Privacy Policy

Effective starting: 1 January 2024

Introduction

Welcome to FSH Tech Solutions Pty Ltd ('we', 'us', or 'our'). We are the controller of your personal information when you use our website/application https://smact.fshtechsolutions.com ('Smact'). We are committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy explains how we collect, use, store, and share your information and the choices available to you.

Information We Collect

We may collect the following types of information:

  • Account and Contact Information: Your name, email address, company details, and any other information you provide when creating or managing an account with us.
  • Customer Content: Project files and related data (for example, .xer files, project calendars, codes, activities, and resource data) that you upload so that Smact can provide the contracted services.
  • Usage and Technical Data: Log data, IP addresses, device and browser details, time-zone, and interactions with the website/application collected to operate, secure, and improve Smact.
  • Support Communications: Information you provide when you contact us, including records of your requests and correspondence.
  • Payment Information: Limited payment card details and billing information processed through Stripe. We receive tokens and transaction references from Stripe but do not store full card numbers on our systems.
  • Cookies and Tracking Technologies: We use cookies and similar technologies to personalise your experience, provide core functionality, and analyse site usage as described in our Cookies & Tracking Notice.

Respecting Do Not Track and Global Privacy Control Settings

Our website is committed to respecting the privacy preferences of our users. In addition to our cookie consent management, we also recognise and honor Do Not Track (DNT) and Global Privacy Control (GPC) signals.

  • Do Not Track (DNT): DNT is a browser setting that allows users to express their preference not to be tracked across websites. If you have enabled DNT in your browser, our website will respect this preference and disable tracking mechanisms that are not essential to the functioning of our website.
  • Global Privacy Control (GPC): GPC is a newer standard that allows users to communicate their privacy preferences, including the right to opt-out of the sale of personal information, through a browser signal. If you have enabled GPC in your browser or through a browser extension, our website will respect this signal and limit data collection and sharing in accordance with your preferences.

Please note that while we strive to respect DNT and GPC signals, these preferences may not be recognised by all third-party services integrated into our website. We encourage you to review the privacy policies of any third-party services to understand how they handle DNT and GPC signals.

For more information on how to enable DNT or GPC in your browser, please refer to your browser's documentation or the official Global Privacy Control website.

How We Use Your Information

We use your information for the following purposes:

  • To provide and improve our services.
  • To communicate with you about updates, support, and promotional offers.
  • To analyse and understand user behavior to enhance our website/application.
  • For legal and regulatory compliance.

Legal Bases for Processing

Where applicable privacy laws require a legal basis, we rely on the following grounds to process personal information: (i) performance of a contract with you (for example, to deliver Smact and customer support), (ii) your consent (for example, to send certain marketing communications or place non-essential cookies), (iii) compliance with legal obligations, and (iv) our legitimate interests in operating and improving Smact, protecting our users, and enforcing our rights. We balance those interests against your rights and expectations.

Sharing Your Information

We may share your information with the following categories of recipients:

  • Service Providers: Trusted vendors that help us deliver Smact, including hosting, infrastructure, analytics, customer support, and payment processing providers (such as DigitalOcean and Stripe).
  • Professional Advisers: Lawyers, accountants, and auditors who provide consultancy, banking, legal, insurance, or accounting services.
  • Corporate Transactions: Potential or actual buyers, investors, or other parties involved in a merger, acquisition, or financing of our business, subject to appropriate confidentiality protections.
  • Compliance and Safety: Regulators, law enforcement, government authorities, or other third parties when we believe sharing is necessary to comply with laws, enforce our agreements, protect our rights, or safeguard users or the public from harm.

Third-Party Service Providers

We may share your information with third-party service providers to help us deliver our services effectively. These providers include, but are not limited to, DigitalOcean, which provides cloud hosting and database management services. DigitalOcean processes data on our behalf and in accordance with our instructions, ensuring that your data is protected and handled securely.

For more information about DigitalOcean's privacy practices, please visit their Privacy Policy.

Payment Information

We use Stripe, a third-party payment processor, to handle payment transactions for our subscription plans. When you make a payment, the information you provide is sent directly to Stripe and is subject to Stripe’s privacy policy. We do not store your payment information on our servers.

For more information about how Stripe handles your data, please review their Privacy Policy.

Your Rights

Depending on your location, you may have the following rights:

  • Access to your personal information.
  • Correction or deletion of your information.
  • Restriction of processing or objection to processing.
  • Data portability.

You can exercise these rights or update your preferences by contacting us at [email protected]. We may need to verify your identity before fulfilling a request and may be unable to comply where we are not legally required to do so. You can opt out of marketing communications by using the unsubscribe link in our emails.

Data Security

We take reasonable measures to protect your information from unauthorised access, use, or disclosure. Our application and data are hosted on DigitalOcean's infrastructure, which provides robust security features and compliance certifications to safeguard your data. DigitalOcean's data centres are secured with physical and electronic measures and adhere to industry-standard security protocols.

Data Retention

We retain personal information for as long as necessary to provide Smact to you, comply with our legal obligations, resolve disputes, and enforce our agreements. When information is no longer required, we will delete or de-identify it in line with our retention practices, unless we need to retain it to comply with legal or regulatory obligations. You may request deletion of your account information, subject to the limits described in this Policy and applicable law.

International Transfers

Your information may be transferred to and processed in countries outside of your country of residence, where data protection laws may differ. Specifically, we use DigitalOcean's infrastructure, and your data may be stored and processed in their data centres, which are located in various regions around the world. We ensure that appropriate safeguards are in place to protect your data during such transfers, in compliance with applicable data protection laws.

Governing Law

This Privacy Policy is governed by the laws of Western Australia. Any disputes will be subject to the jurisdiction of the courts of Western Australia.

Changes to This Policy

We may update this policy from time to time. We will notify you of any significant changes.

Complaints

If you are concerned about how we handle your personal information, please contact us first so that we can address the issue. If you remain dissatisfied, you may lodge a complaint with the Office of the Australian Information Commissioner at www.oaic.gov.au or your local data protection authority.

Contact Us

If you have any questions or concerns about this policy, please contact us at [email protected].