Xynoptik Privacy
Policy

Last updated January 26, 2025

This Privacy Notice for Xynoptik Pty Ltd ("we," "us," or "our") describes how and why we might access, collect, store, use, and/or share (process) your personal information when you use our services ("Services"), including when you:

  • Visit our website at https://www.xynoptik.com.au or any other website of ours that links to this Privacy Notice
  • Engage with us in other related ways, including any sales, marketing, or events
  • Agree to and comply with our Terms of Service

Questions or concerns?
Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at info@xynoptik.com.au or via the contact page of our website.

Summary of Key Points

This summary provides key points from our Privacy Notice. You can find out more details about any of these topics by using our table of contents below to find the section you are looking for.

  • What personal information do we process?
    When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the services and features you use. We collect names, email addresses, company names, and other contact information that you voluntarily provide via our contact form.
  • Do we process any sensitive personal information?
    Some of the information may be considered special or sensitive in certain jurisdictions, for example your racial or ethnic origins, sexual orientation, and religious beliefs. We do not process sensitive personal information for our Services.
  • Do we collect any information from third parties?
    We may collect limited information from social media platforms for business development and event promotion purposes.
  • How do we process your information?
    We process your information to provide, improve and administer our Services, communicate with you, to comply with law and for security and fraud prevention. We may also process your information for other purposes only with your prior explicit consent. We process your personal information only when we have a valid legal reason to do so under the Australian Privacy Act 1988.
  • In what situations and with which parties do we share personal information?
    We may share information in specific situations and with specific third parties.
  • How do we keep your information safe?
    We have adequate organisational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to improperly collect, access, steal, or modify your information.
  • What are your rights?
    Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information. If you are located in Australia, you have rights under the Privacy Act 1988, including the right to access, seek correction of, and complain about the handling of your personal information.
  • How do you exercise your rights?
    The easiest way to exercise your rights in relation to your personal information is by contacting us. We will consider and act upon any request in accordance with applicable data protection laws.

Table of Contents

  1. What Information do we Collect?
  2. How do we Process your Information?
  3. What Legal Bases do we Rely on to Process your Personal Information?
  4. When and With whom do we Share your Personal Information?
  5. How Long do we Keep your Information?
  6. How do we Keep your Information Safe?
  7. Cookies and Similar Tracking Technologies
  8. Do we Collect Information from Minors?
  9. What are your Privacy Rights?
  10. Controls for Do-Not-Track Features
  11. Do United States Residents Have Specific Privacy Rights?
  12. Do Other Regions Have Specific Privacy Rights?
  13. Do we Make Updates to this Notice?
  14. How can you Contact us about this Notice?
  15. How can you Review, Update, or Delete the Data we Collect from You?

1. What Information Do We Collect?

Personal information you disclose to us

In Short: We collect personal information that you voluntarily provide to us.

We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You.
The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the services and features you use. The personal information we collect may include:

  • Names (first and last name)
  • Email addresses
  • Company names
  • Job titles
  • Contact purpose

Sensitive Information. We do not process sensitive information.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services. This includes website analytics data used to understand how you use our website.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity like your name or contact information but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

The information we collect includes:

  • Log and Usage Data.
    Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity in the Services such as the date-time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use, device event information such as system activity, and hardware settings.
  • Device Data.
    We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services. Depending on the device used, this device data may include information such as your IP address or proxy server, device and application identification numbers, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.
  • Location Data.
    We collect location data derived from your IP address, which can help us understand your general geographic region. This is imprecise location information and you cannot opt out of this collection without disabling the Services.

Information collected from other sources

In Short: We may collect limited data from social media platforms for business development and event promotion purposes.

To enhance our ability to provide relevant marketing, offers, and Services to you, we may obtain information about you from other sources, such as social media platforms. This information includes email addresses, phone numbers, and social media profile information for purposes of business development and event promotion.

If you interact with us on a social media platform using your social media account (e.g., LinkedIn), we receive personal information about you from such platforms such as your name and email address. The use of your information by such platforms is not governed by this Privacy Notice.

2. How Do We Process Your Information?

In Short: Where applicable, we process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We process your personal information only when we have a valid legal reason to do so.

Where applicable, we process your personal information for a variety of reasons, depending on how you interact with our Services:

  • To respond to user inquiries, provide support to you and address any potential issues you might have with the requested Service.
  • To send administrative information to you about our Services, changes to our Terms of Service and policies, and other similar information.
  • To send you marketing and promotional communications if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time by contacting us or using the unsubscribe option in any marketing email. For more information, see WHAT ARE YOUR PRIVACY RIGHTS? below.
  • To protect, keep safe and secure our Services, including fraud monitoring and prevention.
  • To identify usage trends relating to our Services to better understand how they are being used so we can improve them.
  • To determine the effectiveness of our marketing and promotional campaigns that are most relevant to you.
  • To save or protect an individual's vital interest.

3. What Legal Bases Do We Rely on to Process Your Information?

In Short: We rely on the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs) as our primary legal framework for processing personal information. We only process your personal information when we believe it is necessary and we have a valid legal reason under applicable law.

For Australian Residents (Primary Basis)

We process your personal information in accordance with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs). Our processing is lawful under APP 1 (Open and transparent management of personal information), and we rely on:

  • Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time.
  • Contractual Performance. We may process your personal information when necessary to fulfill our obligations to you, including providing our Services or at your request prior to entering into a business relationship with you.
  • Legitimate Interests. We may process your information when we reasonably believe it is necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights. For example, we may process your personal information to send you information about our Services, analyse how our Services are used so we can improve them, prevent fraudulent activities, and understand how our users use our Services so we can improve user experience.
  • Legal Obligations. We may process your information where necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, or to disclose your information as evidence in litigation in which we are involved.
  • Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.

For EU, UK, and Other Cross-Border Users

If you are located in the EU or UK, the General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases:

  • Consent. We may process your information if you have given us permission to use your personal information for a specific purpose. You can withdraw your consent at any time.
  • Performance of a Contract. We may process your personal information when we believe it is necessary to fulfill our contractual obligations to you.
  • Legitimate Interests. We may process your information when we reasonably believe it is necessary to achieve our legitimate business interests, provided those interests do not outweigh your interests and fundamental rights.
  • Legal Obligations. We may process your information where necessary for compliance with legal obligations.
  • Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.

For Canadian Residents

If you are located in Canada, we may process your information if you have given us specific permission (express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (implied consent). You can withdraw your consent at any time.

In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including for investigations, fraud detection and prevention, and other purposes as permitted by law.

4. When and With Whom Do We Share Your Personal Information?

In Short: We may share information in specific situations described in this section and/or with the following third parties.

We may need to share your personal information in the following situations:

  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honour this Privacy Notice.
  • Business Partners. We may share your information with our business partners to offer you certain Services or consulting engagements.
  • Service Providers. We share your personal information with our service providers (such as hosting providers, analytics providers, and email service providers) who perform services on our behalf under data processing agreements.

We do not knowingly sell or share your personal information to third parties for commercial or business purposes.

5. How Long Do We Keep Your Information?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice, unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

In general, we retain personal information for 12 months following the end of your last engagement with us or communication with us, unless a longer retention period is required by law or is necessary to fulfill our legal obligations or resolve disputes.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

6. How Do We Keep Your Information Safe?

In Short: We aim to protect your personal information through a system of organisational and technical security measures.

We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to improperly collect, access, steal, or modify your information.

Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

7. Cookies and Similar Tracking Technologies

In Short: We use cookies and similar tracking technologies to monitor and analyse how you use our Services, improve user experience, and for security purposes.

What Are Cookies?

Cookies are small text files placed on your device when you visit our website. They help us recognise you, remember your preferences, and understand how you use our Services.

How We Use Cookies

  • Essential/Necessary Cookies: These are required for the basic functioning of our website (e.g., security, load balancing). You cannot opt out of these cookies.
  • Analytics Cookies: We use Google Analytics, a web analytics service provided by Google LLC, to track and analyse how users interact with our website (e.g., pages visited, time spent, referral sources, click patterns). Google Analytics uses cookies and similar technologies to collect and analyse this information on our behalf. The data is used to improve our Services and understand user behaviour. You can opt out of Google Analytics tracking by visiting https://tools.google.com/dlpage/gaoptout or by configuring your browser settings.
  • Marketing/Preference Cookies: These help us deliver targeted marketing communications and remember your preferences.

Managing Cookies

You can control cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, blocking essential cookies may impact the functionality of our Services. For more information on how to manage cookies, visit https://www.allaboutcookies.org/

Third-Party Tracking

Third-party service providers (such as Google Analytics) may collect information about your online activities. We do not control these third-party tracking technologies, and you should review the privacy policies of these service providers.

8. Do We Collect Information from Minors?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services.

If we learn that personal information from users less than 18 years of age has been collected, we will take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at info@xynoptik.com.au.

9. What Are Your Privacy Rights?

In Short: Depending on your location, you have certain rights regarding your personal information.

For Australian Residents

Under the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs), you have the following rights:

  • Right to Access:You have the right to request access to the personal information we hold about you.
  • Right to Correction: You have the right to request correction or amendment of your personal information if it is inaccurate, incomplete, or out of date.
  • Right to Complaint: If you believe we are not complying with the Australian Privacy Principles, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC), if you advise us and are not satisfied with our handling of the matter. Visit https://www.oaic.gov.au for more information.

For EU and UK Residents

If you are located in the European Economic Area (EEA) or United Kingdom (UK), you have the following rights under the General Data Protection Regulation (GDPR) and UK GDPR:

  • Right to Access: You have the right to request access and obtain a copy of your personal information.
  • Right to Rectification: You have the right to request rectification or erasure of your personal information.
  • Right to Restrict Processing: You have the right to restrict the processing of your personal information.
  • Right to Data Portability: You have the right to request a copy of your personal information in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to the processing of your personal information.
  • Right not to be Subject to Automated Decision-Making: If a decision that produces legal or similarly significant effects is made solely by automated means, we will inform you, explain the main factors, and offer a simple way to request human review.

If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you have the right to complain to your Member State data protection authority or UK data protection authority, if you advise us and are not satisfied with our handling of the matter. If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner, if you advise us and are not satisfied with our handling of the matter.

For Canadian Residents

If you are located in Canada, you may have the right to request access to, correction of, and deletion of your personal information under applicable Canadian privacy legislation.

Withdrawing Your Consent

If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. You can withdraw your consent by contacting us using the contact details provided below or by updating your preferences.

However, withdrawal of consent will not affect the lawfulness of processing before its withdrawal, nor will it affect processing conducted in reliance on lawful processing grounds other than consent.

10. Controls for Do-Not-Track Features

In Short: Most web browsers include a Do-Not-Track (DNT) feature. Currently, there is no industry-wide standard for recognising DNT signals, and we do not currently respond to DNT browser signals.

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (DNT) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected.

At this stage, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Notice.

11. Do United States Residents Have Specific Privacy Rights?

In Short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have specific rights regarding your personal information.

Categories of Personal Information We Collect

CategoryExamples OnlyCollected
A. IdentifiersContact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address, and account nameYES
B. Personal information as defined in the California Customer Records statuteName, contact information, education, employment, employment history, and financial informationYES
C. Protected classification characteristics under state or federal lawGender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic dataNO
D. Commercial informationService engagement information, consulting history, and business relationship detailsYES
E. Biometric informationFingerprints and voiceprintsNO
F. Internet or other similar network activityBrowsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems, and advertisementsYES
G. Geolocation dataDevice locationYES
H. Audio, electronic, sensory, or similar informationImages and audio, video or call recordings created in connection with our business activitiesNO
I. Professional or employment-related informationBusiness contact details in order to provide you our Services at a business level or job title, work history, and professional qualifications if you apply for a job with usYES
J. Education InformationStudent records and directory informationNO
K. Inferences drawn from collected personal informationInferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual's preferences and characteristicsYES
L. Sensitive personal InformationNO

Retention Periods

We retain collected personal information for as long as there is an active business relationship, and 12 months after the relationship ends, unless a longer retention period is required by law or necessary to fulfill legal obligations or resolve disputes.

Sources and Uses of Personal Information

We collect personal information as described in Section 1 of this Privacy Notice. We use and share personal information as described in Sections 2 and 4. We share your personal information with our service providers pursuant to data processing agreements.

We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We will not sell or share personal information in the future belonging to website visitors, users, and other consumers.

Your Rights Under US State Laws

You have rights under certain US state data protection laws. These rights include:

  • Right to know whether or not we are processing your personal data
  • Right to access your personal data
  • Right to correct inaccuracies in your personal data
  • Right to request the deletion of your personal data
  • Right to obtain a copy of the personal data you previously shared with us
  • Right to non-discrimination for exercising your rights
  • Right to opt out of targeted advertising or profiling in furtherance of decisions that produce legal or similarly significant effects
  • Right to opt out of the collection of sensitive data and personal data collected through voice or facial recognition

Depending upon the state where you live, you may have additional rights as permitted by applicable law.

How to Exercise Your Rights

To exercise these rights, you can:

  • Submit a request by contacting us at info@xynoptik.com.au
  • Submitting a request in the contact page of our website

Under certain US state data protection laws, you can designate an authorised agent to make a request on your behalf. We may deny a request from an authorised agent that does not submit proof of valid authorisation in accordance with applicable laws.

Request Verification

Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have information in our system. We will only use personal information provided in your request to verify your identity or authority to make the request.

If we cannot verify your identity from information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes.

Appeals

Under certain US state data protection laws, if we decline to take action regarding your request, you may appeal our decision by emailing us at info@xynoptik.com.au. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions.

If your appeal is denied, you may submit a complaint to your state attorney general.

California "Shine The Light" Law

California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year.

If you are a California resident and would like to make such a request, please submit your request in writing to us by using the contact details provided in Section 14.

12. Do Other Regions Have Specific Privacy Rights?

In Short: You may have additional rights based on the country you reside in.

Australia and New Zealand

We collect and process your personal information under the obligations and conditions set by Australia's Privacy Act 1988 and New Zealand's Privacy Act 2020 ("Privacy Act").

This Privacy Notice satisfies the notice requirements defined in both Privacy Acts, in particular what personal information we collect from you, from which sources, for which purposes, and which other recipients may receive your personal information.

If you do not wish to provide the personal information necessary to fulfill its applicable purpose, it may affect our ability to provide our Services, in particular:

  • Offer you the consulting services that you need
  • Respond to or help with your requests
  • Manage your relationship with us
  • Confirm your identity and protect your information

At any time, you have the right to request access to or correction of your personal information. You can make such a request by contacting us at info@xynoptik.com.au.

Australia: If you believe we are unlawfully processing your personal information, you have the right to submit a complaint about a breach of the Australian Privacy Principles to the Office of the Australian Information Commissioner (OAIC), if you advise us and are not satisfied with our handling of the matter. Visit https://www.oaic.gov.au for more information.

New Zealand: If you believe we are unlawfully processing your personal information, you have the right to submit a complaint about a breach of New Zealand's Privacy Principles to the Office of the New Zealand Privacy Commissioner, if you advise us and are not satisfied with our handling of the matter. Visit https://www.privacy.org.nz for more information.

Republic of South Africa

At any time, you have the right to request access to or correction of your personal information. You can make such a request by contacting us at info@xynoptik.com.au.

If you are unsatisfied with the manner in which we address any complaint regarding our processing of personal information, you can contact:

The Information Regulator South Africa
General enquiries: enquiries@inforegulator.org.za
POPIA Complaints: POPIAComplaints@inforegulator.org.za

13. Do We Make Updates to This Notice?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws and to reflect changes in our data practices.

We may update this Privacy Notice from time to time in response to changing legal, technical, or business developments. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice.

If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes on our website or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.

Your continued use of our Services following the posting of revised Privacy Notice means that you accept and agree to the changes.

14. How Can You Contact Us About This Notice?

If you have questions or comments about this notice, you may:

We will endeavour to respond to any privacy inquiries within 30 days of receipt.

15. How Can You Review, Update, or Delete the Data We Collect from You?

In Short: You have the right to request access to, correction of, and deletion of your personal information, subject to applicable law.

Based on the applicable laws of your country or state of residence, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law.

To request to review, update, or delete your personal information, please:

  • Submit a data subject access request by contacting us at info@xynoptik.com.au
  • Visit our contact form at https://www.xynoptik.com.au/contact

Upon your request, we will delete your information from our active databases. However, we may retain some information in our files to:

  • Prevent fraud and troubleshoot problems
  • Assist with any investigations
  • Enforce our legal terms, including our Terms of Service
  • Comply with applicable legal requirements
  • Maintain business records as required by law

We will process your request within a reasonable timeframe in accordance with applicable law, typically within 30 days of receipt.