Safe365 Privacy Policy

1. INTRODUCTION
At Safe365, we take privacy very seriously. We’ve updated our privacy policy (“Policy”) to ensure that we communicate with all Subscribers and authorised users of our Platform (including the Services , Website and App) (“You”), in the clearest way possible, how we treat personal information. We encourage You to read this Policy carefully. It will help You make informed decisions about sharing Your personal information with us.

Safe365 provides an online health and safety self-assessment and continuous improvement service. It is intelligent health and safety software for business, is simple, secure and gives business owners and their advisor’s real-time visibility of a business’ health and safety maturity.

2. SCOPE
This Policy applies to all subscribers and authorised users of our platform / services and otherwise any access to our Website, www.safe365global.com and/or our smartphone App, available from Google Play Store and Apple Stores.
Unless otherwise defined herein, all capitalised terms used in this Policy have the same meaning as given to them in our Software as a Service Terms of Service. By accessing our Website or App and/or using or accessing the Platform, You are deemed to have consented to the terms of this Policy.

3. PRIVACY ACT 2020
Safe365 complies with the NZ Privacy Act 2020 (“Act”) when dealing with personal information.  This policy sets out how we will collect, use, disclose and protect your personal information.

This policy does not limit or exclude any of your rights under the Act.  If you wish to seek more information on the Act, see www.privacy.org.nz.

4. PERSONAL INFORMATION
When You use the Platform, you may from time to time provide us with Subscriber Materials and related data and information.  Such information can include personal information. Personal information is information about an identifiable individual, and may include information such as the individual’s name, email address, telephone number, age or birthdate, occupation, details of the services you have purchased from us and any other information relating to You.

Your credit card details do not come within the scope of personal information that will be stored. If You choose to pay for the Service by credit card, Your credit card details are not stored by the Platform and cannot be accessed by Safe365 staff. Your credit card details are encrypted and securely stored by www.braintreepayments.com (a Paypal Company) to enable Safe365 to bill your credit card automatically on a recurring basis. You can review Braintree
Payments Privacy Policy to ensure you are happy with it.

5. COLLECTION OF PERSONAL INFORMATION
Safe365 may collect personal information about You when You:

• register to use the Platform/Service;
• use the Service;
• post to the Safe365 Community forum or on our blog;
• contact the Safe365 support team;
• visit our Website and/or App;
• through a third party if they provide Your personal information to us when using the Platform (see the section headed “Consent to Provide Personal Information from Third Party” below)

You can always choose not to provide Your personal information to Safe365 (or to give consent to a third party to provide your personal information to us), but it may mean that we are unable to provide You with the Service.
Your information will be held by SAFE365 Limited, Level 1, 17 Falcon Street, Parnell, Auckland 1052, New Zealand.

6. CONSENT TO PROVIDE PERSONAL INFORMATION FROM THIRD PARTY
Through Your use of the Platform, Safe365 may also collect information from You about someone else. If You provide Safe365 with personal information about someone else, You must ensure that You are authorised to disclose that information to Safe365 and that, without Safe365 taking any further steps required by applicable data protection or privacy laws, Safe365 may collect, use and disclose such information for the purposes described in this
Policy.

This means that You must take reasonable steps to ensure the individual concerned is aware of and/or consents to the various matters detailed in this Policy, including the fact that their personal information is being collected, the purposes for which that information is being collected, the intended recipients of that information, the individual’s right to obtain access to that information, Safe365’s identity, and how to contact Safe365.

Where requested to do so by Safe365, You must also assist Safe365 with any requests by the individual to access or update the personal information You have collected from them and entered into the Service.

7. USE OF PERSONAL INFORMATION
Safe365 collects Your personal information so that we can provide You with access to the Platform (including the Service) and any related services that You may request. In doing so, Safe365 may use the personal information it has collected from You for purposes related to the Platform including to:

• verify Your identity;
• administer the Platform (including the Service);
• notify You of new or changed services offered in relation to the Platform (including the Service);
• carry out marketing or training relating to the Platform (including the Service);
• assist with the resolution of technical support issues or other issues relating to the Platform (including the Service);
• comply with laws and regulations in applicable jurisdictions, and
• communicate with You.

We may send you marketing communications and information about products and services that we consider may be of interest to You. These communications may be sent in various forms, including but not limited to, mail, SMS or email, in accordance with and subject applicable marketing laws in Your jurisdiction.

If at any stage You no longer wish to receive these notifications You may opt-out of receiving marketing communications from us by using the opt-out facilities provided (e.g. an unsubscribe link in a promotional email) or contacting us at support@safe365global.com.

We do not provide Your personal information to other organisations for the purposes of direct marketing unless expressly authorised by You.

By accessing and/or using the Platform, You consent to Your personal information being collected, held and used in this way and for any other use that You expressly authorise. Safe365 will only use Your personal information for the purposes described in this Policy or with Your express permission.

It is Your responsibility to keep Your password to the Platform safe. You should notify us as soon as possible if You become aware of any misuse of Your password, and immediately change your password within the Platform or via the “Forgotten Password” process.

If You receive communications from us that You believe have been sent to You other than in accordance with this Policy, or in breach of any applicable law, please contact us.

8. DATA HOSTING PROVIDER
Safe365 uses Microsoft Azure as its data hosting provider and hosts the Platform on servers located in Australia and where You are located in the United Kingdom, on servers located in the United Kingdom (with Microsoft Azure). Except where you are located in the United Kingdom (which means Your information will be stored in United Kingdom), if You are a non-Australian resident, this means that Your personal information will be transferred to
Australia. You can review Microsoft Azure’s Privacy Policy to ensure You are happy with it.

By entering Personal Information into the Platform, You consent to that personal information being hosted on servers located in Australia (and where applicable, on servers located in the United Kingdom). While Your personal information will be stored on servers located in Australia or United Kingdom, it will remain within Safe365’s effective control at all times. The data hosting provider’s role is limited to providing a hosting and storage service to
Safe365, and we’ve taken steps to ensure that our data hosting provider does not have access to Your personal information. They do not control and are not permitted to access or use Your personal information, except for the limited purpose of storing the information. This means that, for the purposes of Australian and New Zealand privacy legislation and Australian and New Zealand users, Safe365 does not currently “disclose” personal information to third
parties located overseas. For the avoidance of doubt, where You are located in the United Kingdom (and Your personal information is stored in the United Kingdom), such information will be stored, used and accessed in accordance with General Data Protection Regulations (i.e. GDPR).

If You do not want Your personal information to be transferred to a server located in Australia or, where applicable, in the United Kingdom, You should not provide Safe365 with Your personal information or use the Service.

9. DISCLOSURE OF PERSONAL INFORMATION
Safe365 will only disclose the personal information You have provided to us to entities outside the Safe365 group of companies if it is necessary and appropriate to facilitate the purpose for which Your personal information was collected pursuant to this Policy, including the provision of the Platform (including the Service).

Safe365 will not otherwise disclose Your personal information to a third party unless You have provided Your express consent. However, You should be aware that Safe365 may be required to disclose Your personal information without Your consent in order to comply with any court orders, subpoenas, or other legal process or investigation including by tax authorities. Where possible and appropriate, we will notify You if we are required by law to
disclose Your personal information.

10. TRANSFER OF INFORMATION TO THIRD PARTY APPLICATIONS
The Platform may allow You within the relevant subscription to the Platform to transfer Subscriber Materials (and other related information and data), including Your personal information, electronically to and from third-party applications.

We advise the service providers of these third-party applications to protect Your information against unauthorised use or disclosure.

Some of these service providers may be located overseas. We take reasonable steps to ensure that the overseas recipients of Your personal information do not breach the privacy obligations relating to Your personal information.
We do not provide Your personal information to other organisations for the purposes of direct marketing unless expressly authorised by You.

You are responsible for checking the privacy policy of any such applications so that You can be informed of how they will handle personal information.

11. PROTECTING YOUR PERSONAL INFORMATION
Safe365 is committed to protecting the security of Your personal information and we take all reasonable precautions to protect it from unauthorised access, modification or disclosure. Your personal information is stored on secure servers that have SSL Certificates issued by leading certificate authorities, and all Subscriber Materials transferred between You, and the Platform is encrypted.

However, the Internet is not in itself a secure environment, and we cannot give an absolute assurance that Your information will be secure at all times. Transmission of personal information over the Internet is at Your own risk.  You should take steps only to enter, or instruct the entering of, personal information to the Service within as secure an environment as possible.

We will advise You at the first reasonable opportunity upon discovering or being advised of a security breach where Your personal information is lost, stolen, accessed, used, disclosed, copied, modified, or disposed of by any unauthorised persons or in any unauthorised manner.

12. ACCESSING AND CORRECTING PERSONAL INFORMATION
It is Your responsibility to ensure that the personal information You provide to us is accurate, complete and up-to-date. You may request access to the information we hold about You, or request that we update or correct any personal information we hold about You, by setting out Your request in writing and sending it to us at support@safe365global.com.

Safe365 will process Your request as soon as reasonably practicable, provided we are not otherwise prevented from doing so on legal grounds. If we are unable to meet Your request, we will let you know why. For example, it may be necessary for us to deny Your request if it would have an unreasonable impact on the privacy or affairs of other individuals, or if it is not reasonable and practicable for us to process Your request in the manner You have requested. In some circumstances, it may be necessary for us to seek to arrange access to Your personal information through a mutually agreed intermediary (for example, the Subscriber).

13. RETENTION OF PERSONAL INFORMATION
We’ll only keep Your personal information for as long as we require it for the purposes of providing You with the Service. However, we may also be required to keep some of Your personal information for specified periods of time, for example under certain laws relating to corporations, money laundering, and financial reporting.

14. USE OF NON-PERSONALLY IDENTIFIABLE DATA AND COOKIES
By using the Service, You agree that Safe365 can access, aggregate and use non-personally identifiable data Safe365 has collected from You. This data will in no way identify You or any other individual.

Safe365 may use this aggregated non-personally identifiable data to:

• assist us to understand better how our customers are using the Platform;
• provide our customers with further information regarding the uses and benefits of the Platform;
• enhance small business productivity, including by creating useful business insights from that aggregated data and allowing You to benchmark Your business’ performance against that aggregated data, and otherwise to improve the Platform (including the Service).

An example of non-personally identifiable data is cookies. In providing the Service, Safe365 utilises cookies. A cookie is a small text file that is stored on Your computer for record- keeping purposes. A cookie does not identify You personally or contain any other information about You, but it does identify Your computer.

We and some of our affiliates and third-party service providers may use a combination of “persistent cookies” (cookies that remain on Your hard drive for an extended period of time) and “session ID cookies” (cookies that expire when You close Your browser) on the Website and App to, for example, track overall site usage, and track and report on Your use and interaction with the Service.

You can set your browser to notify You when You receive a cookie so that You will have anopportunity to either accept or reject it in each instance. However, You should note that refusing cookies may have a negative impact on the functionality and usability of the Platform, Website and App.

If You wish to block, erase, or be warned of cookies, please refer to Your browser instructions or help screen to learn about these functions. You can find more information about deactivating here. However, if a browser is set not to accept cookies or if a user rejects a cookie, this may alter user experience on the 365 Venture Services platform, website and app.

15. EMAIL CORRESPONDENCE
Safe365 sends billing information, product information, Platform and Service updates and Platform and Service notifications to You via email. Our emails will contain clear and obvious instructions describing how You can choose to be removed from any mailing list not essential to the Platform (including the Service). Safe365 will remove You at Your request.

16. COMPLAINTS
If You wish to complain about how we have handled Your personal information, or have any questions or concerns about this Policy, please contact our Privacy Officer with full details and any supporting documentation:

• by e-mail at support@safe365global.com, or
• by letter to The Privacy Officer, Safe365 Limited, Level 1, 17 Falcon Street, Parnell, Auckland 1052, New Zealand.
• Our Privacy Officer will endeavour to provide an initial response to Your query or complaint within 10 business days and investigate and attempt to resolve Your query or complaint within 30 business days or such longer period as is necessary and notified to you by our Privacy Officer.

17. CHANGES TO THIS POLICY
Safe365 may change or update this Policy from time to time.

Any amended Policy will take effect from the date that we post it to this Website / App(and/or the Platform). Safe365 will make every effort to communicate any significant changes to You via email or notification via the Platform.

This Policy was last updated on 1 January 2021.