PRIVACY POLICY

Version No: 3

Date: 27.04.2024

 

 

1.       Respecting your privacy

 

Your privacy is important to SPEEDSIGIP Pty Ltd ABN 39 657 227 051 and our related bodies corporate (we, us or our). This privacy policy sets out how we collect, hold, use and disclose your personal information.

 

We may amend this policy from time to time and the most current version will be published on this website, so please review this policy regularly. We will post a notification on our website where we make material changes to this policy.

 

2.       Legislation Covered

 

This policy is to outline our obligations with respect to The Australian Privacy Principles (APPs) under The Privacy Act (1988), GDPR, UK GDPR, and Health Insurance Portability and Accountability Act (HIPAA) and any other United States (US) legislation and/or regulations including, but not limited to, the: California Privacy Rights Act (CPRA); Colorado Privacy Act (CPA); Virginia Consumer Data Protection Act (VCDPA); Connecticut Data Privacy Act (CTDPA); Delaware Personal Data Privacy Act (DPDPA); Indiana Consumer Data Protection Act (Indiana CDPA); Iowa Consumer Data Protection Act (ICDPA); Kentucky Consumer Data Protection Act (KCDPA); and Washington’s (State) My Health My Data Act (MHMDA).  

 

For the purposes of HIPAA compliance, where SpeedSig receives protected health information, SpeedSig will be considered a Business Associate (BA) and client may be considered a Covered Entity (CE). Any reference to personal data in this Privacy Policy may include protected health information, and the Controller should be understood to mean Covered Entity (CE), and any reference to Processor shall be understood to mean Business Associate (BA) unless stated otherwise.

 

3.       What is personal information?

 

“Personal information” is any information about an identified individual, or an individual who is reasonably identifiable. “Sensitive information” is a special category of personal information and includes information about an individual’s health and biometric identifiers.

 

The website refers to any webpages hosted on the domain: www.speedsig.com.

 

4.       What personal information do we collect, and how do we collect it?

 

Personal information we collect

 

We offer a “software as a service” web application known as SpeedSig, that provides data upload, management, analysis and reporting tools (Application), as well as other products and services.

 

The personal information we collect and hold about you will depend on the nature of your interaction with us, including whether you interact with us directly or indirectly. For example:

 

·         you may interact with us directly if you are a customer of ours, or if you are an authorised user for a sporting team or other organisation which is a customer of ours; or

·         you may interact with us indirectly if you are a player on a team which is a customer of ours (Player), and you agree to allow your team to provide your personal information to us in connection with your team’s use of our products or services.

 

Where you interact with us directly, the information we collect and hold will generally include your name and contact details (such as your phone number and email address), your billing and shipping addresses, your payment information (such as credit card or bank account details), and any additional content you choose to enter.

 

If you are an athlete or individual who directly uses our products or services, or if you are a Player whose information is provided to us by your team, the information will also generally include your name, gender, date of birth, sport, position, team (where applicable), height, body mass, raw gait data (which is retained by us only temporarily, as described below), and analysed data generated by the Application using your raw data. Some of this information may be sensitive information.

 

As indicated above, where you are a Player, we require your team to obtain consent from you, or your parent or guardian if you are under 18, before they provide any information about you to us.

 

Raw data and analysed data

 

The Application uses raw gait data (including position, velocity, accelerometer, gyroscope, magnetometer, and joint centre estimate data), extracted from an inertial motion unit or other motion-capture device, to generate analysed data. The raw data is uploaded and analysed by the Application to generate the analysed data set, but the raw data is then deleted from our server when the user logs out and is not retained by us. The analysed data is retained by us, as described in this privacy policy.

 

How we collect personal information

 

Where possible, we collect personal information directly from you. This may occur in a number of

ways, including:

·         if you directly use our products or services;

·         when you enquire about our products or services or provide feedback to us, for example, through our website or by email;

·         if you request customer support;

·         if you sign up to one of our mailing lists; or

·         when you otherwise communicate or interact with us by email, telephone, or on our website.

 

As indicated above, in some cases, we may collect personal information about you from a third party, including where you are a Player, and you agree that your team can provide your information to us.

 

More generally, we may also collect personal information from third parties or from publicly available sources, but only if you have consented to your information being used or collected in this way, or would reasonably expect us to collect it in this way. We only collect this information from companies or sources that are allowed to disclose it to us.

 

You do not have to provide your personal information to us if you do not wish to, but if you do not provide all the information we request, we may not be able to provide you with the products, services, or information you have requested. If you are a Player, you may request that your team provides us with a pseudonym instead of your real name.

 

Other information that is collected automatically

 

In addition to the information described above, we may gather information about you that is automatically collected by our server/IT Systems, such as your IP address, domain name, version of web browser and software language, time zone with difference to Australian Western Standard Time (AWST), what sites or products/services you view, search terms, data and time of the server request, and how you interact with our site.

 

5.       Minors

 

If you are under the age of 18, then in order to use our products or services, or (where you are a Player), to allow your team to provide your personal information to us, your parent or legal guardian must provide their consent.

 

6.       Social media and communication services

 

We use social media and communication services such as Facebook, Instagram, LinkedIn, Reels, X (formerly Twitter), Mailchimp, Zoom, VideoAsk, and Email Nurture, to communicate with the public about our products and services.

 

If you use these platforms and interact with our content on them, the relevant providers will handle your personal information in accordance with their own privacy policies, which we encourage you to read. We have no control over the privacy practices or the content of any other 3rd party links to/from our website, and do not endorse, approve, or certify these other websites. You can access the privacy, cookies, and 3rd party analytics policies for Meta Platforms, Inc. (covering Facebook and Instagram), and the other social media and communication service providers, on their websites.

 

7.       Providing personal information of others to us

 

You must not provide us with personal information about any other individual unless you have the express consent of that individual to do so. If you do provide us with such information, before doing so, you:

·         must tell that individual that you will be providing their information to us and that we will handle their information in accordance with this privacy policy;

·         must provide that individual with a copy of (or refer them to) this privacy policy; and

·         warrant that you have that individual’s consent to provide their information to us.

 

8.       How do we use your personal information?

 

We use the personal information we collect for the legitimate business purposes for which it is collected (e.g. as a matter of contractual necessity and to meet our legal obligations) and for other related purposes, and as permitted or required by law. Our general purposes may include:

·         to provide the products or services you (or your team) request, and to administer and manage those products and services;

·         to process payments;

·         to communicate with you, including where we are required to provide notice to you under our agreement with you or your team;

·         to respond to your enquiries or requests for assistance from us;

·         to verify your identity;

·         to provide information to authorised users about improved or additional products or services offered by us that might be of interest to your team;

·         to create marketing material and develop business relationships for our products and/or services;

·         to prevent and detect fraud and abuse, and to keep the service safe and secure;

·         to improve, develop, and maintain our website, content and/or our products and services; and

·         to facilitate our business operations and processes.

 

In addition, where we hold analysed data about you, we will create a de-identified (aka anonymised) version of that data and will aggregate it with de-identified analysed data of other customers and Players in the same sport. De-identified data and aggregated data will be used by us for our own purposes, including ongoing development and improvement of our products and services.

 

 

9.       Will we disclose your personal information to others?

 

Generally, we will obtain consent before we disclose any personal information other than as specified in this policy. Such consent may be given expressly or it may be implied by conduct.

 

Your personal information may be disclosed to:

·         our related entities and representatives for our business purposes only;

·         our independent contractors and other third parties to enable us to provide our products and services;

·         our 3rd party service providers to permit them to provide services to us such as hosting services, provision of infrastructure, payment gateways and platforms, IT services, data analysis, email delivery services, customer services and other similar services;

·         our external advisers and vendors who have been engaged to provide us with legal, administrative, financial, insurance, research, marketing, analytics or other services;

·         for research such as statistical analysis, machine learning, market analysis, and reports;

·         meet our legitimate business interests or where it is needed to comply with a legal obligation and/or valid request by a public authority (e.g. court or government agency);

·         other parties as permitted or required by law or as we believe to be appropriate: (1) to enforce our agreement with you, where applicable; (2) to protect our operations or those of any of our related entities; (3) to protect our rights, privacy, safety, confidentiality, reputation or property and/or that of our related entities, you or others; (4) to prevent fraud or cybercrime; (5) to permit us to pursue available remedies or limit the damages that we may sustain; and (6) in connection with a merger or sale involving all or part of our business; and

·         any other person authorised, implicitly or expressly, when the personal information is provided to or collected by us.

 

In addition, where you are a Player, your analysed data will be disclosed to your team in connection with their use of our products and services.

 

We reserve the right to disclose any personal information to law enforcement or other government officials where we reasonably believe that this may be necessary or appropriate.

 

We will never sell personal information to third parties, but we may sell or share de-identified/anonymised and aggregated data (which no longer contains any of your details).

 

We will store personal information on secure servers located in the same jurisdiction as the relevant

customer.

 

10.   Direct marketing

 

As indicated above, we may use your personal information to send you marketing material, including advertising that is customised to your interests, characteristics or general location.

 

Opt-out: If you prefer not to receive marketing communications from us, you can opt out by contacting us using the contact details below. For direct marketing correspondence that you receive from us via email or other electronic means, there will be an unsubscribe button, link or other mechanism which you can use to manage which messages you receive from us.

 

11.   Data security

 

We take the security of your personal information seriously. We take reasonable steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse. We take various physical, administrative, and technological steps to store and transmit data safely and securely.

 

When no longer required for the purposes for which it was retained or when requested by you, we will take reasonable steps to destroy, delete or permanently de-identify personal information in a secure manner. Where we hold analysed data about you and your agreement with us ends for any reason, or (where you are a Player), when the agreement between us and your team ends for any reason, we will retain analysed data about you in de-identified form only.

 

Despite best practice measures, we cannot guarantee that the information described in this policy will be completely secure.

 

12.   Access and correction

 

You may request access to the personal information we hold about you by contacting us using the contact details below. We will process such requests within a reasonable time. If we deny an access request as permitted or required by law, we will provide reasons for doing so.

 

We will take reasonable steps to ensure the personal information we hold about you is up to date and accurate. Please let us know promptly if any changes are required to be made to the personal information we hold about you by contacting us using the contact details below.

 

You may ask us at any time to correct personal information we hold about you. On request, we will take reasonable steps to correct the information so that it is accurate, complete and up to date, or will provide reasons for not doing so.

 

13.   Complaints handling

 

If you wish to make a complaint about a breach of this policy or the Australian Privacy Principles, you can contact us using the contact details below. You will need to provide sufficient details regarding your complaint, together with supporting evidence and information. We will investigate your complaint and determine what steps we need to take to resolve your complaint. We will contact you if we require further information from you, and will notify you in writing of the outcome of our investigation.

 

If you are not satisfied with our determination, you can contact us to discuss your concerns or you can contact the Australian Information Commissioner using the details available on the website www.oaic.gov.au.

 

14.   How to contact us

 

If you have any questions or concerns about this policy or our privacy practices, you may contact us

using the following details:

 

Email: jason@speedsig.com

 

Address: LEVEL 2 179 ST GEORGES TERRACE PERTH WA 6000