This Privacy Policy covers the personal information ("Information") we collect about you when you use our products or services, or otherwise interact with us. ClrHorizon, we and us refers to ClrHorizon Pty Ltd ACN 159 364 360.

With respect only to residents of the European Economic Area, Schedule 1 of this Privacy Policy provides additional terms for the protection of “Personal Data” under the European Union General Data Protection Regulation (Regulation 2016/679) ("GDPR"). Personal Data should be considered fundamentally interchangeable with the Australian expression “Personal Information” for the purposes of this Privacy Policy.

This Privacy Policy applies to the Information collected by us when you:

  • Use our products and services;
  • Receive communications from us, including emails and phone calls;
  • Register for our events or webinars;
  • Visit our websites that display or link to this Privacy Statement;
  • Visit our social media pages; or
  • Visit our offices.

Our websites may contain links to other websites, applications and services maintained by third parties. The information practices of such other services, or of social media networks that host our social media pages, are governed by third parties’ privacy statements, which we encourage you to review to better understand those third parties’ privacy practices.

We provide our products and services under contract with an organisation (for example your employer) that organisation controls the information processed by our products and services.

The Information that we collect directly from you includes the following:

  • If you express an interest in obtaining additional information about our services, request customer support, contact us or similar, register to use our websites, sign up for an event, webinar, or download certain content, we may require that you provide to us your contact information, such as your name, job title, company name, address, date of birth, phone number, email address or username and password;
  • If you make a purchase, we may require that you provide to us your financial and billing information, such as billing name and address, and bank account information;
  • If you use and interact with our websites, we automatically collect log files and other information about your device and your usage of our websites through cookies, web beacons or similar technologies, such as Internet Protocol (IP) addresses or other identifiers, which may qualify as Personal Information and
  • If you visit our offices, you may be required to register as a visitor and to provide your name, email address, phone number, company name and time and date of arrival.

If you provide to us or to our service providers any information relating to other individuals, you represent that you have the authority to do so and permit us to use the Information in accordance with this Privacy Policy.

Information we receive from other sources

We receive information about you from other sources, from third-party services, and from our business and channel partners. This helps us to identify customers and create more tailored advertising to provide services that may be of interest to you. In particular, we collect Information from third party providers, including job titles, email addresses, phone numbers, media profiles, LinkedIn URLs and custom profiles, for purposes of targeted advertising, delivering relevant email content, event promotion and profiling.

What device and usage information we gather

We use common information gathering tools, such as log files, cookies, web beacons and similar technologies to automatically collect information that may contain information from your computer or mobile device as you navigate our websites or interact with emails we have sent to you.

When you use our website, tablet or mobile applications, we may collect information about your location or activity including the date of and time of visits, which pages are viewed, how you as the user navigate through the website and interact with the webpages (including fields completed in form and applications), IP address, telephone number, information about the device used to visit our website and whether you’ve accessed third party sites.

How we use information we collect

We collect and process your information for the purposes of the following

  • Establish your identity and assess your application for our products and services.
  • Price and design our products and services.
  • Tell you about products and services offered by us or our preferred suppliers that we believe may interest you - unless you ask us not to. If you wish to not receiving personalised offers, you can easily make this request by clicking on the link at the bottom of our Emails.
  • Administer our products and services and manage our relationship with you.
  • If you have an account with us, managing your user account.
  • Handling contact and user support requests.
  • Manage our risks and help identify and investigate illegal activity, such as fraud.
  • Conduct and improve our businesses and improve our customers' experience.
  • If you have provided financial information to us, to collect payments.
  • Comply with our legal obligations and assist government and law enforcement agencies or regulators.

Where we need to collect and process your information, under a contract, we have entered, and you fail to provide the required information when requested, we may not be able to provide our product or services to you.

Due to the operational requirements of our products and services it is not practical for you to use a pseudonym or remain anonymous by not disclosing your identity to us.

How we share Information we collect

We may share your Personal Information as follows:

  • With our related bodies corporate
  • With our contracted service providers, such as Salesforce, who provide services such as IT and system administration and hosting, research and analytics, marketing, customer support and data enrichment.
  • Other organisations who provide products or services to you jointly with us;
  • Other organisations who we believe may be able to offer services that are of interest to you. These organisations may contact you directly in relation to such services;
  • With professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services;
  • With your consent or as permitted or required by law.

Do we disclose your Information Overseas?

We only transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing you our products and services. We primarily store information in the United States and in the other countries where our Salesforce operates https://www.salesforce.com/company/locations/.  Whenever we transfer your information, we take steps to protect it.  

How we hold and manage information we collect 

Much of the information we hold about you will be stored electronically in secure data centres owned by our external service providers, primarily in the United States or in other countries where Salesforce operates https://www.salesforce.com/company/locations/.  

We use a range of physical and electronic security measures to protect the security of the personal information we hold. For example:

  • Access to information systems is controlled through identity and access management.
  • Employees are bound by internal information security policies and are required to keep information secure.
  • All employees are required to complete training about information security.

How to access and control your information 

You should contact us if you wish to find out about the information we hold about you. 

In certain circumstances, we may not be able to tell you what information is held about you. Our products and services are intended for use by organisations. Where our products and services are made available to you through an organisation (e.g. your employer), that organisation is the administrator of the products and services and is responsible for the accounts and systems over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the products and services is subject to that organisation's policies. We are not responsible for the privacy or security practices of an administrator's organisation, which may be different than this policy. 

Administrators are able to:

  • require you to reset your account password;
  • restrict, suspend or terminate your access to the Services;
  • access information in and about your account;
  • access or retain information stored as part of your account;
  • install or uninstall third-party apps or other integrations 

In some cases, administrators can also:

  • restrict, suspend or terminate your account access;
  • change the email address associated with your account;
  • change your information, including profile information;
  • restrict your ability to edit, restrict, modify or delete information

Opt out of communications 

You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, or by contacting us as provided below to have your contact information removed from our promotional email list or registration database.Even after you opt out from receiving promotional messages from us, you will continue to receive messages from us regarding the use of our products and services. You can opt out of some notification messages in your account settings. 

Changes to this Privacy policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements and other factors or as required by law. 

We encourage you to periodically review this Privacy Policy to stay informed about our collection, processing and sharing of your Personal Information.

Contact Us

If you are concerned about how your personal information is being handled or if you have a complaint about a breach by us of the Privacy Act, you can contact our Privacy Officer at:

Email: Info@clrhorizon.com

If you are not satisfied with the way we handled your concerns, you may complain to the Office of the Australian Information Commissioner.

GPO Box 5218

Sydney NSW 2001

Phone: 1300 363 992

Email: enquiries@oaic.gov.au

www.oaic.gov.au

Schedule 1

RIGHTS OF EUROPEAN ECONOMIC AREA RESIDENTS

We are committed to ensuring our compliance with the GDPR.

Although our Privacy Policy explains how we meet all of our obligations under Australian law, if you are habitually located in the European Economic Area ("EEA Residents") you may have additional rights in respect of your Personal Data.

Personal Data is defined for this purpose as: “Any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier”. 

Under the GDPR, we are primarily a “controller” of Personal Data, as opposed to being a “processor”. As part of our GDPR compliance, we provide our services and products in a way that ensures:

Personal Data is:

  • processed fairly, lawfully and in a transparent manner; and 
  • collected and processed only for specified and lawful purposes. 

Processed Personal Data (i.e. Personal Data that is used, held or disclosed by us) is:

  • adequate, relevant and not excessive; 
  • accurate and, where necessary, kept up to date; 
  • not transferred to countries outside the EEA without adequate protection; and 
  • treated in accordance with individuals’ legal rights.

You are not required to provide all Personal Data identified in this Privacy Policy to use our services or products or to interact with us offline, but certain functionality will not be available if you do not provide Personal Data.If you do not provide Personal Data, we may not be able to respond to your request, provide services or products to you, or provide you with marketing that we believe you would find valuable.

We typically retain Personal Data related to marketing activities for as long as you accept marketing communications from us, and we will securely delete such data in accordance with applicable law upon request. For Personal Data that we collect and process for other purposes, we will typically retain such Personal Data for as long as it is necessary to fulfil the purposes outlined in this Privacy Policy and as otherwise specified in applicable record retention policies and procedures.

We have implemented technical and organisational measures in an effort to safeguard the Personal Data in our custody and control.

While we endeavour to always protect our systems, sites, operations and information against unauthorised access, use, modification and disclosure, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others.

You also have an important role in protecting Personal Data. You should not share any username, password or other authentication data provided to you with anyone, and we recommend that you do not re-use passwords across more than one website or application.If you have any reason to believe that your username or password has been compromised, please contact us.

Whilst we attempt to provide all users of our products and services with appropriate access and control over their data, individuals covered by the GDPR are also able to:

  • Prescriptively restrict, limit or otherwise provide instructions to us regarding how we can use their Personal Data, including if an individual has consented to our processing of their Personal Data, to withdraw that consent at any time or to object to how and why their Personal Data is used (e.g. by the removal of their consent for particular functions)
  • Verbally request the erasure (i.e. deletion) of their information; and 
  • Request us to provide all Personal Data held about them in a portable format, meaning in a way that is structured, commonly used and machine-readable. Users who exercise this right to data portability are also able to direct us to transmit this data to other entities who they intend to allow to process their Personal Data.

We will allow and assist EEA Residents to exercise these rights, unless we have compelling and legitimate legal grounds not to (e.g. a legal right or obligation under Australian legislation or applicable law, or if the Personal Data has been fully anonymised).

If you are in the EEA you also have the right to lodge a complaint with the local data protection authority if you believe that we have not complied with applicable data protection laws. 

Did this answer your question?