PRIVACY POLICY
Novus Place Pty Ltd (ACN 644 095 367) (“we”, “us”, “our”), also referred to as our trading name, Brieff, takes the privacy of your and your clients’ information very seriously.
While we are not bound by the Australian Privacy Principles (“APPs”), we are committed to protecting your privacy and respecting your rights under the APPs as contained in the Privacy Act 1988 (Cth) and any other relevant privacy legislation in your jurisdiction.
We understand your requirements to keep client information confidential and wish to ensure that we make as clear as possible how we treat personal information to help you be fully informed about sharing your own and your clients’ personal information with us. This Privacy Policy sets out how we collect, use, store, share and disclose your and your clients’ personal information.
The defined terms in this Privacy Policy (“Policy”) have the same meaning as in our Terms of Use, which you should read together with this Policy. By accessing our Website and using our Services, you consent to the terms of this Policy and agree to be bound by it.
Key areas covered by this Policy:
While we are not bound by the Australian Privacy Principles (“APPs”), we are committed to protecting your privacy and respecting your rights under the APPs as contained in the Privacy Act 1988 (Cth) and any other relevant privacy legislation in your jurisdiction.
We understand your requirements to keep client information confidential and wish to ensure that we make as clear as possible how we treat personal information to help you be fully informed about sharing your own and your clients’ personal information with us. This Privacy Policy sets out how we collect, use, store, share and disclose your and your clients’ personal information.
The defined terms in this Privacy Policy (“Policy”) have the same meaning as in our Terms of Use, which you should read together with this Policy. By accessing our Website and using our Services, you consent to the terms of this Policy and agree to be bound by it.
Key areas covered by this Policy:
- Collection of Your Personal Information
- Collection of Others’ Personal Information from You
- Purpose of the Collection of Your Personal Information
- Collection of Payment Information
- Use of Cookies
- Uses of Log Files
- Links to Other Websites
- Protection of Your Personal Information
- Disclosure of Your Personal Information
- Google API Services User Data Policy & Limited Use Requirements
- Contact Information
- Miscellaneous
Bubble: Brieff is built on Bubble, which complies with the SOC 2 Type II standard for security and offers a GDPR-compliant data processing agreement (DPA) that Brieff complies with. You can learn more about Bubble's security features here.
Bubble complies with (i) the EU-U.S. Data Privacy Framework (EU-U.S. DPF), (ii) the UK Extension to the EU-U.S. DPF (also known as the UK-US data bridge), and (iii) the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) (collectively, the “Data Privacy Framework”)* as set forth by the U.S. Department of Commerce. Bubble has certified to the U.S. Department of Commerce that Bubble adheres to (i) the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the EU in reliance on the EU-U.S. DPF, and (ii) from the UK (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF, and (iii) the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF (collectively, the “DPF Principles”). If there is any conflict between the terms in this Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles shall govern. You can learn more about Bubble's Data Privacy Framework (DPF) and view its certification here.
1. We collect your personal information
Our Services involve the storage of data. That data can include personal information. “Personal information” is information about an identifiable individual, or other entity and may include, but is not limited to, information such as the individual’s name, email address, mobile number, aspirations, and financial information.
Personal information we collect
We may collect personal information directly from you including, but not limited to your:
- full name;
- business name;
- address;
- email address;
- mobile and business phone number;
- location, including country and state;
- device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from sites, ad data, IP address, standard web log information;
- billing information (including credit card or bank details);
- details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries;
- any additional information relating to you that you provide to us directly through our website or app or indirectly through your use of our website or app or online presence or through other websites or accounts from which you permit us to collect information;
- information you provide to us through customer surveys; and
- any other personal information that may be required to facilitate the provision of Services to you.
How we collect personal information
We may collect personal information directly from you when you:
- register to use Brieff;
- use Brieff and our Services;
- post to our Website, community forum, social media pages, or our blog;
- contact the support team; and
- visit our Website.
You can always choose not to provide your personal information to us, but it may mean that we are unable to provide you with our Services. We require you to provide accurate, up-to-date and complete personal information at the time it is collected.
2. We may receive personal information from you about others
Through your use of Brieff, we may also collect information from you about someone else. If you provide us with personal information about someone else, such as your clients, you must ensure that you are authorised to disclose that information to us and that, without us taking any further steps required by applicable data protection or privacy laws, we may collect, use, store and disclose such information for the purposes described in this Policy.
This means that you must take reasonable steps to ensure the individual or entity concerned is aware of and consents to the various matters detailed in this Policy, including the fact that their personal information is being collected, the purposes for which that information is being collected, the intended recipients of that information, the individual's right to obtain access to that information, our identity, and how to contact us. You must also provide accurate, up-to-date and complete personal information about others when disclosing this information to us.
Where requested to do so by us, you must also assist us with any requests by the individual to access or update the personal information you have collected from them and entered into Brieff or our Website or Services.
3. We collect, hold, and use your personal information for limited purposes
We collect your personal information so that we can provide you with our Services and any related services you may request. In doing so, we may use the personal information we have collected from you for purposes related to the Services including to:
- verify your identity;
- provide our Website, products and Services to you;
- administer, protect, improve or optimise our services (including performing data analytics, conducting research and for advertising and marketing purposes);
- billing you for purchases or for using our Services;
- notify you of new or changed information relating to Brieff, or other information relating to us or our business partners;
- carry out marketing or training relating to Brieff;
- assist with the resolution of technical support issues or other issues relating to Brieff;
- to carry out any other purpose you have consented to;
- for internal record-keeping and administrative purposes;
- comply with laws and regulations in applicable jurisdictions; and
- communicate with you.
By using Brieff, you consent to your personal information being collected, held and used in this way and for any other use you authorise. We will only use your personal information for the purposes described in this Policy or with your express permission.
Use of personal information for direct marketing
Where we have your express consent, or where we are otherwise permitted by law, we may use your personal information to send you information about products and services we believe are suited to you and your interests or we may invite you to attend special events.
At any time, you may opt out of receiving direct marketing communications from us. Unless you opt out, your consent to receive direct marketing communications from us and to the handling of your personal information as detailed above, will continue. You can opt out by following the unsubscribe instructions included in the relevant marketing communication, or by emailing us at info@brieff.io.
Despite opting out of direct marketing communication, in the event of an important event, we may still contact you to notify you of essential changes to our Services, including notifications of data breaches or changes in material terms to this Policy or our Terms of Use.
4. We do not retain your payment information
If you are a user of our paid service, we utilise third party payment processing companies to collect payment information, including your credit card number, billing address and phone number. We will share this payment information with the third party processing company, and as such you should be aware of the appropriate terms and conditions of these companies. We do not store your payment information.
Some payment providers we use include:
- Stripe - Utilised from May 2023 - https://stripe.com/au/ssa
- Other third party payment providers – as updated on this Policy, or notified to you in-app from time to time
5. We use cookies
We use technologies like cookies and pixel tags (“Cookies”) to review, monitor, promote and improve Brieff. For example, a cookie is used to remember your user name when you return to Brieff and to improve our understanding of how you interact with us. By using our Services and accessing our website, you agree that we can store and access Cookies in accordance with this Policy.
The data collected through Cookies will not be kept for longer than is necessary to fulfil the purposes mentioned above. We will handle any personal information collected by Cookies in the same way that we handle all other personal information.
You can block Cookies on your web browser; however please be aware that some features of Brieff may not function properly if the ability to accept Cookies is disabled.
6. Brieff uses log files
When you use Brieff, our servers automatically record certain information in server logs. These server logs may include but is not limited to information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on Brieff, domain names, landing pages, pages viewed, mobile carrier, and other such information. Log files help us to monitor, analyse, improve and maintain Brieff and to diagnose and address any issues, including security issues.
The data collected through log files will not be kept for longer than is necessary to fulfil the purposes mentioned above. We will handle any personal information collected by log files in the same way that we handle all other personal information.
7. Links to other web sites
Our Website and Services may contain links to third party websites including social media networks. This Policy applies solely to information collected directly by us or as otherwise outlined in the Policy. We are not responsible for the practices employed by websites linked to or from within Brieff, nor the information or content contained therein. Please remember that when you use a link to go from Brieff to another website or provider, such as Xero, our Policy is no longer in effect and your activities on that third party website is subject to such third party website’s own rules and policies.
8. We will take all reasonable steps to protect your personal information
We are committed to protecting the security of your personal information and we take all reasonable precautions to protect it from unauthorised access, modification or disclosure.
However, the Internet is not in itself a secure environment and we cannot give an absolute assurance that your information will be secure at all times. Transmission of personal information over the Internet is at your own risk and you should only enter, or instruct the entering of, personal information to the Service within a secure environment.
You may be required to enable Two Factor Authentication to access Brieff, to add another layer of security preventing those accessing your account. We strongly recommend using complex passwords and using a VPN to enhance your own security.
We will advise you at the first reasonable opportunity upon discovering or being advised of a security breach where your personal information is lost, stolen, accessed, used, disclosed, copied, modified, or disposed of by any unauthorised persons or in any unauthorised manner.
Other than liability that cannot be excluded by law, we will not be liable in any way in relation to any breach of security or any unintended loss or disclosure of personal information.
9. We will only disclose your personal information in limited circumstances
We will only disclose the personal information you have provided to us to entities outside Brieff’s group of companies if it is necessary and appropriate to facilitate the purpose for which your personal information was collected pursuant to this Policy, including the provision of our Services. This may include, but is not limited to, disclosures to:
- Bubble, Xero, Stripe, Amazon Web Services, Mixpanel, and all third-party payment providers and integrations (“Authorised Third Party Recipients”).
When using our Services, you consent to your personal information or personal information collected from you about others being disclosed or transferred to Authorised Third Party Recipients and you acknowledge and agree that we have no obligation to take such steps as are reasonable in the circumstances to ensure that the information that is transferred or disclosed to the Recipients will be treated in a manner that is consistent with the APPs. You also agree that insofar as the law allows, we have no liability to you or anyone else for any breach by the Authorised Third Party Recipients of the APPs or any other relevant privacy laws in your jurisdiction.
We will not otherwise disclose your personal information to a third party unless you have provided your express consent. However, you should be aware that we may be required to disclose your personal information without your consent in order to comply with any court orders, subpoenas, or other legal process or investigation including by tax authorities, if such disclosure is required by law. Where possible and appropriate, we will notify you if we are required by law to disclose your personal information.
The third parties who host our servers (Bubble and Amazon Web Services) do not control, and are not permitted to access or use, your personal information except for the limited purpose of storing the information. This means that, for the purposes of Australian privacy legislation and Australian users of the Service, We do not disclose personal information to third parties located overseas.
10. We Adhere to API Services User Data Policies & Limited Use Requirements
Brieff’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. Where we utilise other third party APIs (including but not limited to Microsoft, OpenAI, Stripe, and others), we will comply with their respective data policies and limited use requirements.
11. Access and Contact Information
You may request access to your personal information, or seek correction of it, by contacting us. Should we decline you access to your personal information, we will provide a written explanation setting out our reasons for doing so.
We may charge a reasonable fee that is not excessive to cover the charges of retrieving your personal information. We will not charge you for making the request.
If you believe that we hold personal information about you or your clients that is not accurate, complete or up-to-date then you may request that the personal information be amended. We will respond to your request to correct your personal information within a reasonable timeframe, and you will not be charged a fee for correcting your personal information.
If we no longer need your personal information for any of the purposes set out in this Policy, or as otherwise required by law, we will take such steps as are reasonable in the circumstances to destroy your personal information or to de-identify it unless we are required to retain the data for legal or compliance purposes.
If you require further information regarding our Policy or wish to make a privacy complaint, please contact us at info@brieff.io.
12. Miscellaneous
If you are in a different jurisdiction, for example in the European Union or the state of California, you may be entitled to enhanced privacy rights. Please contact us if you wish to exercise your rights under the respective privacy laws of your jurisdiction, including the correction, deletion, porting, withdrawing of consent, or processing of your personal information.
Brieff reserves the right, to amend, modify, add or remove portions of this Privacy Policy at any time without notice and amendments will be effective immediately upon posting of the amended Policy on our website.
Please check this Policy from time to time for such changes. Your continued use of Brieff following the posting of changes to this Policy will mean you accept those changes. Any amendments made to the Policy may be retrospectively applied if required by law.
The Privacy Policy was last updated on 20 November 2024.
We will not otherwise disclose your personal information to a third party unless you have provided your express consent. However, you should be aware that we may be required to disclose your personal information without your consent in order to comply with any court orders, subpoenas, or other legal process or investigation including by tax authorities, if such disclosure is required by law. Where possible and appropriate, we will notify you if we are required by law to disclose your personal information.
The third parties who host our servers (Bubble and Amazon Web Services) do not control, and are not permitted to access or use, your personal information except for the limited purpose of storing the information. This means that, for the purposes of Australian privacy legislation and Australian users of the Service, We do not disclose personal information to third parties located overseas.
10. We Adhere to API Services User Data Policies & Limited Use Requirements
Brieff’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. Where we utilise other third party APIs (including but not limited to Microsoft, OpenAI, Stripe, and others), we will comply with their respective data policies and limited use requirements.
11. Access and Contact Information
You may request access to your personal information, or seek correction of it, by contacting us. Should we decline you access to your personal information, we will provide a written explanation setting out our reasons for doing so.
We may charge a reasonable fee that is not excessive to cover the charges of retrieving your personal information. We will not charge you for making the request.
If you believe that we hold personal information about you or your clients that is not accurate, complete or up-to-date then you may request that the personal information be amended. We will respond to your request to correct your personal information within a reasonable timeframe, and you will not be charged a fee for correcting your personal information.
If we no longer need your personal information for any of the purposes set out in this Policy, or as otherwise required by law, we will take such steps as are reasonable in the circumstances to destroy your personal information or to de-identify it unless we are required to retain the data for legal or compliance purposes.
If you require further information regarding our Policy or wish to make a privacy complaint, please contact us at info@brieff.io.
12. Miscellaneous
If you are in a different jurisdiction, for example in the European Union or the state of California, you may be entitled to enhanced privacy rights. Please contact us if you wish to exercise your rights under the respective privacy laws of your jurisdiction, including the correction, deletion, porting, withdrawing of consent, or processing of your personal information.
Brieff reserves the right, to amend, modify, add or remove portions of this Privacy Policy at any time without notice and amendments will be effective immediately upon posting of the amended Policy on our website.
Please check this Policy from time to time for such changes. Your continued use of Brieff following the posting of changes to this Policy will mean you accept those changes. Any amendments made to the Policy may be retrospectively applied if required by law.
The Privacy Policy was last updated on 20 November 2024.