PRIVACY POLICY

Introduction
The privacy of your data is important to FYI Software Pty Ltd (“FYI”, “Us”, “We” or “Our”). We are a Australian based business providing cloud-based document management solutions for small-to-medium sized businesses all around the world.
This privacy policy (the ”Privacy Policy” or “Policy”) was created to inform customers (”You”) of how FYI will collect and use your information and the choices you can make about the way your information is collected and used. If you can’t be identified, then this Policy doesn’t apply to you.
We will never sell your Personal Data to anyone.
This Privacy Policy may need to be updated from time to time. If there is significant change, we’ll let you know via email.
Definitions
“Client” means a customer of FYI.
“Client Data” means Personal Data, addresses, reports, files, folders or documents in electronic format that a User of the Service stores within the Service.
“Personal Data” means any information relating to a natural person that may be used to identify them such as their name, email, address, telephone number, payment information, support queries, comments on our website, and so on.
“Service” means the FYI applications and websites provided by FYI.
“User” means an employee, agent or representative of the Client who uses the applications of the Service.
“Visitor” means a person who is not a User who accesses Our website (www.webstaging.fyidocs.com).
The Information We Collect
We collect different types of information when you visit our websites or use our Services. How we collect Personal Data can be broadly categorised into the following:
User provided information. This is information that is provided directly from a User or Visitor when they access parts of our websites or Services. It includes, but is not limited to, name, email address, phone number, physical and postal address, credit card or other billing information. Examples of when User provided information may be collected include signing up for a trial, applying for a job, responding to an email, participating in training or events we run, contacting us with questions, requesting support or connecting with us on social media. If you don’t want to provide us with Personal Data you don’t have to but it may mean you can’t use some parts of our websites or Services.
Client provided information. Client Data may be uploaded or stored in the Service by a Client or a User. FYI has no direct relationship with the individuals whose Personal Data it hosts as part of the Client Data. Clients are responsible for their own privacy policy and ensuring that their customers are notified of the purpose for which their Personal Data is being processed in the Service.
Automatically collected information. When a User or a Visitor accesses Our websites or Services, We may collect information automatically. This information may include IP address, web browser, device type, operating system, content being accessed, dates and times of access or use of the Service. We may also collect information about a Visitor’s or User’s interaction with email messages such as whether the email has been opened, clicked on or forwarded by the User or Visitor.
Other sources. It’s possible that We will obtain information from third parties, including Personal Data. Third parties could include our reseller partners, trade show organisers or marketing and research partners. Any Personal Data provided by a third party will be treated as any other Personal Data in accordance with this Policy.
How We Use The Information We Collect
For any Personal Data that we collect, we’ll only process it:

  • To perform a contract with you, or
  • Where we have a legitimate interest to process the Personal Data and that is not overridden by your rights, or
  • Where we have a legal obligation to do so, or
  • Where we have your consent.

If we don’t collect your Personal Data we may be unable to provide you with all of our Services.
If you are not a User or Visitor of Our websites or Services but believe that a Client of Ours has entered your Personal Data into our websites or Services as a part of their Client Data then this Privacy Policy does not apply to you. This provision does not apply to Personal Data that is a part of Client Data. The management of Client Data is subject to the Client’s own Privacy Policy and any requests to access, amend or delete this Personal Data should be made directly to the Client responsible for uploading such data into the Service. If the Client requests in writing that we remove the Personal Data we will respond within thirty days. If we have a legal right to retain such Personal Data we will not delete it. We also reserve the right to retain a copy of the data for archiving and backup purposes or to defend our rights in litigation.
We use the information that we collect to operate our websites and provide you with Our Services that you have requested. We may also use your Personal Data other ways, including:
Operations. We use information, other than Client Data, to operate, maintain, enhance and provide all features of the Service. We do this to provide you with the services and information that you request, to provide support and respond to your comments and questions. We only access Client Data upon directions from the applicable Client or User.
Improvements. To provide the best possible service we use the information to analyse and understand how Users and Visitors use the Services so they can be improved, and new features, functionality, services or products can be developed.
Communications. We may use a User or Visitors email address or phone number to communication directly with them. Communications will be for, but not limited to, providing support, answering questions, informing Users and Visitors about updates to the Service, addressing issues of privacy, intellectual property violations or deformation and for providing information about promotions and upcoming events. You may opt out of promotional communications as “Your Rights” below.
Tracking. We automatically collect information about the Service using cookies and other technology to better customise the Service for you. We use the information to monitor and analyse the Service performance, collect metrics about visits to our website and functionality being used and track the effectiveness of Service email notifications and marketing initiatives. Whenever you visit and interact with our Service, you accept that we automatically receive and record information on our server logs from your browser including your IP address, “cookie” information, and the page you requested. “Cookies” are identifiers we transfer to your computer or mobile device that allow us to recognize your browser or mobile device and tell us how and when pages and features in our Service are visited and by how many people. You may be able to change the preferences on your browser or mobile device to prevent or limit your computer or device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features.
Analytics. We use Google Analytics to analyse the effectiveness of our websites www.webstaging.fyidocs.com. Google has its own privacy policy and we strongly recommend that you review this. We do not collect personal data from Google Analytics so cannot identify individual Users or Visitors from this. To find out more about data privacy at Google please visit https://support.google.com/analytics/answer/6004245.
How We May Share Your Data.
From time to time we may need to share your Personal Data with others. We will only disclose this information to:
Service Providers. We use tier one service providers to provide us with database and infrastructure hosting, maintenance, web and application services. They may access Client Data or Personal Data as part of their processes in supplying those services to us. We limit the information that we supply them to only that necessary to provide the services we require from them.
Law Enforcement and Regulators. We may be required to provide Personal Data to law enforcement and government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws and regulations. We reserve the right to disclose Personal Data or other information that we believe, in good faith, is appropriate or necessary to defend our legal rights.
Change of Ownership. Should there be an actual or potential change in ownership we may share Personal Data with the buyer, its agents and advisors for any purchase, merger or acquisition of any part of Our business if the recipient has a privacy policy that has terms substantially consistent with this Privacy Policy.
Any Other Person. Only where we have your express consent.
Your Rights.
You have the right to keep your Personal Data provided to use the Service private. You may decline to share certain Personal Data with us. In doing so we may not be able to provide some features or functionality of the Service to you.
Access To Your Information. You have the right to request to see all Personal Data that you may have provided to us using the Services. You may also amend any Personal Data that we hold about you or request that we delete such Personal Data. To request to view, amend or delete your Personal Data you may contact us as described in the “Contact Us” section of this privacy policy. You may object to the processing of any of your Personal Data at any time on legitimate grounds except if otherwise permitted by applicable law.
Opting Out. You may opt out from the collection of navigation information about your visits to our websites by Google Analytics using the Google Analytics opt out feature – https://tools.google.com/dlpage/gaoptout. You may also opt out of any commercial communications you are receiving from us by ether using the opt out instructions included in any emails or by contacting us as described in the “Contact Us” section of this Privacy Policy. Even after opting out of receiving commercial information you will continue to receive administrative communications from us about the Service.
Complaints. If you’re not happy with how we’re processing your Personal Data you have the right to complain. This may be done by contacting us as described in the “Contact Us” section of this Privacy Policy. We will review and investigate you complaint then get back to you within a reasonable time frame. You may also complain to your local data protection authority.
Data Security.
We follow generally accepted industry standards to protect Personal Data and Client Data both while being transmitted to us and once received. These standards are also used to protect such data against accidental or unlawful destruction, loss, alteration, disclosure, misuse or processing while in our possession.
No method of transmission or storage of data is 100% secure. We cannot warrant the security of any information you transmit to us or store in the Service and you do so at your own risk. We also cannot guarantee that such information will not be accessed, amended, destroyed or disclosed due to a breach of our technical and physical safeguards. If you believe that your data has been breached, please contact us as described in the “Contact Us” section of this policy.
If we learn of a security breach we will inform you and the relevant authorities of this in accordance with applicable law. Data Retention.
We retain Personal Data collected for as long as we have a relationship with you and for a period of time afterwards where we have a need to retain it as per our data retention policies. Once we have finished with the Personal Data we either delete or anonymise it.
The length of time that we retain Personal Data depends on what that data is and whether we have a need to keep it in order, for example, to continue to provide you with a service you’ve requested or to comply with any accounting, tax or legal requirements.
Information Processing And Transfers For Data Subjects In The European Economic Area (“EEA”)
European Union Regulation 2016/679 of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“EU GDPR”), requires Us to provide additional and different information about its data processing practices to data subjects in the European Economic Area (“EEA”). If you are located in a member state of the EEA and access our Service, or otherwise provide us with your personal data in-person, or via phone, email or mail, this policy applies to you.
As an individual in the EEA, we collect and process information about you where we have legal bases for doing so under EU laws. We only collect and use the information when:

  • We need it to provide you the Services, including operating the Services, provide customer support and personalize features as well as for safety and security processes;
  • It serves a legitimate interest (which is not overridden by your data protection interests), such as for research and development, for marketing and promotion and to protect our legal rights and interests;
  • You have given us consent to do so for a specific purpose; and
  • We need the information to comply with legal obligations.
  • If you have given consent to our use of your information for a specific purpose, you can change your mind at any time, but this will not affect any processing that has already taken place. You have the right to object to the use of your information, but this may mean that the Service might no longer be available to you.

Contact Us
Should you have any questions or comments about this policy, your Personal Data that we store and how we use it please contact us on privacy@webstaging.fyidocs.com.