifying us. We use and/or disclose personal data as follows:

  • we provide access to personal data (that we collect through Worker and Client registrations on the TeLoRa Platform) to Clients and Sub-Admins and Incident Managers and Incident Responders;
  • when we validate submitted registration information from Users;
  • to investigate, prevent or detect suspected fraudulent activity, violation of our Terms of Use or violation of another party’s rights;
  • to notify Clients, Sub-Admins, Incident Managers and Incident Responders when the functions of the TeLoRa Platform are hindered due to the Worker disabling their smartphone location tracking functionality;
  • to respond to duly authorised information requests of governmental authorities or where required by law;
  • upon the sale, assignment, or other transfer of our business or assets;
  • when we outsource our functions to our hosting providers and other third party service providers who perform our obligations under the Terms of Use on our behalf;
  • in connection with the lawful request of public authorities, to meet statutory conditions, national security or law enforcement requirements and otherwise where required by law;
  • when we believe that disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with suspected or actual illegal activity;
  • in order to verify a person’s identity when we are contacted to ensure that we know who we are communicating with;
  • to provide our Users with our services and to administer, maintain and answer questions about the TeLoRa Platform;
  • in order for us or other third party marketers to send newsletters and other communications to our Users concerning our the TeLoRa Platform, services, events, recruitment and other business opportunities;
  • to enforce our rights and comply with our contractual and other legal obligations;
  • to issue bills and invoices to our Sub-Admins, and to enforce the payment obligations of our Sub-Admins to pay our fees;
  • when conducting marketing and/or publicity campaigns;
  • to handle requests, messages, complaints and when processing an application for the TeLoRa Platform;
  • to identify Users and other individuals when we are contacted with questions or concerns regarding the products and services we provide;
  • in order to configure a new services and/or surveys for potential customers or when conducting research and development of our products and services.

We will only disclose personal data that we collect to third parties (who are not Users) as follows:

  • To our hosting providers who host our files and databases in the cloud – we store backup copies of our computer files, software and databases in the cloud with our hosting providers who host those files, and that software and databases (including any personal data contained in them) on our third party hosting providers’ computer servers located in their data centres;
  • To carefully selected third party marketers – From time to time, we may provide Worker personal data to third parties (but only names and email addresses), when we license or sell such data to them;
  • So that we can obtain assistance from our suppliers and corporate group with the provision of the TeLoRa Platform – in which case we may disclose your personal data to our suppliers and subcontractors as well as to our related bodies corporate (as that term is defined in the Corporations Act 2001 (Cth)) to whom we may subcontract the provision of all or part of our obligations under the Terms of Use. For example, we may use printing providers who print documents on our behalf that contain personal data, couriers who deliver documents on our behalf that contain personal data, and share computers that contain personal data with our related bodies corporate (as that term is defined in the Corporations Act 2001 (Cth));
  • Conducting publicity campaigns – in which case we may disclose your personal data to our marketing partners;
  • Handling claims, legal disputes and complaints – in which case we may disclose your personal data to our insurers, lawyers, accountants and other professional advisors;
  • Sending out a newsletter – in which case we may disclose your personal data to our email and newsletter service providers;
  • In order to identify our customers and end users – when we are contacted with questions or concerns regarding the TeLoRa Platform and other products and services that we provide;
  • In order to record billing details and process payments from our Sub-Admins – in which case we will provide Sub-Admin credit card details to our bank and merchant facility providers;
  • For professional advice – when providing information to our legal, accounting or financial advisors/representatives or debt collectors for debt collection purposes or when we need to obtain their advice, or where we require their representation in relation to a legal dispute;
  • If we sell the whole or part of our business or merge with another entity – in which case we will provide to the purchaser or other entity the personal data that is the subject of the sale or merger;
  • Where a person provides written consent to the disclosure of his or her personal data; or
  • Where required by law.

We may also provide your personal data to our lawyers, insurers and professional advisors and any court or administrative body, for one or more of the following purposes:

  • To obtain or maintain insurance;
  • The prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law;
  • To protect or enforce our rights or defend claims;
  • Enforcement of our claims against you or third parties;
  • The enforcement of laws relating to the confiscation of the proceeds of crime;
  • The protection of the public revenue;
  • The prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct;
  • The preparation for, or conduct of, proceedings before any court or tribunal, or implementation of the orders of the court or tribunal.
  • Where disclosure is required to protect the safety or vital interests of employees, end users or property.

Since 22 February 2018, data breaches that are likely to result in serious harm must be reported to affected individuals and the Office of the Australian Information Commissioner (OAIC), except where limited exceptions apply. For the purposes of the GDPR, certain types of data breaches must also be reported to affected individuals if the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms. In addition, the GDPR requires organisations to report certain types of data breaches to the relevant supervisory authority. We will notify affected individuals, the OAIC and relevant supervisory authorities of any data breach where we are required to do so in accordance with our legal obligations.

You may interact with social media platforms via social media widgets and tools such as the Facebook Like button and the Facebook pixel that may be installed on our websites. These widgets and tools may collect your IP address and other personal information. Your interaction with such widgets and tools, and any single sign-on services such as Open ID is governed by the privacy policies of the relevant social media operators and single sign-on service providers – we recommend that you read them so that you are aware of how they process your personal information.

Despite the safeguards we implement, transmissions over the Internet and/or a mobile network are not totally secure and we do not guarantee the security of online transmissions.

Your personal information submitted through the TeLoRa Platform is stored electronically. We have physical, electronic and procedural safeguards for personal information and takes reasonable steps to ensure that your personal information is protected.

We take reasonable steps to protect personal information that we hold from unauthorised access, modification and disclosure and implement technical, physical, administrative and organisational safeguard measures to ensure a level of protection appropriate to the risk of accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal information transmitted, stored or otherwise processed. These physical, electronic and procedural safeguards for personal information are as follows:

We ensure that information stored electronically (in the cloud) is only accessible via a password protected service. Only staff with a password have access to information on the system and files can be designated read-only or no access.

  • We perform security testing (including penetration testing of our websites), and maintain other electronic (e-security) measures for the purposes of securing personal information, such as passwords, anti-virus management, firewalls and antivirus software;
  • We maintain physical security measures in our buildings and offices such as door and window locks and visitor access management, cabinet locks, surveillance systems and alarms;
  • We require all of our employees and contractors to comply with privacy and confidentiality terms and conditions in their employment contracts and subcontractor agreements that we enter into with them. Only employees who need access to your personal information in order to perform their duties are authorised by us to have access to your personal information;
  • We carry out security audits of our systems which seek to find and eliminate any potential security risks in our electronic and physical infrastructure as soon as possible;
  • If appropriate in the circumstances, taking into account the state of the art, the costs of implementation and the nature, scope, content and purpose of the processing, we pseudonymize and/or encrypt personal information;
  • We implement passwords and access control procedures into our computer systems;
  • We have data backup, archiving and disaster recovery processes in place;
  • We have anti-virus and security controls for email and other applicable computer software and systems in place;
  • We use secure methods to destroy or permanently de-identify personal information when it is no longer needed.

Our Platform includes privacy tools that you can use to control the personal data that we hold about our Users. Users can access these privacy tools by logging into their account on the TeLoRa Platform.

If you do not provide us with your personal data, you cannot access the TeLoRa Platform features that we make available to Users. If you become a User, we need to collect personal data from you in order to identify who you are, so that we can provide you with services, and for the other purposes described in this Privacy Policy. You have the option of not identifying yourself or using a pseudonym when contacting us to enquire about our services, but not if you wish to actually access or use the TeLoRa Platform. It is not practical for us to provide you with access to the TeLoRa Platform if you refuse to provide us with your personal data.

If we do not collect personal information about you, you cannot become a User on the TeLoRa Platform and you cannot use or access the TeLoRa Platform. You may however withdraw your consent for certain processing activities that we conduct on your personal information. For example, if you are a Worker, you may withdraw your consent to our trading in your name and email address to third parties. If you withdraw your consent for the processing of your personal information, some features and functionality of the TeLoRa Platform may not be accessible.

Further, if you are a Worker, failure to switch on your location services functions on your smartphone device when accessing or using the TeLoRa Worker App will cause the TeLoRa Worker App to cease functioning. Switching off your location services function on your smartphone device during a Worker Shift will result in the Client and/or Sub-Admin and/or Incident Manager receiving a notification notifying them that you have switched the location services function off. By switching off the function, you will not be able to use the TeLoRa Worker App.

We do not send “junk” or unsolicited e-mail in contravention of the Spam Act 2003 (Cth). We will, however, use e-mail in some cases to respond to inquiries, to communicate with Users, to correspond with us and other carefully selected third parties. Some of these emails may be transaction-based e-mails that are automatically generated.

We respect your decision whether or not to participate or respond to any survey and/or other market research program. If you decide that you do not wish to receive e-mails, surveys or other market research programs from us, you can opt out by requesting that we do not send further e-mail to you by contacting us via email at: [support@telora.com.au].

Alternatively, Users may click the ‘unsubscribe’ tool or opt out links contained in any communication we send or links on such communications can click unsubscribe for the relevant account on the TeLoRa Platform. Upon receipt of any such request, we will ensure that they cease to receive automated emails from us.

We may transfer your personal data to our contractors and service providers who assist us with providing our Platform, Platform Services and other products and services to you, and to assist us with the operation of our business generally, where we consider it necessary for them to provide that assistance. We may also transfer your personal data to carefully selected third party marketers who will provide marketing materials on products, services and opportunities to you, where relevant to your use and access of the TeLoRa Platform.

We currently store personal data only in Australia. Provided that we comply with applicable law, including the provisions of Australian Privacy Principle 8 (Cross-border disclosure of personal information), and the GDPR – in relation to GDPR Data, we may transfer your personal data to our offshore contractors, third parties and service providers as well, who may be located outside the  European Union (EU) or the European Economic Area (EEA). We currently do not have any offshore contractors that we disclose personal data of our Users to.

It is our policy to retain personal data in a form that permits identification of any person only as long as is necessary for the purposes for which the personal data was collected; and for any other related, directly related or compatible purposes if and where necessary for the purpose of the processing activity, the fulfilling of our contractual commitments to our Sub-Admins and Clients, as authorised by you and/or as permitted by applicable law. We will only process personal data that you provide to us for the minimum length of time permitted by applicable law and only thereafter for the purposes of deleting, de-identifying or returning that personal data to you (except where we also need to retain the data in order to comply with our legal obligations, or to retain the data to protect your or any other person’s vital interests). Where you require personal data to be returned, it will be returned to you at that time, and we will thereafter delete all then remaining existing copies of that personal data in our possession or control as soon as reasonably practicable thereafter, unless applicable law requires us to retain the personal data in which case we will notify you of that requirement and only use such retained data for the purposes of complying with those applicable laws.

Where the personal data is not GDPR Data and is personal information for the purposes of the Privacy Act 1988 (Cth), instead of destroying the personal information we may take such steps as are reasonable in the circumstances to de-identify the personal information that we hold about an individual where we no longer need it for any purpose for which it may be used in accordance with this Privacy Policy if the information is not contained in a Commonwealth record and we are not required by Australian law (or a court or tribunal order) to retain it.

Under the GDPR, you have a number of rights, including:

  • The right to be informed of any data breach of your personal data;
  • The right of access to obtain confirmation and information about the processing of your personal data;
  • The right to rectification of any inaccuracies of your personal data;
  • The right to erasure of your personal data limited to any applicable laws and regulations;
  • The right to restrict processing of your personal data (take note however that your access to the TeLoRa Platform may be limited as a result);
  • The right to data portability for your data to be transferred to another party;
  • The right to object by withdrawing your consent to any processing or use of your personal data; and
  • Rights in relation to automated decision making and profiling.

Please contact us if you wish to exercise any of your rights under the GDPR. We will handle all such requests in accordance with our legal obligations. If you withdraw your consent for processing, object to the processing of your personal data or request us to erase your personal data and as a result it is not possible or practical for us to continue providing you with the TeLoRa Platform, we may elect to terminate our commercial relationship with you.

If you are a Worker or Client and you wish to access or correct your personal data on the TeLoRa Platform, you can do so by accessing the “My Profile” section on your TeLoRa Account. Should you wish to access a record of the personal data that we hold about you, please contact us using the contact details set out at the end of this Privacy Policy. We will handle your request for access to your personal data in accordance with our statutory obligations. To ensure that we only obtain, collect, use and disclose accurate, complete and up to date personal data, we invite you to contact us and inform us if any of your personal details we hold change or if any of the personal data held by us is otherwise incorrect or erroneous. We will provide you (or if you wish, another controller) with a copy of the personal data they we hold about you in a structured, commonly used and machine readable format. We may only charge a fee for you to access or obtain your data where permitted by applicable law.

If you wish to contact us for any reason regarding this Privacy Policy, our privacy practices or to enquire, review, correct, delete or withdraw your consent for us to process or disclose personal data that we hold about you, please contact us at the following address:

PO Box 556, Kensington

New South Wales 1465 Australia

privacy@telora.com.au

We will use our best endeavours to respond to any privacy complaint as soon as possible, within fourteen (14) business days, following receipt of your complaint. We will try to resolve the complaint within thirty (30) working days. When this is not possible we will contact you to provide an estimate of how long it will take to handle the complaint. This may include working with you on a collaborative basis to resolve the complaint or us proposing options for resolution. If you are not satisfied with the outcome of a complaint or you with to make a complaint about a breach of the Australian Privacy Principles you make refer the complaint to the Office of the Australian Information Commissioner (OAIC) who can be contacted using the following details:

Call: 1300 363 992

Email: enquiries@oaic.gov.au

Address: GPO Box 5218, Sydney NSW 2001

In relation to GDPR Data, you may lodge a complaint with any relevant supervisory authority.

Scroll to top