At Devicie we are passionate about helping organisations to protect people’s personal information, whether it be data about their employees, suppliers, partner companies, customers or third parties. And we’re equally committed in applying those principles to our own business.
However, we also want you to be aware that no security measures are 100% effective, and despite our very best efforts, there is always a risk that your information could end up in the wrong hands. Should that happen, and as soon as we become aware it has happened, we will immediately let you know and do what we reasonably can to protect you from any harm that could arise. We will only process your personal data for the purposes necessary to provide our services to you, and in compliance with applicable data privacy laws including The Privacy Act 1988 (Cth. Australia), and the General Data Protection Regulation (EU) 2016/679 (GDPR).
This website is operated by Devicie Pty Ltd. with registration number ABN 84 638 067 188 of 320/1 Bryant Drive, Mariners Centre of Excellence Building, Tuggerah NSW 2259 (Devicie).
We respect your privacy
Devicie respects your right to privacy and is committed to safeguarding the privacy of our customers and website visitors. We will only process data in compliance with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth), the California Consumer Privacy Act of 2018 ( CCPA), the EU GDPR (the General Data Protection Regulation (EU) 2016/679, as amended from time to time), and the UK GDPR and the Data Protection Act 2018 where applicable and as incorporated into local laws and as amended from time to (Data Privacy Laws).
1. Collection of personal information
Devicie will, from time to time, process and store personal data that is collected automatically by our website, provided to us directly from you or given to us in other forms in connection with providing our services to you. We may process various types of personal data which include but are not limited to :
Your name, last name, business name and business information, email addresses, usernames, device ID (computer and phone), device configuration data, cookie data or other voluntarily submitted personal data on an opt-in basis.
2. How we collect your personal information
3. Lawful basis of processing
When collecting your personal data, we are required to have a lawful basis for doing so under the Data Privacy Laws. There are different lawful bases that we can rely on, depending on what personal data we process and why we process it.
The legal bases that we rely on are:
Consent – when you provide explicit consent to the processing of your data for a specific purpose. This is the basis we rely on when you voluntarily provide your details to us such as when you create an account, sign up to use our services or opt-in to our marketing list.
Legal obligation – when our use of your personal data is necessary to comply with the law (excluding contractual obligations), for example, to enable us to comply with any equality, accounting or tax laws.
Legitimate interest – when our use of your personal data is necessary for our own or a third-party’s legitimate interests to provide our services to you (unless there is a good reason to protect your personal data which overrides our legitimate interests and that your privacy rights are not compromised).
Performance of contract – when our use of your personal data is necessary to enter into a contract with you in order to provide our services to you.
4. Use of your personal information
5. Disclosure of your personal information
Unless you ask us not to, we may disclose your personal data to any of our employees, officers, insurers, professional advisers, agents, suppliers or sub-contractors to send you service-related communications, to send you marketing communications, to process payments, to ensure security and compliance as well as to improve and provide our services to you. Personal data is only supplied to a third party to the extent that it is necessary for the delivery of our services and for marketing purposes subject to your consent.
6. Security of your personal information.
Devicie is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
Devicie operates a security programme in accordance with the AICPA SOC2 programme incorporating the Trust Services Criteria relating to security, availability, and confidentiality. This programme has been independently audited as compliant to SOC2 Type I, and will be audited to the Type II standards in Q4 2022.
Devicie also operates its privacy programme aligned with the prevailing GDPR (EU and UK) and CCPA standards to ensure the safety and security of personal data.
Devicie’s Data Breach Policy is available on request.
7. Your data protection rights
You may request details of personal data that we hold about you in accordance with the provisions of the Data Privacy Laws. If you would like a copy of the personal data, which we hold about you or believe that any personal data we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at [email protected]. If you are an EU citizen please contact us at [email protected] and if you are a UK citizen please contact us at [email protected]. We reserve the right to refuse to fully comply with your request relating to your data protection rights in certain circumstances where Data Protection Laws prohibits us from doing so.
Under GDPR you have the following rights :
The right to access the personal data we hold about you;
The right to have your personal data erased;
The right to have your personal data amended;
The right to restrict the processing of your personal data for certain activities;
The right to object to the processing of your personal data for activities based on automated decision-making; and
The right to have your personal data transferred from our systems to a third-party compatible system by contacting us at [email protected].
Devicie’s Policy on Handling Data Subject Requests (GDPR) is available on request.
8. International Data Transfers
Under Data Privacy laws, we can only transfer personal data from the EU and UK to a country outside the EEA or the UK where:
The European Commission or the UK government has decided that the particular country ensures an adequate level of protection of personal data (“adequacy decision”) further to Article 45 of the EU and the UK GDPR;
There are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you; or
A specific exception applies under relevant Data Privacy Laws.
Where we transfer personal data from the EEA and UK outside the EEA or the UK, we do so on the basis of an adequacy decision or (where such is not available) on the basis of Standard Contractual Clauses as approved by the European Commission approved EU Commission Decision 2021/914/EU of 4 June 2021 and the UK Addendum as approved by the Commissioner’s Office under s.119A(1) of the Data Protection Act 2018.
10. When you visit our website
11. Contacts - Devicie UK and EU Privacy Representatives
Devicie has appointed the following to act as our UK and EU Representatives regarding Privacy.
UK Representative – GRCI Law Limited
EU Representative – IT Governance Europe Limited
If you wish to exercise your rights under the UK General Data Protection Regulation (GDPR) or have any queries in relation to your rights or privacy matters generally please email our Representative Helen Pettit at [email protected] or at GRCI Law Limited Registered number 11311669 of Unit 3, Clive Court, Bartholomew’s Walk, Cambridgeshire Business Park, Ely CB7 4EA, UK.
Similarly, if you wish to exercise your rights under the EU General Data Protection Regulation (EU GDPR), or have any queries in relation to your rights or general privacy matters, please email our Representative Dr Loredana Tassone at [email protected] or at IT Governance Europe Limited (ITG EU), Registered number 509421 and of 6th Floor, South Bank House, Barrow Street, Dublin 4, Eire
If you have any complaints about our privacy practices, please feel free to send in details of your complaints by email to [email protected] or mail to 320/1 Bryant Drive, Mariners Centre of Excellence Building, Tuggerah NSW 2259. We take complaints very seriously and will respond shortly after receiving written notice of your complaint.
Last Updated 4 January 2023