Socialsuite confirms that as at the date of signature of this Agreement, it is not subject to the Australian Privacy Act 1988 (Cth) or to the State Privacy Law of Victoria, Australia.
You acknowledge and agree that in the event that You are subject to Australian Federal, State or Territory Privacy Laws, that You are not able to contract out of these or to hold Socialsuite liable for Your privacy compliance obligations.
You acknowledge further that the undertakings given by Socialsuite in this Schedule 1 are given in good faith because Socialsuite understands the value and sensitivity of personal information and privacy in providing the services to You.
In the interests of the protection of privacy and personal information You and Socialsuite agree to rely on the Australian Privacy Principles set out hereunder.
You acknowledge that while You remain liable for applicable privacy law, your only recourse against Socialsuite with respect to the undertakings in Schedule 1 is contractual, and may lead to termination under section 6 of EXHIBIT 1 above.
1. If an APP Entity under the Australian Privacy Act 1988 (Cth) You agree to 1.2 – 1.2 below. If not an APP Entity You agrees to be guided by 1.2 – 1.2:
1.1. Comply with the Act, the 13 new Australian Privacy Principles and any applicable Australian Privacy Principle Code; and
1.2. Ensure that You take all necessary and reasonable steps to:
1.2.2. Provide Users that access the Services with the option of dealing with You anonymously or by pseudonym, where reasonable;
1.2.3. Not disclose to Socialsuite any Personal Information, including sensitive personal information, unless it is necessary for Socialsuite to provide the Services;
1.2.4. Not disclose to Socialsuite any unsolicited Personal Information that You have an obligation to de-identify and/or destroy;
1.2.5. Take reasonable steps to notify Users about the Personal Information You collect and ensure that Users are aware of the collection, purpose, use and disclosure to third party service providers (such as Socialsuite and Salesforce) which is necessary for the Services;
1.2.6. Only disclose Personal Information to Socialsuite for the primary purpose of the provision of the Services and not for any secondary purpose;
1.2.7. Undertake Your own marketing for the Services and not disclose Personal Information to Socialsuite for the purpose of direct marketing;
1.2.8. Co-operate with Socialsuite to ensure that any overseas third party service provider with whom Socialsuite contracts in order to provide the Services including, but not limited to salesforce.com. inc., (California, USA) does not breach the Australian Privacy Principles in relation to the Personal Information which it discloses to Socialsuite and which is necessary for the Services;
1.2.9. Not adopt, use or disclose to Socialsuite any government related identifiers;
1.2.10. Take steps to ensure that the Personal Information You disclose to Socialsuite is accurate, up-to-date, complete and relevant for the purpose of the Services;
1.2.11. Take reasonable steps to protect the Personal Information You hold and disclose to Socialsuite from unauthorised access, modification or disclosure, taking into account Personal Information in transit and at rest, and advise Socialsuite timeously if and when action is required as a result of any actual or perceived security incident;
1.2.12. Ensure that where authorised, reasonable access is granted to Users to access the Personal Information that You hold about them; and
1.2.13. Take steps to correct Personal Information that You hold and disclose to Socialsuite, and ensure that the Personal Information is accurate, up-to-date, complete, relevant and not misleading with respect to the provision of the Services.
2. Socialsuite will:
2.1. Support You in Your efforts to comply with the Act and protect the Personal Information of Users We hold in order to provide the Services; and
2.2. Ensure that We takes all necessary and reasonable steps to:
2.2.1. Manage the Personal Information which is disclosed to Us by You in an open and transparent way by implementing practices, procedures and systems that will assist You meet your obligations under the Act;
2.2.2. Where reasonable, support Your dealings with Users who choose to be anonymous or use a pseudonym;
2.2.3. Except where required by law, not disclose to any third party Personal Information, including sensitive personal information, disclosed to Us by You, unless it is necessary to provide the Services and only after informing You of the identity of such third parties. In this regard You acknowledges that salesforce.com. Inc., is a third party service provider;
2.2.4. Not solicit any Personal Information other than that provided to Us by You and de-identify and/or destroy Personal Information on Your reasonable, written request;
2.2.5. Support Your requirements where and if Users wish to opt-out of the services;
2.2.6. Only disclose Personal Information collected or necessary for the provision of the Services to You, third party service providers and as required by law;
2.2.7. Not use the Personal Information provided by You to Us for the Services to undertake any direct marketing initiative;
2.2.8. Co-operate with You and facilitate communication with overseas third party service providers involved in the provision of the Services including, but not limited to salesforce.com. inc., to assist You assess whether these third parties breach the Australian Privacy Principles in relation to the Services;
2.2.9. Not adopt, use or disclose any government related identifiers intentionally or mistakenly provided to Us by You;
2.2.10. Take reasonable steps to ensure that the Personal Information We hold and /or disclose to You is accurate, up-to-date, complete and relevant for the purpose of the Services;
2.2.11. (i) Take reasonable steps to protect the Personal Information We hold in connection with the Services from misuse, interference and loss, and from unauthorised access, modification or disclosure, and notify You timeously if and when action is required as a result of any actual or perceived security incident;
2.2.12. (ii) Where We hold Personal Information received from You which is no longer needed for the provision of the Services nor required by law, take reasonable steps to destroy or to de-identify the information;
2.2.13. Ensure that You have reasonable access to Users Personal Information held by Us; and
2.2.14. Take reasonable steps to correct Personal Information that We hold to ensure that it is accurate, up-to-date, complete, relevant and not misleading with respect to the provision of the Services.