Butterfly is a digital agency, and it provides IT services including website design, development, digital strategy, implementation, ongoing services, hosting and automation (“Services.”) These Services may be provided from time to time via our website butterfly.com.au or via various software as a service applications which we manage ourselves, or which we manage on behalf of third parties (together “Systems”).
What information do we collect?
We access, collect and hold Your Information, which may include your name, phone number, email, mailing address, employer (i.e the relevant customer or supplier whom you are associated with) and other information relevant to the supply of our Services that is collected by us or that you choose to provide to us. Our clients may also provide us with Your Information or access to a system or database that holds Your Information to enable us to provide our Services to the relevant client. The type of information which we are exposed to in this regard will vary by client and the goods and services they provide.
How we collect Your Information
Generally, we collect Your Information directly from you but we may also collect or access Your Information from other people or organisations if you have given your consent.
We may collect Your Information from our clients whilst providing our Services to them. This collection may be temporary (i.e. for a short period whilst we provide our clients with Services) or over a longer term (e.g.: such as where we enter into long term projects with our clients).
We also may collect or have access to Your Information as part of providing and offering our Services to you.
This includes when you provide Your Information to us by: (i) using our Services; (ii) registering to use the Systems; (iii) completing any forms on the Systems or as otherwise required by us; (iv) making any requests or transactions through the Systems; or (v) communicating with us in person, during phone calls, by email, or otherwise via customer enquiries or communications.
Why do we need Your Information?
We only collect or hold Your Information where it is reasonably necessary for our business functions or activities, including the provision of our Services and Systems.
In particular, we need Your Information to:
- enable you and any client with whom you are associated with to access and use the Services and the Systems we provide as part of the Services;
- operate, supply, maintain and improve our Services and the Systems we provide to our clients;
- monitor the client’s compliance with its contractual obligations with us;
- administer your account or the relevant client’s account with us;
- provide you or our clients with our Services (including by analysing Your Information and logging all interactions with the Systems);
- keep and update internal records;
- communicate with you and/or the client about our Services;
- create and update our databases and other records;
- ensure compliance with our contractual and other legal obligations to you or the client; and
- administer our relationship with you or the client by responding to your enquiries or the client’s enquiries, (the “Main Purposes”).
Information that is provided by clients or their authorised users and held in the Systems we provide as part of our Services may also be accessed and used by clients for their own purposes (as determined by the client).
If you do not allow us to collect Your Information or access Your Information stored in the Systems we provide as part of the Services, we may not be able to fulfil our Main Purposes or supply our Services (including access to and use of any of the Systems) to you or the client with whom you are associated.
How do we use or disclose Your Information?
By submitting Your Information to us, you consent to us using or disclosing Your Information for:
the Main Purposes;
- to the nominated representative of any client you are associated with;
- a manner as directed or as agreed by the client that provided (or whose authorised user provided) the information to us;
- providing the relevant client or its authorised users with access to or use of the Systems we provide as part of our Services;
- our third party service partners to permit them to provide features and services on our behalf and as requested by the relevant client;
- the resolution of a problem or support issue on behalf of the relevant client;
- the protection the rights, property or personal safety of any client or client's authorised user, any member of the public, or to protect our interests;
- any purpose related to the Main Purposes that could be reasonably anticipated at the time Your Information was collected (“Secondary Purpose”);
- any purpose to which you otherwise consent (including as disclosed to you in an information collection statement at the point where we collect Your Information);
- any other purpose required or authorised by law (including the Privacy Act).
Secondary Purposes may include but are not limited to: improving our Services; sending you or the client direct marketing about our Services, deals and promotions; conducting customer surveys; managing our relationship with you; monitoring how you interact with us on the Systems or other contact points; or helping you to complete an activity that you have chosen to undertake.
We may use certain non-personally identifiable information (such as usage data, IP addresses, browser or platform type etc.) subject to applicable law to share results with the applicable client, to develop and improve the quality of our Services and customise the product experience for each user, and to create new features, promotions, functionality and services by storing, tracking, analysing and processing user preferences and trends as well as user activity and communications.
Can you remain anonymous or use a pseudonym?
We will, if practicable, allow you to use a pseudonym or to not identify yourself (unless this is impractical or against the law (including the Privacy Act)).
In many instances, if you do not provide us with some of Your Information we may not be able to provide you with the relevant service, product or information. This may have an effect on whether we can begin or continue a relationship with you.
What disclosures do we make?
Generally speaking (and as described above under the heading “How do we use or disclose Your Information”) we will disclose Your Information for the Main Purposes. We may also disclose Your Information in other ways with your consent or to any other party where we are authorised or required to do so by law (including the Privacy Act).
We may disclose Your Information to our partners, suppliers, distributors and service providers in order to assist us in providing our Services to you or our clients. Your Information, whether collected directly by us, or provided to us by you, may either be hosted on servers we control, or on servers controlled by our partners, suppliers, distributors and service providers, to which we are given access. Some of our service providers or the services they provide (like cloud storage services), may be based outside Australia, including in places like the United States of America, Europe and Asia.In order to protect Your Information, we take care where possible to work with service providers whom we consider maintain acceptable standards of data security compliance, and we do our part to meet those standards as they apply to us. By providing us with Your Information, you consent to Your Information being used, stored and disclosed overseas (and acknowledge that no additional obligations that may apply to the overseas disclosure of personal information other than those specified in the Privacy Act will apply).
Is Your Information confidential and secure?
We take all reasonable steps to keep Your Information secure and to ensure it is protected against misuse, loss, unauthorised access, modification or inappropriate disclosure. We may hold Your Information in electronic form, but will store it in secure systems accessible only to authorised personnel and where applicable, with the use of code encryptions and secure keys.
We host the data that we collect in secure server environments that use a firewall and other industry-standard technology in an effort to prevent interference or access from outside intruders. The Internet, however, is not perfectly secure and we are not responsible for security breaches not reasonably within our control.
Do we use “cookies” and other tracking technologies?
When a client or any of its authorised users use the Systems, our servers may collect the Internet Protocol ("IP") address associated with the user's computer. We may also collect additional information such as the login timestamp, the user's browser type and version, and the operating system of the user's computer. This information is logged to help us to diagnose technical problems and to administer and improve the Systems.
By using the Systems, you agree to the use of these tracking technologies.
Third party service providers
Some of those third party service providers, or the services they provide, may be based outside of Australia. We take care to work with service providers who we consider maintain acceptable standards of data security compliance. By providing us with your personal information, you consent to that information being used, stored and disclosed outside of Australia.
Managing Your Information
You are responsible for ensuring that Your Information is accurate, current and complete and we encourage you to contact us to update Your Information if it changes at: firstname.lastname@example.org
You may ask to access Your Information in accordance with the Privacy Act, including by asking us to provide you with a summary of Your Information that we hold subject to any limitations at law.
For your protection, we may require you to confirm your identity before access to Your Information is granted.
In most cases, we can provide you with a summary of Your Information free of charge. However, in some circumstances, reasonable costs may be charged to you in accessing Your Information in accordance with and subject to the Privacy Act or any other relevant law.
You may opt-out of receipt of emails, or other commercial messages delivered by us on behalf of our clients by clicking on the “unsubscribe” button that appears on the bottom of each email. You may also contact any client with whom you are associated to request further access to, modification of, or deletion of Your Information provided to us by the client.
Queries and complaints
If you have a question or want to make a complaint about how we handle Your Information, please contact us using the details below. We will review any question, complaint or concern you may have and will respond to you after we have carefully considered it. We will, where reasonably possible, take steps to investigate and resolve complaints within 30 days. Please note, we may require further information from you in order to resolve any complaints. If we need more time, we will notify you about the reasons for the delay and seek to agree a longer period with you (if you do not agree, we may not be able to resolve your complaint). If we cannot resolve a complaint related to your privacy information, you may contact the Office of the Australian Information Commissioner (“OAIC”) directly.
Or for more information about privacy issues in Australia and protecting your privacy, please visit the OAIC website at www.oaic.gov.au.