Privacy Policy

Fortiro is committed to protecting your privacy and safeguarding your personal information. We are committed to handling personal information in accordance with applicable privacy laws, including the Australian Privacy Act 1988 (Cth) and Australian Privacy Principles, and the New Zealand Privacy Act 2020 (NZ) and information privacy principles in it (together, Privacy Laws).

References in this privacy policy to “Fortiro”, “we”, “our” or “us” refer to Fortiro Pty Ltd (ACN 652 862 050).

This privacy policy (Privacy Policy) sets out how we handle your personal information that is disclosed, collected or otherwise handled in connection with our engagement with and provision of services to you or our customers. This includes personal information disclosed to, collected by or otherwise used by the Fortiro website: https://www.fortiro.com (the Website), our Fortiro Protect software-as-a-service product (Fortiro Protect), performing customer services, communication exchanges with customers, through any online application that refers to or links to this Privacy Policy, or as may be processed through any other information technology platform we use to facilitate the provision of any or all of the foregoing services or technology (collectively, the Services). This Privacy Policy is to give you confidence as you visit and use the Website and use the Services, and to demonstrate our commitment to protect privacy in relation to your personal information provided to us.

We suggest you read this Privacy Policy, as it sets forth what personal information we collect, how and why we use it, and who we share it with in relation to the Services. Additionally, this Privacy Policy sets out your rights in relation to your personal information and who to contact for more information or queries.

We regularly review our practices and procedures regarding how we collect, hold, use, disclose and otherwise manage personal information. As a result, this Privacy Policy may change from time to time and it is therefore important that you review it regularly. Any change to this Privacy Policy will become effective when we publish the revised Privacy Policy on our Website. You can check the effective date by viewing the date at the top to see when the Privacy Policy was last updated. If we make any material changes to this Privacy Policy we will use reasonable endeavours to bring this to your attention when we do.

Your continued use of the Services, requesting our assistance or the provision of further personal information to us after this Privacy Policy has been revised, constitutes your acceptance of the revised Privacy Policy.

PERSONAL INFORMATION WE COLLECT AS PART OF OUR RELATIONSHIP WITH YOU
Generally, personal information is any information or an opinion about you which may be used to reasonably identify you and from which you can be identified or can be reasonably identified, whether true or not and whether recorded in a material form or not. For example, your name, address, contact details, such as telephone number and email address, and identification details (such as your tax file number, and government identifiers such as passport details or driver's licence details). Personal information may also include information about your individual preferences.

As we need to use certain categories of personal information to perform our Services and for our customers to be able to benefit from those Services, we collect your personal information to the extent that it is reasonably necessary and relevant to the performance of these Services. More specifically, information we may collect includes:

Verification data: which may include personal information (verification data) for the purpose of providing document and data verification services. Verification data may include your name, address, contact details (such as telephone number and email address), proof of income/expense data (such as payslips, bank statements, notice of assessments) and identification details (tax file number, passport and/or driver’s licence details).

Contact information: we also collect personal information if you create an account or enter into an agreement with us to use our services, such as your or your representatives' name, title and contact details for both identification and registration processes.

Technical information: includes username and passwords, internet protocol address, your login data, browser type, time zone setting, location and other technology on the devices you use to access the Website and Services.

Usage information: includes information about the performance of the Website and Services and how you use the Website and Services.

Statistical information: includes information collected to provide statistics about the use of our Website and Services, including information about trends in document fraud and verification measures.

Marketing information: includes your preferences in receiving marketing communications from us.

Verification information: where we check your information with third-parties, we may retain details of the check we performed and the outcome in order to make this information available to our customers.

Required information: includes other personal information required to satisfy our obligations under relevant legislation.

Other information: any other personal information that you provide to us either directly or indirectly when using the Website or our Services.

We may also collect personal information that is provided to us in the course of normal business operations, such as if we engage you as a supplier, if you apply for employment with us or make an enquiry about our services. The kinds of information we collect will depend on what is provided to us, but typically would include your name, address and contact details.

WHY DO WE COLLECT AND USE YOUR PERSONAL INFORMATION?
We collect personal information about you for a variety of reasons, and in the most common circumstances, such information which is reasonably necessary to:

provide access to our Services;

respond to enquiries, complaints and communications we receive about us and our Services;

collect feedback and develop, improve, manage and administer our Services;

assess the performance of the Website and Services, including for data analysis, and statistical purposes in connection with the Website and Services as permitted by law;

maintain system security and stability;

allow third parties you have authorised to contact you if you have granted permission;

notify details of new services and products offered by us;

administer our databases for client service, marketing and financial accounting purposes;

administer our business (including fulfilling and exercising any of our obligations and rights, exercising or defending legal claims and managing the relationship with you, to fulfil our legal obligations, such as those relating to taxation and anti-money laundering and counter-terrorism financing or as otherwise authorised by you); and

any other uses identified at the time of collecting your personal information.

‍We collect, hold, use and disclose verification data only for the purpose of providing our Services. Without such information, we may not be able to provide our customers with an appropriate level of service.

Other than as set out below, we generally do not collect sensitive information, such as information about your racial or ethnic origin, political opinions or associations, religious beliefs or affiliations, sexual orientation or practices, health or genetic information.

As part of providing our Services, we may collect and use sensitive information (such as health information) that you have provided to our customers for the purpose of verifying a document or documents, in circumstances where you have consented to such collection and use. We will only use or disclose your sensitive information in circumstances you would reasonably expect us to, and in any event, that are directly related to the primary purpose of collecting your sensitive information.

Our Website and Services are not intended for use by children and should only be accessed by individuals of at least 18 years old (the Age Limit). If you are under the Age Limit, please do not use the Website or Services and do not provide us your personal information. We will upon notice or discovery take all reasonable efforts to erase or destroy any personal information that may have been collected or stored by us about those under the Age Limit without our knowledge.

‍MARKETING COMMUNICATIONS
In addition to the purposes set out above, we may collect, use and disclose your personal information to inform you of products, services or offers of Fortiro, our related companies or commercial partners which may be of interest to you, either by notification via the Website, emails or Fortiro Protect (Marketing Communications), in circumstances where we have collected the information directly from you and you would reasonably expect that your personal information would be used or disclosed for this purpose.

You may receive Marketing Communications if:

You subscribe to our Marketing Communications: Our Marketing Communications will keep you informed of the latest products, current offers and promotions at Fortiro.

You request information about our services when you choose to contact us: You will not be added to a mailing list of any kind and will only receive e-mails in relation to the matter you have contacted us about.

Relevant reasons: The Marketing Communications are otherwise relevant for which we hold your email address, where we are permitted to do so by law.

If you no longer wish to receive such material, you can opt out at any time by clicking the “unsubscribe” link at the bottom of any email Marketing Communication you receive or by contacting us using the contact details at the bottom of this Privacy Policy, or through any other opt-out mechanism contained in a Marketing Communication to you.

DO WE DISCLOSE PERSONAL INFORMATION TO OVERSEAS RECIPIENTS?
All of our services are provided from Australia. The only circumstance in which we disclose personal information to an overseas recipient is where we are asked to match verification data against data held by an overseas entity. For example, if you request that we process an overseas vaccination certificate, we may verify information on the certificate with an entity of that overseas country. This may result in your personal information being disclosed to recipients in countries such as New Zealand or the specific country that you request we verify information for. This may include countries which may not provide the same level of protection for your personal information as Australia. Otherwise, we do not disclose personal information to overseas recipients.

‍HOW DO WE COLLECT YOUR PERSONAL INFORMATION?
Fortiro collects information from its customers who use our services. We require our customers to obtain consent before they provide your personal information to us. Verification information is collected by us through electronic interfaces with our customers. You also have the right to withdraw your consent at any time where Fortiro relied on your consent to process your personal information.

We can also collect personal information directly from you or may receive personal information from third party suppliers and government database services. If we do, we will protect it as set out in this Policy.

We may also collect your personal information when you:

register with us, creating a user account and insert personal information to log into and become a member of this Website;

communicate with us or our staff;

access and use the Website and Services;

respond to any surveys or marketing materials we send out; and

deal with us in other ways involving your personal information such as when you contact us or when we otherwise perform the Services.

We may also collect your personal information from third parties, including:

other third parties who provide you services via the Website or in connection with the Services; and

third parties who provide services to Fortiro.

WHAT IF WE CAN’T COLLECT YOUR PERSONAL INFORMATION?
If you do not provide us with the personal information we need, some or all of the following may occur:

you may not be able to use some functions of the Website and Services; and

we may not be able to provide you with other services, targeted content and relevant information.

DATA SECURITY
Fortiro is committed to ensuring that the information you provide to us is secure. We store personal information in computer storage facilities. We take reasonably appropriate steps which are intended to protect the personal information against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include encryption, password protection, access privileges for accessing our IT system, and using current technological protection measures.

Information that we collect may from time to time be stored, processed in or transferred between parties located in Australia.

Ultimately, data protection measures are never completely secure and, despite the measures we have put in place, we cannot guarantee the security of your personal information. You must take care to protect your personal information (for example, by protecting your usernames and passwords). You should notify us as soon as possible if you become aware of any security breaches.

‍DISCLOSURE OF YOUR PERSONAL INFORMATION
We disclose verification data to various third parties in order to validate the data you provide to us with the records held by them. Further information about the types of data verification services we provide is available on our website.

We may also disclose other personal information to:

our agents and contractors;

technology partners in connection to the services that these third parties perform for us;

third party partners that provide certain services to you on behalf of Fortiro;

our lawyers, accountants and professional advisors;

to Fortiro-affiliated companies that are either directly owned or controlled by Fortiro;

to law enforcement authorities or where we are required to do so by law or pursuant to a legal process, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request; or

to any entity in the event that we sell or transfer all or a portion of our business or assets.

If we do this, we require the third party to protect personal information in the same way we do.

Without limiting the above, if there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible by law our user databases, together with any personal information and non-personal information contained in those databases. We would seek to only disclose information in good faith and where required by any of the above circumstances.

Where we provide personal information to third parties, we endeavour to use contractual measures to protect this information.

We will never sell your personal information to anyone else.

INFORMATION RETENTION
We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy and in each case in accordance with Privacy Laws in respect of permitted or required retention periods and limitation periods for taking legal action.

‍ACCESS TO YOUR PERSONAL INFORMATION
You may request details of personal information that we hold about you in accordance with Privacy Laws. Depending on your request and where permitted by Privacy Laws, a small administrative fee may be payable for the provision of information if you would like a copy of the information that we hold about you, or for the correction of information if you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading.

To request an amendment to any personal information that we hold about you, please contact our team using the contact details at the bottom of this Privacy Policy. If we do not agree to amend your personal information, you may request that we make a note of your requested correction with the information we hold about you.

If we are unable to, or if we are unwilling to provide you with access to any of your personal information, or to correct any of your personal information, we will provide you with our reasons.

We will take all reasonably practicable steps to make sure that the personal information we collect, use or disclose is accurate, complete and up to date.

If you wish to have your personal information removed from our records, you may request that your personal information be removed or destroyed. It may not always be possible to comply with your request.

We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances under Privacy Laws.

‍

‍COMPLAINTS ABOUT PRIVACY
‍If you have any complaints about our privacy practices, please feel free to send in details of your complaints to admin@fortiro.com. We take complaints very seriously and will respond shortly after receiving written notice of your complaint. You may also make a complaint to the Office of the Australian Information Commissioner (phone 1300 363 992) or the New Zealand Office of the Privacy Commissioner (phone 0800 803 909). Their websites also contain further information about making complaints relating to privacy.

‍WEBSITE

WHEN YOU VISIT OUR WEBSITE‍
When you visit our Website, we may collect certain information such as your browser type, operating system, and websites visited immediately before coming to our Website. This information is used in an aggregated manner to analyse how people use our Website, such that we can improve our Services.

‍COOKIES
We may from time to time use cookies on our Website. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our Website. Our Website may from time to time use cookies to analyse website traffic and help us provide a better visitor experience. In addition, cookies may be used to serve relevant ads to website visitors through third party services such as Google Adwords. These ads may appear on our Website or other websites you visit.

By consenting to this Privacy Policy, you agree that we may make use of a number of automated processes using your personal information and your activity on our site as tracked by us, in order to customise and tailor our services to you.

‍THIRD PARTY SITES
Our Website may from time to time have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that Fortiro is not responsible for the privacy practices of such other websites. We encourage our users, when they leave our Website, to read the privacy statements of each and every website that collects personal information.

‍CONTACT US‍
If you have an enquiry regarding the content of this Privacy Policy, you can contact us by email at admin@fortiro.com.