(a) This website is operated by Xap Technologies Pty Ltd (ACN 169 623 009) (we, us or our).
(b) Your privacy is important to us and we are committed to protecting your personal information in accordance with the Australian Privacy Principles (APPs) set out in the Privacy Act 1988 (Cth) (Privacy Act).
(c) This policy outlines how and when we collect, use, share and store your personal information and applies to all personal information we collect through:
(i) our websites and applications, including:
(a) this website;
(b) the ‘Xap Connect – For Educators’ application;
(c) the ‘Xap Smile – For Guardians’ application; and
(d) the ‘KidsXap Guardian’ application.
(collectively, the Site);
(ii) our products and services; and
(iii) any other interactions you have with us.
(d) By accessing or using the Site or any of our products or services, you indicate that you:
(i) have read and understood this policy; and
(ii) agree that your access to, or use of, the Site or any of our products or services indicates your consent to this policy.
(e) If you have any questions about this policy, you can contact us via:
Level 1, 61-63 Wellington Street
St Kilda, Victoria, 3182
(a) Personal information is information or an opinion about an identified individual or an individual who is reasonably identifiable, whether or not the information is true or recorded in a material form.
(b) We collect and use personal information from customers, authorised users or visitors of the Site, purchasers of our products or services, and any other individual who interacts with us.
(c) We collect and use different types of personal information depending on the type of dealing you have with us, which may include:
(i) name, date of birth, address, phone number, email address and occupation;
(ii) childcare enrolment, attendance and activities (and photographs and audio-visual recordings taken during any such activities);
(iii) information about the products or services you order or enquire about, including how the products or services are used;
(iv) financial and payment information (such as credit card number and bank account details), method of payment and any additional information required for user authentication processes (Order Information); and
(v) any other information that you provide to us, including the information you provide by email, telephone or via the Site, or through surveys, competition forms, at special events and other promotional activities.
(a) We collect personal information in several ways, including:
(i) through your use, or orders, of our products or services (and our records of these);
(ii) when you visit the Site or submit information through the Site, contact us, or complete any forms or documents for our products or services;
(iii) when you participate in our surveys, competitions, promotions, questionnaires or other promotional activities;
(iv) from third parties (which we discuss further in clause 4.2 of this policy); and
(v) from publicly available sources of information.
(b) The personal information we collect will track and enhance your use of the Site or our products or services, and assist us in providing a better service to you.
(c) We will only collect personal information that is necessary for one or more of our functions or for a purpose outlined in this policy or otherwise disclosed to you.
(d) By providing your personal information to us, you acknowledge that you are authorised to provide such information to us.
3.2 Collection from an authorised representative
(a) When we collect your personal information from your authorised representative, we will take reasonable steps to make sure you are aware of the collection.
(b) If you provide us with personal information about another individual (as their authorised representative), we rely on you to:
(ii) if that individual is any other person:
(a) inform them that you are providing their personal information to us; and
(b) advise them that they can contact us for further information.
(c) You must take reasonable steps to ensure the individual is aware of, and consents to, the matters outlined in this policy, including that their personal information is being collected, the purposes for which that information is being collected, the intended recipients of that information, the individual’s right to access that information, and who we are and how to contact us.
(d) Upon our request, you must also assist us with any requests by the individual to access or update the personal information you have collected from them and provided to us.
(a) We only use and disclose your personal information for the purposes for which it is collected and any other purposes permitted by law.
(b) In particular, we use your personal information to:
(i) provide you with our products or services, or the Site;
(ii) improve, develop and manage our products, services and the Site;
(iii) operate, maintain, test and upgrade our systems;
(iv) provide technical support or resolve other issues relating to the Site or our products and services;
(v) notify you of important changes to our Site;
(vi) notify you of opportunities and promotions we think you might be interested in, including new product or service offerings; and
(vii) comply with any applicable laws and regulations.
(c) We may also use your personal information:
(i) to customise the advertising and content on our Site;
(ii) to communicate with you and provide information that we think may interest or benefit you, including information about our products or services, the Site, offers, competitions, promotions, events and surveys;
(iii) to charge and bill you for our products and services;
(iv) to verify your identity;
(v) to conduct fraud, risk reduction and creditworthiness checks;
(vi) to perform research and analysis about our products, services and the Site;
(vii) to comply with regulatory or other legal requirements;
(viii) for any purpose to which you have consented; and
(ix) for any other purpose notified to you at the time of collection.
(d) In the event of a merger, acquisition or sale of the whole or part of our business or assets, we reserve the right to transfer your personal information as part of the transaction, without your consent or notice to you.
(a) We may provide your personal information to:
(i) our employees, related entities, business partners, contractors, suppliers and agents from time to time for the purpose of delivering, providing and administering our products, services or Site; and
(ii) third party service providers for the purpose of performing functions on our behalf, but those service providers may not process or use such information for any other purpose. Examples of these third-party service providers include marketing and analysis organisations, financial and credit card institutions to process payments, billing providers and payment gateways, hosting companies, web developers, internet service providers, customer service providers, customer support specialists, fulfilment and delivery companies, research and data analysis firms, external business advisors (including auditors and lawyers) and our insurer,
(collectively, Authorised Affiliates).
(b) When we disclose your personal information to any of our Authorised Affiliates, we will ensure that they undertake to protect your privacy. These Authorised Affiliates are not permitted to use the information for any purpose other than the purpose for which they have been given access.
(c) Our Authorised Affiliates may also provide us with personal information collected from you. If you disclose personal information to an Authorised Affiliate, we rely on you to provide the Authorised Affiliate with consent for us to collect, store, use and disclose your personal information.
(d) We may also disclose any personal information we consider necessary to comply with any applicable law, regulation, legal process, governmental request or industry code or standard.
(e) We currently do not disclose personal information to any overseas recipients.
(f) If you do not wish to receive information from any of our Authorised Affiliates, please contact us.
(a) We will not disclose your personal information to any third party (other than our Authorised Affiliates) without your written consent, unless:
(i) we are required or authorised by law;
(ii) we are permitted to under this policy; or
(iii) such disclosure is, in our opinion, reasonably necessary to protect our rights or property, avoid injury to any person or ensure the proper functioning of the Site.
(b) This policy only covers the use and disclosure of information we collect from you. The use of your personal information by any third party is governed by their privacy policies and is not within our control.
(a) We take reasonable steps in the circumstances to keep your personal information safe and secure. We use a combination of technical, administrative, and physical controls to protect and maintain the security of your personal information.
(b) Our officers, employees, agents and third-party contractors are expected to observe the confidentiality of your personal information.
(c) Wherever possible, we procure that Authorised Affiliates who have access to your personal information take reasonable steps to:
(i) protect and maintain the security of your personal information; and
(ii) comply with the relevant APPs when accessing and using your personal information.
(a) The transmission of information via the internet is not completely secure. While we do our best to protect your personal information, we cannot guarantee the security of any personal information transmitted through the Site.
(b) You provide your personal information to us at your own risk and we are not responsible for any unauthorised access to, and disclosure of, your personal information.
(a) Subject to clause 5.3(b), we will destroy or de-identify personal information where it is no longer required, unless we are required or authorised by law to retain the information.
(b) We will retain your Order Information for our records, unless you request in writing that we delete this information.
(a) We have a comprehensive data breach notification policy and response plan (Response Plan), which outlines the steps our personnel are required to take in the event of a data breach. This allows us to identify and deal with a data breach quickly to mitigate any harm that may result.
(b) As part of the Response Plan, we will notify you as soon as practicable if we:
(i) discover or suspect that your personal information has been lost, accessed by, or disclosed to, any unauthorised person or in any unauthorised manner;
(ii) believe that you are likely to suffer serious harm as a result; and
(iii) are unable to prevent the likely risk of harm.
(c) If you would like more information about our Response Plan, please contact us.
(a) We may use your personal information to send you information, including about our product and service offerings, where you have provided your consent (expressly or impliedly) for us to do so or we are permitted to do so by law.
(b) We may send this information to you via the communication channels specified at the time you provide your consent. These communication channels may include mail, email, SMS telephone, social media or by customising online content and displaying advertising on our Site.
(c) These communications may continue, even after you stop using our products or services.
(d) You can opt out of receiving these communications by:
(i) contacting us; or
(ii) using the unsubscribe function in the email or SMS.
(e) You may re-subscribe at any time by re-registering.
(a) Our Site may:
(i) contain hyperlinks or banner advertising to or from third-party websites;
(ii) integrate with third party products; or
(iii) enable you to interact with a third party.
(b) We do not endorse any of these third parties, their products or services, or the content on these websites.
(c) These third parties and their websites are not subject to our privacy standards, policies and procedures. Therefore, we recommend that you make your own enquires about their privacy practices.
(d) We are in no way responsible for the privacy practices or content of these third parties or third party websites.
(a) We may collect information when you access and use our Site by utilising features and technologies of your internet browser, including cookies, beacons, tags, scripts and similar technologies. A cookie is a piece of data that enables us to track and target your preferences.
(b) The type of information we collect may include statistical information, details of your operating system, location, your internet protocol (IP) address, the cookies installed on your device, the date and time (including time zone) of your visit, the pages you have accessed, the links which you have clicked on and the type of browser that you were using.
(i) enable us to identify you as a return user and personalise and enhance your experience and use of our Site; and
(ii) help us improve our service to you when you access our Site and to ensure that our Site remain easy to use and navigate.
(d) Most browsers are initially set up to accept cookies. However, you can reset your browser to refuse all cookies or warn you before accepting cookies.
(e) If you reject or disable our cookies or similar technologies, you may still use the Site but may only have limited functionality of the Site.
(f) We may also use your IP address to analyse trends, administer the Site and other websites we operate, track traffic patterns and gather demographic information.
(g) Your IP address and other personal information may be used for credit fraud protection and risk reduction.
(a) We use our reasonable endeavours to keep your personal information accurate, up-to-date and complete.
(b) You have the right to access any personal information we hold about you, subject to some exceptions provided by law.
(c) You can access, or request that we correct, your personal information by writing to us. We may require proof of identity.
(d) If we do not allow you to access any part of your personal information, we will tell you why in writing.
(e) We will not charge you for requesting access to your personal information but may charge you for our reasonable costs in supplying you with access to this information.
You acknowledge and agree that we, our Authorised Affiliates and each of their officers, employees, agents and contractors are permitted to collect, store, use and disclose your personal information in accordance with this policy and the Privacy Act.
(a) We may change this policy from time to time at our discretion.
(b) Any revised policy will be posted on our Site and will be effective from the time of posting.
(c) Your continued use of our products, services or the Site following the posting of any revised policy indicates your acceptance of the changes to the policy.
(d) You should regularly check and read the policy.
Further information about Australian privacy law is available from the Office of the Australian Information Commissioner’s website at www.oaic.gov.au.
(a) If you have any issues about this policy or the way we handle your personal information, please contact us using the details above at clause 1(e) and provide full details of your complaint and any supporting documentation.
(b) At all times, privacy complaints:
(i) will be treated seriously;
(ii) will be dealt with promptly;
(iii) will be dealt with in a confidential manner; and
(iv) will not affect your existing obligations or your commercial arrangements with us.
(c) Our Privacy Officer will endeavour to:
(i) respond to you within 10 business days; and
(ii) investigate and attempt to resolve your concerns within 30 business days or any longer period necessary and notified to you by our Privacy Officer.
Last updated: November 2021