Privacy Policy
- About this Privacy Policy
- This Privacy Policy describes how MuzikBoxx Pty Ltd manages personal information about Users of its online platform. All Teachers and Students are referred to in this Privacy Policy as Users and references to MuzikBoxx, we, us and/or our are to MuzikBoxx Pty Ltd.
- We are committed to complying with our privacy obligations in accordance with all applicable data protection laws, including the Australian Privacy Principles contained in Schedule 1 to the Privacy Act 1988 (Cth).
- Capitalised words in this Privacy Policy is defined in the clauses therein or are otherwise defined in our Terms of Use available here (Terms of Use).
- If we decide to change this Privacy Policy, we will post the updated version on this webpage. Our policy is to be completely transparent about our privacy practices.
- Our Platform
- We own and operate our Platform (which includes this website and any of our associated smartphone and tablet applications) and any updates, modifications and versions thereof). We enter into an agreement with our Users through which they subscribe to our Platform (please see our Terms of Use for more information).
- The functionality provided by our Platform to a User depends on the MuzikBoxx Account that the User holds.
- Compliance with privacy law
- Our Users are required to comply with all applicable privacy laws.
- We rely on our Users to obtain all relevant privacy consents and authorisations required by law, in order for the personal information that is entered into our Platform to be collected, disclosed and otherwise processed by us.
- As it is not practicable or reasonable for us to assess the age or capacity of individuals on a case by case basis due to the nature of our Platform, any person under the age of 15 without a legal guardian is assumed to not have the capacity to consent and must not provide personal information to us. For the avoidance of doubt, any person under the age of 15 is not permitted to register as a User of our Platform, submit content and/or use our Platform, unless the person is supervised by a guardian (as defined in our Terms of Use), at all times, while using our Platform. We assume that persons over the age of 15 have the capacity to consent, unless we are notified to the contrary.
- We reserve the right to suspend and/or terminate any account on our Platform for unsupervised persons who are under the age of 15, and to remove and delete any and all copies of personal information collected from such Users, at any time without notice, at our discretion.
- We also rely on Users to ensure that all of their personal information held by us is accurate, up to date, complete, relevant and not misleading.
- We encourage Students to ensure that they are familiar with the privacy policies of each Teacher so that they understand how the relevant Teacher will collect, use and otherwise process personal information about them.
- The types of personal information we collect and hold about Users
- Our Platform can be used to collect and hold the following types of personal information:
- Content entered into our Platform about Users: All information, including personal information, that is entered into our Platform is stored in systems managed by our Users and/or by us on their behalf. The types of personal information collected may include names, resident state or territory, occupation, skills and qualifications, education and academic transcripts, tutoring feedback, job titles, availability, specialisations and expertise, tutoring methods and pricing, bookings, tutoring services offered, national police checks and criminal history records, working with children checks, Australian Business Numbers (ABNs), contact details, account login details, email addresses, as well as any other personal information entered into our Platform by, about or on behalf of a User.
- Financial information about Users who use our Platform: We collect payment details of our Teachers and Students such as names, contact information and billing information, including credit card details. Credit card details are not held by us, but are held by payment gateway providers that we use. We currently use the Westpac Payway payment gateway and Stripe. Other than the last 4 digits of a credit card, all such credit card information is not accessible by us.
- Information required for the support, maintenance and security of our Platform: In order to support and maintain our Platform for a User, we collect and process User information including IP addresses, email addresses, User access logs, Usernames, passwords, information included by Users in technical support tickets and error messages.
- Our Platform can be used to collect and hold the following types of personal information:
- How we collect personal information
- Our policy is to not collect personal information by means that are unfair or unreasonably intrusive in the circumstances.
- We collect information about prospective Users from public and private databases and when they otherwise voluntarily disclose it to us, in order to market and sell our services and promote their use of our Platform.
- We collect personal information from applicants for registration on our Platform in one or more of the following ways:
- when Users enter their personal information into our Platform;
- when it is voluntarily disclosed to us (such as via telephone, e-mail and online forms).
- How we use User personal information
- Information about how we use User personal information is set out in the following table:
Category | How we use and process that personal information | Our reason for collecting the personal information |
Personal information about prospective Users | · To inform, market and promote our Platform to prospective Users and answer any prospective User query in relation to our Platform. | · Necessary for our legitimate interests (in order to operate and grow our businesses). |
Personal information about Users of our Platform | · To setup, configure, host or procure the hosting, of an account on our Platform for a User and to store User personal information in databases and systems in our hosting environments at third party data centres.
· To conduct User research and communicate with Users about their current and prospective use of our Platform and to discuss and implement Users’ software development requirements. · To provide Users with technical support services and to resolve any requests for us to supply personal information held on our Platform. · To send out billing information and tax invoices to Users and process payments. · To discuss our security requirements. · To provide Users with information about promotional offers and new functionality, features, products and solutions that we make available on our Platform. · In order to identify Users when contacted with technical support questions. · To provide functionality of our Platform to Users who have engaged us to do so and administer our contractual relationships with Users (and to enforce our contractual rights and their contractual obligations). · Backing up and restoring data that includes User personal information. · To carry out security audits, investigate security incidents and implement security processes and procedures that require access to User personal information. |
· Necessary for our legitimate interests (in order to operate, administer and grow our businesses including to operate our Platform, IT systems and networks, manage our hosting environments and ensure the successful delivery of our services).
· Performance and enforcement of contracts with our Users. · Compliance with our legal obligations. · Performance of our contracts with our Users. · Necessary for our legitimate interests (in order to administer and our businesses including to allow our Users to operate our Platform, and to enable us to operate our IT systems and networks, manage our hosting environments and ensure the successful delivery of our services). · To comply with our legal and statutory obligations. |
- Analytics data
- We also collect information about platform Users known as analytics data such as User location, information about devices accessing our Platform, the amount of time a User spends on our Platform and in which parts of it, and the path navigated through it. However, all such information is de-identified data and not collected in a form that could reasonably be expected to identify an individual. In any event, we only use analytics data for the following purposes:
- to help us review, enhance and improve our Platform (for statistical or research purposes); and
- to develop case studies and marketing material without identifying any Users.
- We use Google Analytics in our Platform. To understand how Google uses data click here.
- We also collect information about platform Users known as analytics data such as User location, information about devices accessing our Platform, the amount of time a User spends on our Platform and in which parts of it, and the path navigated through it. However, all such information is de-identified data and not collected in a form that could reasonably be expected to identify an individual. In any event, we only use analytics data for the following purposes:
- How we hold and secure personal information
- We hold and store personal information that we collect in our offices, computer systems, and third party owned and operated hosting facilities. In particular:
- we collocate systems in hosting facilities operated by reputable hosting providers;
- personal information that is provided to us via email is held on our servers or those of our cloud-based email providers;
- we use third party owned cloud-based User relationship management and marketing platform providers to hold personal information about current and prospective Users;
- personal information is held on computers and other electronic devices in our offices and at the premises of our personnel;
- we hold personal information that is provided to us in hard copy in files on our business premises.
- We take reasonable steps to protect personal information that we hold using such security safeguards as are reasonable in the circumstances to take against loss, unauthorised access, modification and disclosure and other misuse and to implement technical and organisational measures to ensure a level of protection appropriate to the risk of accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal information transmitted, stored or otherwise processed by us.
- For example, we:
- only use reputable hosting providers to host User personal information;
- implement passwords and access control procedures into our computer systems;
- maintain physical security measures in our buildings and offices such as door and window locks and visitor access management, cabinet locks, surveillance systems and alarms to ensure the security of information systems (electronic or otherwise); and
- have data backup, archiving and disaster recovery processes in place.
- We hold and store personal information that we collect in our offices, computer systems, and third party owned and operated hosting facilities. In particular:
- Disclosure of personal information
- We only disclose User personal information that we collect to third parties as follows:
- where required under a contract with a User, we will transmit User personal information to third parties on behalf of the User;
- in order to host databases that are integrated into our Platform, we engage reputable hosting providers who host those databases on our behalf;
- when performing contracts we may outsource certain obligations to third party contractors in accordance with our contractual rights (such as hosting, software development and other professional services). Professional services carried out by them may require access to User personal information. We ensure that all MuzikBoxx employees, contractors and their employees have entered into agreements which require them to comply with privacy and confidentiality obligations that apply to personal information that we provide to them;
- when providing information to our legal, accounting or financial advisors/representatives or insurers, or to our debt collectors for debt collection purposes or when we need to obtain their advice, or where we require their representation in relation to a legal dispute;
- where a person provides written consent to the disclosure of their personal information;
- where it is brought to our attention that specific personal information needs to be disclosed to protect the safety or vital interests of any person;
- to avoid prejudice to the maintenance of the law by any public sector agency, including the prevention, detection, investigation, prosecution, and punishment of offences;
- for the enforcement of a law imposing a pecuniary penalty;
- for the protection of public revenue;
- for the conduct of proceedings before any court or tribunal (being proceedings that have been commenced or are reasonably in contemplation); or
- where required by law.
- We only disclose User personal information that we collect to third parties as follows:
- Third party websites
- Our platform may include links to third party websites. Our linking to those websites does not mean that we endorse or recommend them. We do not warrant or represent that any third party website operator complies with applicable data protection laws. Users should consider the privacy policies of any relevant third-party website prior to sending personal information to them.
- Interacting with us without disclosing personal information
- If a person does not provide us with their personal information, they can only have limited interaction with us. For example, a person can browse our public facing website pages without providing us with personal information, such as the pages that generally describe the services that we make available. However, when a person submits a form on our websites or a person registers a User account on our Platform, we need to collect personal information for identification purposes, so that we can provide our services, and for the other purposes described in this Privacy Policy.
- Any person has the option of not identifying themselves or using a pseudonym when contacting us to enquire about our services.
- For security purposes, only Users who identify themselves accurately and truthfully when opening any account on any of our Platform, may login to and access the functionality provided by our Platform.
- Offshore disclosure
- We may disclose personal information to our offshore service providers and personnel who assist us with providing our services and to assist us with the operation of our businesses generally. We will take reasonable steps to ensure that such overseas recipients do not breach the Australian Privacy Principles in relation to personal information.
- At present, we only disclose personal information offshore when we upload it to our hosting providers and third-party cloud-based platforms located at [insert].
- Except as set out in clause 2, all personal information that we collect is held in Australia.
- How to access and correct personal information held by us
- Users who have accounts on our Platform can amend personal information contained in their platform accounts, or delete their accounts, at any time, by logging into their accounts. Once an account is deleted, we may still be required to retain the data in accordance with our contract with the User or by law.
- We will handle all requests for access to personal information in accordance with our statutory obligations. We may require payment of a reasonable fee by any person who requires access to their personal information that we hold, except where such a fee would be contrary to applicable law.
- Our contact details
- Any person who wishes to contact us for any reason regarding our privacy practices or the personal information that we hold about them, or make a privacy complaint, may contact us using the following details:
Privacy Representative
admin@muzikboxx.com
PO Box 266
ENFIELD NSW 2136
- We will use our best endeavours to resolve any privacy complaint with the complainant within a reasonable time frame given the circumstances. This may include working with the complainant on a collaborative basis or otherwise resolving the complaint.
- If the complainant is not satisfied with the outcome of a complaint or they wish to make a complaint about a breach of the Australian Privacy Principles, they may refer the complaint to the Office of the Australian Information Commissioner who can be contacted using the following details:
Telephone: 1300 363 992
Email: enquiries@oaic.gov.au
Address: GPO Box 5218, Sydney NSW 2001