COMUNiQ Privacy Policy

1. Introduction

Welcome to COMUNiQ. This Privacy Policy outlines how COMUNiQ (“we,” “us,” or “our”), a sub-brand of Bare Media Group, collects, uses, discloses, and protects Personal Information.

This policy applies to information collected through our website, platform, and the services we provide (collectively, the “Services”). We are committed to protecting your privacy in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

2. Our Role as a Communications Platform as a Service (CPaaS)

It is crucial to understand our role concerning the data handled by our platform.

• Data Controller (Our Client): As a client using our Services, you are the “Data Controller.” You own and control the Personal Information of your end-users (“Recipient Data”) that you upload or transmit through our platform. You are responsible for ensuring you have the legal right and necessary consents to collect and process this data.
• Data Processor (COMUNiQ): When we handle Recipient Data, we act as a “Data Processor” on your behalf. We only process this data according to your instructions and the terms of our client agreement. We do not control or own Recipient Data.

This policy covers our obligations as both a Data Controller (for our own client’s information) and a Data Processor (for the data our clients send).

3. Information We Collect

We collect different types of information depending on your interaction with us.

a) Client Information (As Data Controller): When you register for an account, request a demo, or use our Services, we collect information about you, our client. This may include:

• Contact Information: Full name, email address, phone number.
• Business Information: Company/organisation name, industry, company size, and your role.
• Billing Information: Credit card details, billing address, and other payment information, which are processed by our secure payment gateway.
• Account Information: Your login credentials, service preferences, and primary interest in the platform.

b) Recipient Data (As Data Processor): Our clients upload data about their recipients to our platform in order to send Communications. This data is processed solely on our client’s behalf and may include Personal Information such as:

• Names, email addresses, phone numbers, and physical mailing addresses.
• Other variable data required for the specific Communication (e.g., account numbers, policy details, appointment times).

c) Website Usage and Technical Data: When you visit our website, we may automatically collect information such as your IP address, browser type, operating system, and browsing activity through cookies and similar technologies.

• Names, email addresses, phone numbers, and physical mailing addresses.
• Other variable data required for the specific Communication (e.g., account numbers, policy details, appointment times).

4. How We Use Your Information

a) Use of Client Information: We use the information we collect about our clients to:

• Provide, maintain, and improve our Services.
• Process payments and manage your account.
• Communicate with you about service updates, support, and administrative messages.
• Send you marketing Communications (where you have consented) about our products and services.
• Enforce our terms and conditions and comply with our legal obligations.

b) Use of Recipient Data: Our use of Recipient Data is strictly limited by our role as a Data Processor. We will:

• Use Recipient Data exclusively to provide the Services as instructed by our client (the Data Controller). This includes sending and tracking emails, SMS, direct mail, and other Communications.
• Never use Recipient Data for our own marketing purposes.
• Never sell or rent Recipient Data to any third party.

5. Disclosure of Personal Information

We do not sell your Personal Information. We may disclose it to the following third parties:

• Sub-processors: We engage third-party vendors to assist in providing our Services, such as cloud hosting providers (e.g., AWS), SMS gateways, and print/mail houses. We have agreements in place to ensure they handle your data securely and only for the purposes we specify.
• Legal Requirements: We may disclose information if required by law, court order, or a government or regulatory authority.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
• With Your Consent: We may share information with other third parties with your explicit consent.

6. Data Security and Storage

We take reasonable steps to protect Personal Information from misuse, interference, loss, and unauthorised access, modification, or disclosure. These measures include:

• Using encryption for data in transit (SSL/TLS) and at rest.
• Implementing strict access controls and role-based permissions.
• Maintaining comprehensive activity monitoring and audit logs for compliance.
• Regularly training our staff on data security and privacy best practices.

7. International Data Transfers

Our services may be provided using resources and servers located in various countries around the world. Therefore, your Personal Information may be transferred and processed outside of Australia. Where we transfer your information overseas, we will take reasonable steps to ensure that the overseas recipient handles the information in a manner consistent with the Australian Privacy Principles.

8. Data Retention

• Client Information: We retain your account information for as long as your account is active and for a reasonable period thereafter as necessary to comply with our legal and financial obligations.
• Recipient Data: We retain Recipient Data according to the instructions of our client or as defined in our service agreement. We will securely delete or de-identify this data upon our client’s request or at the end of our service agreement.

9. Your Rights Under the Australian Privacy Act

As an individual, you have the right to:

• Access the Personal Information we hold about you.
• Correct any information that is inaccurate, out-of-date, or incomplete.
• Make a complaint about a potential breach of the Australian Privacy Principles.

To exercise these rights, please contact our Privacy Officer using the details below. We will respond to your request within a reasonable timeframe.

10. Cookies and Tracking Technologies

We use cookies to help us operate and improve our website. You can adjust your browser settings to refuse cookies, but this may affect the functionality of our website.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on our website and updating the “Last Updated” date.

12. How to Contact Us or Make a Complaint

If you have any questions, concerns, or wish to make a complaint about our handling of your Personal Information, please contact our Privacy Officer:

We will investigate your complaint and respond to you in writing. If you are not satisfied with our response, you have the right to contact the Office of the Australian Information Commissioner (OAIC).