This policy describes the way UC Architects Pty Ltd (Known as UCA) (including its subsidiaries) manages any personal information that it collects, uses and discloses about those with whom we do business, including visitors of our websites or other public platforms, how to contact us if you have any queries and what your rights and options are. This policy is a public document and will be made available to individuals concerned on our website or through other appropriate channels.
UCA and its subsidiaries are subject to the Australian Privacy Act, including the Australian Privacy Principles, and where applicable, the EU General Data Protection Regulation (GDPR). This policy has been prepared to ensure compliance with these policies and principles.
This Policy covers all personal information that is collected or maintained by UCA and its subsidiaries. Under the Privacy Act, personal information is defined in this context as “information or an opinion, in any form and whether true or not, about an individual whose identity is apparent or can be reasonably ascertained from the information or opinion”. Under the GDPR, personal information is information which relates to an identified or identifiable individual.
Who Is Responsible
UCA or any of its affiliates identified to you as a responsible controller in relevant communication or documentation (“UCA”) will be the responsible controller for any personal data you provide to us in connection with our business relationship.
Information We Collect
This information may include the following categories of data:
Information about individuals who visit our website or other electronic platforms:
- Information about your interests and preferences and other information obtained by website analytics tools , in particular content you view on our websites or other electronic platforms, the date and time that you view this content, the products you purchase or other online services you use (such as downloadable content), mobile device unique identifier and the IP address of your computer and your location information associated with your IP address. We use the information we collect to serve you more relevant content.
Information about individuals who have used our software:
- Details of support calls logged with our service desk which can contain your company details or other information used for debugging purposes;
- Detailed provided to us from filling out contact information on our web site which may include some details of your organization;
- Information about individuals who we have contacted in the past for the purposes of seeking business;
- Information about individuals working for, or associated with, any partner or supplier organizations; or
- Information about individuals who seek employment with UCA and its subsidiaries.
Information about other individuals with whom we are in contact:
- Private or work contact information, such as full name, address, telephone number, mobile phone number, fax number and email address;
- Payment data, such as data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
- Further business information necessarily processed in a business or other contractual relationship with UCA and its subsidiaries voluntarily provided by you, such as orders placed, purchases, services and other business activities, product feedback and any other information you may provide to us;
- Information collected from publicly available resources, integrity data bases and credit agencies; and
- Information we are legally required to collect to comply with our legal or regulatory obligations, which may include information about relevant and significant litigation or other legal proceedings against you or a third party related to you and interaction with you which may be relevant for antitrust purposes.
How We Collect and Use Your Information
This personal information is collected in a variety of ways, including by mail, telephone, email, Internet access, personal contact, and through business activities and events.
At or before the time of collecting your personal information, UCA and its subsidiaries will take reasonable steps to make you aware:
- that we are collecting personal information about you;
- of the purposes for which personal information about you is being collected;
- of the organizations to which personal information about you is usually disclosed, including the countries in which they are located;
- of what happens if you do not provide the required personal information; and of how to access personal information about yourself.
Where your personal information is being collected under the GDPR, UCA and its subsidiaries will also take reasonable steps to make you aware of:
- whether we are required to collect your personal information under a contractual relationship or to comply with our legal or regulatory obligations, or if we are collecting your personal information based on your consent and your right to withdraw your consent at any time; your data subject rights under the GDPR (please see section “Access to and Correction of Personal Information” below);
- your right to lodge a complaint with the relevant data protection supervisory authority; and
- if we intend to use automated decision making, including profiling to process your personal information, and a description of the automated decision making process and consequences.
UCA and its subsidiaries may use your personal information for the following purposes:
- Planning, performing, managing and administering your (or a third party’s to whom you are related) contractual business relationship with UCA, e.g. by performing transactions and orders of products or services, processing payments, performing accounting, auditing, billing and collection activities, arranging shipments and deliveries, facilitating repairs and providing support services or providing you with other services or things you may have requested;
- Maintaining and protecting the security of our products, services and websites or other systems, preventing and detecting security threats, fraud or other criminal or malicious activities;
- Ensuring compliance with our legal and regulatory obligations. This may include sales record-keeping obligations for tax or other purposes and sending required notices or other disclosures, compliance screening or recording obligations (e.g. under antitrust laws, export laws, trade sanction and embargo laws or to prevent white-collar or money laundering crimes). In this context, we may be required to conduct automated checks of your contact data or other information you provide about your identity against applicable sanctioned-party lists and to contact you to confirm your identity in case of a potential match, to record interaction with you which may be relevant for antitrust purposes and to report to or support investigations by competent supervisory, law enforcement or other public authorities;
- Solving disputes, enforcing our contractual agreements and to establish, exercise or defend legal claims.
- Where you have expressly given us your consent or otherwise legally permitted, we may process your personal data also for the following purposes:
- Communicating with you through the channels you have approved to keep you up to date on the latest announcements, special offers and other information about UCA and its subsidiaries’ products, technologies and services (including marketing-related newsletters) as well as events and projects of UCA and its subsidiaries;
We may also use your personal information to market, promote and deliver information security software and services. If you do not want personal information about you to be used as a basis for further contact with you, then please contact us using the link below, and we will respect your wishes.
If your personal information is being processed under the GDPR, where your permission is required for any marketing-related communication, we will only provide you with such information if you have opted in. You may opt out at any time if you do not want to receive any further marketing-related types of communication from us.
Legal basis for our processing under GDPR: We will process your personal data for the above purposes because:
- it is necessary for the performance of a contract with you or in order to take steps at your request prior to entering into such a contract;
- it is necessary for our or a third party’s legitimate interests, always provided that such interests are not overridden by your interests or fundamental rights and freedoms. Our “legitimate interests” include our commercial interests in operating our business in a professional, sustainable manner, in accordance with all relevant legal and regulatory requirements (and bearing in mind our global presence);
- it is necessary to protect your or another person’s vital interests;
- it is necessary for the establishment, exercise or defense of legal claims (for example, to protect and defend our rights or property, and/or the rights or property of our clients);
- for our compliance with our legal obligations; and
- where we have obtained your specific or, where necessary, explicit consent to do so. We will in each case inform you about the processing of your data and your related rights prior to obtaining your consent.
The legal bases for processing of your personal information are set forth in Article 6 of the GDPR.
As a general principle, you will provide us with your personal data entirely voluntary; there are generally no detrimental effects on you if you choose not to consent or to provide personal data. However, there are circumstances in which UCA and its subsidiaries cannot take action without certain of your personal data, for example, because this personal data is required to process your orders, provide you with access to a web offering or newsletter or to carry out a legally required compliance screening. In these cases, it will unfortunately not be possible for UCA and its subsidiaries to provide you with what you request without the relevant personal data.
Technologies We and Our Third Party Advertising Partners Use
UCA and its subsidiaries use technologies such as cookies and pixels to keep track of your activities on our website. A cookie is a small text file that is stored on your device for record-keeping purposes. Session cookies expire when you close your browser. Persistent cookies remain on your device for an extended period of time.
We use persistent cookies to keep track of your activities when you visit our website. You can remove cookies by following directions provided in your Internet browser’s “help” file or clearing out your browser’s cache. You may also decline our cookies if your browser permits, but doing so may interfere with your use of our website.
How We Share Your Information
We may share information with our affiliates within UCA worldwide if and to the extent required for the Permitted Purposes and legally permitted. In such cases, these entities will then use your personal information for the same purposes and under the same conditions as outlined in this policy.
We may share the following information with service providers under contract who help with parts of our business operations, such as fraud prevention, bill collection, marketing, and technology services. We require by contract that our service providers only use your information in connection with the services they perform for us and not for their own benefit.
- data derived from or relating to cookies, tracking pixels and other similar technologies
- aggregated non-identifiable information, such as the number of users who visit our website or the number of users who clicked on a particular page.
We may share information about you if necessary to comply with laws or regulations or in response to a valid warrant/subpoena, court order, or government request, or to protect the rights of UCA and its subsidiaries or others.
With credit reference agencies and other companies for use in credit decisions, for fraud prevention and to collect debts.
Your personal details are not sold or provided to any third party.
If you are a contact person for one of our suppliers, personal information about you may be used by UCAand its subsidiaries in its dealings with the supplier you represent.
Protection and Retention of Personal Information
UCA and its subsidiaries take reasonable steps to protect all personal information we hold from misuse, loss, unauthorized access, modification or disclosure. Access to your information within our organization is restricted to authorized employees and based on a business need to know. We will hold your personal information as long as required to provide you with the products or services, products or information you have requested and to execute and administer your business relationship with us. We are also required to keep certain information (e.g. relating to the business or tax relevant transactions) for certain retention periods under applicable law. Your personal information will be promptly deleted when it is no longer required for these purposes.
Access to and Correction of Personal Information
To obtain access to your personal information that we hold, please contact us at the contact details below. If this information is not accurate or complete, you may ask us to amend it.
Data subject rights under the GDPR
Where we process your personal information under the GDPR, subject to certain legal conditions, you may request access to, rectification, erasure or restriction of processing of your personal information. You may also object to processing or request data portability. In particular you have the right to request a copy of the personal information that we hold about you. If you make this request repeatedly, we may make an adequate charge for this. Please refer to Articles 15-22 of the EU General Data Protection Regulation for details on your data protection rights.
If you have given us your consent for the processing of your personal information, you may withdraw your consent at any time with future effect, i.e. the withdrawal of the consent does not affect the lawfulness of processing based on the consent before its withdrawal. If you withdraw your consent, we will only continue processing your personal information where there is another legal ground or where we are legally required to do so.
For any of the above requests, please send a description of your personal information concerned stating your name, customer number or other identification number (if applicable) as proof of identity to the contact details below. We may require additional proof of identity to protect your personal information against unauthorized access. We will carefully consider your request and may discuss with you how it can best be fulfilled.
If you have a complaint about the way that we have dealt with your personal information, please contact us using the contact details above. If you are not satisfied with the outcome, you may refer the matter to the Office of the Federal Privacy Commissioner at: Website: http://www.oaic.gov.au Phone: 1300 363 992, or if your personal information is being processed under the GDPR, you can complain to the competent data protection supervisory authority in your country. For example, if you are from the UK, you may contact the Information Commissioners Office via their website (www.ico.gov.uk).