Cinder Group Privacy Statement

1. Introduction

This Privacy Statement explains in general terms how Cinder Group Pty Ltd collects, holds, uses and discloses your personal information under the Australian Privacy Principles. We may amend this Privacy Statement as our business requirements or the law changes. Any changes to this Privacy Statement will be updated on www.cinderagency.com. We may also issue specific privacy collection notices from time-to-time relating to particular products or services.

Cinder Group Pty Ltd are ACN: 158 871 473 / ABN: 62 158 871 473 registered in Australia. Our registered office is at Commercial Suite 102a, 57 Rothschild Avenue, Rosebery, Sydney NSW 2018, Australia. Our Office Phone Number is +61 2 9697 0902

Cinder Group Pty Ltd (“Cinder, us, we”) is committed to protecting the privacy of your personal information. Your personal information is information or an opinion about you that let’s us identify you. This Privacy Statement tells you how we manage your personal information and how to contact us if you have any privacy concerns. This Privacy Policy also confirms our obligations under the Privacy Act 1988 (Cth), including the Australian Privacy Principles, or APPs.

This Privacy Statement applies to visitors to www.cinderagency.com, www.cinder.co, www.amp.do, amp.cinderlabs.com and any variation of subdomains (hereafter referred to as “our websites”), subscribers, purchasers of our services and products and any other individual who interacts with us.

Cinder has adopted all principles set forth in the Australian Privacy Principles that govern the collection, use, disclosure, quality, security, access and correction of information that personally identifies an individual (“Personal Information”). This Policy Statement applies to all Personal Information that Cinder may collect, use and disclose, whether that information is manually or digitally processed.

This policy is a public document and has been prepared in light of Australia Privacy Principle 1 (open and transparent management of personal information).

2. Review of Compliance

Cinder will review its compliance with the Australian Privacy Principles on a regular basis and may amend this Privacy Statement from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

This policy is effective as of the 10 March 2014.

3. Information We Collect

3.1 Cinder will only collect Personal Information where the information is necessary for Cinder to perform one or more of its functions or activities. In this context, “collect” means gather, acquire or obtain by any means, information in circumstances where the individual is identifiable or identified.

3.2 Cinder collects Personal Information primarily to run its day to day business operations. Cinder also collects and uses Personal Information for secondary purposes including:

  • provision of products and services;
  • accounting purposes;
  • marketing purposes;
  • statistical and analytical purposes;
  • business planning and product development.

3.3 Cinder will notify individuals (including, but not limited to, our customers) of the matters listed below at the time of collecting any Personal Information:

  • the main reason that we are collecting Personal Information (this reason will be the Primary Purpose);
  • other related Uses or Disclosures that we may make of the Personal Information(Secondary Purposes);
  • our identity and how individuals can contact us, if this is not obvious;
  • that individuals can access the Personal Information that Cinder holds about them;
  • that individuals should contact Cinder if they wish to access or correct Personal Information collected by us or have any concerns in relation to Personal Information;
  • the organisations or types of organisations to whom we usually Disclose the Personal Information;
  • where applicable, any law that requires the Personal Information to be collected;
  • the consequences (if any) for the individual if all or part of the Personal Information is not provided to Cinder;

3.4 Where it is not practical for Cinder to notify individuals of all of the Collection Information before the collection of Personal Information, Cinder will ensure that individuals are notified of the Collection Information as soon as possible after the collection. Cinder will provide “post collection notification” in those circumstances where it is not practicable to notify individuals about the collection of their personal information before it is collected.

3.5 Cinder will not collect Sensitive Information from individuals except with express consent from the individual and only where it is necessary for Cinder to collect such information for an activity or function.

3.6 Cinder will not collect Personal Information secretly or in an underhanded way.

3.7 Further to the detail listed in 1.1, 1.2, 1.3, 1.4, 1.5 and 1.6, Cinder may collect personal information specifically:

  • personal details e.g. first name, last name, phone number, social media user details and other contact information;
  • deals, products and services you have expressed interest in and/or acquired;
  • billing, payment and accounting information e.g. account usage records, billing information, payment method, bank account numbers, Paypal details, billing and payment history;
  • historical information e.g. how you came to be our customer;
  • technical information e.g. user name, password, IP address, calling number, internet service provider;
  • support information e.g. history of transactions;
  • marketing-related information, such as what products and promotions we have marketed to you, whether you have received, read or responded to promotional emails, whether you have visited links in promotional emails and whether you have participated in our promotions;
  • if we receive a request not to send commercial electronic messages to a certain email address, we may retain details of the address and the request indefinitely in order to comply with the request.
4. Collecting, Using and Disclosing Personal Information

4.1 Cinder collects personal information:

  • directly from you
  • via our website and affiliate partner websites;
  • from our computer equipment (e.g. usage details);
  • from marketing bureau who carry out promotions for us;
  • if you became our customer as a result of a business acquisition.

4.2 Cinder holds personal information:

  • in paper files;
  • in computer databases and systems that we control and supervise.

4.3. Why do we collect personal information?

We collect your personal information to use it for one or more of the purposes for which we collected it – they will normally be obvious from the circumstances. Our purposes include:

  • providing goods or services to you;
  • analysing your preferences to let us service you better;
  • providing marketing insights to third parties;
  • marketing our business to you;
  • arranging for third parties to provide goods or services to you;
  • managing our financial and commercial relationship with you;
  • providing you with information about us and our services (or our affiliates or their services) that may be of interest;
  • managing our business and our technical facilities and planning future development;
  • complying with legal requirements;
  • dealing with problems and complaints;
  • disclosure to prospective investors in or purchasers of us or our business.

4.4. Who do we disclose personal information to?

Personal data may be disclosed if we are requested to do so by law, or receive a valid request for its disclosure – for example fraud prevention measures. These details passed on will not be used for marketing or any other purposes.

4.5 Other types of Collection and Use

During the course of contact with Cinder, regarding an enquiry or concern about this Privacy Statement or our Services in general, Clients, Recipients or other third parties may provide Cinder with Personal Information about them. If you choose to provide your Personal Information in this context, Cinder will use it only to respond to your enquiry, or otherwise as required by law. Cinder cannot gather and use this information without active permission and participation from the person making the enquiry.

5. Other Disclosure of Personal Information

You can ask for access to personal information we hold about you. We may charge a reasonable fee for giving access. We may refuse access consistently with the Australian Privacy Principles. Cinder does not disclose Personal Information that it holds about Clients or Recipients to third parties without their consent, unless permitted under the Australian Privacy Principles or unless otherwise required by law. Cinder respects the privacy of users visiting our website and does not share any personally identifiable information with any third parties.

6. Data Integrity

Cinder only uses Personal Information necessary to perform the Services requested. Occasionally, Clients provide more Personal Information than is necessary for that purpose (for example, providing us with a name, street address and email address, when only the name and email address are necessary). In such cases, Cinder identifies and utilises the required data. The rest of the data remains secure and unused until it is destroyed upon request. Cinder only stores Personal Information when specifically requested to do so by the Client, or as part of standard back-up/archiving process. All archived files are stored in a secure facility.

7. Data Security

Cinder utilises reasonable and appropriate protections to ensure that Personal Information in its care is not misused or lost or accessed without proper authorisation. Access to Personal Information stored on Cinder servers is restricted to those employees or contractors who require such access to perform a legitimate business purpose relating to the Services, maintenance, internal security or other related issues. All Cinder employees and contractors, as a prerequisite for employment, are required to sign a strict and detailed confidentiality agreement in relation to the Personal Information that they will have access to.

8. Correction of Personal Information

Cinder takes reasonable steps to ensure that all Personal Information that it holds is accurate, complete and up to date. Individual Recipients should promptly notify Cinder if there are any changes to your Personal Information. Clients or Suppliers and other individuals should also promptly notify Cinder if any Personal Information that we hold about them is incorrect or out of date.

9. Access to Personal Information

Individual Recipients seeking access to their Personal Information that Cinder has received should contact Cinder directly. Cinder will provide access to Personal Information upon request, providing appropriate identification is made available and the Recipient consents to the release of the information. Clients and other individuals can request access at any time to Personal Information which Cinder holds about them, provided appropriate identification is made available. Cinder will process all requests for access within a reasonable time. In certain circumstances, we are permitted by the Australian Privacy Principles to deny requests for access or limit the access we provide. If we refuse or limit access to your Personal Information, we will tell you the reason why.

10. Opt-Out

Individuals seeking to remove themselves from future messages sent via Cinder should follow the instructions found within the sent message. After the Opt-Out request is processed, a final message (either via email, sms or landing page) will be sent to the Recipient confirming the address removal. Cinder requirements state that all messages sent to Recipients must contain contact information at the beginning or end of the message and a valid opt-out mechanism.

11. Spam

Cinder is governed by the Australian Spam Act 2003 (Cth). Cinder ensures that:

  • New Members consent to receive emails from us, including welcome emails and account related notifications;
  • All Cinder emails contain an unsubscribe option.
  • When a customer notifies Cinder that they wish to unsubscribe, they are unsubscribed automatically or within 24-72 hours of the unsubscribe option being activated (if not sooner). Customers can contact Cinder if they wish to unsubscribe and have been unsuccessful through normal channels.
12. Use of personal information by Google Analytics

We use Google Analytics to record information about the number of and types of visitors to the Cinder website (s).

We use remarketing with Google Analytics to advertise online. We also use display advertising. Third party vendors, including Google, show Cinder ads on websites across the Internet.

Cinder and third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimise and serve ads based on someone’s past visits to the Cinder website. See Google AdSense to find out more about cookies.

You can opt-out of Google Analytics for Display Advertising and customise Google Display Network ads using the Google Ads Preferences Manager.

You can also use the Google Analytics opt-out browser add-on to instruct the Google Analytics Javascript not to send any information about the website visit to Google Analytics.

13. Direct Marketing

We may also use and disclose your personal information to send direct marketing to you from us and/or from third parties including, without limitation, social networking sites, our related bodies corporate, commercial associates, suppliers and business partners, agents, consultants, professional advisers, who work with us to help provide, promote or improve the products, services or benefits we provide.

The direct marketing may relate to the products, services and benefits we provide or the products, services or benefits of other parties or to keep you informed of new developments we believe may be of interest to you.

You may opt-out of receiving this direct marketing through the unsubscribe function that will be made available to you with each direct marketing communication.

14. Use of cookies

We may obtain information about your general internet usage by using cookies. A cookie is a text file, which is generated by your internet browser and stored on the hard drive of your computer. Cookies help us monitor how visitors are using our website, products and services and allow us to improve our site and to deliver a more personalised web experience. Some of the cookies we use are essential for the site to operate, whereas others are aimed at enhancing and personalising your user experience. Information collected via cookies may also be used for providing you with marketing and promotional material when you use the internet. You can control your cookies in your internet browser’s settings.

15. How does Cinder store and protect personal information?

Cinder stores personal information in a combination of computer storage facilities, paper-based files and other records. In doing so, we have taken numerous steps to protect your personal information from misuse, interference and loss, and unauthorised access, modification or disclosure.

Additionally, we take reasonable steps to destroy or de-identify personal information when we no longer need it. The internet is not a secure method of transmitting information. Accordingly, we cannot and do not accept responsibility for the security of information you send to or receive from us over the internet, or for any unauthorised access or use of that information.

16. Does Cinder send personal information overseas?

Cinder may disclose some of your personal information to organisations outside Australia, including but not limited to USA, UK and countries in Europe, for the purposes described above.

Some of these countries may not have the same or substantially similar privacy laws as those set out in this Privacy Policy and the Australian Privacy Principles. We may not require organisations to which we disclose personal information in those countries to comply with similar privacy laws, and accordingly your personal information may not receive the same protections that it would in Australia.

By providing your personal information to us, you consent to our disclosure of your personal information to organisations in those countries even though it may not receive the same protections that it would in Australia. You may request us not to transfer your personal information to the countries listed above, but if you do so we may not be able to provide you with the products, services or benefits you have requested from us.

17. How you can access your personal information

Cinder will take reasonable steps to keep personal information it collects, uses and retains about you accurate and up-to-date. This may include periodically requesting your confirmation of the accuracy of the information we hold about you.

If there are any errors in the personal information we hold about you, or if you tell us that any of your personal information has changed (for example, your address), we will correct and update the information we hold about you.

At your request, we will provide you with a copy of any personal information which we hold about you, unless an exception to the Privacy Act 1998 (Cth) applies. We may charge a fee for retrieving this information, in which case we will inform you of the fee and obtain your agreement to that fee before providing the information.

18. Acquisition, Merger or Bankruptcy

In the event Cinder, its Parent or any of its Affiliates or Subsidiaries is acquired by another entity, or merges with a third party, the Successor Entity will be bound to respect the provisions of this Policy, with regard to any Personal Information in its possession prior to the acquisition or merger. In the event of bankruptcy, the provisions of applicable law will apply.

19. Privacy Officer

If you have any enquiries, concerns or complaints relating to this Privacy Policy or practices, or you wish to request access to any of the Personal Information Cinder holds about you, please contact Cinder’s Privacy Officer as follows: Email: privacy@cinder.co Phone: +61 2 9697 0902 Mail: The Privacy Officer Commercial Suite 102a, 57 Rothschild Avenue, Rosebery, Sydney NSW 2018, Australia.

Complaints will be forwarded to Cinder’s Privacy Officer who will acknowledge and respond to complaints within 30 days.

The response will confirm whether or not there has been a breach. In the event of a breach the response will provide detailed information on what action is being taken to rectify the breach, how similar breaches will be prevented in the future and if there are any actions you should take to minimise the impact of any such breach.

Should you deem the resolution as unsatisfactory, or if there is failure to respond within the 30 day timeframe, a request to review the complaint and resolution can be made. If you remain unsatisfied you can visit the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au to lodge a further complaint.


Product Specific Privacy Statement (Amp Platform, Amp)

1. Information We Collect

Customer usernames & basic related statistics may occasionally be exposed, where a person has followed your referral link they may see your username, unique redirect URL or email address when they follow the link. Your Email Address and an anonymised and non- anonymised identifier will be used for tracking and identification purposes. Additional data may be collected and this privacy statement will be updated in the event of additional data fields being collected.

2. Cookies

Cookies are small pieces of data or information that are stored by a users browser onto their hard-drive. The information cannot be seen by any other websites (so the information is secure) and is used by us to provide features to aid the use of our services.

In order to track the referral process, cookies are stored on your computer, they simply store tracking information so that when you visit a campaign landing page we are able to track your successful referral. Cookies may also be used by Cinder to enable full use of our website, including logging in and user preferences. If a user can sign-in to our site, then they most likely have cookies enabled.

We recommend that all users enable cookies in their browsers in order to make full use of the Amp platform and in order to ensure that any referrals are successfully recorded. You may refuse to accept cookies by adjusting the settings of your browser software, however, if you do not have cookies enabled we will not be able to, in most cases, track successful referrals.

For more information regarding the use of cookies, please visit www.allaboutcookies.org or www.microsoft.com/info/cookies.mspx

3. Session and Usage Data

“Session and Usage Data” is collected anonymously and may include without limitation, all connection and service-related data submitted through your use of Amp relating to the connection request, server communication and data sharing, including network measurements, quality of service, date, time and location. Session and Usage Data does not include Personal Information or Content you may share through Amp. We use Session and Usage data to improve the functionality and features of Amp. We also may aggregate Session and Usage data as described in Aggregate Information below.

We also collect personal information if you provide it to us via e-mail or other means. We may collect information that identifies you personally when you send us comments, questions or suggestions. Also, we automatically receive certain types of information whenever you interact with us or use Amp or our Site. For example, our systems may automatically collect your IP address and the type of browser or operating system you use (“Log Data”). We use Log Data to monitor the use of Amp, and for technical administration.

4. Aggregate Information

“Aggregate Information” is data we collect about a group or category of services or Users from which individual User identities have been removed. In other words, information on how you use the Application may be collected and combined with information about how others use the Application, but no personal information will be included in the resulting data. Aggregate data helps us understand trends in our Users’ needs so that we can better consider new features or otherwise tailor the Application. We may share aggregate information about our Users with third parties for various purposes in line with the Australian Privacy Principles, including to help us better understand and improve our services, and for advertising and marketing purposes.

5. Security

We are very concerned about safeguarding the confidentiality of your Personal Information. We limit access to Personal Information to employees or contractors who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs. We employ administrative, physical and electronic measures designed to protect your information from unauthorized access. Please be aware that no security measures that we take to protect your information is perfect or impenetrable.

In addition, we cannot control the actions of other Users with whom you share your information. We cannot ensure that information you share with other Users using the Application will not become publicly available. We are not responsible for third party circumvention of our security measures. You can reduce these risks by using common sense security practices such as refraining from sharing your information with people you don’t know and limiting the information that you choose to share using the Application.

6. How We Use The Information We Collect

For our internal business operations. In general, we use Session and Usage Data internally to serve our Users and enable them to take maximum advantage of Amp. We also store Personal Information to improve the functionality of Amp. All information collected is stored in our database and may be archived elsewhere. Access to your Personal Information other than Session and Usage Data will be limited to our employees, contractors and in some instances third parties in line with the Australian Privacy Principles.

We may also combine information about you that we have with information we obtain from business partners or other companies. For example, Personal Information may be used to conduct marketing analysis, to create an individual profile and provide personalized services, to provide services or complete transactions you have requested, to anticipate and resolve problems with the application, to respond to customer support inquiries, and to create and inform you of new products and services from us that better meet your needs.

If you use features of Amp to tell your friends about Amp, your friends may receive an invitation to use the Amp application.

We may use information about you for our own internal purposes, such as to estimate our user base, measure aggregate traffic patterns as well as to understand demographic, customer interest, and other trends among our Users.

We may engage certain trusted third parties to perform functions and provide services to us, including, without limitation, hosting and maintenance, customer relationship, database storage and management, and direct marketing campaigns. We will share your Personal Information with these third parties, but only to the extent necessary or useful to perform these functions and provide such services, and only pursuant to binding contractual obligations requiring such third parties to maintain the privacy and security of your data.

Information about our Users, including Personal Information, will be disclosed as part of any merger or acquisition, creation of a separate business to provide the Site or the Application, or fulfil products, sale or pledge of company assets as well as in the event of an insolvency, bankruptcy or receivership in which Personal Information would be transferred as one of the business assets of the company.

For marketing purposes. We do not disclose your Personal Information (other than Aggregate Information) to third parties for the third parties’ direct marketing purposes, unless you first affirmatively agree to that disclosure.

We do not rent, sell, or share Personal Information about you with other people or non-affiliated companies except to provide products or services you’ve requested, when we have your permission, or under the following circumstances: (i) as may be necessary to perform internal analyses and business functions; (ii) as part of a business transfer; or (iii) when required by law or permitted to protect our rights, property, or safety.

If you use Amp, you consent to our collection of your Session and Usage Data. We may use this information for internal analyses and external marketing purposes as described in this Privacy Policy.

We may display targeted advertisements based on Personal Information. Advertisers (including ad serving companies) may assume that people who interact with, view, or click targeted ads meet the targeting criteria for example, women ages 18-24 from a particular geographic area. We do not provide any Personal Information to the advertiser when you interact with or view a targeted ad. However, by interacting with or viewing an ad you are consenting to the possibility that the advertiser will assume that you meet the targeting criteria used to display the ad.

For legal enforcement. We may release your Personal Information in the good faith belief that release is appropriate and necessary to comply with legal process or authority (e.g., a lawful subpoena, warrant or court order); to enforce or apply our policies; to initiate, render, bill, and collect for amounts owed to us; to protect our rights, property, or personal safety, our Users, our employees, or the public; or if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of records without delay. This may include sharing information with other companies, lawyers, courts or other government entities.

We may disclose information pursuant to subpoenas, court orders, or other requests (including criminal and civil matters) if we have a good faith belief that the response is required by law. This may include respecting requests from jurisdictions outside of where we have a good faith belief that the response is required by law under the local laws in that jurisdiction, apply to Users from that jurisdiction, and are consistent with generally accepted international standards.

7. Third Party Partners and Sites

In general, Amp accesses third party information (such as your Facebook account information) through application interfaces. However, please be aware that we may provide links to third-party Web sites, such as Facebook, as a service to our Users. When you click on links of third parties on Amp or the Site, you may leave the Amp application or Site. Some of these third party sites may be co-branded with our name/logo or our affiliated entity’s name/logo, even though they are not operated or maintained by us. The Site may also carry advertisements from other companies. We are not responsible for the privacy practices of Web sites operated by third parties that are linked to the Site or for the privacy practices of third party or national Internet advertising companies, which differ from ours. You are solely responsible for reading and accepting their privacy and related policies.

8. Opt-Out

Individuals seeking to remove themselves and their specific user data from the Amp Platform should visit this page:

removaltool.com

Please complete the form and your details will be removed from our systems in line with your request except as stated in 2.4

After the Opt-Out request is processed, a final message (either via email, sms or landing page) is sent to the Recipient confirming the removal of their data.