At briefly, we respect your privacy. We will collect, handle and process your personal data with the utmost care and in accordance with the law. How we handle and process information about you is governed by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (‘APP’) (collectively, the ‘Privacy Laws’). briefly is an APP regulated organisation and this statement explains our obligations and how we manage information about you.
In some circumstances, European Union (‘EU’) data protection laws may apply to the processing of your personal data. For the purposes of EU data protection law, including the General Data Protection Regulation (EU 2016/679) (‘GDPR’), the data controller is….
What is briefly’s business model?
briefly offers a free service and paid services. To make money, we encourage the users of our free service to upgrade to one of our paid services. We don’t help third parties to advertise their products to you. We also do not—and will not—sell your information.
Kinds of information we manage
We collect, receive, use, disclose and manage the following types of information:
‘Personal data’ or ‘personal information’ which is information or an opinion about an identified natural person or reasonably identifiable natural person, whether true or not and whether it is recorded in a material form or not. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Examples include an individual’s name, date of birth, signature, address and contact details, occupation, employment history, family situations, bank account details, financial and tax information, IP address. Unless specified otherwise, ‘personal data’ or ‘personal information’ includes GRI.
‘Sensitive information’ (also referred to as ‘special categories of personal information’) is a sub category of personal information and includes information or opinion about an individual’s racial or ethnic origin, political opinions and affiliations, religious or philosophical beliefs, membership of professional or trade associations or of a trade union, sexual orientation or practices, criminal record, health information including information about physical and mental health, notes on symptoms, diagnosis, disability and treatment, information about suitability for work and other health related information.
‘Government Related Identifiers’ (‘GRI’) are numbers, letters or symbols assigned by a State or Territory authority or agency to identify an individual or verify identity. Examples are Tax File Numbers, Medicare Numbers, Centrelink References, Driver’s License Numbers and Passport details. We only collect, receive, use, disclose or manage GRI in accordance with the law. The words ‘information about you’ refers to personal and sensitive information (or special categories of information) and GRI managed by us.
When you sign up for or use our Services, you voluntarily give us certain Personal Data, including:
- Your username, email address, and contact and language preferences. If you log into briefly with a social networking credential, such as with your Facebook or Google account, we will ask permission to access basic information from that account, such as your name and email address. You can stop sharing that information with us at any time by removing briefly’s access to that account.
Other Information we collect
We collect this information as you use the Site, Software, and/or Services:
- User Content. This consists of all text, documents, or other content or information uploaded, entered, or otherwise transmitted by you in connection with your use of the Services and/or Software. For more information about how we care for and protect your User Content, please see our User Trust Guidelines.
Automatically collected Information
Certain data about the devices you use to connect with briefly and your use of the Site, Software, and/or Services are automatically logged in our systems, including:
- Location information. This is the geographic area where you use your computer and mobile devices (as indicated by an Internet Protocol (IP) address or similar identifier) when interacting with our Site, Software, and/or Services.
- Log data. As with most websites and technology services delivered over the internet, our servers automatically collect data when you access or use our Site, Software, and/or Services and record it in log files. This log data may include IP address, browser type and settings, date and time of use, information about browser configuration, language preferences, and cookie data.
- Usage information. This is information about the briefly Site, Software, and/or Services you use and how you use them. We may also obtain data from our third-party partners and service providers to analyse how users use our Site, Software, and/or Services. For example, we will know how many users access a specific page on the Site and which links they clicked on. We use this aggregated information to better understand and optimize the Site.
- Device information. This is data from your computer or mobile device, such as the type of hardware and software you are using (for example, your operating system and browser type), as well as unique device identifiers for devices that are using briefly Software.
Information collected from other sources
Why we collect and process information about you
We collect, receive, use, disclose and otherwise process the kinds of personal information set out above only where it is reasonably necessary to perform our contract with you and for our legitimate business interests, including:
- To help us provide and administer our Site, Software, and/or Services, authenticate users for security purposes, provide personalized user features and access, process transactions, conduct research, develop new features, and improve the features, algorithms, and usability of our Site, Software, and/or Services.
- To communicate with you about your use of our Site, Software, and/or Services, product announcements, and software updates, as well as respond to your requests for assistance, including providing account verification support if you’re having difficulty accessing your account.
- To send you direct marketing emails and special offers about briefly, from which you can unsubscribe at any time. If you are located in the European Economic Area (EEA), Switzerland, or the UK, we will only send you marketing information if you consent to us doing so at the time you create your account or any point thereafter.
- To display User Content associated with your account and make sure it is available to you when you use our Services.
- To calculate aggregate statistics on the number of unique devices using our Site, Software, and/or Services, and to detect and prevent fraud and misuse of those.
Additional uses of information about you
We may also use information about you to inform you of matters that may be of interest to you, such as direct marketing information to inform you of improvements or expansion of services we provide, changes to the law or potential services you may require. Your name and address may be provided to a mailing house for those purposes. We will only process your information in this way if you have provided consent and have not unsubscribed from our email marketing service. We will only process your data in this way if you have provided consent and have not unsubscribed from our email marketing service. We may also use information about you within briefly or provide it to a related body corporate to help enhance the quality of services we offer.
Does briefly review User Content?
As a rule, briefly employees do not monitor or view your User Content stored in or transferred through our Site, Software, and/or Services, but it may be viewed if we believe the Terms of Service have been violated and confirmation is required, if we need to do so to respond to your requests for support, if we otherwise determine that we have an obligation to review it as described in the Terms of Service, or to improve our algorithms as described in the User Content section of our Terms of Service. In addition, if you request our support services, our support team may also read the User Content you submit for this specific service, as necessary to perform our contract with you and for our legitimate business interests. Finally, your Information may be viewed where necessary to protect the rights, property, or personal safety of briefly and its users, or to comply with our legal obligations, such as responding to warrants, court orders, or other legal processes.
Information access and disclosure
Does briefly share my Information?
We only disclose Personal Data to third parties when…
- …we use service providers who assist us in meeting business operations needs, including hosting, delivering, and improving our Services. We also use service providers for specific services and functions, including email communication, customer support services, and analytics. These service providers may only access, process, or store Personal Data pursuant to our instructions and to perform their duties to us.
- …we have your explicit consent to share your Personal Data.
- …we believe it is necessary to investigate potential violations of the Terms of Service, to enforce those Terms of Service, or to investigate, prevent, or take action regarding illegal activities, suspected fraud, or potential threats against persons, property, or the systems on which we operate our Site, Software, and/or Services.
- …we determine that the access, preservation, or disclosure of your Personal Data is required by law to protect the rights, property, or personal safety of briefly and users of our Site, Software, and/or Services, or to respond to lawful requests by public authorities, including national security or law enforcement requests.
We may disclose Non-Personal Data publicly and to third parties—for example, in public reports about word usage, to partners under agreement with us, or as part of progress reports we may provide to users.
briefly does not share your Personal Data with third parties for the purpose of enabling them to deliver their advertisements to you.
Does briefly sell or rent my Personal Data?
How do third-party apps and plugins work?
Some third-party applications and services that work with us may ask for permission to access your Information. Those applications will provide you with notice and request your consent in order to obtain such access or information. Please consider your selection of such applications and services, and your permissions, carefully.
Some third parties’ embedded content or plugins on our Site and/or Software, such as Facebook “Like” buttons, may allow their operators to learn that you have visited the Site, and they may combine this knowledge with other data they have collected about your visits to other websites or online services that can identify you.
Data collected by third parties through these apps and plugins is subject to each parties’ own policies. We encourage you to read those policies and understand how other companies use your data.
Will briefly send me emails?
From time to time, we may want to contact you with information about product announcements, software updates, and special offers. We also may want to contact you with information about products and services from our business partners. You may opt out of such communications at any time by clicking the “unsubscribe” link found within briefly emails and changing your contact preferences. All briefly account holders will continue to receive transactional messages related to our Services, even if you unsubscribe from promotional emails.
For EEA, Swiss, and UK users: We only send marketing communications to you with your prior consent.
Does briefly ever make any of my Personal Data or User Content public?
No, we do not share Personal Data or User Content except in the limited circumstances described in the “does briefly share my information?” section of the Policy.
Does briefly collect information from children?
No, briefly does not knowingly collect personal information from children under the age of 13. If we determine we have collected personal information from a child younger than 13 years of age, we will take reasonable measures to remove that information from our systems. If you are under the age of 13, please do not submit any personal information through the Site, Service, and/or Software. We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce this Policy by instructing their children never to provide personal information through the Site, Service, and/or Software without their permission.
Please note that in some countries the age of digital consent is older than 13. If you are in one of those countries, you must be at least that age to use the Site, Software, and/or Services.
Data storage, transfer, retention, and deletion
Where is my Information stored?
Information submitted to briefly will be transferred to, processed, and stored in Australia. When you use the Software on your computing device, User Content you save will be stored locally on that device and synced with our servers. If you post or transfer any Information to or through our Site, Software, and/or Services, you are agreeing to such Information, including Personal Data and User Content, being hosted and accessed in Australia. Please note that the laws of Australia may be different from the privacy laws applicable to the place where you are resident.
We do not generally transfer personal information from Australia to overseas parties, unless working with international service providers or required by law. We have contractual arrangements with those service providers with overseas-based data centres which require them to protect your personal information against unauthorised disclosure and to only use it for the purpose for which it is disclosed.
How secure is my Information?
briefly is committed to protecting the security of your Information and takes reasonable precautions to protect it. However, internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure, and as a result, we cannot ensure the security of Information you transmit to us, including Personal Data and User Content; accordingly, you acknowledge that you do so at your own risk.
We use industry-standard encryption to protect your data in transit and at rest.
Once we receive your data, we protect it on our servers using a combination of technical, physical, and logical security safeguards. The security of the data stored locally in any of our Software installed on your computing device requires that you make use of the security features of your device. We recommend that you take the appropriate steps to secure all computing devices that you use in connection with our Site, Software, and/or Services.
If briefly learns of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us or by posting a notice on the Site. Depending on where you live, you may have a legal right to receive such notices in writing.
How can I delete my Personal Data from briefly?
You can remove your Personal Data from briefly at any time by logging into your account, accessing the Settings page, and then deleting your account. Please note that, for security reasons, subscribers of our paid services will first be instructed to cancel their subscriptions before they can delete their briefly account.
How long is Personal Data retained?
You can remove your Personal Data from briefly at any time by deleting your account as described above. However, we may keep some of your Personal Data for as long as reasonably necessary for our legitimate business interests, including fraud detection and prevention and to comply with our legal obligations including tax, legal reporting, and auditing obligations.
What happens if briefly closes my account?
If briefly closes your account due to your violation of the Terms of Service, then you may contact briefly to request deletion of your data. briefly will evaluate such requests on a case by case basis, pursuant to our legal obligations.
As briefly evolves, we may need to update this Policy to keep pace with changes in our Site, Software, and Services, our business, and laws applicable to us and you. We will, however, always maintain our commitment to respect your privacy. We will notify you of any material changes that impact your rights under this Policy by email (to your most recently provided email address) or post any other revisions to this Policy, along with their effective date, in an easy-to-find area of the Site, so we recommend that you periodically check back here to stay informed of any changes. Please note that your continued use of briefly after any change means that you agree with and consent to be bound by the new Policy. If you disagree with any changes in this Policy and do not wish your information to be subject to it, you will need to delete your briefly
Your rights under the Privacy Laws
Access and Corrections of Information about you (in Australia)
You have the right to access and/or request corrections of information about you held by us in accordance with the APP. A request can be made by contacting us on XXXX or by emailing XXX or sending correspondence to XXXX. If you are dissatisfied with how we have managed information about you or if you believe that we have breached the APP, you may make a written complaint to us using the contact details above.
We will respond as soon as reasonably possible. If your concerns have not been resolved by that time, you may refer the matter to the Office of the Australian Information Commissioner on 1300 363 992 or [email protected].
Your rights (GDPR)
In some cases, EU data protection law (including the GDPR) will apply to processing of personal information by briefly. If EU data protection law does apply, you may have the right to:
- Access. You have the right to request a copy of the personal information we are processing about you, which we will provide back to you in electronic form. For your own privacy and security, in our discretion we may require you to prove your identity before providing the requested information. If you require multiple copies of your personal information, we may charge a reasonable administration fee.
- Rectification. You have the right to have incomplete or inaccurate personal information that we process about you corrected.
- Deletion. You have the right to request that we delete personal information that we process about you, except we are not obligated to do so if we need to retain such information in order to comply with a legal obligation or to establish, exercise or defend legal claims.
- Restriction. You have the right to restrict our processing of your personal information where you believe such information to be inaccurate, our processing is unlawful or that we no longer need to process such information for a particular purpose, but where we are not able to delete the information due to a legal or other obligation or because you do not wish for us to delete it.
- Portability. You have the right to obtain personal information we hold about you, in a structured, electronic format, and to transmit such information to another data controller, where this is (a) personal information which you have provided to us, and (b) if we are processing that information on the basis of your consent (such as for direct marketing communications) or to perform a contract with you.
- Objection. Where the legal justification for our processing of your personal information is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the information for the establishment, exercise or defence of a legal claim.
- Withdrawing Consent. If you have consented to our processing of your personal data, you have the right to withdraw your consent at any time, free of charge. This includes cases where you wish to opt out from marketing messages that you receive from us (see Section 5 above). You can make any of these requests in relation to your personal data by sending the request to our Privacy Officer by email at [email protected] or by mail to P.O. Box 523, Melbourne VIC 3001. You also have the right to lodge a complaint with the local data protection authority if you believe that we have not complied with applicable data protection laws.
For a list of local data protection authorities in the other EEA countries go to https://edpb.europa.eu/about-edpb/board/members_en. For the purposes of EU data protection law, briefly is the data controller. Our authorised representative in the EU is XXXX
Destruction, de-identification and putting beyond use
Once we are no longer legally obligated or contractually obliged to retain information about you for any lawful purpose we will either destroy or de-identify it.