We only collect personal information for the purposes of conducting our business, including in relation to the licensing and implementation of our document creation, automation and management software (our products and services).
The type of personal information we collect depends on your relationship with us – whether you are a client, prospective client or a prospective employee. Examples of the types of information we collect are:
We may collect your personal information in a number of ways, including in person, by telephone, by email or electronically when you contact us or visit our website to:
We use personal information to provide our products and services in meeting our customers' needs. We collect, hold, use and disclose your personal information to:
Personal information under the control of licensees
In some circumstances, we may access and use personal information that has been collected by a licensee in the course of their use of our software products. This personal information remains under the control of the licensee at all times. We will only use this information on a limited basis to fulfill our contractual obligations to the licensee to:
You may elect not to identify yourself or you may use a pseudonym in your dealings with us, except where it is impracticable for us to deal with you on this basis (for example, we will need to identify you in order to provide most of our products and services).
We may use your personal information for direct marketing. This includes the use of personal information to:
If you prefer not to receive these communications from us, you may ask us at any time to stop sending you direct marketing information or to stop being contacted by us. You can do this by emailing us at email@example.com.
We or our third-party partners may collect information automatically when you enter our website by using cookies, which are small data files placed on your computer or other device to collect information. This information includes your domain name, browser, your computer operating system, information about the web page from which you linked to the site, and time spent on different pages within the site. We cannot identify you from this information.
We or our partners may use this information to evaluate and improve our site or deliver web content specific to your interests, and may share the information with third parties on an aggregated basis to enhance our products and services. You can set your browser to notify you when you receive a cookie which will provide you with an opportunity to either accept or reject it in each instance, or to disable cookies. Please be aware that cookies may be required to complete certain functions on our website and other websites you may link to from our website. This means that, if you disable cookies, you may be unable to use certain parts of our website or other websites.
We may disclose your personal information to third parties for the purposes explained above to:
We may share your personal information with our related bodies corporate, some of which are located overseas, including in the USA, Norway, Germany and the United Kingdom.
Where personal data is transferred from the EU or Switzerland to the US in the context of an employment relationship, we will cooperate in investigations by and comply with the advice of EU data protection agencies and the Swiss Federal Data Protection and Information Commissioner (FDPIC).
Exari will reply to lawful requests from public authorities, including to meet national security or law enforcement requirements, for disclosure of personal information.
Exari will not transfer personal information originating in the EU or Switzerland to third parties unless such third parties have entered into an agreement in writing with us requiring them to provide at least the same level of privacy protection to your personal information as required by the Principles of the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework. We will only transfer data to our agents, resellers or third party service providers (such as accountants, attorneys, consultants, and other service providers) who need the information in order to provide services to or perform activities on behalf of Exari, including in connection with the delivery of services or products, Exari’s management, administration, or legal responsibilities. We acknowledge our liability for such data transfers to third parties.
We hold your personal information in both electronic and hardcopy files. We use security techniques to protect your personal information that we hold from misuse interference and loss, and from unauthorised access, modification or disclosure. The techniques we use include firewalls and access control procedures. For example, when you use Exari software over the internet, the information exchange between you and the Exari software is encrypted using the Secure Sockets Layer (SSL) protocol.
All our employees are bound by non-disclosure agreements intended to prevent them from disclosing any personal information. Further, our employee guidelines state that our employees must abide by all state and federal laws and regulations in the performance of their employment duties.
Our policies also limit access to personal information to only those employees, contractors, agents or representatives that require the information to perform their jobs or assist us with providing our products and services to you.
We will keep personal information for as long as it is necessary to provide our products and services, and to comply with our business, tax and legal requirements. Once information is no longer needed for the purposes for which it was collected, we will take reasonable steps to de-identify and destroy it.
We will, upon your request, and subject to any exemptions under applicable privacy laws, provide access to the personal information that we hold about you. We will need to first identify you and understand the type(s) of information you wish to access. We will generally deal with access requests within 30 days. We may charge for our reasonable costs of providing access. If we deny access to all or any part of the personal information that you request, we will notify you of our reasons in writing and explain how you can complain if you are not satisfied with our decision.
You can ask us to confirm whether we are processing your personal data, or to correct or update personal information we hold about you at any time. We will need to verify your identity. We will also independently take reasonable steps to correct personal information we hold if we are satisfied that it is inaccurate, out-of-date, incomplete, irrelevant or misleading, having regard to the purpose for which it is held.
If you require access to, or wish to update your personal information, please contact us at firstname.lastname@example.org.
If you have questions, concerns, or complaints about this Policy or our privacy practices, please contact our Privacy Officer by email at email@example.com or by telephone on +61 3 6921 2775. We will respond to your inquiries as soon as is practicable.
In compliance with the Privacy Shield Principles, Exari commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Exari by email at firstname.lastname@example.org or by telephone on +44 203 795 2490. If required, complaints will be referred to Exari's Senior Vice President of Finance and Operations.
Exari has further committed to refer unresolved Privacy Shield complaints to the American Arbitration Association an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the American Arbitration Association or visit https://www.adr.org/Support, for more information or to file a complaint. The services of the American Arbitration Association are provided at no cost to you.
You may also lodge complaints with the Office of the Australian Information Commissioner by contacting:
Under certain conditions, more fully described at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Exari is under the jurisdiction as well as the investigatory and enforcement powers of the US Federal Trade Commission for purposes of the EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.
Last updated: October 2017