Last updated: 1 September 2020
At Finlert, we know that our customers care about how their personal information is used and shared, and we take your privacy seriously.
This Policy explains what information Finlert collects about you, why we collect it, and how we manage the information provided via our products and services. We provide information on the options regarding our use of your personal information and describe how you can access, update and remove this data.
When we refer to Finlert, “we” or “us” in this Policy, we are referring to Finlert Technology Pty Ltd (trading as Finlert) and its associated entities, together with, as applicable, the Finlert Services. This policy applies across all websites that we own and operate and all services that we provide, including www.finlert.com, app.finlert.com and help.finlert.com. For the purpose of this document, we’ll refer to them simply as our ‘Services’.
Changes to the privacy notice and your duty to inform us of changes
This version was last updated on 1 July 2020.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Information you provide
Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable.
We collect personal information when you register for an account, create or modify your profile, or otherwise use, access, or interact with our services. Personal information we collect includes:
Contact information such as name and email address
You may enter this information yourself, or alternatively, your personal information may be entered by an account administrator on your behalf (usually someone from your organisation).
We also collect the following personal information from the owner of the Finlert account:
Contact information such as name and email address
Accounting and Payroll Information
Finlert’s primary activity is to provide services facilitating reporting and payroll visibility on businesses such as companies, trusts etc. To provide this functionality, Finlert allows you to import the following information into the services:
Company/Business/Trust entity name
Employee names, email addresses and job titles
Any approved leave that has been entered into Xero an employee
Accumulated and snapshot totals of account
This information can be entered manually, or imported directly from third party services (e.g. Xero) where you have provided us permission to do so. In the latter case we securely store access tokens which allow us to update the accounting and payroll information in Finlert on your behalf.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Information we collect from your usage of Finlert Services
As with most websites and services delivered over the Internet, we gather certain information and store it in log files when you interact with our Services.
This information includes browser type, internet protocol (IP) address, language preference, URL of referring site, operating system, and the date and time of each interaction. Some URLs you access may contain your email address as necessary to perform the requested operations, and therefore your email address would be stored in the log file.
Usage data & analytics
We collect usage data automatically as you interact with our services. This data is useful for us as it helps us get a better understanding of how you’re using our websites and services so that we can continue to provide the best experience possible.
Cookies & other tracking technologies
Cookies are small data files that a website stores on a visitor’s computer. Finlert may use both session Cookies (which expire once the web browser is closed) and persistent Cookies (which stay on the computer or devices until they are deleted) to help us identify and authenticate visitors, track usage, and store preferences. You can configure your browser to stop accepting cookies or to prompt you before accepting a cookie from websites you visit, however this may impact your use and enjoyment of Finlert’s Services.
Information we collect from other sources
How we use the information we collect
We don’t disclose your personal information to entities outside the Finlert group except as described in this policy.
We will not sell or rent your personal information.
We do not share your personal information with third parties for their marketing purposes (including direct marketing) without your consent.
The personal information we collect is used for a variety of purposes including to:
Provide, operate, maintain, improve, and promote our services;
Enable you to access and use our services, including uploading information, downloading reports, and sharing access with other users;
Process payments and send you related communications, including invoices;
Send you notices, product updates, security alerts, support and administrative messages;
Provide customer support;
Monitor and analyse trends, usage, and activities in connection with the Service, and for marketing or advertising purposes;
Understand user demographics and behaviour for the purpose of product development;
Investigate and prevent unauthorised access to the Service, and other illegal activities;
Comply with our legal obligations, resolve disputes and enforce our agreements.
Other uses of your information are outlined below.
Access by other users
Please be aware that, depending on their role, other users within your business may have access to certain information. For example, a user with the ‘Administrator’ role for your business’s account can:
Change your access and control the information that is made available to you.
Delete your information
We may display personal testimonials of satisfied customers within our Services. With your consent, we may post your testimonial along with your name. If you wish to update or withdraw your testimonial, you can contact us using the contact information below.
Third Party Service Providers
We may share your information with third party service providers who provide services to us to help with our business activities. These companies are authorised to use your personal information only as necessary to provide these services to us. These services include payment processing, customer service, sending marketing communications, research and analysis, hosting, backup, cloud computing infrastructure.
Finlert takes steps to ensure that information is treated confidentially by third party service providers. If you would like more information on the services we use, please contact us using the contact information below.
Information Sharing with Public Authorities or Law Enforcement
In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose your personal information as required by law or other circumstances, such as:
to comply with a subpoena or other legal process;
when we believe that disclosure is necessary to protect our rights;
when we believe there has been a breach of our Terms of Service;
to protect your safety or the safety of others;
to investigate fraud, or
in response to a lawful government request.
Our data store and data infrastructure provider is located in the Australia and Ireland. Personal information from users in other jurisdictions will be transferred to, and stored and processed in, that location. We have taken steps to satisfy ourselves that our provider will manage and secure our data in a way that is consistent with applicable regulatory requirements and international best practice.
We may share or transfer your information (including your personal information) in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business. You will be notified via email and/or a prominent notice of any change in ownership or related uses or disclosures of your personal information, as well as any choices you may have regarding your personal information in those circumstances.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How long will you use my personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
When we do make changes, the date of the most recent update will be reflected in the ‘Last Updated’ date at the top of the Policy. For substantial changes, we will notify you by sending an email to the email address you have registered with or by providing a notification in-app or on the site prior to implementing any material changes regarding our privacy practices or this Policy.
Finlert Technology Pty Ltd (trading as Finlert)
Office 21, iAccelerate Centre
An appropriate person within our organisation will consider any requests or complaints promptly, and respond to you in writing.