OpenSC logo

Our privacy policy

Last updated: July 10 2023

Welcome to the OpenSC Privacy Policy. We are committed to protecting the privacy of your personal information while using the website and services. This Privacy Policy (the “Policy”) explains OpenSC’s (collectively “OpenSC”, “we”, “us”, or “our”) practices and policies for the information we collect through the Open SC website (the “Site”) and from other sources that we make available to our clients through the OpenSC services. For convenience, the Site and our services are collectively referred to as the “Service”.

By partnering with us as a client, or visiting the Site as a consumer and/or otherwise using the OpenSC Services, you confirm that you accept this Privacy Policy and that you agree to comply with it.

Who are we?

OpenSC has its legal entity registered at the following address:

OpenSC Pty Ltd
1/80 George Street, The Rocks
NSW, AUSTRALIA 2000

You can reach our DPO at: dpo@opensc.org

What data is collected?

Information you share with us

Personal information we collect includes your:
- First and Last names;
- Email address;

OpenSC collects personal information only when we are contacted directly by an individual through the Site and the individual voluntarily provides personal information to us by submitting their details through our contact form. In most cases, we obtain personal information as it relates to our current or prospective clients and business partners. We generally do not collect personal information about consumers through the Site unless a consumer submits information via our contact form, but we do collect other aggregated online information about consumer interests and habits through web tracking technologies, in order to help understand how users navigate our Site.

To access certain information or features, we may ask you to register an account. You can also request or sign up to receive information, updates and newsletters from us. If you register with us or subscribe to our emails, we will collect information from you including your name and email address. You may also choose to provide additional optional information such as your contact number and the name of the company you work for.

In the case that we receive personal information through our Site, we use this information only in ways related to the purpose for which it was collected, such as to provide customer support, respond to questions, respond to recruitment inquiries and facilitate registration for OpenSC Services where applicable.

Information we collect from other sources

At times, we may also obtain personal data from third party services. We may allow you to sign in to our Services using third-party accounts such as Google, LinkedIn, or Facebook accounts. When you log in through such third-party accounts, we ask you to grant us permission to access and use certain information from these accounts, including your name, email address, and public profile information. Please note, any third-party social networking or other site controls the information it collects from you and what information is disclosed to third-parties.

Information automatically collected

We automatically collect aggregate information about your use of our Site through cookies, web beacons, log files and other methods such as the IP address of the requesting device; data and time of access; the length of time that you are logged into or using our Site; name and URL of the retrieved file; the website from which access is made (referrer URL); the website to which you go after leaving our Site; browser type; device type; the operating system type, name, and version; and the links you click on our Site.

Aggregate Information is data we collect about a group of users, from which individual identities have been removed. In other words, information about how you use the Site, or the result of such use, may be collected and combined with similar information from others, but no personal information will be included in the resulting aggregate data. Aggregate data helps us to better understand our user population such as what features of the Site are most popular to our visitors, trends, and user needs so that we can better consider new services, enhance our Site and tailor existing services to customer desires.

How we use your information

OpenSC uses this information in connection with operating the Service and other purposes outlined below, and to enforce our rights and resolve disputes. We may use your information for the following purposes:

Provide and improve our services

The information you provide allows us to provide and improve our website and associated services. For example, it enables us to authenticate you when you log into your account or send us an inquiry, and perform technical operations such as updating software and resolving technical issues you encounter. Where you use OpenSC services, we may combine information about you and your activities to provide an integrated experience.

Customer support and service

We use the information you provide to us via the Site contact form to respond to your queries and concerns.

Marketing and communications

In principle, we will only contact you when you have first contacted us. This may be to respond to your questions, to respond to recruitment inquiries, if you have signed up to receive promotional communications, newsletters, and other information that may be of specific interest to you, and in relation to a contract or project. In addition, we will send you technical notices, updates, and security alerts as required by law.

Please see “Your Choices and Rights” for more information on how to change your communications preferences.

Marketing and communications

To protect the safety, rights, property, or security of OpenSC and its Services. This includes to detect, prevent, or address fraud, security and technical issues, to prevent or stop activity that we consider to be or to pose a risk of being an illegal, unethical, or legally actionable activity, to use as evidence in litigation, and to enforce this Policy.

Legal compliance

To comply with applicable legal or regulatory obligations, including judicial proceeding, as part of an audit function, to respond to a subpoena, warrant, court order, or other legal processes, or as part of law enforcement or a governmental investigation/request whether formal or informal.

How we disclose your information

We may share information with third parties that help us operate, provide, and support our Services. OpenSC will not sell, rent, share, or otherwise disclose the personal information you provide or we collect through your use of the services to any unaffiliated organisation without your permission. Service providers: We may share the information you provide through our Site to our service providers and others who perform services and functions on our behalf. This includes functions such as website hosting, data storage, or other services of an administrative or technical nature, solely for the purpose of providing such services.

Third-party research and analytics: We only share non-personal information (aggregated information) with third-party analytics providers such as Google Analytics to monitor, analyse and understand usage and activity trends and for other research, analytical and statistical purposes.

Links to third-party sites: The Site includes links that direct you to other websites or services whose privacy practices may differ from ours. Please be aware that your activities and any information you submit on these third-party sites is governed by their privacy policies.

With your consent: We will only share information about you with third parties when you provide us with consent to do so. For example, we only display personal testimonials of satisfied customers with consent, and would therefore ask for your permission to post this on our website.

Where required or authorised by law: We may disclose your information to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; in response to a subpoena, warrant, court order or other legal processes or for tax purposes; or as part of an investigation or request, whether formal or informal, from law enforcement or a government official.

Statement to EU data subjects (Legal bases for processing)

If you are an individual in the European Economic Area (EEA), we will collect and use Personal Information where we have legal bases for doing so under the applicable EU laws. Personal information, as used in this Privacy Policy, is equivalent to “Personal Data” as defined in the European Union General Data Protection Regulation (GDPR) as of May 2018. We are required to inform you of the legal bases of our processing of your personal information, which are described as follows:

We require your personal information for the following purposes (“Processing purpose”):

PROCESSING PURPOSE
TYPE(S) OF PERSONAL DATA
LEGAL BASIS

To operate the Service including to optimise our Service and assist in the development, testing, and enhancement of the Service.

These processing activities constitute our legitimate interests to continually develop and optimise the website and all associated service offerings (the Service).

To communicate with you directly to provide and deliver customer support and respond to your inquiries.

This constitutes our contractual obligation to respond to all customer support inquiries.

For internal business and compliance purposes, including: security, analytics, and for our core operational activities.

This constitutes our legitimate interest to facilitate and enable us to fulfil our internal business purposes, and to protect our legal rights and interests.

To communicate with you through one of our partners for marketing, research, surveys, and promotional purposes.

Personal information from third-parties.

Consent required
Where our use of your Personal Information is based upon your consent, you have the right to change your mind and withdraw it at any time, though this will not affect any processing that has already taken place. You must notify us of your withdrawal of consent by contacting us at contact@opensc.org, however, in the case of withdrawal where we are using your information because we have a legitimate interest to do so, in some cases, this may result in no longer being able to use the Services.

Statement to California residents

California residents who provide us with their personal information are entitled to request and obtain from us, once per calendar year, certain information about how we have shared their personal information (if any) to third parties for their own direct marketing use, over the preceding 12 months. If you are a California resident and would like to make such a request, please submit your request in writing by emailing us at contact@opensc.org using the subject line “California Privacy Request”. In your request, please attest to the fact that you are a California resident and provide a current California address. We will reply to valid requests by sending a response to the email address from which you submitted your request.

International transfer

The OpenSC office is currently based in NSW, Australia. However, as we grow, we may expand our operations in multiple countries. Therefore, your personal information may be transferred to countries other than the country in which the information was originally collected, and where privacy laws may not be as protective as those in your jurisdiction. OpenSC will ensure any transfer of your personal information is compliant with the APP regulations. For transfers of personal information of EU data subjects out of the EEA to countries not deemed by the European Commission to provide an adequate level of Personal Information protection, the transfer will be based on a data transfer mechanism recognised by the European Commission as providing adequate protection for Personal Information. Please contact us at contact@opensc.org if you would like more information about our data transfer mechanism.

Cookies and similar technologies

This website uses cookies and other similar technologies to track information about your use of our Services. We or our service providers may combine this information with other information, including personal information, that we collect about you. The data processed by cookies and similar technologies are for the purposes outlined below to protect our legitimate interests.

Cookies

A cookie is a small piece of information that a website can store on a computer and later use to recognise a user. This site uses cookies to allow us to better understand how the Site is used and to enable us to enhance your ability to receive the information you want. A “session” cookie expires when the user closes the browser in which the company’s website was viewed. A “persistent” cookie may be used to help save your settings and customisations. Insofar as those cookies are not strictly necessary for the provision of our Services, we will ask you to consent to our use of cookies when you first visit our Site.

If you do not want your computer to be recognised the next time you visit, you may also decline to use cookies by changing the settings in your browser to “decline cookies”. The respective procedure can be found in the operating instructions of your browser. If you refuse the use of cookies, however, it may lead to restrictions in the use of some areas of our website.

IP addresses and log file data

We may automatically collect information about your use of our Site such as IP address, information about your browser, device or operating system or similar information. OpenSC servers log IP addresses for systems administration and troubleshooting. We track page hits in the aggregate to track the popularity of pages that people visit.

Third-party analytics and tracking mechanisms

We use third-party analytics companies, such as Google Analytics, to evaluate use of our Services and to optimise the user experience. These entities may use cookies and other tracking technologies, such as web beacons or local storage objects (LSOs), to perform their services.

Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC., for the purpose of designing and continuously optimising our Site. In this context, pseudonymised usage profiles are created and cookies are used. The information generated by the cookie about your use of this website includes:

- Browser type/version,
- Operating system,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address),
- Time of server request

In addition, our website uses third party cookies from Google Analytics for Display Advertisers, including the following features:
- Google Display Network Impression Reporting - which gives us insight into who has viewed our paid digital advertising on other websites. Such information will not identify you personally as it is statistical data about our visitors and their use of our Website. This will help us optimise and tailor our advertising.
- DoubleClick Platform integrations & Remarketing with Google Analytics – the integrations between our web analytics and paid advertising platforms give us insight that allows us to tailor our advertising to ensure the relevant offers are shown to you while you are using the internet outside our website.
- Google Analytics Demographics and Interest Reporting - gives us insight into statistical demographics about our visitors; relating to visitor age, gender and interests on an anonymous and aggregate level. This will help us provide a better experience whilst visiting our sites.

Cookies are used to analyse your use of our website and to serve ads outside of our website. The information we collect and share with third parties through cookies is aggregated and therefore anonymous (it does not include personal information which is likely to identify you). The information may be used to serve you ads in relation to our products when you visit third party websites. You can access information about Google's Privacy Policy here.

All information is transmitted and stored on Google servers in the US. For the US, there is a European Commission adequacy decision (EU/US Privacy Shield) under which Google is certified. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and tailor-made website design. This information may also be transferred to third- parties if required by law or if third- parties process this data in the order. Under no circumstances will your IP address be merged with any other data provided by Google. The IP addresses are anonymised so that an assignment is not possible (IP masking).

You can prevent the installation of cookies by setting the browser software accordingly; however, we point out that in this case not all features of this website may be fully exploited. In addition, you may prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on. Since tracking at Google Analytics is cross-device. You may need to declare your objection on all systems used so that no cross-device assignment of your use to the created user ID takes place. For information on how to disable tracking, please refer to this link - https://developers.google.com/analytics/devguides/collection/gajs/?hl=de#disable

For further information about privacy related to Google Analytics, see the Google Analytics Help Centre and/or visit https://www.google.com.au/analytics/terms/us.html

Storage and retention of personal information

Security

OpenSC has put into place security measures in an effort to protect Personal Information from loss, misuse, or alteration while it is under our control. We use technical, contractual, administrative, and physical measures in an effort to protect against unauthorised access. We limit access to your personal data to those who have a genuine business to need to know it. Those processing your information will do so only in an authorised manner. Please note, however, that security breaches can occur even if reasonable steps are taken to prevent such breaches and therefore we cannot guarantee the security of your data transmitted to the website. In the case of a suspected breach, OpenSC has procedures in place to deal with such issues and we will notify you of a suspected data breach where OpenSC is legally required to do so.

Storage and retention of personal data

The data that we collect from you and process is stored by OpenSC’s hosting service provider Amazon Web Services (AWS). Amazon.com, Inc. is certified under the EU-US Privacy Shield and AWS is covered under this certification. To learn more about the EU-US Privacy Shield in the context of AWS, please visit https://aws.amazon.com/compliance/eu-us-privacy-shield-faq/. For information regarding the safeguard of privacy rights for EU data subjects, please refer to the “Statement to EU Data Subjects”. We store Personal Information only as long as we are required to do so in order to provide our service and the processing purpose is not eliminated and there are no objections. Personal Information and log file data will be stored and retained for 3 months. After this deadline, the corresponding data will be routinely deleted or permanently de-identified, if it is no longer needed for the purpose for which it was obtained.

Your choices and rights

You have certain choices and rights regarding your personal information. Please note that some of the following rights may not be applicable to your situation:

- Right of access:
You have the right to gain access to information about the personal data that we process about you and have collected from you.
- Right to withdrawn consent: You have the right to withdraw consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, you shall be informed thereof. It shall be as easy to withdraw as to give consent.
- Right to rectification:
You can request us to correct and update information inaccurately stored by us
- Right to erasure:
You have the right to request the removal and permanent deletion of your personal information
- Right to restrict access:
Under applicable privacy legislation you have the right to restrict our processing activities regarding certain personal data. If you choose to do so, please be aware that this may affect the services provided.
- Opt-out:
If you ask to hear from us or request information from us, we may send periodic informational emails to you. You may opt-out of such communications by following the opt-out instructions contained in the email. If you opt out of receiving emails about recommendations or other information we think may interest you, we may still send you emails about any Services you have requested or received from us.

If you have any further privacy concerns or if you wish to exercise your rights regarding your personal information, please contact our customer support team:By email at contact@opensc.org

Please note that we may also retain certain information about you as required by law or as permitted by law for legitimate business purposes.

Children's privacy

You must be 18 years of age or older in order to use the Service. OpenSC is concerned about the safety and privacy of children online. Our Services are not targeted to children under eighteen (18) years of age and we do not knowingly collect Personal Information from children under 18. If we discover that a child under 18 has provided us with Personal Information, we will promptly delete such Personal Information from our systems.

Changes to this policy

This Privacy Policy is currently valid as of 10 July 2023. As a result of further developments of our website and services, as well as any changed legal or official requirements, it may be necessary to change this Policy, so please check back periodically. You can determine whether this Policy has been modified since your last visit by checking the “Last Updated” legend at the top of the Policy. We will post any changes to this Policy on our Site, and will take steps to notify you of material changes, such as via email or prominent notice on the Services.

Contact us

If you have questions about this Policy or the privacy aspects of our Services, please submit our contact form.