Loop Software Pty Ltd (ACN 159 198 366) is committed to ensuring all users’ personal and sensitive information is protected. In this policy, “us”, “we” or “our” means Loop Software Pty Ltd (ACN 159 198 366) and its related bodies corporate. This Privacy Policy sets out how we use, disclose and protect any personal information that you provide or that we collect, when you use the Daymap software services and applications, or that we collect directly from you.

Daymap is a software service and application used by schools (“the School”) to send and request information to and from various stakeholders (i.e. students, parents, teachers and staff) (hereinafter referred to as “End Users”).

Through our Daymap Services and Apps we may receive and hold personal information about End Users who register with the Schools’ services and app and also the School’s contact details to perform business management functions. The School may also use certain services under the Daymap Services and Apps, which include hosted and non-hosted solutions (the “Services”) to collect or receive information from its End Users. This Privacy Policy does not apply to the collection, use or disclosure of personal information about End Users by the Schools – we have no control over the School’s own privacy practices.

Privacy and confidentiality of personal information disclosed or stored through the Services are of utmost importance to us and we therefore require that the School require that users of the Services adhere to the terms and conditions of use of the Services, and we shall adhere to the privacy policy set forth below. We endeavour to preserve your privacy and confirm that we will not disclose, share, sell or rent personal information other than as described in this Privacy Policy.

By accessing and using the Services (whether as the School or their End Users), you consent to the collection, use and disclosure of your personal information as outlined in this Privacy Policy.

 

OVERVIEW

We are committed to complying with our privacy obligations and to ensure that the Services create a safe environment for students, parents, teachers, staff and any other users of our Services. On this basis, the following summarises our promises to you:

  • We do not share your personal information (as defined below) without your consent under any circumstances.
  • We do not sell or rent your personal information under any circumstances.
  • We do not, and do not ever intend to, disclose personal information outside of Australia.
  • We are transparent in our practices.

 

WHAT IS PERSONAL INFORMATION

When used in this policy, the term “personal information” means, in general terms, any information or opinion about you, that is reasonably identifiable to you. This may include (but is not limited to) your name, age, gender, postcode and contact details (including phone numbers and email addresses). If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

 

DO WE COLLECT PERSONAL INFORMATION?

Do we collect personal information of students or staff who use the Services?

We do not collect personal information from students or staff when they are using the Services. Such personal information is collected by the School with whom the student or staff registers and is processed by our Services on behalf of the School. We process information provided through and from a School for their sole use and we have no direct control over the personal information collected by the School. Where the Services are being hosted by us, we will hold the personal information in accordance with the terms of this Privacy Policy. Where the Services are not hosted by us the personal information that the Services process will not be stored by us. Instead such personal information will be hosted and stored on servers that we have no control over.

Please note that as part of the terms and conditions of use as an End User, you have consented to third parties (i.e. the School) placing and/or disclosing personal or sensitive information about you on the Services, which shall be held by us where we host the Services. You therefore consent to us collecting, holding, storing and using this information as is reasonably necessary to provide our Services to the School.

As we do not control the collection of the personal information of students or staff who use the Services and we have no direct control of such personal information you should carefully review the privacy policy of the School with whom you are registered. Ultimately, the School is in control of the personal information and we act only to process that personal information in accordance with their instructions.

Do we collect personal information of school administrators?

We may collect personal information either directly from you, or from third parties, including where:

  • you register or sign up to the Services (this includes when you enquire about a potential purchase in the Services);
  • you or a third party use the Services to enter in user content;
  • you use the Services generally (such as by entering text or images);
  • you subscribe to any of our newsletters;
  • you contact us through our Services;
  • you submit any of our online sign up forms;
  • you provide written requests;
  • through the provision of identity documents;
  • you communicate with us via email, telephone, SMS, social applications (such as LinkedIn, Facebook or Twitter) or otherwise;
  • you interact with our Services, social applications, services, content and advertising.

Third party collection

Where we collect your personal information from a third party, we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party. We may also collect your personal information from third parties including your other service providers and publicly available sources.

Cookies

We may also collect personal information from you when you use or access our Services. This may be done through use of web analytics tools, ‘cookies’ or other similar tracking technologies that allow us to track and analyse your Services usage. Cookies are small files that store information on your computer, mobile phone or other device and enable and allow the creator of the cookie to identify when you visit different websites. If you do not wish information to be stored as a cookie, you can disable cookies in your web browser.

 

WHAT PERSONAL AND/OR SENSITIVE INFORMATION DO WE HOLD?

In relation to Services that we host, we may process and hold the following personal information:

  • Account Information: when an account is created for you we hold your name (and names of your children or children under your care), phone number, mailing or street address, email address and other contact information.

School administrators will create accounts for teachers and students. Where this is done, with the consent of such teachers and students, we may also hold details provided to us in respect of such users from the Schools. As the Services are provided by us, we will hold all such collected information on behalf of the School. This includes their email address, student names, telephone number, mail or street address, email address, pre-existing student identification numbers used by the school and any other information entered by a teacher or student through their account use.

  • Your activity: this includes information about your activity while using our Services. This includes when you use the Services to view and interact with content, when you create lists, and any other activity or actions that you take.
  • Content you post and share: when you create or share content, or upload content such as images and text on the Services we will also hold this personal information on behalf of the School. Certain functionality of the Services requires your personal information to function properly, for example in order for us to display the names of students to teachers we need to be able to hold this personal information.
  • Content other people post and share: when other people create or share content that contains information about you we will also hold this information. This includes for example when a teacher shares information about a student.
  • Participant information: when you use the Services to create a classroom or school environment, we hold the details of each person added to facilitate the service request.
  • Financial information: this includes information such as payment card details and bank account details. We use this information to send to our third party payment gateways.
  • Contact information: when you use our Services, for example when you contact the School within the Services we hold information that enables the Services to be able to run.
  • Other information: we hold other information related to your use of the Services this includes: your device identity and type, I.P. address, geo-location information, page view statistics, advertising data and standard web log information and any other information provided by you to us via our Services. This information is log data that is provided to us from your use of the Services which we may use for the purposes of sending you customised information and as set out below.

 

HOW WE STORE PERSONAL INFORMATION

In relation to Services that we host, Daymap is hosted in Microsoft Azure Australian Data Centre, a cloud computing platform with a collection of integrated services including database, storage and web. Daymap is stored and replicated in primary and secondary Azure regions in Australia.
We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

 

INFORMATION COLLECTED BY THE SCHOOL

We treat all information collected from users, by the School, as private to the School. All such information is stored by us securely. How the School chooses to use this information is the responsibility of the School, and End Users should address privacy requirements with the School for a greater understanding of how the School uses the collected information.

 

HOSTED AND NON-HOSTED SERVICES

As above noted we will process personal information on behalf of the School which will be stored in databases created using our hosted Services. If you use our hosted Services then your personal information will be hosted by us.

Where you use our non-hosted Services, then your personal information will be hosted by a third party. Where we are not involved with your personal information, such as where you use the Services in a non-hosted environment, you should address any requests to the School as we will have no access to your personal information.

If you are unsure whether the Services you are using are in a hosted or non-hosted environment please get in touch with us.

 

USE OF YOUR PERSONAL INFORMATION

The primary purpose for which we hold, use and disclose information about you is to enable us to perform our business activities and functions and to provide best possible Service to the School.

We hold, use and disclose your personal information for the following purposes:

  • to provide the Services, which includes allowing the School to:
    • communicate with you including by email, mail or telephone;
    • verify your identity;
  • to manage and enhance our Services;
  • as required or permitted by any law (including the Privacy Act).

Your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy.

 

DISCLOSURE OF YOUR PERSONAL INFORMATION

We may disclose your personal information to:

  • our employees, related bodies corporate, contractors or external service providers for the provision of the Services including without limitation IT systems administrators and electronic network administrators, professional advisers and consultants; and
  • any relevant authority or enforcement body where we reasonably believe that disclosure is necessary.

We may also disclose your personal information to third parties to whom you expressly ask us to send or consent to such sending of personal information to or to third parties where permitted under the Privacy Act. This also includes:

  • Schools;
  • Users to whom you communicate and connect with on the Services;
  • Users to whom you have given your consent to through your use of the Services:
    • in the case of students when you share content this will become viewable by your teacher and the school to which you belong to;
    • in the case of parents with parental accounts you will be able to view your student’s information;
    • in the case of teachers, your school administrator will be able to view your content; and
  • your authorised representatives.

Any information that you post or share or otherwise disclose to the Services, becomes available to the teachers or administration of the school as noted above. For example when a school administrator adds students and other information, that information will be shared to teachers. Other users of the Services may also be able to view limited personal information about you in a group or other setting (for example where it is shared).

We may also disclose your personal information to third parties through the use of the Services where you have consented to such use.

Daymap can be integrated with a range of providers and the School can select their own provider for services like SMS and payment gateways. When the School requests integration to be activated, Daymap will programmatically allow the School to disclose personal information to those third-party services. Any information sent to those services will thereafter be managed by those services. We have no control over what they do with it, it is the School’s responsibility to review what services it utilises and mandates to us to integrate with Daymap and to inform their End-Users about this relationship and use. We are not responsible for the information practices of such third party providers.

Please note that if the School requests that Daymap is integrated with other service providers (such as payment gateways or bulk-SMS suppliers, the School has requested that we allow the Daymap program to disclose any personal information collected and owned by the School to third party providers. We do not have control over the disclosure, use or handling of any personal information transferred on behalf of Schools to third parties. End Users should discuss this with the School and seek the third party providers’ privacy policies.

 

WHAT HAPPENS IF WE CAN’T HOLD YOUR PERSONAL INFORMATION

If you do not provide the School with the personal information described in this Privacy Policy, most likely, you will not be able to access or use Daymap and the Services, either to the same standard, or at all.

 

ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION

As we store your personal information on behalf of the School with who you register your details, we recommend that you contact the School to seek access to and correction of your personal information. If the School cannot or does not provide you with access in a reasonable timeframe, or cannot or does not correct your personal information to a satisfactory level, you may request access to and amendment of, any personal information we hold about you by contacting us (details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it – i.e. by mailing or emailing it to you. We will not charge for making a request and for making any corrections to your personal information. If you make an access request, we will ask you to verify your identity. There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others, or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal. If you require an amendment, we will consider if the information requires amending – if we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it.

 

NOTIFIABLE DATA BREACH

In the event that there is a data breach and we are required to comply with the notification of eligible data breaches provisions in Part IIIC of the Privacy Act or any other subsequent sections or legislation which supersede this Part IIIC, we will follow our relevant notifiable data breach procedures in compliance with the Privacy Act and relevant laws.

 

HOW YOU CAN COMPLAIN ABOUT A BREACH OF THIS PRIVACY POLICY

If you believe we have breached the terms of this Privacy Policy, or if you have any questions or concerns about our Privacy Policy please, contact us using the contact information below and provide details of any complaint you may have so we can investigate and respond.

We have a formal procedure for investigating and dealing with breaches of this Privacy Policy. Once the Privacy Officer receives a complaint, whether it is in writing or verbal, the Privacy Officer will commence an investigation and endeavour to determine the nature of the breach, if any, and how it occurred. We may contact you during the process to seek any further clarification if necessary. If a breach is found, the Privacy Officer will escalate the matter to management so that the process can be rectified to prevent any further breaches from taking place. We will also contact you to inform you of the outcome of the investigation. We will endeavour to resolve all investigations within a reasonable time.

We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.

Please contact our Privacy Officer at:

Privacy Officer
Loop Software Pty Ltd
Post: Suite 10, 317-321 Whitehorse Rd, Nunawading VIC 3114
Tel: 03 9879 0277
Email: info@daymap.net

 

If we do not resolve your enquiry, concern or complaint to your satisfaction or you require further information in relation to any privacy matters, please contact the Office of the Australian Information Commission, whose contact details are below:

Office of the Australian information Commission
Telephone: 1300 363 992
Email: enquiries@oaic.gov.au
Office Address: Level 3, 175 Pitt Street, Sydney NSW 2000
Postal Address: GPO Box 5218, Sydney NSW 2001
Website: www.oaic.gov.au

 

NO DISCLOSURE OF PERSONAL INFORMATION OUTSIDE AUSTRALIA

We do not, and do not ever intend to disclose personal information outside of Australia.

For the avoidance of doubt, an End User may access their own information via the Services from outside of Australia. As noted above, End User Personal Information belongs to the School, as such the School’s authorised representatives may freely access, view and download any End User information belonging to them, and we have no control over their collection, use or disclosure of this information whether in Australia or overseas.

 

SECURITY

Whilst we cannot guarantee against any loss, misuse or alteration to information, we will take reasonable steps to ensure the security and confidentiality of the personal information that we hold from loss, misuse, alteration or unauthorised access, including by means of firewalls, password access and secure servers.

Please also note that it is our policy for all of our staff to undergo National Police Checks, sign confidentiality agreements for non-disclosure, use or mishandling of any information stored or held by us. We have strict internal policies in place regarding the handling and protection of sensitive data. Additionally, where considered appropriate staff have undergone criminal screening via various state authorities (i.e. VIC: Working with Children Check, SA: DSCI Screening and other state equivalents).

If you suspect any misuse or loss of, or unauthorised access to, your personal information, please let us know immediately.

 

CHANGES TO OUR PRIVACY POLICY

We may change this Privacy Policy from time to time in our sole discretion. Any updated versions of this Privacy Policy will be posted on our Daymap website and highlighted to you upon your next sign-in and use of the Services. Please refer to this page from time to time to review any changes to this Privacy Policy. Your continued use of Daymap and our Services following the postings of changes to this Privacy Policy means you accept these changes. This Privacy Policy was last updated in February 2020.