2.2 You should always review the policies of third party products and services to make sure you are comfortable with the ways in which they collect and use your information.
3.1 Add-On: A bundle of code, resources and configuration files that can be used with an Ayra Analytics product to add new functionality or to change the behavior of that product’s existing features.
3.2 Ayra Analytics Services: Ayra Analytics’s Websites, Hosted Products, and On-Premise Products.
3.3 Content: Any information or data that you upload, submit, post, create, transmit, store or display in an Ayra Analytics Service.
3.4 Device: means any computer used to access the Ayra Analytics Services, including without limitation a desktop, laptop, mobile phone, tablet, or other consumer electronic device.
3.5 On-Premise Products: Ayra Analytics software products and mobile applications, including Add-Ons created by Ayra Analytics, that are installed by customers on an infrastructure of their choice. On-Premise Products do not include Add-Ons created by third parties, even when they are accessed through Ayra Analytics Services.
3.7 Personally Identifiable Information (PII): Information that may be used to readily identify or contact you as an individual person, such as: name, address, date of birth, email address, relationships or phone number. PII does not include information that has been anonymised such that it does not allow for the identification of specific individuals.
3.9 Websites: Ayra Analytics’s websites, including but not limited to Ayra Analytics.com.au, support. Ayra Analytics.com.au, help.Ayra Analytics.com.au, payments.Ayra Analytics.com.au and any related websites, sub-domains and pages.
We collect the following information:
(a) Account and profile information: We collect information about you and your company as you register for an account, create or modify your profile, make purchases through, use, access, or interact with Ayra Analytics Services (including but not limited to when you upload, download, collaborate on or share Content). Information we collect includes but is not limited to your name, username, address, email address, phone number, profile photo, job title, or credit card details. You may provide this information directly when you enter it in Ayra Analytics Services.
(c) Content: We collect and store Content that you create, input, submit, post, upload, transmit, store or display in the process of using our Hosted Products or Websites. Such Content includes any PII or other sensitive information that you choose to include (passively-collected PII).
(d) Other submissions: We collect other data that you submit to our Websites or as you participate in any interactive features of the Ayra Analytics Services, participate in a survey, contest, promotion, sweepstakes, activity or event, apply for a job, request customer support, communicate with us via third party social media sites or otherwise communicate with us. For example, information regarding a problem you are experiencing with an Ayra Analytics product could be submitted to our Support Services or posted in our public forums. Any information, including PII, that you submit to our Websites could be visible to the public unless submitted to a secure area in the Website.
There may be some instances where information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
If the information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the service you, or they, are seeking.
6.1 Web Logs: As is true with most websites and services delivered over the Internet, we gather certain information and store it in log files when you interact with our Websites and Hosted Products. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your Devices, your mobile carrier, and system configuration information. In the case of our SaaS Product, the URLs you accessed (and therefore included in our log files) includes but is not limited to elements of Content (such as search terms, class codes on homepage URLs, unique hash tokens) as necessary for the SaaS Product to perform the requested operations. Occasionally, we connect PII to information gathered in our log files as necessary to improve Ayra Analytics Services for individual customers.
6.2 Analytics Information from Website and Hosted Products: We collect analytics information when you use our Websites, On-Premise and Hosted Products to help us improve our products and services. In the On-Premise and Hosted Products, this analytics information consists of the feature and function of the Ayra Analytics Service being used, the domain name, the username and IP address of the individual who is using the feature or function (which will include PII if the PII was incorporated into the username), the sizes and original filenames of attachments, and additional information required to detail the operation of the function and which parts of the Ayra Analytics Services are being affected.
6.3 For example, in Octopus when you create a homepage we collect information about which template was used, what components were added to the page, the position and the settings used on these components. We also collect information about the types of content and media that is uploaded and embedded into Octopus.
6.5 Analytics Information Derived from Content: Analytics information also consists of data we collect as a result of running queries against Content across our user base for the purposes of generating Usage Data. ‘Usage Data’ is aggregated data about a group or category of services, features or users that does not contain PII. For example, we may query Content to determine the most common features or homepage components are used within the system (e.g. what percentage of all instances use the resource booking system effectively) by searching across the Content, or we may query Content to determine which class pages use the course outline homepage component the most to establish the demographic of which year levels use this functionality the most. This is in order to better understand the composition of our user base. Though we may happen upon sensitive or PII as we compile Usage Data from Content across user instances, this is a byproduct of our efforts to understand broader patterns and trends. It is not a concerted effort by us to examine the Content of any particular customer.
6.6 Analytics Information from On-Premise Products: We collect analytics information when you use our On-Premise Products to help us improve our products and services. Our On-Premise Products contain a feature that sends information about the technical operation of the On-Premise Products on your systems (System Information) to us. System Information includes but is not limited to information about:
(a) the server environment in which the Self Hosted Product is operating, for example hardware specification (CPU type, RAM allocation, disk utilisation), version information on all software installed (OS type and version, PHP version and modules installed, database types and versions) and all software configuration (network configuration, database settings, web server settings); as well as
(b) user client information, for example: browser type and version, native client type and version, and client device specifications (e.g. screen resolution, OS version, device type, etc.). In addition, we collect analytics information from On-Premise Products that is a subset of the analytics information described above for Websites and Hosted Products. You can disable our collection of analytics information from On-Premise Products by submitting a support request via our Help Centre or by blocking collection at the local network level.
8.1 General Uses: We use the information we collect about you (including PII to the extent applicable) for a variety of purposes, including to:
(a) provide, operate, maintain, improve, and promote Ayra Analytics Services;
(b) enable you to access and use Ayra Analytics Services, including uploading, downloading, collaborating on and sharing Content;
(c) process and complete transactions, and send you related information, including purchase confirmations and invoices;
(d) communicate with you, including responding to your comments, questions, and requests; providing customer service and support; providing you with information about services, features, surveys, newsletters, offers, promotions, contests and events; providing other news or information about us and our select partners; and sending you technical notices, updates, security alerts, and support and administrative messages. Generally, you have the ability to opt out of receiving any promotional communications as described below under ‘Your Choices’;
(e) process and deliver contest or sweepstakes entries and rewards;
(f) monitor and analyse trends, usage, and activities in connection with Ayra Analytics Services and for marketing or advertising purposes;
(g) investigate and prevent fraudulent transactions, unauthorised access to Ayra Analytics Services, and other illegal activities;
(h) personalise Ayra Analytics Services, including by providing content, features, or advertisements that match your interests and preferences;
(i) enable you to communicate, collaborate, and share Content with users you designate; and
(j) for other purposes about which we notify you.
8.2 Notwithstanding the foregoing, we will not use PII appearing in our Analytics Logs or Web Logs for any purpose.
8.3 Compiling aggregate analytics information: Because our Hosted Products and On-Premise Products are highly configurable, we make extensive use of analytics information (including log and configuration data) to understand how our products are being configured and used, how they can be improved for the benefit of all of our users, and to develop new products and services. As such we generate Usage Data (as defined above) from the web logs and analytics logs described above, including the Content elements captured in such logs, as well as from the Content stored in the Websites and Hosted Products.
9.1 We will not share or disclose any of your PII or Content with third parties except as described in this policy. We do not sell your PII or Content.
9.2 When you use Ayra Analytics Services, Content you provide will be displayed back to you. Certain features of Ayra Analytics Services allow you to make some of your Content public, in which case it will become readily accessible to anyone. We urge you to consider the sensitivity of any data you make public.
9.3 Collaboration: As a natural result of using Ayra Analytics Services, you may create Content and grant permission to other Ayra Analytics users to access it for the purposes of sharing and collaboration. Some of the collaboration features of Ayra Analytics Services display your profile information, including PII included in your profile, to users with whom you have shared your Content. Where this information is sensitive, we urge you to use the various security and privacy features of the Ayra Analytics Services to limit those who can access such information.
9.4 Access by your system administrator: You should be aware that the administrator(s) of your instance of Ayra Analytics Services may be able to:
(a) access information in and about your Ayra Analytics Services account;
(b) disclose, restrict, or access information that you have provided or that is made available to you when using your Ayra Analytics Services account, including your Content; and
(c) control how your Ayra Analytics Services account may be accessed or deleted.
10.1 Our Websites offer publicly accessible community services such as blogs, forums, bug trackers, and wikis. You should be aware that any Content you provide in these areas may be read, collected, and used by others who access them. Your posts may remain even after you cancel your account.
10.2 Service Providers, Business Partners and Others: We work with third party service providers to provide website, application development, hosting, maintenance, back-up, storage, virtual infrastructure, payment processing, analysis and other services for us. These third parties may have access to or process your Information as part of providing those services for us.
10.3 Third party applications: You may choose to make use of third party Add-Ons in conjunction with Ayra Analytics Services. Third party Add-Ons are software written by third parties to which you grant access privileges to your Content (which may include your PII). When access is granted, your Content is shared with the third party. Third party Add-On policies and procedures are not controlled by Ayra Analytics even though the third Party Add-On may be available through Ayra Analytics Services. Third parties who have been granted access to your Content through Add-Ons could use this data to contact you and market services to you, and could share your data with other third parties. Under certain circumstance, Ayra Analytics Services may bundle in third party products.
11.2 Compliance with Laws and Law Enforcement Requests; Protection of Our Rights: We may disclose your Information (including your PII) to a third party if:
(a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request;
(b) to enforce our agreements, policies and terms of service;
(c) to protect the security or integrity of Ayra Analytics’ products and services;
(d) to protect Ayra Analytics, our customers or the public from harm or illegal activities; or
(e) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
11.3 Business Transfers: We may share or transfer your information (including your PII) in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
11.4 Aggregated or Anonymised Data: We may also share aggregated or anonymised information that does not directly identify you with the third parties described above.
We do not share PII about you with third parties for their marketing purposes (including direct marketing purposes) without your permission.
13.1 Ayra Analytics hosts data with hosting service providers in numerous countries including the United States and Australia.
13.2 At the date which this policy became effective, our Hosted Products are securely hosted within the Amazon Web Services (AWS) and Microsoft Azure facilities in Sydney, Australia.
13.3 This is a state-of-the-art data center that has been independently accredited as compliant with the Australian Government’s criteria for information security. As you would expect, the physical security of servers and other infrastructure is tightly controlled according to industry best practice. In addition to a strong security focus, this datacenter has also designed to be resilient to failure, featuring multiple separate power supply systems, independent network links and a range of other measures to ensure servers are always available. You can read more about using AWS and Microsoft Azure in the context of Australian Privacy Considerations.
13.4 The servers on which PII is stored are kept in a controlled environment. While we take reasonable efforts to guard your PII, no security system is impenetrable and due to the inherent nature of the Internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers. In addition, we cannot guarantee that any passively-collected PII you choose to store in Websites or Hosted Products are maintained at levels of protection to meet specific needs or obligations you may have relating to that information. In most instances, where data is transferred over the Internet as part of a Website or SaaS Product, the data is encrypted using industry standard SSL (HTTPS). We recommend you always check whether or not the Ayra Analytics Service is secured via SSL before choosing to transfer your data. Where On-Premise Products are used, responsibility of securing access to the data you store in the On-Premise Products rests with you and not Ayra Analytics. We strongly recommend that administrators of On-Premise Products configure SSL to prevent interception of data transmitted over networks and to restrict access to the databases and other storage used to hold data. We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. Other security safeguards include data encryption, firewalls, and physical access controls to our office and files. Access to information is limited (through user/password credentials and two factor authentication) to those employees of Ayra Analytics who require it to perform their job functions. If we learn of a security systems breach, then we will notify you electronically so that you can take appropriate protective steps. We will also post a notice through Ayra Analytics Services if a security breach occurs.
You may opt out of receiving promotional communications from Ayra Analytics by using the unsubscribe link within each email, or emailing us to have your contact information removed from our promotional email list or registration database. Although opt-out requests are usually processed immediately, please allow ten (10) business days for a removal request to be processed. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding Ayra Analytics’ Services. You may be able to opt out of receiving personalised advertisements from companies who are members of the Association for data-driven marketing & advertising (ADMA), the Network Advertising Initiative or who subscribe to the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising. For more information about this practice and to understand your options, please visit: http://www.adma.com.au/consumer-help/do-not-mail-service/, http://www.aboutads.info and http://www.networkadvertising.org/choices/.
You can request access to amend some of the information we keep about you by requesting this from us via email.
You agree not to use the Ayra Analytics Services in a manner that would violate laws protecting an individual’s privacy rights, health or financial data, including the Australian Privacy Act 1988 including the amended Australian Privacy Principles (APPs).
You agree to apply the EU-U.S. Privacy Shield Framework Principles issued by the U.S. Department of Commerce, located at HTTPS://PRIVACYSHIELD.GOV/ (Privacy Shield Principles) to all data that Participating Company transfers to you that originates from the European Economic Area or Switzerland when that information meets the definition of ‘personal data’ in the Privacy Shield Framework (EEA Data). For clarity, you agree to:
(b) notify Participating Company upon your determination that you can no longer apply the Privacy Shield Principles to EEA Data; and
(c) upon such determination, cease use of EEA Data or take other reasonable and appropriate steps to apply the Privacy Shield Principles to EEA Data.
Ayra Analytics’ privacy procedures are in line with the Australian Privacy Principles. If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your PII to Australia to us. By providing your PII, you consent to any transfer and processing in accordance with this Policy. There may also be other lawful bases of processing your PII.
You may access the personal information we hold about you, upon making a written request. We will respond to your request within a reasonable period. We may charge you a reasonable fee for processing your request (but not for making the request for access).
We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
If you wish to make a complaint about a breach of the Privacy Act, the APPs or a privacy code that applies to us, please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you.
If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner. To lodge a complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.
Telephone: 1300 414 200
Mail: Level 2, 11 York St, Sydney NSW 2000
For more information about privacy in general, you can visit the Office of the Information Commissioner’s website at www.oaic.gov.au.