This Privacy Policy sets out our commitment to protecting the privacy of personal information provided to us, or otherwise collected by us, when providing our website, services, software and products (Services) or when otherwise interacting with you. In this Privacy Policy we, us or our means all group companies including Capsicum Business Architects Pty Ltd ABN 18 164 655 485, Capsifi UK Ltd and Capsifi USA Inc. This Privacy Policy takes into account the requirements of the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

In addition, please note the following:

  • For individuals in the USA: In addition to the Australian laws, individuals located in the United States of America or any of its territories (USA), may also have additional rights. Addendum 1 outlines the details of the additional rights of individuals located in the USA as well as information on how we process the personal information of individuals located in the USA.
  • For individuals in the UK and EU: In addition to the Australian laws, individuals located in the United Kingdom (UK) or European Union (EU), may also have additional rights. Addendum 2 outlines the details of the additional rights of individuals located in the UK and EU as well as information on how we process the personal information of individuals located in the UK and EU.

The information we collect

Personal information is information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable. The types of personal information we may collect about you include:

  • As a user of our software
    • your username and password; and
    • your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour.
  • As a business contact of a customer of ours
    • your name;
    • your contact details, including your work email address and/or telephone number;
    • your credit card or other payment details (through our third-party payment processor); and
    • the organisation your work for.
  • When you visit our website
    • your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour;
    • your name;
    • your contact details, including email address, street address and/or telephone number;
    • your employer and job title if you sign up for a test drive or trial account;
    • your preferences and/or opinions;
    • information you provide to us through, including through feedback, customer surveys or otherwise;
    • details of products and services we have provided to you and/or that you have enquired about, and our response to you;
    • support requests submitted to us and our response to you;
    • your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour;
    • information about your access and use of our Services, including through the use of Internet cookies, your communications with our online Services, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider;
    • additional personal information that you provide to us, directly or indirectly, through your use of our Services, associated applications, associated social media platforms and/or accounts from which you permit us to collect information; and
    • any other personal information requested by us and/or provided by you or a third party.

Sensitive information: is a sub-set of personal information that is given a higher level of protection. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.

We do not actively request sensitive information about you. If at any time we need to collect sensitive information about you, unless otherwise permitted by law, we will first obtain your consent and we will only use it as required or authorised by law.

How we collect personal information

We collect personal information in a variety of ways, including:

  • Directly: We collect personal information which you directly provide to us, including when you enter into a contract with us for the provision of Services, when you download content from us, through the ‘contact us’ form on our website, when you register for a trial or test drive or when you request our assistance via email, our online chat or over the telephone.
  • Indirectly: We may collect personal information which you indirectly provide to us while interacting with us, such as when you use our website, in emails, over the telephone and in your online enquiries.
  • From third parties: We collect personal information from third parties, such as from your employer where they setup a login for you and details of your use of our website from our analytics and cookie providers and marketing providers. See the “Cookies” section below for more detail on the use of cookies.

Why we collect, hold, use and disclose personal information

Personal information: We may collect, hold, use and disclose personal information for the following purposes:

  • As a user of our software
    • to enable you to access and use our software, including providing you with a login;
    • to contact and communicate with you about our Services, including in response to any support requests you lodge with us or other enquiries you make with us;
    • for internal recordkeeping, administrative, invoicing and billing purposes;
    • for analytics, market research and business development, including to operate and improve our Services and associated applications;
    • to comply with our legal obligations and resolve any disputes that we may have; and/or
    • if otherwise required or authorised by law.
  • As a business contact for a customer of ours
    • to contact and communicate with you about our Services;
    • for internal recordkeeping, administrative, invoicing and billing purposes;
    • for analytics, market research and business development, including to operate and improve our Services and associated applications;
    • for advertising and marketing, including to send you promotional information about our products and services and other information that we consider may be of interest to you;
    • to comply with our legal obligations and resolve any disputes that we may have; and/or
    • if otherwise required or authorised by law.
  • When you visit our website
    • to provide our website to you;
    • to contact and communicate with you about any enquiries you make with us via our website;
    • to allow you to download the content;
    • if you provide us with your email address, for advertising and marketing, including to send you promotional information about our products and services and other information that we consider may be of interest to you;
    • to comply with our legal obligations and resolve any disputes that we may have; and/or
    • if otherwise required or authorised by law.

Our disclosures of personal information to third parties

We may disclose personal information to:

  • third party service providers for the purpose of enabling them to provide their services, to us, including (without limitation) IT service providers such as Xero, Quickbooks, Hubspot, Saas Optics, Fathom and Dropbox, data storage, web-hosting and server providers, email marketing providers such as Mailchimp, debt collectors, couriers, maintenance or problem-solving providers, marketing or advertising providers including Ballantine Digital, professional advisors and payment systems operators;
  • our employees, contractors and/or related entities (this includes sharing personal information between companies within our group for use and disclosure as described in this Privacy Policy in relation to any Services they may provide to you);
  • our existing or potential agents or business partners;
  • sponsors or promoters of any promotions or competition we run;
  • anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;
  • courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
  • courts, tribunals, regulatory authorities and law enforcement officers, as required or authorised by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights; and
  • third parties to collect and process data, such as Google Analytics (To find out how Google uses data when you use third party websites or applications, please see www.google.com/policies/privacy/partners/ or any other URL Google may use from time to time), Facebook Pixel or other relevant analytics businesses; and
  • any other third parties as required or permitted by law, such as where we receive a subpoena.

Overseas disclosure

We may store personal information in Australia or overseas, including in the United States of America. Where we disclose your personal information to the third parties listed above, these third parties may also store, transfer or access personal information outside of Australia, including but not limited to, the United States of America and the United Kingdom.

Unless we seek and receive your consent to an overseas disclosure of your personal information, we will only disclose your personal information to countries with laws which protect your personal information in a way which is substantially similar to the Australian Privacy Principles and/or we will take such steps as are reasonable in the circumstances to require that overseas recipients protect your personal information in accordance with the Australian Privacy Principles.

Your rights and controlling your personal information

Your choice: Please read this Privacy Policy carefully. If you provide personal information to us, you understand we will collect, hold, use and disclose your personal information in accordance with this Privacy Policy. You do not have to provide personal information to us, however, if you do not, it may affect our ability to provide our Services to you and your use of our Services.

Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this Privacy Policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

Anonymity: Where practicable we will give you the option of not identifying yourself or using a pseudonym in your dealings with us.

Restrict and unsubscribe: To object to processing for direct marketing/unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.

Access: You may request access to the personal information that we hold about you.  An administrative fee may be payable for the provision of such information. Please note, in some situations, we may be legally permitted to withhold access to your personal information. If we cannot provide access to your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal. If we can provide access to your information in another form that still meets your needs, then we will take reasonable steps to give you such access.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to promptly correct any information found to be inaccurate, out of date, incomplete, irrelevant or misleading. Please note, in some situations, we may be legally permitted to not correct your personal information. If we cannot correct your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal.

Complaints: If you wish to make a complaint, please contact us using the details below and provide us with full details of the complaint. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take in response to your complaint. If you are not satisfied with our response, you also have the right to contact the Office of the Australian Information Commissioner

Storage and security

We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk.

Cookies

We may use cookies on our website from time to time. Cookies are text files placed in your computer’s browser to store your preferences. Cookies, by themselves, do not tell us your email address or other personally identifiable information. However, they do recognise you when you return to our online website and allow third parties, such as Google, to cause our advertisements to appear on your social media and online media feeds as part of our retargeting campaigns. If and when you choose to provide our online website with personal information, this information may be linked to the data stored in the cookie.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.

Cookie type and purpose Product affected Consequence of not opting-in
Strictly Necessary Cookies

These cookies are needed for our Products to function to provide the features you have requested. They are usually set in response to actions made by you.  For example, this could be remembering your name when logging in.

Website and Software It is not possible to switch these off but you can set your browser to block them.

This may result in some parts of the Product not working.

Performance Cookies

These cookies allow us to collect information on how users interact with our Products. These include Google Analytics and WalkMe cookies.

We can see what pages on our website are popular.

Website and Software If these cookies are switched off we will not be able to identify areas where performance is an issue and where we could improve our Products and your experience.
Targeting Cookies

These cookies collect information about your browsing habits in order to make advertising relevant to you. They remember the websites you have visited, and that information is shared with other parties such as advertisers.

Website If you do not allow these cookies, you will experience less targeted advertising
Social Media Cookies

These cookies are used when you link your account or engage with our content on or through a social media site.

The social network will record that you have done this.

Website If you do not allow these cookies we will not link your activity on our website to your social network.

We cannot control how your social network records your activity

Links to other websites

Our website may contain links to other party’s websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal information which you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.

Amendments

We may, at any time and at our discretion, vary this Privacy Policy by publishing the amended Privacy Policy on our website. We recommend you check our website regularly to ensure you are aware of our current Privacy Policy.

For any questions or notices, please contact us at:

Capsicum Holdings Pty Ltd t/as Capsifi ABN 48 169 407 069

Email: info@capsifi.com

Last update: 20 October 2022

© LegalVision ILP Pty Ltd

 

Addendum 1 – US Addendum to Privacy Policy

Last Reviewed: February 10, 2022

This Addendum supplements, and is part of, the Privacy Policy between you and Capsifi USA, Inc. and applies solely to all users of our Site who are located in the United States of America or any of its territories. Capitalized terms used in this Addendum which are not defined shall have the meanings given to them in the Privacy Policy.

Children Under the Age of 18

Our Site is not intended for children under 18 years of age. No one under age 18 may provide any personal information to or on the Site. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on this Site or through any of its features, register on the Site, make any purchases through the Site, use any of the interactive or public comment features of this Site, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at our Site.

The Children’s Online Privacy Protection Act requires that online service providers obtain parental consent before they knowingly collect personally identifiable information online from children who are under 13 years old. We do not knowingly collect or solicit personally identifiable information from a child under 13 years old without obtaining verifiable consent from that child’s parent or guardian (“Parental Consent”), except for the limited amount of personally identifiable information we need to collect in order to obtain Parental Consent (“Required Information”). Until we have received Parental Consent, we will only use Required Information for the purpose of obtaining Parental Consent. If you are a child under 13 years old, please do not attempt to send any personal information about yourself to us before we obtain Parental Consent, except for the Required Information in the context of the Parental Consent process. If you believe that a child under 13 years old has provided us with personal information (beyond the Required Information) without our obtaining Parental Consent, please contact us.

California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see “Your California Privacy Rights” for more information.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Site, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

  • details of your visits to our Site, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Site; and
  • information about your computer and internet connection, including your IP address, operating system, and browser type.

We also may use these technologies to collect information about your online activities over time and across third-party Sites or other online services (behavioral tracking).
The technologies we use for this automatic data collection, from time to time, may include those technologies enumerated in the bullet points immediately following this sentence.

  • Web Beacons. Pages of our Site may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related Site statistics (for example, recording the popularity of certain Site content and verifying system and server integrity).
  • Google Analytics. Our Site may use a tool called Google Analytics, which collects user information regarding the activities that users engage in while on the Site. Google Analytics collects information such as how often users visit this site, what pages they visit when they do so, and what other sites they used prior to coming to this site. We use the information we get from Google Analytics to improve this site and our outreach efforts. Google Analytics collects only the IP address assigned to you on the date you visit this site, rather than your name or other identifying information. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit this site, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to this site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser.
  • Google Ads & Remarketing. We may use a tool called “Google Ads” to collect information about the use of this site and use this information to serve you more relevant advertisements (“Retargeting”). Google and other third parties may show these advertisements on other Sites that you visit or services you use. These ads shown on other Sites are based on your past visits to this site by using cookies. You may opt-out of Google’s use of cookies by visiting Google’s Ads Settings page.
  • Facebook Tracking Pixel. We may use the “conversion tracking pixel” provided by Facebook to record the efficacy of Facebook’s advertisements and for additional market research purposes. This tool allows us to gather information about your activity after you are redirected to the Site after clicking on an advertisement on Facebook. Facebook or its partners may use a cookie to facilitate the display of advertisements. Facebook may save and process this data and connect it to your account in accordance with Facebook’s Data Policy.
  • Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Site, such as the links you click on. The code is temporarily downloaded onto your Device from our web server or a third-party service provider, is active only while you are connected to our site, and is deactivated or deleted thereafter.

Disclosure of Your Information

We may disclose aggregated or anonymized information about our users without any restrictions. We will not share your personal information that we collect, or that you provide as described in this Policy, except as described in the section titled “Our disclosures of personal information to third parties.”

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with control over your information as detailed in the bullet points immediately following this sentence.

  • Cookies & Other Tracking Technologies. You may be able to set your browser to reject cookies and certain other technologies by adjusting the appropriate settings in your browser. Each browser is different, but many common browsers have preferences that may be adjusted to allow you to either accept or reject cookies and certain other technologies before they are set or installed, or that allow you to remove or reject the use or installation of certain technologies altogether. We recommend that you refer to the “Help” menu in your browser to learn how to modify your browser settings. Please note that you cannot remove Flash cookies simply by changing your browser settings. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s Site. If you disable or refuse cookies, please note that some parts of the Services may become inaccessible or may not function properly.
  • Promotional Communications from the Company. If you do not wish to have your contact information used by the Company to promote our own or third-party products or services, you can opt-out by: (i) informing us of your preference at the time you register for an account; complete an order form, sign up for our newsletter, or complete any other form on or through the Services which we collect your data; (ii) modifying your user preferences in your account profile by checking or unchecking the relevant boxes; (iii) following the opt-out instructions in the promotional emails we send you; or (iv) sending us an email stating your request. Please note that if you opt-out of receiving promotional communications from us, we may still send you transactional communications, including emails about your account or purchases.
  • Location Information. You may be able to adjust the settings of your device so that information about your physical location is not sent to us or third parties by: (a) disabling location services within the device settings; or (b) denying certain Sites or mobile applications permission to access location information by changing the relevant preferences and permissions in your mobile device or browser settings. Please note that your location may be derived from your WiFi, Bluetooth, and other device settings. If you have questions about how to disable your device’s location services, we recommend you contact your mobile service carrier or your device manufacturer.

Your California Privacy Rights

Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal customer information which we share with our affiliates and third parties for marketing purposes and providing contact information for such affiliates and third parties. If you are a California resident and would like a copy of this notice, please submit a written request to the contact address below.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at info@capsifi.com.

 

Addendum 2 – UK addendum to Privacy Policy

Capsifi is committed to ensuring the privacy and confidentiality of your personal information, and to protect it from unauthorised access and disclosure.

The purpose of this Privacy Policy is to clearly communicate to you how Capsifi handles your personal information to provide you with information about our products and services, and to comply with legal obligations. This Privacy Policy applies to all websites owned or operated by Capsifi and our apps and services, as amended from time to time. This Privacy Policy together with our, terms and conditions of use of the website and our Data Processing Agreement will give you a better and more complete understanding of the type of personal information that Capsifi holds about you and the way we handle that information.

Capsifi complies with the Data Protection Act 1998, the UK GDPR and the General Data Protection Regulation 2016/679 (“GDPR”) and any local or European laws on data protection, as amended from time to time.

What information will we collect?

Personal data may be collected, stored and used when visiting our website, registering for a trial, or placing an order. The personal information that you are asked to provide, and the reasons why you are asked to provide it, will only be used in ways described in this policy.

Information you provide

  • When visiting our website

If you choose to contact us through either of these sources, information you provide such as your name, email address or telephone number and any other information you choose to provide us with will also be stored.

  • Account registration

When registering for an account/trial, details that you provide to us to create a user account and provide you with trial access to the software. The registration requires you to provide us with personal contact information, such as your name, company name and email address.

Use of Cookies

We use cookies on our site, you can read more about how we use cookies and how you can change your preferences on our cookies page.

Purpose for processing

Your data will be processed only for specified, explicit and legitimate purposes. We collect and process the personal data detailed in this policy, and the purposes for which we process personal data will be informed to data subjects at the time that their personal data is collected.

We may, from time to time, use your personal data for reporting and for making improvements to our services; in such instances we will always ensure an individual cannot be identified.

Your personal data may be transferred to our trusted third party processors, this will be for purposes such as: enabling payments, hosting of our servers, project management tools and customer relationship management system.

Our trusted third party processors are contractually bound to keep your information confidential and use it only for specified, explicit, and legitimate purposes.

Some messages from us are service-related and necessary for customers. You agree that we can send you non-marketing emails or messages, such as those related to transactions, your account, security, or product changes/updates.

If we intend to use any data provided by yourself for marketing purposes, such as sending updates or information relating to the product, we will always make this clear and offer an ‘opt out’ should you wish not to receive such information.

If you have agreed that we can use your information for marketing purposes, you can change your mind easily, via one of these methods:

Send an email to: info@capsifi.com

We will never lease, distribute or sell your personal data to a third party without requesting your prior permission. We will only transfer your data to other third parties without informing you separately beforehand in the exceptional cases where we are either legally required on important public interest grounds, or for the establishment, exercise or defence of legal claims.

Data quality

If we collect your personal information from our Website we will process it in a way that is adequate, relevant and limited to what is necessary in relation to the purposes for why it is processed. We will maintain and update your information as necessary to keep it accurate or when you advise us that your personal information has changed. We will keep your information in a form which permits your identification for no longer than is necessary. We will hold personal information collected from web enquiry forms for a period of 12 months from when the enquiry is closed.

Lawful Basis for processing personal data

Our lawful basis for collecting and processing the personal data described in this policy will depend on the type of personal information concerned and the specific context in which we collect it. However, we will generally only collect personal information from you where either;

  • We need the personal information to perform our obligations under a contract with you
  • The processing is in our legitimate interest and not overridden by your rights
  • You have given your consent to do so
  • We have a legitimate interest in operating our services, for example when responding to your queries, improving our services, or undertaking direct marketing.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not.

Security of your data

Protecting personal data from unauthorised access, loss or alteration is of the utmost importance to us. All visitor records, photos, account data, configuration data and contact information is stored in AWS Tier 4 data centres. Servers are updated with the latest security patches during scheduled routine maintenance.

Where will your personal data be processed?

Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Policy.

Sometimes we will need to share your personal data with third parties and suppliers outside the European Economic Area (EEA), this will be for purposes such as: enabling payments, project management tools, back-office functions and our customer relationship or accounts management system.

Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data, where approved transfer mechanisms are in place to protect your personal data. If you wish for more information about this, please contact info@capsifi.com

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

How long will we hold your data?

The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it – for example, to provide you with a service or to comply with applicable legal, tax or accounting requirements.

Data will be retained for as long as your account is active and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policy. Following that period, we’ll make sure it’s deleted or anonymised.

Capsifi visitors

Please note that we are acting as a ‘data processor’, our customer will be the ‘data controller’ and will assume responsibility for the processing of personal data and how long that is held for. We have to act upon our customer’s instructions regarding data retention. Data will be stored in encrypted backups for 14 days after the retention period in a location selected by the customer.

Data subject rights

It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, or send your request to info@capsifi.com

You also have rights to:

  • Know what personal data we hold about you, and to make sure it’s correct and up to date
  • Request a copy of your personal data, or ask us to restrict processing your personal data or delete it
  • Object to our continued processing of your personal data
  • You can exercise these rights at any time by sending an email to info@capsifi.com

If you’re not happy with how we are processing your personal data, please let us know by sending an email to info@capsifi.com. We will review and investigate your complaint, and get back to you within a reasonable time frame.

You can also contact the Information Commissioner’s Office on 0303 123 1113

or visit their website: https://ico.org.uk/make-a-complaint/.

Alternatively for further information about data protection law you can contact the information Commissioner’s Office Directly on 0303 123 1113 or at https://ico.org.uk/

Ready to get started?

We are ready to answer your questions and can’t wait for you to experience our Capsifi Digital Business Platform first-hand. Select one of the contact options and we’ll be in touch with you in no time.

Gartner report

Capsifi named a Leader in the 2021 Gartner® Magic Quadrant™ for Enterprise Architecture Tools

Download your copy