Privacy Policy

Last Updated: 3 May 2024

This Privacy Policy (Policy) outlines the way in which CATOPCo Pty Ltd (ABN 83 618 711 354) (CATOPCo) and its related entities (the CATOPCo Group) collect, hold, use, share and disclose personal information.  The CATOPCo Group includes CATOPCo, CATIPCo Pty Ltd (ABN 42 622 833 201) and CATINVCo Pty Ltd (ABN 96 668 301 611).  The CATOPCo Group are the developers and distributors of OneTrack.

In this Policy, “we”, “us” and “our” means each member of the CATOPCo Group individually and collectively.

By using our websites, applications and services, or otherwise providing us with your information, you consent to us collecting, holding, using and disclosing your personal information as described in this Policy.  If we are not able to collect, handle, use and disclose personal information about you as set out in this Policy, we may not be able to provide you with our services or with access to our websites or applications.

What personal information do we collect?

The information that we collect depends on the nature of your interactions with us.  We collect both personal information and non-personal information.  In this Policy, personal information has the meaning given to it in the Privacy Act 1988 (Cth), and includes information or an opinion, whether true or not, about an identified individual or an individual who is reasonably identifiable.

We may collect personal information about:

• our clients, business associates, potential clients and their personnel;
• other individuals in the course of providing training services;
• our suppliers and their employees;
• our employees, contractors, former employees, former contractors or prospective employees or contractors; and
• other people who come into contact with a member of the CATOPCo Group.

In general, the personal information we may collect and hold includes name, contact details (including email addresses), occupation, company name, username and password (as applicable), personal preferences, payment details, employment history, education and qualifications, testimonials and feedback, and other information which assists us in conducting our business, providing and marketing our services and meeting our legal obligations.  In some cases, we may also collect ‘sensitive information’, such as information about an individual’s membership of a professional association, criminal record or health information, however we will only do this if we have your consent or the collection is otherwise required or authorised by law.

We may also collect and process data or information provided to us by your browser when you visit our websites or use our applications, for example, the website you came from, your location information, IP address, web browser and/or device type and the time and date of access.  This will generally be de-identifiable data, unless you are a known user of our website or application (for example, having logged in with login credentials).

How do we collect and hold personal information?

We will generally collect personal information:

• from you directly when you provide your details to us (for example, if you license the software from us and provide your contact details, or if you apply for a role with us and provide your resume).  We may also collect information about you directly from:
  • your use of our website or other systems (including via cookies);
  • emails, forms, face-to-face meetings, interviews, registration and attendance at seminars, business cards, online queries, and telephone conversations; and
  • your use of the services available through our websites, applications and social media channels (including our blogs and LinkedIn channels); and
• from third parties in some instances, where this is permitted or required by law. Common examples of such indirect collection include:
  • where we use third parties to analyse traffic at our website, our blogs and social media channels (which may involve the use of cookies), and who may provide us with your personal information;
  • if another third party (such as your employing or engaging organisation or business) provides us with your personal information so that we can create an account or generally enable you to access our website and applications; or
  • if you have applied for a role with us, and we receive an employment reference about you from another person.

How do we protect personal information?

We will take reasonable steps to protect the security of personal information.  Our personnel are required to respect the confidentiality of personal information and the privacy of individuals.  We take reasonable steps to protect personal information held from misuse and loss and from unauthorised access, modification, or disclosure, for example by use of physical security and restricted access to electronic records.  Where we no longer require your personal information, we will take reasonable steps to destroy or de-identify it.

Why do we collect, hold, use and disclose personal information?

The purposes for which we may collect, hold, use, and disclose your personal information will ultimately depend on the way in which we are dealing with you.  However, it will generally be for the primary purposes for which it was collected, including:

• to conduct our business, and host the software we license to our customers;
• to provide and market our products or services;
• to communicate with you to provide or promote our products or services;
• to purchase goods or services;
• to invoice you for your purchase or license of our products or services;
• to use the services of a debt collector if necessary;
• to host and store customer data, or liaise with storage providers to do so;
• to help us manage, develop, and enhance our services, including our websites and applications;
• to consider the suitability of prospective employees;
• to comply with our legal obligations;
• to administer, maintain, support, and provide upgrades to, our services and applications; and
• to communicate with you about courses to which you have subscribed.

We may also use and/or disclose your personal information for other purposes to which you consent, or which are required or permitted by law.  This may include a secondary purpose that is related to a purpose for which we collected it, and for which you would reasonably expect us to use or disclose your personal information.

If you agree to receive marketing communications by signing up on our home page or telling us you want to receive these messages, or if sending marketing communications is otherwise permitted by law, then we may use your email address and mobile number to send you marketing messages. If at any time you would like to unsubscribe from receiving future content, surveys, features or other marketing information or communications, we include in all electronic messages a statement to the effect that you, as the recipient, may send an unsubscribe message to us using the contact details provided in that electronic message.  Otherwise you can contact us at any time at privacyofficer@onetrack.app to unsubscribe or update your preferences.

To whom do we disclose your personal information?

Where reasonably necessary or otherwise required or permitted by the Privacy Act, we may disclose your personal information (including, in certain limited circumstances, your sensitive information) for the purposes for which it was collected (as described above) to:

• other members of the CATOPCo Group;
• external entities who assist us in providing our services and operating our business (including hosting and data storage providers, debt collectors, and marketing and advertising service providers); and
• the public, via social media channels on which we have a presence – if you engage with us via comments or posts, or we are publishing a testimonial or other permitted information about our relationship with our clients and customers (and you are part of or represent that client or customer).

Are we likely to disclose your personal information overseas?

We may disclose your personal information to the following overseas recipients:

• to other members of the CATOPCo Group (including those members located in New Zealand), where permitted (and subject to appropriate confidentiality arrangements);
• to other third parties and contractors who assist us in providing services or who perform functions on our behalf (such as third-party service providers, marketing and advertising services such as Google Analytics). It is possible that some of these providers may, from time to time, be located in the USA;
• to local consultants and advisers in jurisdictions in which we operate, if and as relevant;
• to anyone else to whom you authorise us to disclose it; and
• to anyone else where we are required or authorised by law to do so, including to courts, tribunals and regulatory authorities if required.

Use of cookies

Cookies are small data files transferred onto devices by websites for enhanced functionality and data collection purposes.  We may use cookies or similar digital markers to collect data about your interaction with our services and to analyse traffic at our website, our blogs and social media channels.  Cookies do not access information stored on your device, but they may collect identifiable information about you and your browsing behaviour if you are a known user.  The main purpose of cookies is to improve your experience using our website and ensure our services remain relevant and useful to you.  The data that we collect via cookies may be disclosed to third parties such as Google Analytics for marketing purposes.

By using our website(s), you consent to our use of cookies in accordance with the terms of this Privacy Policy. You are able to control your browser settings to limit the collection of cookies by us; however, if you choose to disable cookies, you may not be able to use certain features of our websites. 

Links to other websites

We may provide links to other websites operated by third parties.  We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website.  If you visit these websites, they will be governed by their own terms of use (including privacy policies).

How can you access and correct your personal information?

Subject to the exceptions set out in the Privacy Act, you may seek access to and correction of the personal information which we hold about you by contacting our Privacy Officer at privacyofficer@onetrack.app.  We will require you to verify your identity and to specify what information you require.  If a fee is charged for providing access, you will be advised of the likely cost in advance.

How can you make a privacy related complaint?

If you have any questions about privacy-related issues or wish to complain about a breach of your privacy or the handling of your personal information by us, please contact our Privacy Officer at privacyofficer@onetrack.app.  We may ask you to lodge your complaint in writing.  Any complaint will be investigated by the Privacy Officer and you will be notified of our decision in relation to your complaint as soon as is practicable after it has been made, usually within 30 days.

If we are unable to satisfactorily resolve your concerns about our handling of your personal information, you can contact the Office of the Australian Information Commissioner:

GPO Box 5218
Sydney NSW 2001
Email: enquiries@oaic.gov.au
Tel: 1300 363 992
www.oaic.gov.au

Updates to this Policy

This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment.  The most current version of this Policy is located at https://www.onetrack.app/privacy-policy/ and can also be obtained by contacting our Privacy Officer at privacyofficer@onetrack.app.