Abstract gradient layer 1
Skip to Content Skip to Navigation

Introduction

This Privacy Policy will help you understand what information we collect from you and process from your use of this website, how we intend to use it, and what choices and controls you have with respect to your personal data.

When we refer to “Company” within this Privacy Policy, we are referring to SpaceDraft of 183 Stirling Hwy, Nedlands, Australia, the business which managed and provides this website, and any services or features which are available to you to use from this website.

Data Protection Framework

We have also aligned this Privacy Policy with the EU General Data Protection Regulation (GDPR) which came into effect on 25th May 2018.

1. Customer and Citizen Data

You may decide to send us your personal information via the SpaceDraft website if you are seeking more information from us, requesting to use our facilities, attend one of our events, or for other similar purposes. Your decision to disclose your personal data to us is entirely voluntary, and by doing so, you are confirming that you provide us with your specific consent to use your personal data only for the limited and specific purposes for which you have disclosed it to us.

SpaceDraft may access and use your personal data only for the purposes for which you have submitted it to us to (a) provide information to you, (b) make contact with you, (c) provide services to you, or (d) maintain the operations and security of the website and related services which we provide to you. We will not use your personal information for any other purposes unless we have sought and obtained your specific consent to do so.

We will always handle and store your personal data in accordance with industry best practice aligned with ISO27001, the international standard for information security. This includes the activities and procedures undertaken by our SpaceDraft personnel and authorised third parties (see Section 6), and the technical controls which we have implemented to prevent unauthorised access, compromise or theft of information from our records, applications, supporting computer systems and premises.

2. Sensitive Personal Data

GDPR specifies a set of personal data categories which are considered to be “sensitive”, and which require special consideration by Data Controllers. This website, and any services which are available from this website, do not knowingly collect or process any sensitive personal data, and supporting Data Protection Impact Assessments are available upon request from our Data Protection Manager (see Section 10).

3. Children’s Personal Data

This website, and any services available from this website, are not directed to children under the age of 13, except with the Education Account (see below). If you learn that a child under the age of 13 has provided us with their personal information without having parental consent, please contact our Data Protection Manager (see Section 10) immediately so that we can take appropriate action.

SpaceDraft Education Account

Children under the age of 13 may use “SpaceDraft Education Account” under the supervision of their teacher. We will only collect student data where such collection is authorised by participating educational institutions who have obtained parental consent. We will share student data with our third party service providers solely to the extent necessary for them to perform a business or technology support function for us. This may include data processing, account management or the provision of usage analytics.

Upon termination of a school’s SpaceDraft Education Account, we will delete all student user accounts associated with that school.

Educational institutions will have direct control of student data at all times. If a school wishes to inspect, review, amend or delete data we have collected from a student, they may submit an authorised request to the contact details provided in section 10 below. Such a request must come from the email address that owns the SpaceDraft Education Account. To protect children’s privacy and security, we will take reasonable steps to help verify the school’s identity before granting access to any personal information.

4. Customer and Citizen Data Rights

As prescribed within the EU General Data Protection Regulation, you have several rights connected to the provision of your personal data to us using this website. These include your rights to request that we:

  • Confirm to you what personal data we may hold about you, if any, and for what purposes
  • Change or withdraw any consent which you have provided in relation to your personal data (if that is the legal basis for us holding it)
  • Correct any inaccurate or incomplete personal data we may be holding about you
  • Provide you with a complete copy of your personal data for you to move elsewhere, under specific circumstances
  • Stop our processing of your personal data, whilst a received data processing objection from you is being resolved
  • Permanently erase all your personal data promptly, and confirms to you that it has done so (unless there is a valid reason why we are unable to do this)

To contact SpaceDraft to exercise your rights, please see Section 10 below.

If we do not address your data subject request, or we fail to provide you with a valid reason why it is unable to do so, you have the right to contact the Office of the Australian Information Commissioner to make a complaint.

They can be contacted via https://www.oaic.gov.au/privacy/privacy-complaints/.

6. Declaration of Sub-Processing

For you to make an informed decision on whether to provide your personal data to SpaceDraft using this website, we need to make you aware of the details of organisations that act as data processors to SpaceDraft and which we use for specific activities related to the operation of our organisation and the provision of its services:

  • Amazon Web Services for data hosting (Sydney, Australia region).

The specific activities within which each of these organisations participate have been recorded within the applicable SpaceDraft Data Protection Impact Assessments and these are available upon request from our Data Protection Manager (see Section 10).

7. Website Cookies

This website uses cookies to record log data. We use both session-based and persistent cookies, dependent upon how you use or interact with this website. By using our website, you agree to our declared use of cookies below.

Cookies are small text files sent by us to your computer, or from your computer or mobile device to us each time you visit our website. They are unique to you or your web browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them, or until they expire.

We use cookies which are not specific to your account but are unique and allow us to undertake website analytics and customisation, among other similar things. If you decide to disable some or all cookies, you may not be able to use some of the functions on our website. We may use third-party cookies, for example Google Analytics, and you may choose to opt-out of third-party cookies from the providers’ respective websites.

8. External Links

This website may include relevant hyperlinks to external websites not controlled by SpaceDraft. Whilst all reasonable care has been exercised in selecting and providing such links, you are advised to exercise caution before clicking on them. We cannot guarantee the continued suitability of external links to content we do not control, nor do we continually verify the safety or security of the destination website. Please be advised that your use of external links is at your own risk and we cannot be responsible for any damages or consequences caused by your use of them.

9. Changes to this Privacy Policy

We may change this SpaceDraft website Privacy Policy from time to time, and if we do, we will post any changes on this page. If you continue to access this website or use services available from this website after those changes have come into effect, you will have agreed to the revised policy. You are advised to review this Privacy Policy on a regular basis.

10. Contacting SpaceDraft

If you have any questions about this SpaceDraft website Privacy Policy, would like to exercise any of your data subject statutory rights, or to make a complaint, please write to:

The Data Protection Manager
SpaceDraft
183 Stirling Hwy, Nedlands, Australia, 6009
privacy@spacedraft.com

 

This Privacy Policy is version number 1.1, published on 12 March 2021.