1. Scope of the Policy
This policy statement applies to personal information collected from you by Tomizone Limited (ABN 99 000 094 995) and its subsidiaries (“we, us, our”) via the Tomizone websites or locations offering WiFi internet access services (“Services”), owned or operated by us or on behalf of or in conjunction with the location owner or manager (“Provider”).
This policy together with our Terms and Conditions which you accept prior to accessing and using any Services, applies to your access and use of this website and any of the Services.
This policy statement does not apply to the privacy policies of organisations that we do not own or control, or to people that we do not employ, even if URL links to their websites appear on our websites or portals providing the Services. We recommend you examine the privacy policies and statements of such other parties. This statement sets out how we aim to protect the privacy of your personal information, your rights in relation to your personal information managed by us and the way we collect, hold, use and disclose your personal information.
2. Information we may collect
2.1 Submitted information
We may collect information that you provide to us on contact forms or submit or transact in order to access the Services:
- If you contact us, we may keep a record of that correspondence;
- Details of transactions you carry out through our Services;
- Details of your use of our Services including, but not limited to, location data, weblogs and other communication data and the resources that you access;
- The login information which you provide and/or information from your social media account through which you access the Services (e.g. Twitter, Facebook etc). This information will be taken from your social media account and will be subject to your privacy settings. We may also ask you for information when you enter a competition or promotion and when you report a problem with any of our Services;
- Information that you provide when answering surveys or in the course of your interaction with promotions or advertising.
2.2 Device information
- We may collect information about the mobile telephone, smart phone, hand held device, laptop, computer or any other device used to access and use the Services, including, where available, the unique device identifiers, operating system, browser type and mobile network information as well as the device’s telephone number if applicable. We may associate device information with Submitted Information and will treat the combined information as personal data in accordance with this policy for as long as it is combined.
2.3 Location information
We may collect and process information about your actual location. In some locations we may collect data for WiFi-enabled devices present at the location. This data is collected from the relative signal strength from WiFi access points from where an X/Y coordinate is calculated. This data is linked to the user using the device to access the WiFi and shared with the venue owner and WiFi service provider to help analyse how people move around the location. A device’s MAC address is masked to prevent linking this data to other sources. To learn about use of customer location and your choices visit www.smartstoreprivacy.com. You can opt out of location services by visiting www.smart-places-org.
2.4 Log information
When you use the Service, we may automatically collect and store certain information in server logs, including but not limited to internet protocol (IP) addresses, internet service provider (ISP), clickstream data, browser type and language, viewed and exit pages and date or time stamps.
3. Storage and retention of information
All information you provide to us is stored on our secure servers. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted via our Services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. If access to the Services is through your chosen social media platform you should ensure when using these features that you do not submit any personal personal data that you do not want to be seen, collected or used by other users.
4. Use of the information
We use information held about you in the following ways:
- To provide you with information regarding the location in which you are using the Services including information relating to their goods and services;
- To provide it to the Provider, advertiser or sponsor to enable them to see how the location is being used and by whom and to communicate directly with you, to provide you with information about goods and services that may be of interest to you;
- To report aggregate information to our advertisers or selected third parties for consumer analysis;
- At the time of entering a promotion or otherwise from time to time, we may seek your consent to us disclosing your contact details to a specified advertiser. Where you have provided your consent, the advertiser may contact you for promotional purposes, and with special offers via the communication channel or channels specified at the time of obtaining your consent. In the event you do not wish to receive such communications, you can opt-out before accessing the Services or through any opt-out mechanism contained in a communication;
- We will only contact you by electronic means (phone, SMS, email) with information about goods and services. Where we permit selected third parties to use your data, we (or they) will only contact you by electronic means;
5. Disclosure of information
We may disclose your personal information to any member of our group, including our subsidiaries, and to selected parties:
- To the Provider who operates or owns the location where you access the Services;
- To the selected third parties detailed at point 4 above;
- In the event that we sell or buy any business or assets, in which case we may disclose your data to the prospective seller or buyer of such business or assets;
- If Tomizone assets are substantially acquired by a third party, in which case data held by it will be one of the transferred assets;
- If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request;
- In order to enforce or apply the Terms and Conditions, or to investigate potential breaches; or protect the rights, property or safety of Tomizone, Providers, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
6. Third party sites
Our Services may, from time to time, contain URL links to and from the websites of our partner networks, advertisers, sponsors and affiliates (including, but not limited to, websites on which the Services are advertised). If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.
7. Accessing the information
We take steps reasonable in the circumstances to ensure personal information we hold is accurate, up-to-date, complete, relevant and not misleading. Under respective countries’ privacy legislation, you have a right to access and/or seek correction of your personal information that is collected and held by us.
If at any time you would like to access or correct the personal information that we hold about you, or you would like more information on our approach to privacy, please contact us via our website or by emailing firstname.lastname@example.org.
We will grant access to the extent required or authorised by law and take steps reasonable in the circumstances to correct personal information where necessary and appropriate. To obtain access to your personal information: you will have to provide proof of identity; you must be reasonably specific about the information you require; and we may charge you a reasonable administration fee, which reflects the cost to us, for providing access in accordance with your request.
9. Privacy complaints
If you believe that we have breached your privacy in accordance with applicable privacy legislation, you can make a privacy complaint to us by emailing email@example.com.
At all time, privacy complaints will be treated seriously, dealt with promptly and in a confidential manner; and will not affect your existing obligations or affect your commercial arrangements with us (if any).