1.0 Our Privacy Statement
Keyword Intent Pty Ltd ACN 138 544 555 trading as Way We Do provides industry leading workflow, policy and compliance management software through its website and software platform (Way We Do Platform).
We consider your privacy to be important and we take our responsibility to protect it seriously. We understand that you are concerned about your privacy, along with the confidentiality and security of any personal information that you provide to us.
This Privacy Policy describes how we collect, use, process, and disclose (“process”) your personal data (which includes any information you provide that may be able to identify you personally) in conjunction with your access to and use of all of the products, services, websites and applications that we offer (our Services).
2.0 Nature of Data Processing
How we process your personal data will depend upon how you use our services.
You may be an Admin Account Holder – You hold an Admin Account and you create and manage workflows and projects through the Way We Do Platform, invite other members of your organization or your clients to create Member Accounts, and provide us with your own personal data. That means you’re both a “data subject” for your own data that you provide to us and a “data controller” for the data of other users that we process on your instruction.
You may be a Member Account Holder – You have received an invitation to create an account on the Way We Do platform. You may input your personal information to create a user account and participate in workflows and projects that are created and managed through the Way We Do Platform. You are a “data subject” as you are providing your personal data to us for processing.
You may be a visitor to our website – You don’t have a Member Account or Admin Account, however you have landed on our website.
We act as both a “data controller” (when we collect your personal data ourselves, for example when you register a Member Account with us) and as a “data processor” (when we collect information on behalf of an Admin Account Holder, for example where you have been requested to provide personal data regarding a particular project).
3.0 Collection of information
We collect information about Admin Account Holders, Member Account Holders and visitors for different reasons.
Where you are a visitor to our website, we will only collect personal data about you where you have either consented to our collection of your personal data, or it is in our legitimate business interests to do so. For example, where you have made an enquiry of us regarding our services.
If you are an Admin Account Holder or a Member Account Holder we will collect personal data about you where you have provided your express consent, to fulfill our contractual responsibility to deliver our Services to you and to pursue our legitimate business interests.
Examples of where we collect personal data in our legitimate interests include where we are collecting your personal data to improve our service offering, or to develop new products and services.
By accessing and using our Services you are explicitly consenting to the collection and use of your personal data in accordance with the terms of this policy. By registering as an Admin Account Holder or Member Account Holder, you are consenting to the collection and use of your personal data in accordance with this policy. You may withdraw your consent to our collection and use of your personal data at any time by ceasing to use our Services and notifying us that you have withdrawn your consent to the processing of your personal data
4.0 Information we collect
We collect different types of personal data about you as you use our services. To make things easy, we have set out in the table below the type of information we collect and the purpose for which it is collected.
Information category | Nature of Information Collected | Example and Purpose |
Account Information | Your name
Your email address A password that you provide A phone number that you may voluntarily provide so we can contact you Billing information |
We collect this information when you set up an account with us as either a Member Account Holder or Admin Account Holder.
We need your personal details so that we can conduct business with you, provide you our services and otherwise communicate with you generally regarding our services. If you make a payment to us, we may require your account details or other financial information that relates to your payment. |
Profile Information | Your name
Your email address Your contact number Your position within your organisation |
We collect this information so that we you can create a secure Member Account or Admin Account and to enable you to access our Services. |
Additional User Information | Your communications and feedback for the purposes of improving our services. | We collect information that you provide to us when you answer emails or otherwise make enquiries of use |
Computer and Mobile Device Information | We access information from Microsoft and Google about the device and applications you use to access our Services. Device data mainly means your operating system version, device type and browser version. We will also collect your IP address. | This information provides us with more detailed of who you are, how you access and use our services. |
Information from Cookies and similar technologies | We may use cookies to track your movement throughout our website, for security. The cookie expires (and therefore is automatically deleted) when you end your browsing session (such as when you log out or close the browser). We also use Google Analytics to track your behaviour across our sites and applications. | This information helps us with security and also provides us with more detailed information regarding who you are and how you access and use our services. Cookies enable us to gather metrics about your experiences and to tailor advertising to you.
You can turn off cookies in your browser settings. |
Information from Third Parties | If you access our services from an external source (such as a link on another website or in an email), we record information about the source that referred you to us. | This information gives us a broad snapshot of the nature and use of our services. However, it cannot be used to personally identify you. |
5.0 How and why do we collect and process information?
We process data that we have collected about you in accordance with this policy in different ways. How we process your data will largely depend on whether you are using our Services as a visitor, or as a Member Account Holder or an Admin Account Holder.
There is a lot of information in this section, so to make things easier for you, we have broken down the categories of users of our Services. Each section sets out how and why information is collected about our different user groups.
5.1 Visitors
Where you have provided it to us and consented to our processing of your personal data, we will collect your contact information, which may include your name, email address, telephone number or any other information that you provide us in an enquiry, online form or otherwise. We use this information to get in contact with you to respond to queries and provide you with information. If you have agreed to it, we may also send you direct marketing and promotion information. If we have sent you marketing and promotional information directly, you will be able to opt-out at any time.
We may also collect your Computer and Mobile Device Information and Information from Cookies and similar technologies. We collect this information to:
a) allow us to improve our Services;
b) allow us to improve our security and prevent illegal (including fraud), abusive and detrimental activity;
c) helps us determine the nature in which you have used our Services;
d) allow us to assess the success of our advertising and emailing campaigns;
e) troubleshoot problems with our Services and make improvements;
f) track the success of our integrations and referral processes (for example, if you were directed to our website by another website).
Please note that where we have collected personal data about you, we may be required to disclose that personal data for the purposes of complying with a relevant law or court order.
5.2 Member Account Holders and Admin Account Holders
As a Member Account Holder or Admin Account Holder we collect the following types of information about you to fulfil our contractual obligations to deliver our Services to you, and in our legitimate interests:
a) Account Information
b) Profile Information
c) Additional User Information
d) Computer and Mobile Device Information
e) Information from Cookies and similar technologies
We use your Account Information, Profile Information and Additional Information to respond to your enquiries, provide surveys to members of your community, send information as part of our Services, identify information that you have provided in response to a survey and, provided you do not opt-out, to send you marketing and promotional information. We need to use your account data to run your account, provide you with our Services, bill you for our Services, provide you with customer support, and contact you about our Services and your account. Please note that you can opt out of direct marketing and promotional communications at any time by unsubscribing through the links in any communications you receive or otherwise changing your account settings.
We will use Computer and Mobile Device Information and Information from Cookies or similar technology to:
a) ensure our services are fully functional and operating at an optimal performance level;
b) allow us to access information and data as to the nature of use of our Services;
c) identify and fix functionality errors;
d) monitor illegal, abusive or undesirable behaviour;
e) to track the success of our integrations and referral processes from third parties;
f) enforce our agreements and comply with other lawful requirements.
In the collection and use of the above personal data we will also employ profiling and utilise machine learning in order to provide more accurate and detailed statistics regarding the nature of the data being collected. Such personal data will be used to make decisions about your preferences and to tailor marketing and promotional material to be more relevant towards you.
You can object to any such use of your data set out above. However we may not have the ability to fully and properly provide our services to you if you do not want us to collect or use the above personal data.
Please note that at no time will we ever sell your personal data to a third party.
6.0 Overseas Data Transfers
In order to store your personal data, provide customer support, perform back office functions, fraud prevention tasks or provide Services to you we may need to allow our staff, suppliers and service partners (who may be located or whose resources may be located in a country other than your country of residence) to access the personal data that you have supplied. The parties to which we currently allow access to such information include:
- Microsoft Azure
- Google Inc.
- Zendesk Inc.
- Capsule CRM, Inc.
- Peaberry Software, Inc.
- Campaign Monitor Pty Ltd
- Stripe, Inc.
- Web Active Corporation Ltd (eWAY Australia)
These parties may change in the future and we will update this Privacy Policy when such changes take place.
We have implemented security measures to protect the security of your personal data. However, as with any transfer of data, there are still risks of data breaches. There may be instances where your personal data is transferred to third party countries and international organizations, which have not been the subject of an adequacy decision by the General Data Protection Regulation Commission. Such transfers are necessary in order for us to perform our contractual obligations and also to deliver the services.
By providing your personal data you are explicitly consenting to the international transfer and processing of such data in accordance with this policy, in full and informed knowledge of the risks associated with such transfers and processing.
You may withdraw your consent at any time by contacting us using the contact information contained in this policy. However, this may affect or limit your ability to use our services.
In all other circumstances we will only disclose personal data to a third party country recipient or international organization if the disclosure of the information is required or authorized by or under a law of the EU, an Australian law, other applicable law or a court/tribunal order.
7.0 Information you share
Some of our Services may let you share information with others. We strongly recommend never sharing your password or access to your Member Account or Admin Account with any other person.
Our Services and the Way We Do Platform provide you with different options for managing and deleting your personal data, however we cannot delete data that you have shared outside our services.
8.0 Security
We consider data security incredibly important no matter which country you are located in. We have a comprehensive security system in place to protect your information. We use administrative, technical and physical safe guards to ensure your data is stored and used securely.
All of our staff are trained in appropriate administrative steps to reduce risk of loss, misuse, unauthorized access, disclosure and alteration of your data. We use secure server software to encrypt your personal data. We also only partner with third parties that meet and commit to our security standards. Our onsite premises are secured to ensure no loss of hardware which stores personal data.
We regularly review security and privacy practices to ensure our systems are up to scratch. While we cannot guarantee that loss, misuse or alteration of data will not occur, we use all reasonable efforts to prevent this.
It is also important for you to guard against unauthorized access to your personal data by maintaining strong passwords and protecting against the unauthorized use of your own computer or device.
9.0 Our Service Partners
We are sometimes required to engage third parties in order to provide you with the full scope of our Services. We utilise third parties to:
a) track and report on marketing metrics;
b) store data, including personal data;
c) provide payment facilities;
d) support you in your use of our services.
All third parties that are engaged are required to comply with the same or equivalent data security and privacy standards that we impose, and that are otherwise imposed by law.
10.0 Data Retention
We keep a record of your data for as long as necessary to provide our Services to you. At the conclusion of our engagement with you, we remove your access to our Services and in particular the Way We Do Platform, but we keep your details on record for six (6) months, or longer if required by law.
We also provide functionality within your account allowing you to amend, update or delete certain personal data.
11.0 Safety of Minors
We do not offer our services to any persons who are minors, being persons under the age of 13, or the age designated for minors as determined by the laws of the specific jurisdiction in which our Services are being accessed.
As our services are not offered to minors, we do not intentionally collect any personal data on any person who is a minor. If we become aware that we have collected personal data relating to a person who is a minor, we will delete that information without notice.
12.0 Changes to our privacy policy
In the event that we are required to make changes to this policy we will identify the changes that have been made on our website. We will also use our best endeavours to notify you directly, either through the Way We Do Platform or by using contact details that you have provided to us, where the amendment to our policy will result in a substantial change to the way in which we process your personal data.
13.0 Direct marketing campaigns
If we have contacted you directly with marketing and promotion material, you will be provided with functionality allowing you to opt-out of such direct marketing contact.
14.0 Your rights
We provide you with a number of rights in regard to the personal data that we process. These rights include:
a) access upon request to your personal data;
b) the right to withdraw consent – even after it has been provided, you may withdraw your consent to our processing of your personal data at any time by contacting us;
c) the ability to restrict the manner in which we use your personal data. You may request restriction on processing for specific actions that we are undertaking, whilst not restricting our processing of other kinds of your data;
d) the right to correct your data – if you feel that the data we are storing about you is incorrect, please contact us to notify us of the error, or alternatively amend your data through your account;
e) the right to obtain a copy of your personal data – where possible and feasible to do so, we are happy to provide you with a copy of the personal data that we hold about you, in an electronic format that you may provide to other processors or controllers;
f) the right to be forgotten – we will erase your personal data within six months of you ceasing to use our Services and the Way We Do Platform. You may also contact us directly requesting that we delete any of your personal data that we are processing; and
g) the right to object to processing or restrict processing – even after you have provided your consent, you may object to our use of your personal data for certain processes.
If you are a visitor to our website and want to exercise any of the above rights, please contact us directly using the contact information detailed below.
We will respond to all requests to exercise the above rights within a reasonable time (and in all cases within 30 days of receiving a request).
15.0 Contact Details
Keyword Intent Pty Ltd is responsible for responding to any requests related to your personal data. Contact details for Keyword Intent Pty Ltd are as follows:
Phone: +61 7 3113 9333 (Australia)
Email: support@waywedo.com
Address: Unit 7, 31-33 Middle St, Cleveland, QLD, Australia, 4163
General Data Protection Regulation (GDPR) – European & UK Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Keyword Intent Pty Ltd T/A Way We Do, has appointed European Data Protection Office (EDPO) as its GDPR representative in the EU and UK. You can contact EDPO regarding matters pertaining to the GDPR by:
– Sending an email to privacy@edpo.brussels
– Using EDPO’s online request form at https://www.edpo.brussels/contact
– Writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium
16.0 Complaints
If you believe that we have used or disclosed your personal data in a manner which is contrary to this Privacy Policy or otherwise breaches an applicable law, then you should contact us using the contact information provided in this policy. If you are based in the European Union and have a complaint regarding your personal data, you may also contact our European Representative using the contact information set out above.
Within 30 days of receipt of your complaint we will notify you in writing as to what action we propose to take in relation to your complaint and will provide you with details of what further action you can take if you are not satisfied with our response.
You also have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction. If you are unsure who your relevant supervisory authority may be, please contact us so that we may provide you with assistance.