Your privacy is important to us.
In managing and operating our day to day business, we work with personal information about our investors, our people, and other stakeholders. We take great efforts to ensure your confidentiality and data security.
What is personal information?
Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
The kinds of personal information we may collect, hold, use and disclose
The personal information we may collect, hold and process about you depends upon how you interact with us, and may include your name, date of birth, gender, phone number, postal and residential addresses, email address, occupation, financial information, and bank account details.
Where possible, we will collect this personal information directly from you. We may also collection information about you from third parties, including but not limited to our affiliates and entities we work with, including our service providers, financial advisers, or the internet or social media.
If we receive personal information that we have not requested, or where such information may be considered sensitive information, we will assess whether that information could have been collected lawfully. If yes, then we will retain and manage that information in accordance with this policy. If not, we will destroy or de-identify the information.
Dealing with us anonymously or using a pseudonym
When contacting us, you can do so either anonymously or by using a pseudonym. If you do so, we may not be able to provide you with accurate or useful information, and you may not be able to access a full range of our service. We may also may not be able to investigate incidents or complaints you have made.
We collect personal information for a number of purpose, including:
providing you with our services or information about our services and activities (including to promote and drive engagement with our services);
sending communications you request and/or responding to your enquiries;
providing third parties with information about you and your activities to assist us in providing our services;
cooperating with government agencies where required by law;
providing you with marketing material or contacting you in relation to our business, networking or promotional activities;
internal corporate purposes, corporate governance, auditing and record keeping.
If you hold an interest in the Innovyz Venture Fund 1, ILP (Fund), we use your personal information to carry out registry and administrative functions. These include providing you with the reports required under the Partnership Deed, sending you communications about the investments made by the Fund and keeping you updated about your investment, maintaining records and contact details, and processing transactions.
Our use of your personal information may extend beyond the uses described above but will be restricted to purposes that we consider to be related to our functions and services.
Managing personal information
If we collect personal information we may:
use that information for the purposes stated in this policy and directly related purposes;
store that information in accordance with this policy;
pass that information amongst entities we work with, associated organisations, business partners or affiliates;
pass that information to third parties who provide products or services to us (including our accountants, auditors, lawyers, IT contractors, and other service providers); and
provide that information to third parties as required or allowed by law; or
disclose your de-identified information to third parties for analysis, research and quality assurance purposes.
Holding and securing personal information
We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure.
We store your personal information digitally (unless legally required to retain in hard copy format). All digital material is secured using password protected computers and databases. All financial information (such as bank account details) are encrypted. Any digital transfer of personal information is via secure channels such as HTTPS where possible and user passwords are encrypted using a one-way hash.
Any database we manage is appropriately secured behind firewalls. We primarily use data storage providers located inside Australia. However some data may potentially be stored overseas, most likely the United States, due to the use of third party services from businesses that originate in the United States. Where appropriate, we have agreements with its storage providers to keep personal information they store secure, using reasonable and appropriate security methods.
We conduct regular audits of our compliance with this policy to ensure that our privacy framework is in line with industry best-practice.
Sending personal information outside Australia
We are a South Australian based organisation however our data may be stored in cloud back up software (such as Office 365, MailChimp, Dropbox, Firebase, Google Cloud Platform) which may be potentially be stored overseas, most likely in the United States of America.
Handling sensitive information
For the purpose of this policy, sensitive information includes information about your medical condition and health. You have additional rights in relation to sensitive information. We will only keep your sensitive information with your consent, or if we are required to by law or to protect a legal right. For example, if you have a medical episode when attending our promotional activities, we are required to collect information about the medical incident. If you want us to destroy your sensitive information you may request we do so in writing.
We may use your personal information to communicate directly with you to promote our services. If you receive direct marketing material from us, and do not wish to continue receiving it, please contact us by any of the methods stated in this policy, asking to be removed from all future direct marketing programs. Once we have received your opt-out request, we will remove you from our direct marketing programs as soon as reasonably practicable. However, unsubscribing from one part of our services (for example, a newsletter) will not automatically remove you from all other services.
Making a request to access personal information
You may request access to the personal information that we hold about you by contacting us. Upon receiving an access request we may request further details from you to verify your identity.
We reserve the right not to provide you with access if we cannot verify your identity to our reasonable satisfaction. An administrative fee may be charged to cover our costs in providing you with access to your personal information. This fee will be explained to you before it has been incurred.
We will respond to your access request within a reasonable period of time by providing you with access or rejecting your access request, and providing you reasons for this rejection.
Making a request to correct personal information
If you believe that the personal information about you that we hold is inaccurate or otherwise requires correction, you may send us a correction request by contacting us. We will review your request and respond within a reasonable period of time.
If you are a person in the European Union
The General Data Protection Regulation is the European Union (EU) data protection law. Australian-based organisations that offer goods or services to persons in the EU or target or monitor the behaviour of persons in the EU may be required to comply with that regulatory regime.
We are a South Australian based organisation however services within Australia. From time to time, we may capture or collect personal information that passes through the EU. This might occur, for example, if an Australian resident travelling in the EU makes enquiries about our services and respond to such enquiries, or if one of our investors gives us information about a person in the EU. If this occurs, we will treat the personal information received in accordance with this policy.
Where data is processed or monitored in the EU, you may have additional rights, such as:
the right to request that we destroy your personal information (unless we require that information to comply with a legal obligation, or need it to bring or defend a legal claim); and
the right to restrict our processing of your personal information (where it is inaccurate, would be unlawful to process, or where it has not been deleted due to us needing it to meet a legal obligation).
How to make a complaint?
If you believe that we have breached your privacy or if you wish to complain about the way have handled your personal information, please contact our privacy officer using the contact details set out below.
We take all complaints seriously and will respond to you within a reasonable period of time, usually 30 days, unless we consider your complaint to be frivolous or vexatious or if we are unable to verify your identity.
If you are not satisfied with the way we have handled your complaint, you can make a complaint to the Office of the Australian Information Commissioner at http://oaic.gov.au.
Changes to this policy
From time to time we may make changes to this policy. When we do, we will highlight those changes in yellow highlight for a period of 14 days. We encourage you to check this policy from time to time.
Please contact our privacy officer if you have any questions or wish to find out more about how we manage your personal information.
Mitsubishi Building, 1284 South Road, Clovelly Park SA 5042
Phone: 0448 053 024