Privacy Policy
Last updated: 27 February 2023
Table of Contents
Background
Thanks for visiting our Privacy Policy (Policy), we are Sahelay Pty Ltd of 27/44 St Georges Terrace, Perth WA 6000 (Sahelay, we, our, us and other similar terms). We are committed to providing quality services to you and this Policy outlines our ongoing obligations in respect of how we manage your Personal Information.
Personal Information means information or an opinion about an identifiable individual (not a company), whether or not that information or opinion is true or in a material form.
⚠️ Disclaimer
While your privacy is important to us, nothing in this Privacy Policy constitutes a voluntary opt-in to any privacy laws, anywhere in the world, which we are not statutorily bound to comply with.
Collection of Personal Information
How Sahelay collects Personal Information
We collect Personal Information in the ordinary course of our business, which includes the provision of our cloud based backup and data administration software, along with related consulting services.
📋 Personal Information is collected when you:
- Contact or correspond with us via email, telephone or via our website
- Purchase or enquire about our software or consulting services
- Configure and use our software, including third party integrations
- Seek support in relation to our software
- Make customer service related enquiries
Information will only be collected directly from you unless you authorise another person to provide the information.
What Personal Information is collected?
The types of Personal Information we collect include:
- Your name, address, telephone number, email
- IP address and device identification
- Security credentials of third party integrations
- Any additional information you provide or transmit via our software
Where you contact us on behalf of your employer, certain employment information is collected.
How Sahelay Uses Personal Information
Why we collect Personal Information
We collect your Personal Information for the primary purpose of providing our software and consulting services to you.
🎯 Examples of use include:
- Informing you about our software
- Providing you with the software you have requested
- Administration of your account
- Dealing with requests, enquiries or complaints
- Legal, governmental or regulatory compliance
Direct Marketing
Where you provide us with consent to do so (e.g. if you have subscribed to our email lists), we may send you marketing communications by email about our services.
💡 You can opt-out of such communications at any time using the "unsubscribe" facility provided in the communication itself.
Data Retention and Security
Security mechanisms we employ
Generally, we store your Personal Information using secure servers protected from unauthorised access, modification and disclosure.
🔒 Security measures include:
- Username and password authentication
- Multi-factor authentication
- Data encryption (such as SSL) where appropriate
- Working with security-compliant service providers
Our business information systems are located in Australia and are managed by us and our service providers. However, we have cloud providers throughout the world which we select based on our clients' individual needs.
How long we keep your Personal Information
We retain your Personal Information for as long as is necessary to provide our software to you, as required for our internal business operations, and to comply with our legal obligations.
⏱️ Note: Under Australian law, financial records must be retained for 7 years after the transactions are completed.
If you request erasure of your Personal Information, we will retain information from deleted accounts as necessary for our legitimate business interests, to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations, enforce terms of service and take other actions permitted by law.
Disclosure of your Personal Information
Who we share your Personal Information with
Your Personal Information may be disclosed to:
- Third party cloud service providers and storage providers you integrate with
- Our employees, related companies and professional advisers
- Regulators and government authorities for compliance
- Third parties to enforce or defend our rights
- Business associates including:
- Payment gateway providers
- Administration service providers
- Marketing service providers
- Information technology service providers
We will not disclose your Personal Information other than in accordance with this Policy without your consent.
Offshore transfers
Our engagement of service providers, such as those who operate cloud services, may have international data centres and disaster recovery sites. Consequently, these providers may have access to your information offshore. We rely solely on reputable organisations for such cloud services.
Access to Personal Information and Corrections
We endeavour to only hold Personal Information that is accurate, complete and up-to-date.
✅Your rights include:
- Request access to Personal Information we hold about you
- Request corrections of any errors in that data
- Update or correct information via your account
In order to protect your Personal Information, when you contact us, we may require identification from you before releasing the requested information or making the correction.
Additional Rights for EU Residents and Citizens
For the purposes of the GDPR, we are both a 'data controller' and a 'data processor' of Personal Information. If you're a citizen or resident of the European Economic Area, the following rights apply to you.
🇪🇺 Your GDPR rights include:
- Data portability (transfer in machine-readable format)
- Right to erasure
- Restrict processing
- Object to processing based on legitimate interests
- Withdraw consent where given
These rights are limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your Personal Information.
If you have unresolved concerns, you also have the right to complain to data protection authorities in the country of your habitual residence, place of work, or where you consider the alleged infringement has occurred.
Communications and Privacy Concerns
Your privacy is important to us. If you have any complaints, concerns or questions about our handling of your Personal Information, we ask that you first contact our privacy officer.
📧 Privacy Officer Contact
Email: marcus@sahelay.com
Post: 27/44 St Georges Terrace, Perth WA 6000
If, after we have conducted our investigations you are still not satisfied, then we ask you to consult with the Office of the Australian Information Commissioner:
🏛️ Australian Information Commissioner
Email: enquiries@oaic.gov.au
Telephone: 1300 363 992 (from overseas +61 2 9284 9749)
Post: GPO Box 5218, Sydney NSW 2001
Variations to this Policy
We will need to change this Policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
When we do change the Policy, we'll make sure to notify you about such changes, where required. A copy of the latest version of this Policy will always be available on this page.