Privacy Policy

1. Introduction

At Scopes Data (“Scopes Data”, “we”, “us”, “our”), we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose and protect personal information when you (i) visit our websites, (ii) request information about or evaluate our services, (iii) request or create an account on the Scopes Data Platform, (iv) apply for a job, or (v) otherwise communicate, interact or enter into a business relationship with us.

We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). If you are located in the EEA/UK, see the EEA/UK addendum at the end of this Policy.

This Policy should be read together with any collection notices or service-specific privacy notices we provide at the time of collection. Those notices may supplement (and, where relevant, prevail over) this Policy.

2. Scope and roles (controller vs. processor)

This Policy applies to personal information we handle as an APP entity. Where personal information about you is uploaded or managed in a customer account on the Scopes Data Platform, we generally handle that information on behalf of the relevant customer (for example, as a service provider/processor under contract). In those cases, our handling of personal information is governed by our agreement with that customer and their instructions.

3. What personal information we collect

Depending on your relationship with us and the Scopes Data services you use, we may collect:

• Identity Data: first and last name.
• Contact Data: address, email address, telephone numbers.
• Professional Data: company name, title, role, team and professional details.
• Technical Data: IP address, login data, browser type/version, time zone and location, plug-ins, OS and platform, device identifiers and similar technical information.
• Profile Data: usernames and passwords, purchases/orders, interests, preferences, feedback, survey responses.
• Usage Data: information about how you use our websites and the Scopes Data Platform.
• Marketing & Communications Data: your marketing preferences and communication settings.
• Employment Data (recruitment): CV/resumé details, qualifications, skills and information you provide in connection with a job application.

We also create or receive Aggregated Data (statistical/demographic) that does not reasonably identify you. If we combine aggregated data with personal information so that it could identify you, we treat the combined data as personal information.

We do not intentionally collect sensitive information (e.g., health, biometric, union membership) or information about criminal convictions, and our services are not intended for children.

4. How we collect personal information

• Direct interactions: you provide information via forms, email, meetings, events, contracting and customer support.
• Automated means: when you use our websites or the Platform we collect Technical/Usage Data via cookies, SDKs, server logs and similar technologies. You can manage cookies via your browser settings (see our Cookie Policy).
• Third parties/public sources: analytics providers (e.g., website analytics), recruitment agencies, marketing service providers, publicly available sources and our enterprise customers (where they authorise or provide data to us).

5. How we use personal information (purposes)

We use personal information to:

• set up and manage customer accounts and user credentials;
• provide, operate, secure and support our websites, Platform and services (including diagnostics, testing, maintenance and hosting);
• manage our relationship with you (including policy/terms updates, surveys and feedback);
• deliver relevant content, perform analytics and improve websites, products/services and customer experience;
• make recommendations about services that may interest you (you may opt out of marketing at any time);
• publish testimonials (with your approval);
• process job applications and manage recruitment;
• comply with laws and manage risk, fraud and security.

Where required, we will seek your consent (e.g., certain marketing). You can withdraw consent at any time, which will not affect prior processing.

6. Disclosing personal information

We may disclose personal information to:

• Service providers (IT, hosting, security, analytics, support, recruitment and other operational vendors) who must handle it under our instructions;
• Professional advisers (lawyers, bankers, auditors, insurers);
• Authorities where required by law or to protect our legal rights, users or the public;
• Business transferees in connection with a merger, acquisition or restructure;
• Others with your direction or consent.

We require third parties to handle personal information securely and only for the purposes we specify.

7. Overseas disclosures

Our service providers and infrastructure may be located outside Australia (for example, in the EEA, the United States or Singapore). Where we disclose personal information overseas, we will take reasonable steps to ensure the recipient protects it in a way that is substantially similar to the APPs (APP 8). If GDPR/UK GDPR applies, we may also use appropriate safeguards (e.g., Standard Contractual Clauses)—see the EEA/UK addendum.

8. Data security

We use appropriate technical and organisational measures designed to protect personal information against unauthorised access, alteration, disclosure or loss. Access is limited to personnel and providers with a business need-to-know and confidentiality obligations. We maintain procedures to respond to suspected data breaches and will notify you and regulators where legally required.

9. Retention

We keep personal information only as long as reasonably necessary for the purposes described, including legal, regulatory, tax, accounting or reporting requirements, and to establish or defend legal claims. We may anonymise information for research or statistics and use it indefinitely in a non-identifiable form.

10. Your rights (Australia)

Under the Privacy Act, you may:

• Access the personal information we hold about you;
• Request correction of your personal information if it is inaccurate, out-of-date, incomplete, irrelevant or misleading;
• Opt out of direct marketing at any time (including profiling related to direct marketing).

To exercise these rights, contact us using the details below. We may request information to verify your identity. We aim to respond within a reasonable time. If your request is complex, we will keep you informed of progress. Generally no fee applies, but we may charge where requests are manifestly excessive.

11. Cookies

We use cookies and similar technologies to operate and improve our websites and Platform, measure performance and remember preferences. See our Cookie Policy for details and how to control cookies.

12. Contact & complaints

If you have questions about this Policy or wish to make a privacy request or complaint, please contact:

Scopes Data
ABN: 74 767 825 710
Address: Unit 203, 25 Marshall Ave, St Leonards NSW 2065, Australia
Email: support@scopesdata.com (or your preferred business email)

We will acknowledge and investigate complaints. If you are not satisfied, you may contact the Office of the Australian Information Commissioner (OAIC): oaic.gov.au.

13. Changes to this Policy

We review this Policy regularly and may update it from time to time. Material changes will be posted on our website with an updated “Last updated” date.

EEA/UK Addendum (if you are located in the EEA/UK)

When the GDPR/UK GDPR applies, Scopes Data acts as a controller for the activities described in Sections 3–5 (and as a processor where we handle data on behalf of a customer).
Legal bases: performance of a contract; legitimate interests (to provide/improve services, secure systems, prevent fraud); compliance with legal obligations; and consent where required (e.g., certain marketing/cookies).
Your GDPR rights: access; rectification; erasure; restriction; portability; objection (including to direct marketing); and withdrawal of consent (where processing is based on consent). You also have the right to lodge a complaint with your local supervisory authority.
International transfers: where required, we use appropriate safeguards (e.g., Standard Contractual Clauses).
To exercise rights, use the contact details in Section 12.

‍

‍