RESPONSIGHT DATA PROTECTION AND PRIVACY POLICY

ResponSight is a data science company focusing specifically on data security in enterprise/corporate networks using behavioural analytics, with its offices in Melbourne, Victoria, Australia.

Collection and analysis of your data is essential to the operation of ResponSight software. As a result, data protection and privacy compliance are essential to our business.

Our software is designed so as to minimise the collection of personal information, private information or sensitive corporate information by us, but to the extent that we do collect personal information, this data protection and privacy policy is created to set the guidelines by which we must act to protect the privacy of the individuals with whom we deal and to comply with all applicable data protection laws. We will always collect, hold, use and disclose any personal information in accordance with the applicable data protection laws and this policy.

You may choose not to give your personal information to us. However, if you choose not to give us your personal information we may not be able to provide our software and services to you. By providing us with your personal information you consent to us collecting, holding, using and disclosing your personal information in accordance with this policy.

If you have any questions about this policy, please contact the privacy officer in charge at privacy@ResponSight.com or write to:

The Privacy Officer
ResponSight
PO Box 1230
Huntingdale, Victoria Australia 3166

THE INFORMATION AND HOW WE COLLECT IT

The types of personal information and personal data that we collect directly from you or from third parties may include (but is not limited to) your name, address, email, telephone numbers, job title and industry and those of the personnel who work or represent you.

Whenever it is reasonable and practicable to do so we will collect information about you directly from you. This includes collecting information when you request services from ResponSight or when you arrange a demonstration of our products and services.

We may also collect information about you (including personal information) from our services functionality and particularly security analysis. We may also collect personal information from you via websites or cookies.

To register as a customer with ResponSight, you are asked to provide us with Personal Information, which includes your name, company name, position in the company, email address, phone number and company address or personal address. This information about you may also be entered on the ResponSight platform by your company’s administrator, in order for you to use the platform.

If you want to contribute to ResponSight feedback or help forums, you are required to register using an email address and username.

No matter whether we collect your personal information directly from you or from/via third parties, we will use, manage, hold and disclose your personal information in accordance with the applicable privacy laws and this privacy policy.

HOW THAT INFORMATION IS USED

We may use your personal information for the following purposes:

to provide requested information, products and/or services to you;
to investigate and respond to claims from you;
to contact you, where necessary;
to process any application for employment that you make;
to perform analysis;
to tailor your experience with our software, website or other services and to direct you to content we believe will be of interest to you;
to provide you with information in connection with complementary products and services to those of ResponSight;
to refine our database;
for product and service development and to share positive testimonials with others;
to transfer any of the assets and or operations of ResponSight to another party;
unless you have indicated otherwise, opted-out or it is prohibited by applicable laws, to provide information about products and services which we expect may be of interest to you. However, in each marketing message you will be provided with the ability to opt-out from receiving future marketing messages; and
for other purposes required or permitted by applicable law.

If you receive promotional information from ResponSight and do not wish to receive this information any longer, you may remove your name from our list by contacting ResponSight at privacy@ResponSight.com asking to be removed from our mailing list or follow the instructions in any marketing communication you receive.

WHO WE DISCLOSE THAT INFORMATION TO

The nature of the ResponSight platform means that our customers may disclose personal information across the platform. We do not take part in or verify the conduct of such disclosure and ours terms of supply with customers requires the customer to ensure such activities comply with all applicable laws, including data protection law.

We may disclose your personal information to third party service providers who assist us to facilitate the software and services that we provide. These third parties may be located in various countries, across the globe. They provide services in connection with our products and services, for example by providing hosting, legal, accounting or marketing services or other support services. All such parties are under an obligation to maintain the security and confidentiality of Personal Information and to process such information in accordance with ResponSight’s instructions.

Where a disclosure is made to a third party for the purposes of processing your personal information on our behalf, we will ensure by using contractual or other means that disclosed personal information is (i) not kept at the data processor/service provider for longer than is necessary for the purpose of processing the information/providing the service to us and (ii) protected from unauthorised or accidental access, processing, erasure, loss or use.

Before disclosing your information to an offshore third party we will undertake an appropriate level of due diligence to assure ourselves that the offshore third party is capable of complying with the requirements of the applicable privacy laws.

Any personal information supplied to ResponSight or any of its subsidiaries may (as permitted by and in accordance with applicable law) also be shared within the internal company group to facilitate our business activities across countries and the provision of our products and services.

RESPONSIGHT CAN AGGREGATE YOUR NON-PERSONALLY IDENTIFIABLE DATA

By using the products and services of ResponSight, you agree that ResponSight can access, aggregate and use non-personally identifiable data ResponSight has collected from you.

ResponSight may use this aggregated non-personally identifiable data to:

enable our software and services to undertake their security analysis functions;
enable you to respond effectively;
make recommendations regarding your security infrastructure, policies and practices;
assist us to better understand how our customers are using our products and services;
provide our customers with further information regarding the uses and benefits of our products and services;
enhance our customer’s experiences and practices, including by creating useful insights from that aggregated data such as benchmarking; and
otherwise to improve our products and services.

YOU ARE RESPONSIBLE FOR TRANSFER OF YOUR DATA TO THIRD-PARTY APPLICATIONS

ResponSight’s products and services may allow users to transfer data, including Personal Information, electronically to and from third-party applications. ResponSight has no control over, and takes no responsibility for, the privacy practices or content of these applications. You are responsible for checking the privacy policy of any such applications so that you can be informed of how they will handle Personal Information.

KEEPING INFORMATION ACCURATE AND UP TO DATE

We take reasonable steps to ensure that all information we hold is as accurate as is possible. You are able to contact us at any time (via the contact details above) and ask for its correction if you feel the information we have about you is inaccurate or incomplete.

KEEPING INFORMATION SECURE

We take all practicable steps to protect your personal information from misuse, interference, loss, unauthorised or accidental access, and modification, processing, erasure or disclosure. Your data will be held in encrypted format at all times in the hosted servers to maintain confidentiality and ensure security of your data.

FOR HOW LONG DOES RESPONSIGHT KEEP PERSONAL INFORMATION?

The time period for which ResponSight keeps information varies according to what the information is used for. In some cases there are legal requirements to keep information for a minimum period. Unless there is a specific legal requirement for ResponSight to keep the information, ResponSight will keep Personal Information for so long as it is necessary for the purpose for which it was collected or for such other purposes for which consent has been obtained or ResponSight is otherwise permitted or authorised by law to use the Personal Information.

HOW YOU CAN ACCESS YOUR INFORMATION

You can contact us to request access to your information at our contact details above. Once we have verified your identity, in normal circumstances we will give you full access to your personal information that we hold. However, there may be some legal or administrative reasons to deny access. If access is denied, we will provide you with the reason why.

RESPONSIGHT COOKIES

A cookie is a small data file that contains information about a visit to a web site. This information is provided by an individual’s computer the first time it visits a web server. The server records this information in a text file and stores this file on the hard drive. When that individual visits the same web site again the server looks for the cookie and structures itself based on the information provided.

Most browsers are initially set up to accept cookies, but they can be reset to refuse all cookies or to warn you before accepting cookies. We use cookies to help us improve our service to visitors to our site and to ensure that our site stays easy to navigate and useful.

ResponSight also works with third party advertising and personalisation partners that use cookies to help us display personalised content and web advertisements across the internet based on someone’s past visits to our website. Cookies placed by our third party partners also assist us with measuring the performance of our advertising campaigns. You can decide whether or not to accept cookies through your internet browser’s settings.

LINKS

ResponSight cannot guarantee or accept responsibility for the privacy practices or the content of websites to which we provide links.

COMPLAINTS AND DISPUTE RESOLUTION

If you have a complaint about how we have collected, used or disclosed your personal information, or if we have not corrected or provided you access to your personal information, then you may contact our Privacy Officer to make a complaint at the email or address detailed above.

ResponSight will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information by reference to the principles contained in this Policy. If we fail to respond to your concerns, or if you are dissatisfied with the response that you receive from us, you may have the right, depending on the jurisdiction, to make a complaint to the applicable regulator.

We will cooperate with all applicable authorities to resolve any data protection dispute.

CHANGES TO THE PRIVACY POLICY

If ResponSight’s information practices change, ResponSight will post these changes on the website https://www.responsight.com/privacy/. ResponSight encourages you to review the ResponSight Data Protection and Privacy Policy periodically.

If we change material terms of this Data Protection and Privacy Policy, we will provide notice of the revised policy for 30 days on the ResponSight website. We will also take other steps as necessary depending on the nature of the changes, including obtaining your consent or providing you with the opportunity to delete your Personal Information, where required by local data protection laws.