Welcome to Australasian Internet Promotions and our website at www.auspromotion.com. This GDPR Compliance Statement sits in line with our Privacy Policy, is supplemental and applies to all European Union Citizens and citizens of other countries that are using our website and online marketing services (our “Services”). Accordingly, we apply and voluntarily adhere to all data processing procedures (e.g., collection, processing, and transmission) as set out in Regulation (EU) 2016/679 (General Data Protection Regulation) (“GDPR”).
Nothing in this Statement is intended to contradict or limit the applicability of the information provided in our Privacy Policy.
The following provides you, as set out in Art. 13 GDPR, with an overview of the type of data collected and how it is used and passed on, the security measures we take to protect your data and how you can exercise your rights.
The Controller
The responsible entity according to Art. 24 GDPR is Australasian Internet Promotions, a Division of Cybermark Communications with ABN 64 538 791 512 operated by David G. Taylor B.Sc.(“AusPromotion.com”, “we”, “us”, or “our”).
Contact
You may contact us using david@auspromotion.com, or call +61 422 656 006 if you:
- have any questions about this Policy Statement,
- wish to file a complaint about a possible violation of data protection laws,
- have any requests related to your rights, and
- wish to access, correct incomplete, inaccurate or outdated data.
Please note that deletion of information essential to account management and services may result in termination of services provided to you.
In the event that you wish to make a Data Subject Access Request, you may inform us in writing of the same. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days, we will tell you why and when we will be able to respond to your request. If we are unable to provide you with any Personal Information or to make a correction requested by you, we will tell you why.
Your Rights
First of all, we would like to inform you about your rights as a data subject. These rights are standardised in Art. 15 – 22 GDPR and include:
- the right to information (Art. 15 GDPR),
- the right to erasure (Art. 17 GDPR),
- the right to rectification (Art. 16 GDPR),
- the right to data portability (Art. 20 GDPR),
- the right to restriction of data processing (Art. 18 GDPR),
- the right to object to data processing (Art. 21 GDPR).
To assert these rights, please contact us.
You also have the right to lodge a complaint with a data protection supervisory authority. While Australia has its own Data Protection Supervisory Authority, namely the Office of the Australian Information Commissioner (OAIC) (www.oaic.g), you may in accordance with Article 77(1) GDPR complain to your local Data Protection Supervisory Authority. We would, however, appreciate the chance to deal with your concerns in the first instance.
Legal Bases for Processing
The processing of your Personal Data may be based on the following legal grounds:
- 6 (1) lit. a) GDPR serves as our legal basis for processing operations where we obtain your consent for a specific processing purpose.
- 6 (1) lit. b) GDPR, insofar as the processing of Personal Data is necessary for the performance of a contract. The same applies to such processing operations that are necessary for the performance of pre-contractual measures, for example in the case of enquiries about our products or services.
- 6 (1) lit. c) GDPR, insofar as we are subject to a legal obligation that requires the processing of Personal Data, such as for the fulfilment of tax obligations.
- 6 (1) lit. f) GDPR applies on the basis of our legitimate interests, e.g., when using service providers for example for statistical surveys and analyses and logging registration procedures. Our interest is directed towards the use of a user-friendly, appealing, and secure presentation as well as optimization of our services, which serves our business interests as well as meeting your expectations.
Duration of Storage and Routine Deletion of Personal Data
We process and store your Personal Data only for the period of time required to fulfil the purpose of storage or if this has been provided for by and among others the Australian Taxation Office, for 5 and up to 7 years. After the purpose has ceased to exist or has been fulfilled, your Personal Data will be deleted or blocked.
In the case of blocking, deletion will take place as soon as legal, statutory, or contractual retention periods do not conflict with this, there is no reason to assume that deletion would impair your interests worthy of protection and deletion would not cause a disproportionately high expense due to the special nature of the storage.
Automatically Collected Data
The hosting services used for the purpose of operating our website is Bluehost (Newfold Digital Inc). In doing so Bluehost processes all data and communication data of our interested parties and visitors of our website. We use Bluehost, on the basis of our legitimate interests (Article 6 (1) lit. f) GDPR) in an efficient and secure provision of the website and services in conjunction with the provision of contractual services and the conclusion of the contract for our services.
Each time you visit our website, a number of general data and information is transmitted – even if you use our website for purely informational purposes. Bluehost collects the general data and information that your browser transmits to my website’s server. This data and information are collected are technically necessary for the display our website to you and that serve the stability, security and danger or threat prevention in the event of attacks on my website, such as:
- IP address
- date and time of an access to the website
- type and version of browser used
- operating system used and its interface
- the website from which an accessing system arrives at my website (so-called referrer)
- sub-websites that are accessed via an accessing system on my website,
- Internet service provider of the accessing system.
This data is deleted after the storage is no longer necessary for error analysis or danger or threat prevention. The legal basis for this data processing is Article 6 (1) lit. b) GDPR, as the collection and storage of this data is necessary for the operation of the website in order to ensure the functionality of the website and to deliver the content of our website correctly.
Cookies
We use cookies on our websites. Cookies are small text files that are stored on your device and can be read. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. Cookies can contain data that make it possible to recognise the device used. In some cases, however, cookies only contain information on certain settings that cannot be related to a specific person.
We use session cookies and permanent cookies on our websites. The processing is carried out on the basis of Art. 6 (1) lit. f.) and in the interest of optimising or enabling user guidance and adapting the presentation of our website.
Insofar as you have given your consent to this in accordance with Art. 6 (1) lit. a.) GDPR, we use cookies and other technologies from third-party providers on our website. After the end of the purpose and the end of the use of the respective technology by us, the data collected in this context will be deleted. You can revoke your consent at any time with effect for the future.
Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC. Google Analytics also uses cookies to enable our website to analyse how users use our website across multiple devices. The information generated by the cookies about your use of our website is transmitted to and stored by Google, including transmission to the United States. The following data is processed through the use of Google Analytics:
- 3 bytes of the IP address of the called system of the website visitor (anonymised IP address),
- the website called up,
- the website from which the user reached the accessed page of my website (referrer),
- the subpages accessed from the website,
- the time spent on the website
- the frequency with which the website is accessed.
Google states that it will not associate your IP address with any other data held by Google. The use of this service is based on your consent.
Google Ads
We use Google Ads, an online advertising service provided by Google LLC. Google Ads enables us to show advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be shown on the basis of user data available to Google (e.g. location data and interests) (target group targeting). With the help of Google Ads, we can evaluate this data quantitatively, for example, which search terms have led to the display of our advertisements and how many ads have resulted in corresponding clicks. The use of this service is based on your consent.
Google Ads Remarketing
We also use the remarketing functions Google Ads. Google Ads Remarketing allows us to assign people who interact with our advertisements and website to specific target groups and to display interest-based advertising to them within the Google advertising network.
Further, the advertising target groups created by us using Google Ads Remarketing can be linked to Google’s cross-device functions. This means that interest-based, personalised advertising (that is advertising that has been adapted to you depending on your previous usage and surfing behaviour) can also be displayed on another of your end devices (e.g. tablet or PC). The use of this service is based on your consent.
Google Conversion Tracking
We also use Google Conversion Tracking. With the help of Google conversion tracking, we and Google can recognize whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We also learn the total number of users who clicked on our ads and what actions they took. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification. The use of this service is based on your consent.
Pixel Cookies and Tags
We use so-called Pixel Cookies and Tags (“Pixel Cookies”). A Pixel Cookie is an advertising tool and typically consists of a JavaScript code snippet that allows us to understand and track visitors’ activity on our website. For this purpose, Pixel Cookies collect and process information about visitors of our website and the device used (so-called event data).
Event data collected through Pixel Cookies is used for targeting our advertisements and improving ad delivery and personalised advertising. For this purpose, the event data collected on our website by means of Pixel Cookies is transmitted to the relevant operator of the Pixel Cookie and in part, also stored on your device. However, this only happens with your consent, and we and the relevant operator of the Pixel Cookie are considered joint controllers. Nonetheless, for the subsequent processing of the transmitted Event Data, the relevant operator of the Pixel Cookie is the sole controller.
For more information about how the relevant operator of the Pixel Cookie processes personal data, including the legal basis on which they rely on and how you can exercise your rights against, please refer to the following Privacy Policies: Facebook and Instagram.
Opting Out
Google Analytics
You can disable tracking by Google Analytics with future effect by downloading and installing the Google Analytics Opt-out Browser Add-on for your current web browser following this link http://tools.google.com/dlpage/gaoptout?hl=en.
Google Ads, Google Ads Remarketing, Google Conversion Tracking
If you have a Google account, you can object to personalised advertising at the following link: https://www.google.com/settings/ads/onweb/.
General
If you do not wish to participate in our advertising personalization or retargeting/tracking you can object to behavioural advertising at the following websites: Your Online Choices, Digital Advertising Alliance of Canada, Network Advertising Initiative, AdChoices and the European Interactive Digital Advertising Alliance (Europe only).
Cookie Consent
When you first visit our website, you will be asked to give your consent to cookies being stored on your device. You can accept all cookies or adjust your cookie settings to store only some of the above categories of cookies on your device. You can also refuse all cookies, except for essential cookies, which are cookies that are required for the proper functioning of the website.
You should be aware that if you disable/reject certain cookies, we will not be able to provide you with the best possible user experience on our website, as there may be services and features that you will not be able to use if cookies are required for us to remember the choices you have made.
You can revoke your consent or change your cookie settings at any time.
How can I delete cookies?
How and whether you want to use cookies is up to you. Regardless of which service or website the cookies come from, you always have the option to delete, only partially allow or disable cookies. To do so follow the link to your browser Google Chrome, Mozilla Firefox, Microsoft Internet Explorer/ Edge, Opera, Safari.
Contractual Relationship
In order to establish or implement the contractual relationship with our users, it is regularly necessary to process the personal master data and contract data provided to us. The legal basis for this processing is Art. 6 (1) lit. b) GDPR.
We also process customer and prospect data for evaluation and marketing purposes. This processing is carried out on the legal basis of Article 6 (1) lit. f) GDPR and serves our interest in further developing our offer and informing you specifically about our offers.
Further data processing may take place if you have consented (Article 6 (1) lit. f) GDPR) or if this serves the fulfilment of a legal obligation (Art. 6 (1) lit. c) GDPR).
Commercial and Business Services
We process information of our contractual and business partners, e.g., users and interested parties in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g., to answer enquiries.
We process this information to fulfil our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organisation. We only disclose the information of our contractual partners to third parties within the scope of the applicable law to the extent that this is necessary for the aforementioned purposes or for the fulfilment of legal obligations or with the consent of the contractual partners (e.g., auxiliary services as well as subcontractors, banks, tax and legal advisers or tax authorities).
Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioural marketing. And the Legal bases are Art. 6 (1) lit. b) GDPR, Art. 6 (1) lit. c) GDPR, and Art. 6 (1) lit. f) GDPR.
Administration, Financial Accounting, Office Organization, Contact Management
We process data in the context of administrative tasks as well as organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The processing bases are Article 6 (1) lit. c) GDPR, Article 6 (1) lit. f) GDPR. Users, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities. In this context, we disclose or transfer data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices.
Information processing for the purpose of fraud prevention and optimization
Where applicable, we provide our service providers with further information, which they use together with the information necessary for fraud prevention and optimization of our processes This serves to protect our legitimate interests Article 6 (1) lit. f) GDPR in our protection against fraud or in efficient risk management, which outweigh our interests in the context of a balancing of interests.
Technical services
We process the data of our users and clients in order to enable them to select, purchase or commission the selected services as well as associated activities or to execute or provide them. The required information is identified as such in the context of the service provision, or comparable contract conclusion.
Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioural marketing. And, the Legal bases are Contractual performance and pre-contractual inquiries, Legal obligation, and our Legitimate interests. Art. 6 (1) lit. b) GDPR, Art. 6 (1) lit. c) GDPR, and Art. 6 (1) lit. f) GDPR.
Exercising our rights
Based on Art. 6 (1) lit. c) and Art. 6 (1) lit. f) GDPR, we use and store your Personal Data and technical information to the extent necessary to prevent or prosecute misuse or other illegal behaviour on our website, e.g., to maintain data security in the event of attacks on our IT systems. This also takes place insofar as we are legally obliged to do so, for example due to official or court orders, and for the exercise of our rights and claims as well as for legal defence.
Enquiries
When contacting us the Personal Data transmitted will be stored and processed exclusively for the purpose of answering the enquiry. The legal basis for the processing is Art. 6 (1) lit. f.) GDPR or Art. 6 (1) lit. b) GDPR if the enquiry is aimed at concluding a contract. The data will be deleted when the purpose of the processing no longer applies, e.g., the enquiry has been conclusively answered. You can object to the processing of your Personal Data at any time by contacting us.
Use of customer data for direct marketing purposes
If you have provided us with your email address when using our Services, we reserve the right to regularly send you email offers for similar services. We do not need to obtain your separate consent for this. In this respect, the data processing is carried out solely on the basis of our legitimate interest Art. 6 (1) lit. f.) GDPR in personalised direct advertising. If you have initially objected to the use of your e-mail address for this purpose, we will not send you any e-mails.
You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately. If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the marketing.
Disclosure of Personal Data to third parties
Your Personal Data will only be passed on if there is a legal obligation to do so or to service providers and partner companies that have been carefully selected in advance and are contractually obliged to comply with the requirements of data protection law.
- a) Disclosure to service providers according to Art. 6 (1) lit. b) and f) GDPR
For the operation and optimization of our website and our services and for the processing of contracts, various service companies work for us, e.g., for IT services or the hosting of our website, to whom we pass on the data required for the fulfilment of the task.
These companies act for us by way of commissioned processing and may therefore use the data provided exclusively in accordance with our instructions. In this case, we are legally responsible for appropriate data protection precautions at the companies we commission. We therefore agree on specific data security measures with these companies and monitor them regularly.
- b) Disclosure to other third parties pursuant to Art. 6 (1) lit. c) and f) GDPR
We will disclose your data to third parties or government agencies within the framework of existing data protection laws if we are legally obliged to do so, e.g., due to official or court orders, or if we are entitled to do so, e.g., because this is necessary for the prosecution of criminal offences or for the exercise and enforcement of our rights and claims.
Data transfer to third countries
While we usually do not transfer your personal data outside Australia, it is to note that the European Commision has not yet recognised Australia as a country with an adequate level of data protection.As such we take additional measures to ensure an adequate level of data protection for the transfer in accordance with Art. 44 of the GDPR and thus ensure that the transfer is generally permissible and that the special requirements for a transfer to a third country are met (e.g., by concluding EU standard contracts and additional guarantees, supplementary technical and organisational measures such as encryption or anonymization).
General Technical Organisational Measures
We have taken a variety of security measures to protect Personal Data to an appropriate extent and adequately. All information held by us is protected by physical, technical, and procedural measures that limit access to the information to specifically authorised persons in accordance with our Privacy Policy and this Statement.
Our website is using Hypertext transfer protocol secure (HTTPS), which is the primary protocol used to send data between a web browser and a website. HTTPS is encrypted in order to increase security of data transfer.
In addition, only employees who need the information to perform a specific job are granted access to Personal Data. These employees are trained in security and privacy practices and treat your information confidentially.
Validity and questions
This Policy Statement was last updated on Wednesday, 6th of September, 2023, and is the current and valid version. However, we want to point out that from time to time due to actual or legal changes a revision to this Policy Statement may be necessary.
If you have any questions about this Policy Statement or our data protection practices, please contact us using david@auspromotion.com, or call +61 422 656 006.