• the type of personal information we collect and hold;
• how we collect and hold personal information;
• the purposes for which we collect, hold, use and disclose personal information;
• how an individual may access personal information about the individual that we hold and how to seek the correction of such information;
• how an individual may complain about a breach of the Australian Privacy Principles and how we will deal with such a complaint;
• whether we are likely to disclose personal information to overseas recipients; and,
• if so, the countries in which such recipients are likely to be located if it is practicable to specify those countries in the policy.
References to “APPs” means the Australian Privacy Principles which apply to APP Entities under the Privacy Act.
References to “APP Entities” means the entities so described in the Privacy Act.
References to “Data Protection Laws” means the Privacy Act; and EU Data Protection Directive 95/46/EC and the Directive on Privacy of Electronic Communications 2002/58/EC and any national data protection or data privacy laws or regulations enacted under them which may be applicable to the provision of the Services under this Agreement (including without limitation the Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003) or, with effect from May 25, 2018, the EU General Data Protection Regulation (Regulation 2016/670) (the “GDPR”) and any law or regulation from time to time that replaces, modifies, implements or applies any of them.
References to “Data Controller” has the meaning given to that term in the Data Protection Laws, and includes the term “controller” as defined in the GDPR.
References to “Data Processor” has the meaning given to that term in the Data Protection Laws, and includes the term “controller” as defined in the GDPR.
References to the “Learning Platform” mean the educational platform related to foreign exchange trading and available through the Web site.
References to “Data Subject” means the identified or identifiable person to whom the Personal Information relates.
References to a “Member” mean those registered Users of our Learning Platform.
References to “Notifiable Data Breach” means a data breach in respect of Personal Information which is notifiable to the Office of the Australian Information Commissioner under the Privacy Act, where a data breach is likely to result in serious harm to any individuals whose Personal Information is involved in the breach.
References to “Personal Information” or “Personal Data” means information or an opinion, whether true or not, and whether recorded in a material form or not about an identified individual, or an individual who is reasonably identifiable, and which may include your full name, address, credit/debit card number and billing address, user name and password, and email.
References to the “Privacy Act” means the Australian Privacy Act 1988 (Cwth) and laws or regulations enacted under it with respect to the collection and use of Personal Information, and any law or regulation from time to time that replaces it.
References to “us,” “we,” “our,” and/or “ForexBoat,” mean ForexBoat Pty Ltd (ABN: 29 609 855 414,) and its parents, subsidiaries, and assigns.
References to the “Web site” mean the Web site bearing the URL www.forexboat.com.
References to “Sensitive Information” has the meaning contained in the Privacy Act, which includes information in respect of:-
• health (including predictive genetic information)
• racial or ethnic origin
• political opinions
• membership of a political association, professional or trade association or trade union
• religious beliefs or affiliations
• philosophical beliefs
• sexual orientation or practices
• criminal record
• biometric information that is to be used for certain purposes
• biometric templates.
References to “you,” and/or “User” mean a general user of the Web site and/or the Learning Platform, whether as a registered member, email list subscriber, subscriber to our private Facebook group, or general Web site user.
2. Agreement to be Bound
The parties acknowledge that in relation to the processing of Personal Information or Personal Data in connection with the provision of the Services under this Agreement, you shall be the Data Controller for the purposes of the Data Protection Laws and ForexBoat the Data Processor.
ForexBoat warrants that it shall implement and maintain appropriate administrative, technical, physical and organizational measures to protect Personal Information against personal data breaches, and any applicable Notifiable Data Breach, having regard to the state of technological development and the cost of implementing such measures, to ensure a level of security appropriate to:
► the likelihood and severity of harm to the interests of Data Subjects that may be expected to result from any such personal data breach and any applicable Notifiable Data Breach.
ForexBoat shall, at your expense and taking into account the nature of the processing, assist you by providing appropriate technical and organizational measures, insofar as this is possible, in the fulfilment of your obligations under Data Protection Laws and in particular to respond to requests for exercising the rights of Data Subjects, and any applicable Notifiable Data Breach. In the event of a claim, each party will pay all fines for which it is liable as imposed by a regulatory authority.
4. No Collection of Sensitive Information
We do not collect any Sensitive Information about an individual unless the individual consents to the collection of the information and the information is reasonably necessary. Sensitive information has been defined by the legislation to include information about a User’s health (including predictive genetic information); racial or ethnic origin; political opinions; membership of a political association, professional or trade association or trade union; religious beliefs or affiliations; philosophical beliefs; sexual orientation or practices; criminal record; biometric information that is to be used for certain purposes; and/or biometric templates. We ask that no User reveal such information in an Interactive Area as defined in our Web site Terms and Conditions.
5. The Information We Collect; Notification of the Collection of Personal Information
We collect both Personal Information and information which does not constitute Personal Information from our Users by lawful and fair means within the requirements of the legislation.
We only collect such Personal Information as is reasonably necessary for one or more of our functions or activities. In the event such Personal Information is provided by someone other than the User whom it identifies, we will notify the User as is reasonable in the circumstances and otherwise ensure that the User is aware of any such matters. For legal and practical reasons, ForexBoat may not be able to provide its services or access to the Learning Platform without the provision of such Personal Information by our Users to us.
We also collect information which does not constitute Personal Information , such as your IP address, browser/software used to access the Web site or the Learning Platform, the Web sites you visit before/after visiting the Web site or Learning Platform, type of device used to access the Web site or the Learning Platform, and the date and time of your visit to the Web site or Learning Platform.
6. Unsolicited Personal Information
7. Anonymity and Pseudonymity
Given the nature of the services provided by ForexBoat and our obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 it is impracticable for our Members to remain unidentified or use pseudonyms as detailed in APP 2.1. General enquiries about products and services can be handled anonymously if requested, however failure to provide the personal information required may mean that we cannot provide the services requested or we may be forced to withdraw our services.
8. Use of Your Information
We may use your Personal Information only for the particular purpose for which it was collected and will not use the information for a secondary purpose unless the User has consented to the use or disclosure of the information or as set forth more fully in Section 11. Specifically, we may use your Personal Information to personalize your User experience; to improve customer service: to process transactions; to administer a contest, promotion, survey or other feature; to contact registered Users via email in order to send them information and updates pertaining to their orders or subscriptions; to respond to inquiries, to send company news, updates and other related information; to process an application for employment with ForexBoat; to keep Users up to date on other products or services offered by ForexBoat; to monitor and improve the services provided by ForexBoat; and to comply with regulatory or legal requirements.
9. Direct Marketing & Newsletters, How to Opt-Out
If we receive or otherwise hold Personal Information about an individual, we will not use or disclose the information for the purpose of direct marketing as per the rules and regulations of APP 7.1 and without the prior consent of the User.
Notwithstanding the forgoing, Users who provide us their email addresses are automatically added to our newsletter and other mailings. Members who register for our services, if they have not opted-in to our newsletter prior to the time of registration, are automatically added. All Users may opt out to receiving marketing information and our newsletter via the unsubscribe link contained at the bottom of certain emails or by emailing us as firstname.lastname@example.org. Users should note that opting-out does not prevent us from contacting you regarding your account or any transactions.
Email marketing campaigns published by us may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include but shall not be limited to: the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity.
This information is used to refine future email campaigns and supply the User with more relevant content based around their activity.
This principle does not apply to the extent that a solicitation act preempts the APP regulations, including but not limited to the Do Not Call Register Act 2006, the Spam Act 2003; or any other Act of the Commonwealth, or a Norfolk Island enactment, prescribed by the regulations or any other federal, state, provincial or local rule or regulation which may apply, including but not limited to the U.S. CAN-SPAM Act of 2003, the E.U. Directive on Privacy and Electronic Communications, and the U.K. Privacy and Electronic Communications (EC Directive) Regulations of 2003.
10. Do Not Track (DNT) Disclosure
11. Disclosures of your Information
Your Personal Information may be used by us for the purposes provided for in this Policy or as consented to by you. We may disclose your Personal Information if you would reasonably expect us to use or disclose the information for the purpose of providing our services, the Web site and/or the Learning Platform to you; if the use or disclosure of the information is required or authorized by or under the law or a court/tribunal order; if a permitted general situation exists in relation to the use or disclosure of the information; if we reasonably believe that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
We may also disclose your Personal Information to external parties who provide services to ForexBoat including (but not limited to): our payment processor in order to facilitate transactions; organizations that assist us with fund registry, archival, research, mail and delivery, auditing, recruitment, payroll, superannuation, insurance, management consulting, financial and legal advisory, banking, security and technology services in their capacity as service providers to ForexBoat; where relevant, to prospective employers and recruitment agencies who request verbal or written references in relation to current or former personnel; or if we, or our assets, are acquired by a third party, in which case personal data held on the Web site will be part of the transferred assets.
12. Legal Disclaimer and Disclosures
In addition to the forgoing disclosures contained in Section 11, we reserve the right to disclose your Personal Information as authorized and required by law and when believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person; violations of our terms or policies or another agreement into which we have entered with you; emergency situations; assisting government agencies; or as otherwise required by law. If a disclosure is made pursuant to this Section, we will provide the affected User written notice of the use or disclosure.
13. Related Bodies Corporate
In the event ForexBoat is or becomes a body corporate and collects Personal Information from a related body corporate, we may disclosure Personal Information as if for the primary purpose for which the related body corporate collected the information. This principle shall not apply to the use or disclosure by us of Personal Information for the purpose of direct marketing or government related identifiers.
14. Other Web Sites
15. Cookies & Activity Tracking
To enhance your online experience, we may use “cookies” or similar technologies, such as Web beacons, activity tracking, app performance tracking, UTM codes, and personalized advertising. Cookies are text files placed in your computer’s browser to store your preferences. Cookies do not contain Personal Information; however, once you choose to furnish a Web site or mobile software application with Personal Information, this information may be linked to the data stored in the cookie.
We, our third party service providers, advertisers and/or our partners may also use “Web beacons,” activity trackers, or clear .gifs, or similar technologies, which are small pieces of code placed on a Web page, to monitor the behavior and collect data about the visitors viewing a Web page. For example, web beacons may be used to count the users who visit a Web page or to deliver a cookie to the browser of a visitor viewing that page.
• Internet Explorer http://support.microsoft.com/kb/278835 (or http:/ /www.microsoft.com/windowsphone/en-us/howto/wp7/web/changing-privacy-and-other-browser-settings.aspx for mobile versions)
• Chrome: http://support.google.com/chrome/bin/answer.py?hl=en-GB&answer=95647
• Safari: http://docs.info.apple.com/article.html?path=Safari/5.0/en/9277.html (or http://support.apple.com/kb/HT1677for mobile versions)
• Firefox: http://support.mozilla.org/en-US/kb/ Enabling%20and%20disabling%20cookies
• Blackberries: http://docs.blackberry.com/en/smartphone_users/deliverables/ 32004/Turn_off_cookies_in_the_browser_60_1072866_11.jsp
• Android: http://support.google.com/mobile/bin/answer.py?hl=en&answer=169022
• Opera: http://www.opera.com/browser/tutorials/security/privacy/
16. Access to Your Information
If you access the Web site or Learning Platform and volunteer Personal Information, you may request access to your Personal Information by sending us an email to our privacy officer at email@example.com. We will endeavor to respond in writing to such requests as is reasonable under the circumstances and the law and within thirty (30) calendar days and give access to the information in the manner requested by the individual, if it is reasonable and practicable to do so. In certain circumstances, we may not be required by law to provide you with access to your personal information as well as circumstances where giving access would pose serious threat to life, health or safety of any individual or public, where the request is frivolous or vexatious, where giving access would be unlawful or where denying access is required by law (refer to APP 12.2 and 12.3 for a complete list). If access is denied, then we will give you written reasons for that decision and details available to complain about the refusal. An access fee may be charged where permitted by law.
17. Correction to Your Information
ForexBoat will take all steps reasonable to ensure that information held is accurate, up to date, complete, relevant and not misleading. If you access the Web site or Learning Platform and volunteer Personal Information, you may request modification of your personally-identifiable information by sending us an email to our privacy officer at firstname.lastname@example.org. We will endeavor to respond in writing to such requests as is reasonable under the circumstances and within thirty (30) calendar days and make such modification to the information in the manner requested by the individual, if it is reasonable and practicable to do so. If we refuse or are unable to correct the personal information as requested we will give a written notice that sets out the reasons for the refusal (except to the extent that it would be unreasonable to do so) and the mechanisms available to complain about the refusal. You should be aware that it is not always possible to completely remove or modify information in our databases.
18. Privacy Protection for Children Using the Internet
Protecting children’s privacy is important to us. For that reason, we do not collect or maintain information of those persons we actually know are under the age of thirteen (13) nor is any part of the Web site or the Learning Platform targeted to attract anyone under the age of thirteen (13). We request that all users of the Web site and the Learning Platform who are under the age of thirteen (13) not disclose or provide any personally-identifiable information. If we discover that a child under thirteen (13) has provided us with personally-identifiable information, we will delete that child’s Personal Information from our records.
19. Notice to Minors
In addition to protecting the privacy of children under age (13) we are committed to protect the privacy of minors. Though neither the Web site nor the Learning Platform is not targeted to minors nor is it intended to be used by minors, if, for any reason a minor has shared personally-identifiable information via our Web site or Learning Platform said minor may request and obtain removal of such information by contacting us at email@example.com. Although we offer deletion capability for our Web site and Learning Platform, you should be aware that the removal of content may not ensure complete or comprehensive removal of that content or information posted through the Web site.
20. Quality of Personal Information
We take reasonable steps in the circumstances to ensure that the Personal Information that we collect is accurate, up-to-date and complete. We also take reasonable steps in the circumstances to ensure that the personally-identifiable information we use or disclose is, having regard to the purpose of the use or disclosure, accurate, up-to-date, complete and relevant.
21. Data Security
We take reasonable steps to maintain the security of the Personal Information that we collect against misuse, interference and loss as well as unauthorized access, modification and disclosure, including utilizing SSL technologies and management-only access. Irrespective of whether personal information is stored electronically or in hard copy form, we will take all reasonable steps to protect the information from misuse, interference and loss; and from unauthorized access, modification or disclosure. Some of the ways we do this include using secure IT systems and firewalls; having a clean desk policy; document storage security procedures; appropriate training for our employees; taking all reasonable steps to ensure information provided on our website is protected; and taking all reasonable steps to de-identify and destroy personal information that is no longer required for the purpose it was originally obtained.
No data transmission over the Internet can be guaranteed to be completely secure. Thus, we cannot ensure or warrant the security of any information that you transmit to us, so you do so at your own risk. Please note that non-encrypted communication using email is not secure. Thus, we cannot guarantee data security in email communication and, therefore, recommend using physical mail for confidential information.
We shall promptly notify you of any actual or suspected personal data breach, and any Notifiable Data Breach having regard to the likelihood and severity of harm to the interests of you or the Data Subject(s) that may result.
22. International Transfer; Cross-Border Disclosures
23. Adoption, use or disclosure of government related identifiers
ForexBoat will not use or disclose an identifier that has been assigned to an individual by a Government Agency such as a Tax File Number, Social Security Number, or Medicare Number unless required by law.
24. 24 Personal Information on Expiry of Agreement
On expiry or termination of your Agreement with us; in respect of the Personal Information processed pursuant to that Agreement, we shall, cease to use such Personal Information and will promptly arrange for its deletion, except where the we may be required to retain Customer records (that could contain certain Personal Information) for the purposes of producing final invoices or for legal and regulatory compliance, in which case, we shall comply with (a) the applicable provisions in such relevant Agreement, and (b) Data Protection Laws regarding the deletion and retention of Personal Information.
25. 25 FOREXBOAT’s Liability
► IN THE EVENT THAT FOREXBOAT BREACHES ITS OBLIGATIONS AS A DATA PROCESSOR UNDER THE GDPR, AND AS A SOLE AND DIRECT CONSEQUENCE OF SUCH BREACH, OR ITS OBLIGATIONS AS AN APP ENTITY TO THE EXTENT APPLICABLE, WHERE YOU ARE FINED BY A REGULATORY AUTHORITY, THEN FOREXBOAT SHALL BE LIABLE TO YOU FOR SUCH FINES, EXCEPT TO THE EXTENT WHERE SUCH BREACH WAS ATTRIBUTABLE TO YOUR VIOLATION OF ITS OBLIGATIONS AS A DATA CONTROLLER UNDER THE GDPR, OR APP ENTITY AS APPLICABLE, OR WHERE SUCH BREACH WAS AS A DIRECT RESULT OF FOREXBOAT CARRYING OUT YOUR INSTRUCTIONS OR THOSE OF THE DATA SUBJECT.
► FOREXBOAT’s liability in this clause is subject to the conditions that you: (a) promptly give us notice of any such fines; (b) give us sole control of the defense of any such fines including the bringing of any appeal that may be available (provided that we may not settle any such fines that adversely affect you without your consent); and (c) you provide us with all reasonable assistance.
26. How to Contact Us
For information about privacy generally, or if your concerns are not resolved to your satisfaction, you can contact the Office of the Australian Information Commissioner (OAIC) on 1300 363 992 or via www.oaic.gov.au or your local governing authorities.