Privacy is a top concern for Nootify, as we place great importance on safeguarding the security and confidentiality of the personal information that is given to us.
Owner and Data Controller
16/238 Robina Town Centre Dr
Robina QLD 4226
Owner contact email:firstname.lastname@example.org
User: Platform provider
Subscriber: user of the platform subscriber, a User can also be considered a subscriber of the platform
Types of Data collected
Among the types of Personal Data that Nootify collects, by itself or through third parties, there are: Cookies; Usage Data; email address; first name; last name; company name; device key for mobile. Some of this information may be optional to provide.
Unless explicitly stated otherwise, all the data required by Nootify for its functioning is obligatory. Failure to provide this data could result in Nootify being unable to offer its services. If Nootify designates certain data as optional, users have the choice to refrain from sharing that data without any impact on the availability or functionality of the Service.
How and where Data is processed
Appropriate security measures are implemented by the Owner to prevent unauthorized access, disclosure, alteration, or unlawful destruction of the Data.
Data processing occurs using computers and/or IT tools, following organizational procedures and approaches that are directly linked to the stated objectives. Alongside the Owner, there are instances where specific individuals responsible for various tasks within Nootify (e.g., administration, sales, marketing, legal, system administration) or external entities (such as third-party technical service providers, postal services, hosting providers, IT companies, communication agencies) may have access to the Data as Data Processors, as designated by the Owner when necessary. An updated roster of these entities can be requested from the Owner at any time.
Legal Grounds for Processing
The processing of Users' Personal Data by the Owner can occur if any of the following conditions are met:
- Users have granted their consent for one or more specific objectives. Note: In certain legal frameworks, the Owner might be permitted to process Personal Data until the User opposes such processing ("opt-out"), without relying on consent or other subsequent legal grounds. However, this exception is not applicable when processing Personal Data falls under European data protection regulations;
- Submission of Data is essential for fulfilling an agreement with the User and/or for any preliminary contractual responsibilities;
- Processing is necessary to fulfill a legal commitment to which the Owner is bound;
- Processing is linked to a task performed in the public interest or in the execution of official authority vested in the Owner;
- Processing is vital for the pursuit of legitimate interests pursued by the Owner or by a third party.
In every instance, the Owner is more than willing to provide clarification about the legal foundation that applies to the processing. This includes indicating whether the provision of Personal Data is mandated by law, contractually required, or necessary to initiate a contract.
The Place where data is processed
Servers and databases are in Melbourne, Australia and held with Google cloud services. Data processing occurs at the operational offices of the Owner and at any other locations where the involved parties are situated.
Depending on the User's geographical location, the transfer of data might involve moving the User's information to a country other than their own. To obtain further information regarding the processing location for such transferred Data, Users can refer to the section containing specifics about the handling of Personal Data.
Users also have the right to understand the legal grounds for transferring Data to a country beyond the European Union or to any international organization governed by public international law, or established by multiple countries (such as the UN). This includes details about the security measures implemented by the Owner to protect their Data.
Should such a transfer occur, Users can gather more information by consulting the pertinent sections of this document or by reaching out to the Owner using the contact details provided in the designated section.
Personal information will be processed and stored for the duration necessary to achieve the objectives for which they were initially gathered.
- Personal data amassed for purposes linked to executing an agreement between the Owner and the User will be preserved until that agreement has been satisfactorily executed.
- Personal data gathered to serve the Owner's valid interests will be kept as long as necessary to fulfill those intentions. Users can locate specific details about the Owner's valid interests within the relevant parts of this document or by getting in touch with the Owner.
In cases where the User has granted permission for such processing, the Owner might prolong the retention of Personal Data, provided such consent has not been withdrawn. Additionally, the Owner could be compelled to preserve Personal Data for an extended period when required due to legal obligations or upon orders from authorities.
Once the retention timeframe concludes, Personal Data will be erased. Consequently, the rights of access, erasure, correction, and data portability cannot be enforced after the retention period elapses.
The User's information is gathered to enable the Owner to furnish its Service, fulfill its legal responsibilities, address enforcement appeals, safeguard its rights and interests (or those of Users or external parties), identify any deceitful or malevolent actions, as well as the subsequent: Analysis, Management of Tags, engaging with external social networks and platforms, and Communicating with the User.
For precise details concerning the Personal Data utilized for each intention, the User can consult the section titled Detailed information on the processing of Personal Data”.
Detailed information on the processing of Personal Data
We gather your personal information for these reasons and through these methods:
The tools in this section allow the Owner to observe and study web traffic, which helps us understand how you use the website. This helps us keep an eye on how users behave.
Google Analytics (Google Ireland Limited)
Google Analytics is a web analysis service provided by Google Ireland Limited (“Google”). Google utilizes the Data collected to track and examine the use of Nootify, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data processed: Cookies; Usage Data.
Category of personal information collected according to The California Consumer Privacy Act of 2018: internet information.
This processing constitutes a sale based on the definition under the CCPA. In addition to the information in this clause, the User can find information regarding how to opt out of the sale in the section detailing
Mailing list or newsletter (Nootify)
When you sign up for the mailing list or newsletter, your email address will be included in the list of contacts who might receive emails with commercial or promotional details about Nootify. Your email could also be added here if you register on Nootify or make a purchase.
We process the following Personal Data: company name, email address, first name, last name, and website. Categories of personal information we collect: identifying information, details about commercial activities, internet-related information.
Engaging with External Social Networks and Platforms This service lets you interact with social networks or other external platforms directly through Nootify's pages. Any interaction and information received through Nootify will always adhere to your privacy settings on each social network. This service might also collect data about page visits, even if you don't use it actively. To ensure that the data processed on Nootify isn't linked back to your profile, it's recommended to log out from these services.
Google Tag Manager (Google Ireland Limited)
Google Tag Manager is a tool for managing tags, provided by Google Ireland Limited.
Data We Use: Information about how you use things (usage data).
Type of Personal Info as defined by CCPA: Details about online activities.
This processing is considered a sale according to the CCPA's definition. Apart from the details mentioned in this section, users can locate information about how to choose not to participate in this sale in the part that explains the rights of consumers in California.
Users possess specific rights regarding their Data managed by the Owner.
Users have the following entitlements:
- Withdraw their consent anytime. Users can retract their consent when they have previously given it for processing their Personal Data.
- Challenge Data processing. Users can object to Data processing if it relies on a legal basis other than consent. More details are found in the designated section below.
- Access their Data. Users can determine if the Owner processes their Data, obtain details about some aspects of the processing, and receive a copy of the Data undergoing processing.
- Authenticate and request correction. Users can verify the precision of their Data and request its amendment or rectification.
- Rein in the processing of their Data. Users can, under specific circumstances, limit the processing of their Data. In such cases, the Owner will only store their Data, not process it for any other purpose.
- Erase or remove their Personal Data. Users can, under certain circumstances, have their Data erased from the Owner's records.
- Receive their Data and transfer it to another controller. Users have the right to get their Data in a structured, easily readable format and, if feasible, have it transferred to another controller without obstruction. This applies when Data is processed by automated means and based on the User's consent, a contract they're part of, or pre-contractual commitments.
- Launch a complaint. Users can report an issue to their competent data protection authority.
Details about the right to object to processing:
When Personal Data is processed for public interest, in line with official authority vested in the Owner, or for the Owner's valid interests, Users can object by explaining their specific situation as grounds for their objection.
It's important for Users to understand that if their Personal Data is processed for direct marketing, they can oppose it at any time without needing a reason. To confirm whether the Owner processes Personal Data for direct marketing, Users can consult the relevant sections of this document.
How to exert these rights
To exercise their rights, Users can contact the Owner through the provided contact details in this document. These requests can be made without any cost and the Owner will address them as soon as possible, always within one month.
More Information on Data Collection and Processing
The Owner might use the User's Personal Data for legal reasons in court or during the phases that could lead to potential legal action due to misuse of Nootify or its associated Services. The User acknowledges that the Owner might need to disclose personal data as requested by public authorities.
Additional Details about User's Personal Data
System Logs and Maintenance
For the purpose of operation and maintenance, Nootify and third-party services might collect files that document interactions with Nootify (System logs) and use other Personal Data (like the IP Address).
Information Not Included in This Policy
Further insights into the collection or processing of Personal Data can be asked for from the Owner anytime. Please refer to the contact details at the beginning of this document.
How We Handle "Do Not Track" Requests
Nootify doesn't fulfill "Do Not Track" requests. To know if the third-party services it employs respect "Do Not Track" requests, please read their privacy policies.
If these changes affect processing activities that rely on the User's consent, the Owner will seek new consent from the User if necessary.
Latest update: 29 August, 2023