Privacy Policy and GDPR Statement

Verto Group Pty Ltd

Updated 13 September 2023

Verto Group Pty Ltd is a software development company that focuses on providing wholistic platform solutions to its clients including V interact, BeBooked and Redde. In performing these services, we may collect, use and store personal information from our clients and their end users. Including names and email addresses, financial information for the purposes of making donations, buying subscription-based content, or any other service that our clients offer.

Verto Group understands that your privacy is important to you and is committed to complying with the, Privacy Act 1988 (Cth) the Australian Privacy Principles and the EU General Data Protection Regulations (GDPR) as applicable in relation to all Personal Information that we collect. This policy describes our Privacy and Information handling practices.

This Privacy Policy:

  • Sets out how Verto Group stores, uses and discloses personal information
  • Relates to personal information collected by any means and by any technology
  • Outlines how Verto Group makes the personal information it holds available for access to and correction by an individual

If you have any questions about this policy, please direct them to the Verto Group Privacy Officer at support@vertogroup.com.au

The types of personal information that we may collect and hold

In the normal course of business activities, we will collect Personal Information from you.

The following are the types of your Personal Information that we may collect and hold:

  • personal details such as name, postal and email addresses, date of birth, contact details, or any other type of information that can reasonably identify an individual, either directly or indirectly;
  • If you visit, subscribe to or use one of our websites vinteract.com.au, www.churchcentral.com.au, www.redde.com.au, and www.vertogroup.com.au or register your interest, we will collect Personal Information such as your name, postal and email address, date of birth, contact details such as your address and phone number. We may also collect your details such as your name if you contact us through one of our social media pages, face-to-face, over the phone or email. If you register as a user on one of our customer’s websites, we may also have access to this information and will only use it for the purpose of providing our services to our customers (and you as the end user).
  • If you use BeBooked as a software user, we will collect Personal Information such as your name, email address, date of birth, contact details such as your address and phone number. We will only use it for the purpose of providing our services to our customers (and you as the end user).
  • Where Verto Group has a license to use your data under an agreement with one of our clients, we will use that data to facilitate the services in accordance with this privacy policy. You acknowledge and provide your consent that your data may be shares with third parties to assist in the provision of these services to you.
  • If you order any products from us, we will also collect payment details, financial information for the purposes of processing your order. The financial information is only used to process the order for which the information was provided for (which may include recurring payments).

Although it is not our usual business practice, we may, on occasion, collect information from you that is considered to be Sensitive Information. Where this information is collected, it will only be used for the sole and specific purpose for which it was collected. Verto Group will not use Sensitive Information collected from you for any other purpose except with your express written consent.

How we collect Personal Information

We will only collect Personal Information by lawful and fair means.  Personal Information may be collected directly from you or your authorised representative, or may be collected from a third party such as a licensee or representative authorised by us to provide services to you that may include a third party application our customer and you (as an end user) have authorised to connect with our service.  You may supply your Personal Information to us when communicating with us in person, email, phone, through our software, via social networks and other online channels. By providing us with personal information, you consent to the supply of that information subject to the terms of this Privacy Policy.

The purposes for which the information is collected and held

We collect, hold and use your Personal Information so that we can provide our services to you and provide you with information about any additional products, services and opportunities available to you.

By using our services and providing your personal information to us, you understand that we may use it to:

  • provide you with products and services during the usual course of our business activities;
  • send information to or from third party applications our customers and you (as the end user) have authorised to connect with the service we provide (for example Microsoft Outlook);
  • administer our business activities;
  • manage, research and develop our products and services;
  • provide you with information (including marketing) about our products and services;
  • process payments or enable payment processing on behalf of our clients;
  • communicate with you by a variety of measures including, but not limited to, by telephone, email, sms or mail; and
  • investigate any complaints.

If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases.

The way in which we use and disclose Personal Information

We will use or disclose your Personal Information only for the purposes for which it was collected. We will use or disclose your information for a secondary purpose only if you have consented or if you would reasonably expect us to do so or as required by law.

We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this privacy policy.

We may use your Personal Information for the purposes of our own direct marketing, however we will ensure you have an ability to opt out of future such communications.

We may disclose your personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, legal proceedings or in response to a law enforcement agency request.

If we do disclose your personal information to a third party (for example Microsoft), we will protect it in accordance with this privacy policy. You can also refer to Microsoft’s privacy policy by visiting their website. Where your personal information is being used by one of our clients (for example, in order for them to deliver services to you), please refer to that company’s privacy policy as required.

If we experience a Data Breach

If Verto Group experiences a cybersecurity attack or a data breach, it will:

a) immediately initiate its Data Breach Response Plan;

b) take steps to protect your personal information from further disclosure;

c) notify you of the breach as soon as practicable; and

d) notify the Office of the Australian Information Commissioner where required by law.

General Data Protection Regulation (GDPR) for the European Union (EU)

We will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.  We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.

We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it.

We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose. We will keep your data safe and secure.

We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation.

We do not collect or process any personal information from you that is considered “Sensitive Personal Information” under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or if it is being collected subject to and in accordance with the GDPR.

You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.

Your rights under the GDPR

If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. We will comply with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU.

Except as otherwise provided in the GDPR, you have the following rights:

  • to be informed how your personal information is being used;
  • access your personal information (we will provide you with a free copy of it);
  • to correct your personal information if it is inaccurate or incomplete;
  • to delete your personal information (also known as “the right to be forgotten”);
  • to restrict processing of your personal information;
  • to retain and reuse your personal information for your own purposes;
  • to object to your personal information being used; and
  • to object against automated decision making and profiling.

Please contact us at any time to exercise your rights under the GDPR at the contact details in this Privacy Policy.

We may ask you to verify your identity before acting on any of your requests.

 

Hosting and International Data Transfers

Information that we collect may from time to time be stored, processed in or transferred between parties or sites located in countries outside of Australia. This may include, but is not limited to United States of America.

The hosting facilities for our website and services are stored in Australia including all personal data that is collected within V interact, BeBooked and Redde. Where your data is used by third party service providers, you will need to refer to their respective privacy policies for storage disclosures in this regard.

You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

The steps we take to protect and keep secure the Personal Information we hold

We take reasonable steps to protect the Personal Information we hold against interference, loss, unauthorised access, use, modification or disclosure, and other misuse.

The steps we take include:

  • maintenance of computer technology, people and process-based security measures for example firewalls, network security configurations, encryption, two factor authentication, use of passwords and other appropriate measures where information is held in electronic form;
  • regular updates to security systems and configurations to protect our systems from malicious activity;
  • restriction of access to data to only those staff that need access to carry out our business activities;
  • training and ensuring that all our employees are required, as a condition of employment, to treat Personal Information held by us as confidential.

However, you should be aware that if you submit information to us electronically the internet is not a secure environment. We take reasonable steps to provide a secure channel for receiving information but cannot absolutely protect Personal Information before it reaches us.

Where you delete your personal information (or request for it to be deleted), or if we determine that it is no longer required for our business purposes, we will destroy, delete it in a secure manner, or ensure that the information is de-identified in accordance with our information destruction and de-identification policy, unless we are required by law to retain a copy of the Personal Information or the information is contained in a Commonwealth record.

Access and correction of Personal Information held by us

You have the right to seek access to any of your Personal Information held by us unless there is a valid reason under the Privacy Act for us to withhold the information.

If your personal details change, or you believe the information we hold about you is incorrect, incomplete or out-of-date, you can update it at any time through our software or alternatively please contact us so that we can correct our records.

Requests for access or correction to Personal Information should be made under the Privacy Act and addressed to Verto Group’s Privacy Officer. All requests for access or correction to Personal Information will be responded to in writing within a reasonable period of time. As part of this process we will verify the identity of the individual requesting the information prior to providing access or making any changes. If access or correction to your Personal Information is refused we will provide reasons for our refusal.

Integration with Microsoft (third party)

Our BeBooked service contains an optional integration with Microsoft that is controlled by our customers and you (as the end user). We strongly advise you review their Privacy Policy as we have no control and assume no responsibility for their content, data storage, data handling and security. https://privacy.microsoft.com/en-gb/privacystatement

Use of Cookies

We use ‘Cookies’ across our sites and services that contain certain unidentifiable information in order to provide our services. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our products and services.

Google Analytics

We use Google Analytics to measure and analyse its internet usage to ensure the site meets business objectives with advertisers and users. Individual privacy is protected but we gain insights on how to make the site more useful for advertisers as well as our users.

Data collected from this analysis include:

  • the number of page views (or page impressions) that occur on our sites;
  • the number of unique visitors;
  • how long these unique visitors (on average) spend on our sites;
  • common entry and exit points to our sites;
  • files downloaded from the site; and
  • forms filled in on the site.

Updates to this Policy

We reserve the right to amend this Policy from time to time.  Any revisions to the Policy will be posted on this website

Contact us

If you have any questions about our policy or any complaint regarding the treatment of your privacy by us, please contact us at the respective addresses below.

The Privacy Officer

Verto Group Pty Ltd

GPO Box 99

Kent Town SA 5067

Phone: +61 8 8121 7998

Email: please complete the online enquiry form on the homepage