1. Privacy Policy
1.1 Background
We recognise and value:
(a) the protection of your personal information; and
(b) that you have an interest in our collection and use of your personal information.
We have implemented this Privacy Policy in accordance with the Privacy Act 1988 (Cth) (Privacy Act), Australian Privacy Principles (APP) and other data protection rules in order to be open and transparent about how we collect, hold, and use your personal information, and under what circumstances we may disclose or transfer it.
Please note this Privacy Policy forms part of the TaxTank Pty Ltd ABN 43 633 617 615 (TaxTank, we, our, us and other similar terms) terms and conditions of our various agreements with you, including the TaxTank Site Terms of Use and TaxTank SaaS Agreement.
1.2 Disclaimer
While your privacy is very important to us, nothing in this privacy policy constitutes a voluntary opt in to any privacy laws, anywhere in the world, which we are not statutorily bound to comply with.
1.3 What is “personal information”?
Personal information held by us may include your:
(a) name and date of birth;
(b) residential and business postal addresses, telephone/mobile/fax numbers and email addresses;
(c) bank account and/or credit card details for agreed billing purposes;
(d) any information provided to us by you during your account creation process or added to your user profile;
(e) preferences and passwords for using this site and your computer and connection information; and
(f) any information you otherwise share with us.
1.4 Collection
We collect personal information:
(a) when you use this Site (www.taxtank.com.au), any associated landing pages or any associated services, including (without limitation) when you:
(i) create a user account;
(ii) add information to your user profile;
(iii) purchase any services through this site;
(iv) add reviews, forum or chat room messages or comments in any elements of this site that permit user-generated content;
(v) register for access to premium content or request certain premium features;
(vi) complete an online contact form to contact us or any third-party supplier;
(vii) provide information to us by telephone or through marketing or competition application forms; or
(viii) send us an email or other communication;
(b) in order to assist you with the supply of products, the provision of services and any related assistance or other purposes requested through such communication.
Information will only be collected directly from you unless you authorise another individual or organisation to provide the information, or if the information has been sourced from a third-party database.
IP addresses
We may also collect Internet Protocol (IP) addresses. IP addresses are assigned to computers on the internet to uniquely identify them within the global network. We collect and manage IP addresses as part of the service of providing Internet session management and for security purposes. We may also collect and use web log, computer and connection information for security purposes and to help prevent and detect any misuse of, or fraudulent activities involving, this Site and any products/services.
1.5 Use
The personal information you provide is used for purposes related to our primary business operations, which are providing the TaxTank software suite as a service to users, accountants and other financial experts. Examples of when your information may be used include:
(a) informing you about our products and services;
(b) providing you with the products and services you have requested;
(c) administration needs in relation to providing you with products and services, including your account;
(d) dealing with requests, enquiries, or complaints and other customer care related activities;
(e) verifying your identity;
(f) assisting you to use functionality on this Site or services;
(g) processing any purchases of services that you may make through this site, including charging, billing, and collecting debts;
(h) making changes to your account;
(i) responding to any queries or feedback you may have;
(j) conducting appropriate checks for creditworthiness and for fraud;
(k) preventing and detecting any misuse of, or fraudulent activities involving, this site or the Services;
(l) conducting research and development in respect of our services;
(m) gaining an understanding of your information and communication needs, or obtaining your feedback or views about our services in order for us to improve them;
(n) maintaining and developing our business systems and infrastructure, including testing and upgrading of these systems;
(o) marketing our products and services generally; and
(p) carrying out any activity in connection with a legal, governmental or regulatory requirement imposed on us or in connection with legal proceedings, crime or fraud prevention, detection or prosecution;
and for any other purpose reasonably considered necessary or desirable by us in relation to the operation of our business.
We may also use personal information for purposes, as would be reasonably expected by you, in connection with those activities described above.
We will not use your information for purposes, other than as described in this privacy policy, unless we have your consent or there are specific law enforcement, public health or safety reasons.
1.6 Log Data
We may also collect information that your browser sends whenever you visit our Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.
1.7 Our use of cookies, pixels and web beacons
This site and our products and services may use “cookies” to help personalise your online experience. A cookie is a text file or a packet of information that is placed on your hard disk by a web page server to identify and interact more effectively with your computer. There are two types of cookies that may be used by us: a persistent cookie and a session cookie. A persistent cookie is entered by your web browser into the “Cookies” folder on your computer, remains in that folder after you close your browser, and may be used by your browser on subsequent visits to this site. A session cookie is held temporarily in your computer’s memory and disappears after you close your browser or shut down your computer. Cookies cannot be used to run programs. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you. In some cases, cookies may collect and store personal information about you. We extend the same privacy protection to your personal information, whether gathered via cookies or from other sources.
You can configure your Internet browser to accept all cookies, reject all cookies or notify you when a cookie is sent. Please refer to your Internet browser’s instructions to learn more about these functions. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of this site.
1.8 Why we use cookies
This site uses cookies in order to:
(a) remember your preferences for using this site;
(b) manage the sign-up process when you create an account with us;
(c) recognise you as logged in while you remain so, avoiding your having to log in again every time you visit a new page;
(d) facilitate e-commerce transactions, to ensure your order is remembered between pages during the checkout process;
(e) show relevant notifications to you (e.g. notifications that are relevant only to users who have, or have not, created an account or subscribed to newsletters, email, or other subscription services); and
(f) remember details of data that you choose to submit to us (e.g. through online contact forms or by way of comments, forum posts, chat room messages, reviews, ratings, etc).
Many of these cookies are removed or cleared when you log out, but some may remain so that your preferences are remembered for future sessions.
1.9 Third party cookies
In some cases, third parties may place cookies through this site. For example:
(a) Google Analytics. This Site uses a tool called “Google Analytics” to collect information about use of this Site. Google Analytics collects information such as how often users visit this Site, what pages they visit when they do so, and what other Sites they used prior to coming to this Site. We use the information we get from Google Analytics to maintain and improve this Site and our products. We do not combine the information collected through the use of Google Analytics with personal information we collect. Google’s ability to use and share information collected by Google Analytics about your visits to this Site is restricted by the Google Analytics Terms of Service, available at https://marketingplatform.google.com/about/analytics/terms/us/, and the Google Privacy Policy, available at http://www.google.com/policies/privacy/. You may learn more about how Google collects and processes data specifically in connection with Google Analytics at http://www.google.com/policies/privacy/partners/. You may prevent your data from being used by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout/.
(b) Mixpanel. We collect personal information such as your email address and your user activity through the use of Mixpanel. Mixpanel’s ability to use and share information is governed by the Mixpanel Terms of Use, available at https://mixpanel.com/terms/, and the Mixpanel Privacy Policy, available at https://mixpanel.com/privacy/. You can opt-out of Mixpanel’s services by clicking on the following link: https://mixpanel.com/optout/.
(c) Intercom: We use third-party analytics services to help understand your usage of our services. In particular, we provide a limited amount of your information (such as sign-up date and some personal information like your email address) to Intercom, Inc. (“Intercom”) and utilise Intercom to collect data for analytics purposes when you visit our website or use our product. As a data processor acting on our behalf, Intercom analyses your use of our website and/or product and tracks our relationship by way of cookies and similar technologies so that we can improve our service to you. For more information on Intercom’s use of cookies, please visit https://www.intercom.com/terms-and-policies#cookie-policy. We may also use Intercom as a medium for communications, either through email, or through messages within our product(s). The Intercom Messenger Apps and Apps in Help Desk products may also provide you with access to other third party applications such as Stripe. You should consult these third parties’ privacy notices for further information on their use of your personal data. As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience. For more information on the privacy practices of Intercom, please visit https://www.intercom.com/terms-and-policies#privacy. Intercom’s services are governed by Intercom’s terms of use which can be found at https://www.intercom.com/terms-and-policies#terms. If you would like to opt out of having this information collected by or submitted to Intercom, please contact us.
(d) Hotjar. This Site uses Hotjar in order to better understand our users’ needs and to optimise this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices (in particular device’s IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our Site). Hotjar stores this information in a pseudonymised user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy at https://www.hotjar.com/legal/policies/privacy. You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our Site and Hotjar’s use of tracking cookies on other Sites on this link https://www.hotjar.com/legal/compliance/opt-out.
(e) Service Providers. We may employ third-party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service-related services or to assist us in analysing how our Service is used.
These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
(f) Third-party social media applications (e.g. Facebook, Twitter, LinkedIn, Reddit, Pinterest, YouTube, Instagram, TikTok etc) may use cookies to facilitate various social media buttons and/or plugins in this site. Log files track actions occurring on this Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
1.10 Behavioural remarketing
TaxTank Pty Ltd. uses remarketing services to advertise on third-party web sites to you after you visited our Service. We, and our third-party vendors, use cookies to inform, optimise and serve ads based on your past visits to our Service.
1.11 Interacting with us
If you contact us with a general question, we may interact with you anonymously or through the use of pseudonyms.
However, you are required to provide true and accurate details when requesting the supply of products or provision of support services. You agree you will provide accurate information if so required.
1.12 Direct marketing
Occasionally we may send you marketing or promotional material. Marketing and promotional material will only be sent to you if you have opted in to receiving marketing material.
We (or an appointed third party) may also conduct surveys or market research and may seek other information from you on a periodic basis. These surveys will provide us with information that allows improvement in the type, quality and manner in which those products and services are offered to you.
To opt out of receiving certain marketing material, you may contact us or select the “unsubscribe” link provided in the email.
1.13 Sharing your Personal Information
We may disclose your personal information to:
(a) employees, a related company and professional advisors such as our lawyers;
(b) law enforcement agencies to assist in the investigation and prevention of criminal activities;
(c) credit-reporting and fraud-checking agencies;
(d) credit providers (for credit-related purposes such as creditworthiness, credit rating, credit provision and financing);
(e) government and regulatory authorities and other organisations, as required or authorised by law;
(f) organisations that manage our business strategies, including those involved in a transfer/sale of all or part of our assets or business (including accounts and trade receivables) and those involved in managing our business risk and funding functions; and
(g) third party contractors or service providers with whom we have a business association, including:
(i) integration providers;
(ii) marketing service providers;
(iii) accounting service providers; and
(iv) information technology service providers including cloud application providers.
We will not disclose your personal information, other than in accordance with this privacy policy, without your consent.
1.14 Overseas disclosure
We may disclose your personal information to third-party contractors, service providers, or customers with whom we have a business association.
While we do not otherwise actively disclose your personal information to overseas entities, we do engage service providers such as cloud data services, who may have international data centres and disaster recovery sites. Consequently, these providers may have access to your information.
We rely solely on reputable organisations for such cloud services.
1.15 Security of your personal information
We store your personal information using servers that have built-in measures to combat unauthorised access, modification or disclosure.
While we endeavour to only hold personal information that is accurate, complete and up-to-date, if you become aware your information is no longer accurate, complete or up-to-date, please contact us.
1.16 Disposal of personal information
If we hold personal information about you, and we do not need that information for any purpose, we will take reasonable steps to destroy or de-identify that information, in accordance with the APP and the European Union General Data Protection Regulation (GDPR), unless we are prevented from doing so by law.
You may make a request to us in writing to remove your personal information and, where permitted, we will do so in accordance with the APP and the GDPR.
Under Australian law, financial records, such as those relating to financial transactions, must be retained for up to 7 years after the transactions contemplated by those records are completed.
1.17 How to access your personal information
Upon your request and after satisfying ourselves of your identity, we will provide access to your personal information that we hold, except in certain prescribed circumstances. These circumstances include where:
(a) we believe giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
(b) giving you access would be unlawful;
(c) granting that access would have an unreasonable impact on the privacy of other individuals;
(d) we would be in breach of our obligations under a Technical Assistance Notice (TAN), Technical Capability Notice (TCN) or Computer Access Warrant (CAW) from an Australian Government agency;
(e) the request for access is frivolous or vexatious; or
(f) there are anticipated legal proceedings.
We will amend any personal information about you that is held by us and that is inaccurate, incomplete or out of date if you request us to do so. If we disagree with your view about the accuracy, completeness or currency of a record of your personal information that is held by us, and you ask us to associate with that record a statement that you have a contrary view, we will take reasonable steps to do so.
1.18 Third-party Sites
You may click through to third-party Sites from this site, in which case we recommend that you refer to the privacy statement of this Sites you visit. This Privacy Policy applies to this site only and the Company assumes no responsibility for the content of any third-party Sites.
1.19 GDPR
We welcome the General Data Protection Regulation (GDPR) of the European Union (EU) as an important step forward in streamlining data protection globally. Although we do not operate an establishment within the EU and do not target any offering of services towards clients in the EU specifically, we intend to comply with the data handling regime laid out in the GDPR in respect of any personal information of data subjects in the EU that we may obtain.
GDPR rights
The requirements of the GDPR are broadly similar to those set out in the Privacy Act and include the following rights:
(a) You are entitled to request details of the information that we hold about you and how we process it. For EU residents, we will provide this information for no fee.
(b) You may also have a right to:
(i) have that information rectified or deleted;
(ii) restrict our processing of that information;
(iii) stop unauthorised transfers of your personal information to a third party;
(iv) in some circumstances, have that information transferred to another organisation; and
(v) lodge a complaint in relation to our processing of your personal information with a local supervisory authority.
(c) Where we rely on your consent as our legal basis for collecting and processing your data, you may withdraw that consent at any time.
If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. However, please be aware that:
(d) such objection or withdrawal of consent could mean we are unable to provide our services to you, and could unduly prevent us from legitimately providing our services to other clients subject to appropriate confidentiality protections; and
(e) even after you have chosen to withdraw your consent, we may be able to continue to keep and process your personal information to the extent required or otherwise permitted by law, in particular:
(i) to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and which does not materially impact on your rights, freedoms or interests; and
(ii) in exercising and defending our legal rights and meeting our legal and regulatory obligations.
1.20 Compliance with Australian Assistance and Access Legislation
The laws have recently changed here in Australia to compel companies to share data with Australian intelligence agencies and law enforcement or build in data sharing mechanisms that may report directly to these agencies. While we endeavour to protect your data and our technology from vulnerabilities wherever possible, we cannot break the law, nor can we inform you when we have been issued with a notice under the new legislation.
By using our platform or Site, you expressly exclude us from any liability which arises from sharing data or building data sharing mechanisms (including ‘back-doors’ and vulnerabilities) into our technology at the direction of the Australian Government and its agencies, including where those mechanisms are later exploited by a third party.
1.21 Complaints procedure
Your privacy is important to us. If you have a complaint or concerns about our information handling processes as they relate to your personal information, we ask that you first contact our privacy officer whose contact details are listed below.
If, after we have conducted our investigations, you are still not satisfied then we ask you consult with:
The Office of the Australian Information Privacy Commissioner
GPO Box 5218, Sydney NSW 2001
Telephone: 1300 363 992
Email: enquiries@oaic.gov.au
1.22 How to contact us
If you have any queries, questions, concerns, or wish to make a complaint regarding how we deal with your personal information, please contact us:
TaxTank Privacy Officer
1503 / 56 Scarborough Street, Southport QLD 4215, Australia
Email: support@taxtank.com.au
1.23 Amendments to this Privacy Policy
We are obligated to regularly review and update this policy. We therefore reserve the right to amend this Privacy Policy at any time. Should any significant amendments occur, notification will be provided by publication on this Site 14 days prior to the changes being implemented, unless the circumstances of the amendments make it unreasonable to provide such a notice period. Your continued use after the notice period has lapsed indicates your consent to be bound by the amended Privacy Policy.
For further information about privacy in general, please refer to the Office of the Australian Information Commissioner’s Site located at http://www.oaic.gov.au.
Alternatively, please contact our Privacy Officer using the details provided above.
Last amendment date: 15 March 2023
