Privacy Policy

Technology One Limited (“TechnologyOne”, “we” or “us”) is committed to protecting the privacy of the personal information we collect.

We understand that you take your privacy seriously. We do too.

Our Privacy Policy describes how we manage personal information, including the kinds of personal information we collect, the purposes for which we collect personal information, and how we hold, use and disclose personal information. By using our products and services (including our website) or by providing your personal information to us you agree to the terms of this Privacy Policy.

We may make changes to this Privacy Policy from time to time to take into account changes to our standard practices and procedures or where necessary to comply with new laws and regulations. The latest version of this Privacy Policy will always be available on our website (www.technologyonecorp.com). The updated version will apply from the date stated at the end of the Privacy Policy.

We encourage you to check our website from time to time to ensure that you are aware of our current Privacy Policy.

  1. What personal information do we collect?
    1. The types of personal information we collect will depend on the circumstances in which the information is collected.  However, the types of personal information we collect and hold about you may include:
      • identifying information, such as your name and date of birth;
      • contact information, such as your address, email address and telephone/mobile number;
      • financial information, such as bank account or other payment details;
      • for our employees, employee records that may contain personal information including safety information (e.g. location information, emergency contacts) and travel and right to work information (e.g. copies of passports, visas and drivers licences);
      • for employees, personal information captured in our records when using TechnologyOne systems and devices for personal use (e.g. transaction history);
      • usernames and passwords that you create when registering for an account with us;
      • your organisation and position, where your organisation has business dealing with us;
      • information about your occupation and employer organisation;
      • details of any products or services we provide to your organisation;
      • information about how you use the products or services we provide to you;
      • records of our communications with you, such as telephone, email, SMS, online and in-person communications;
      • images of you which may be captured on CCTV in TechnologyOne offices, including in Australia, United Kingdom and New Zealand.
      • other information that you provide us during the course of business; and
      • other information that is capable of identifying you.
    2. If you choose not to supply us with this information, we may not be able to allow you to access or use our products or services (or all of the features and functionality offered by our products or services) or to respond to queries or requests that you submit to us.
    3. You are always welcome to provide us with comments, queries and feedback in relation to our products and services.  We may record and monitor telephone calls and other communications between you and us for training, quality control and compliance purposes.
    4. When you communicate with us, we may collect additional information including the languages you speak, how best to manage communications with you, and information about your dealings with us.
    5. If you participate in a survey or competition, or respond to a feedback request, we will collect the information that you provide in doing so, and associated information such as when and how you submitted the response.
    6. We collect information about people who invest in us.
    7. We collect information about people who are our employees, contractors, suppliers and business partners, or who are employed by our contractors, suppliers and business partners.  The information we collect is what we need to conduct business with that individual or party.
    8. When you do business with us, we may collect information about you from others, such as from referees or from others who do business with you.
    9. Our website may contain links to other websites.  We are not responsible for the privacy practices or the content of those other websites.  The privacy practices applicable to those other websites may differ substantially from ours, so we advise you to read the privacy policy of those other websites before using them.
    10. Log data, device and location information

    11. When using our products and services (including our website), we will collect information about you and about your use of our products and services, such as which services you use and how you use them.  We will collect information such as:
      • user name and password;
      • device information, such as the model and ID of the device you use, operating system, telephone number and mobile phone network;
      • server log information, such as details of how you used the products or service (including our website), IP address, hardware settings, browser type, browser language, the date and time of your use and referral URL;
      • your browser or your account using cookies (see below); and
      • real-time location information.
  2. Our products and services (including our website) may also detect and use your IP address or domain name for internal traffic monitoring and capacity management purposes or to otherwise administer the products and services.  The patterns of usage of visitors to the online services may be tracked for the purposes of providing improved service and content based on aggregate or statistical review of user traffic patterns.
  3. Our websites may use third-party services, such as Google services (e.g. Google Analytics).  For more about how Google collects and processes data, please see Google's Privacy Policy, Google Terms of Service and their information on how Google uses your data.
  4. Sensitive data

  5. We may also collect sensitive information about you such as information about your health, racial or ethnic origin, religious beliefs and criminal record if you provide your explicit consent or if we are otherwise allowed or required by law.
  6. SaaS Customers (TechnologyOne Cloud)

  7. If we provide you with access to an environment where you can store and process personal information, such personal information is not collected, stored, used, processed, modified or disclosed by us (except to the extent required by permitted TechnologyOne employees who may access customer environments for system configuration, maintenance and account administration purposes or as otherwise required by law).
  8. Access to the data or information contained within any of these environments is controlled directly by you. It is your responsibility to obtain consent from individuals before their personal information is collected, stored, used, processed, modified or disclosed by you using any TechnologyOne environment. You should familiarise yourself with the available Complementary User Entity Controls that enhance the security and privacy of our services to you.
  9. Our SaaS Customers benefit from a range of additional information security and compliance controls, including protection of personal information.  For more about these, please see www.technologyonecorp.com/security
  10. How do we collect personal information?
    1. We may collect personal information about you in the following ways:
      • when you order products or services from us;
      • when you use our online services (e.g. Customer Communities), and other products and services (including our website);
      • when you visit our sites or offices;
      • when we visit your sites or offices;
      • when you submit a query or request to us;
      • when you respond to a survey that we run or fill in forms on our website;
      • by tracking your use of our products and services (including our website);
      • from third parties who are entitled to disclose that information to us;
      • from publicly available sources;
      • from online sources (including social media platforms and providers (e.g. LinkedIn);
      • suppliers of information products and services (e.g. companies that consolidate data from multiple public sources);
      • when you apply for a job with us; or
      • other lawful means.
    2. From time to time, we may use third-party online services to collect personal information such as your name and email address or telephone number to administer online competitions, customer feedback and surveys.
    3. If you provide us with personal information about someone else, you must only do so if that person has consented to you doing so and to us collecting, holding, using and disclosing their information in accordance with this privacy policy.
    4. Cookies

  11. We may also collect personal information about you and your use of our website, products and services using cookies.  We use cookies to monitor and observe your use of our website, products and services, compile aggregate data about that use, and provide you with a more effective service (which may include customising parts of our website based on your preferences and past activities on that website).
  12. Cookies are small, usually randomly encoded, text files that help your browser navigate through a particular website.  The cookie file is generated by the website you are browsing and is accepted and processed by your computer's browser software.  The cookie file is stored in your browser's folder or subfolder.  For more information, see: https://www.allaboutcookies.org/
  13. Each cookie expires after a certain period of time depending on its purpose or they can be stored for longer.  We use session-based or temporary cookies that are stored and used during your browsing session, use of our website and use of our services.  These cookies are usually deleted automatically from your device when you log out of your account, the browser is closed or within a reasonable time after your use of our website.  Permanent, persistent or stored cookies are stored on your device in between your use of our website which allows your preferences or actions to be remembered.  When using our website, we also allow the use of some third-party cookies which are set by a domain other than our website (for example, Google may set a cookie on your browser).
  14. Modern internet browsers have a facility that will allow you to disable cookies altogether and you can refer to your browser’s help menu to find out how to do this.  While you will still be able to browse our website with cookies disabled on your internet browser, some website functionality may not be available or may not function correctly, and our ability to deliver our service to you may be limited.  It also may degrade the user experience.
  15. How do we use personal information?
    1. We use the personal information that we collect about you to:
      • verify your identity when you are dealing with us;
      • determine your eligibility for any of our products or services;
      • maintain our relationship with you;
      • enable us to provide you or your organisation with our products and services;
      • answer your queries and requests;
      • comply with our legal and regulatory obligations;
      • carry out market analysis and research;
      • monitor use of our products and services (including our website);
      • assess, operate, maintain, upgrade and improve our products and services (including our website);
      • provide better products, services and information to our customers and to the community;
      • carry out education and training programs for our employees;
      • manage and resolve any legal or commercial complaints or issues (including debt recovery);
      • meet our obligations and perform our functions under applicable laws and agreements;
      • maintain and update our records;
      • use in accordance with any request or instructions from you;
      • carry out planning and forecasting activities and other internal business processes;
      • keep you informed about our activities and notify you of changes to our products or services;
      • make special offers related to our products or services that we think may be of interest to you; and
      • use as otherwise required or authorised by law or government agency.
    2. We may also use your personal information for any other purpose as authorised by you.

    Direct marketing and research

  16. We may use and disclose your personal information for marketing purposes (but we will not sell your personal information to any third party).  We may contact you about our products and services (including our website), the products and services of other people, or related special offers from our business partners, that we think may be of interest to you.  This information may be sent to you by email, SMS or by other means.
  17. We may use and disclose your personal information to carry out consumer and market research, compile demographics and perform other research and analysis so that we can develop and implement initiatives to improve our services, improve the design, construction and operation of our products and identify people likely to be interested in our products and services.
  18. You can opt-out of receiving marketing communications from us at any time by following the ‘unsubscribe’ link in the communication or contacting us using the contact details below.  Unsubscribing from promotional communications will not stop service-related communications from us, such as administrative alerts in relation to your account. Modern internet browsers have a facility that will allow you to disable cookies altogether and you can refer to your browser’s help menu to find out how to do this.  While you will still be able to browse our website with cookies disabled on your internet browser, some website functionality may not be available or may not function correctly, and our ability to deliver our service to you may be limited.  It also may degrade the user experience.
  19. De-identification

  20. We may de-identify information about you so that the information can no longer be used to identify you.  We may use and disclose de-identified personal information in the course of our business (including in any promotional or marketing material).
  21. Aggregation

  22. We may aggregate information on the use of our products and services (including our website) in such a way that the information can no longer be related to the identifiable individuals.  We may use and disclose aggregated information in the course of our business (including in any promotional or marketing material).
  23. Who do we disclose personal information to?
    1. We may disclose your personal information to:
      • your representatives, advisers and others you have authorised to interact with us on your behalf;
      • related entities within our corporate group;
      • our employees and third parties including business partners, consultants, contractors, suppliers, service providers, professional advisors and agents who need the information to assist us with conducting our business activities;
      • payment system operators and financial institutions;
      • prospective purchasers of all or part of our business or shares in our company or a related entity;
      • government agencies or authorities, regulators, law enforcement agencies and other parties where authorised or required by law who ask us to disclose that information and to which we are legally required to disclose your personal information;
      • parties identified at the time of collecting your personal information or as otherwise authorised by you.

  24. Cross-border disclosures
    1. We may disclose information to recipients that are located outside the country in which you are located (including contractors and external service providers).  We may disclose your personal information to our employees overseas.
    2. We have related entities and service providers located in Australia, New Zealand, Papua New Guinea, United Kingdom, Malaysia, the Republic of Ireland, United States of America, and Singapore and may disclose personal information to those entities.
    3. We take commercially reasonable steps to ensure that any overseas recipient does not breach the privacy law applicable in your jurisdiction or this Privacy Policy in relation to the personal information.
    4. By using our products or services (including our website) and providing us with your personal information, you consent to the disclosure by us, and to the storage and use of your personal information in the countries listed above which may be other than the country in which you are located where a different privacy or data protection regime applies.

  25. How do we maintain and secure your personal information?
    1. We take reasonable steps to ensure that any of your personal information which we hold is accurate, complete and up-to-date. These steps include promptly updating personal information when we are advised that personal information has changed, checking our contact lists for accuracy, and providing individuals with a simple means to update their personal information.
    2. We generally store the personal information that we collect in electronic databases, some of which may be held on our behalf by third-party data storage providers (which may be located off-shore). Sometimes we also keep hard copy records of this personal information in physical storage facilities.  We use a range of physical and technical security processes and procedures to protect the confidentiality and security of the information that we hold, and we update these from time to time.   These measures include:
      • restricting access to our physical and electronic databases, and physical security such as security procedures for access to our business premises; and
      • technological security procedures including password protection, network firewalls, encryption, intrusion detection and site monitoring where practicable to do so.
    3. We also take steps to monitor access to and modification of your information by our employees and contractors, and ensure that our employees and contractors are aware of and properly trained in their obligations for managing your privacy.
    4. However, the internet is not a secure environment and no matter what physical and technical security processes and procedures are used we cannot guarantee the security of your personal information.  You also play an important role in keeping your information secure by maintaining the confidentiality of any usernames and passwords you use with our products and services (including our website).

  26. How long do we store your personal information?
    1. Personal information is only retained for as long as it is needed for the purpose for which it was collected or as required by law.  Within a reasonable time after the expiry of this period, we will take reasonable steps to de-identify or destroy the personal information which is in our possession or control.

  27. How can you access, restrict use, correct and transfer your personal information?
    1. You have a right to:
      • request a copy of your personal information,
      • ask us to restrict the use of your personal information; or
      • correct or rectify any personal information that is out-of-date, incorrect, incomplete or misleading.

      Such requests should be submitted to us in writing using the contact details below.  We may ask you to verify your identity before providing you with or correcting such information.

  28. We will action your request within a reasonable time frame and provide one copy of your personal information free of charge.  If your request is for additional copies or your request is manifestly unfounded, excessive or repetitive, we may refuse your request or charge a reasonable fee.  If we refuse a request or charge a reasonable fee, we will advise you of the reasons for our refusal or any fees within a reasonable time frame.
  29. You have a right to request a copy of the personal information you have provided to us in a structured, commonly used and machine-readable format and the right to have that information transmitted or ported to another entity under certain circumstances.
  30. There may be cases where we are unable to provide the information you request, such as where it would interfere with the privacy, rights or freedoms of others, or result in a breach of confidentiality or applicable laws.  In these cases we will let you know why we cannot comply with your request.
  31. How can you erase your personal information?
    1. You have a right to request the erasure or destruction of your personal information when it is no longer necessary for the purpose for which it was originally collected, it is not being used for the purposes for which it was collected, or you wish to withdraw your consent for certain processing.
    2. There may be cases where we are unable to comply with your request such as where we need to continue processing your personal information in order to comply with applicable laws.  Such requests should be submitted in writing using the contact details below.  We may ask you to verify your identity before complying with your request.

  32. Complaints
    1. If you have a concern about your privacy or how we have handled your personal information, or you have a query on how your personal information is collected, please contact our Chief Privacy Officer using the contact details below.
    2. If you wish to make a complaint about the way we have handled your personal information including if you think we have breached the Privacy Act, you should forward a written complaint to our Chief Privacy Officer using the contact details below.  In the complaint, please include your contact details (such as email address, name, address and telephone number) and clearly describe the complaint.
    3. We will respond to your query or complaint within a reasonable time.  If you are not satisfied with our response, you may contact us to discuss your concerns.  You may also contact the relevant privacy or data protection regulator:
      • Australia:  the Office of the Australian Information Commissioner (OAIC) using the contact details at the OAIC’s website https://www.oaic.gov.au
      • United Kingdom:  the Information Commissioner’s Office (ICO) using the contact details at the ICO’s website https://ico.org.uk

TechnologyOne Sub-Processors

The TechnologyOne Sub-Processors webpage provides information on the sub-processors that we engage to provide processing activities on customer data on behalf of customers. Prior to engaging any third-party sub-processor, TechnologyOne undertakes diligence to evaluate their privacy, security and confidentiality practices, and executes an agreement including the required obligations under privacy law. All sub-processor arrangements follow the written agreements we have in place with our customers.