How we manage your data and protect your privacy.
This policy may be updated from time to time
Actionstep reserves the right to change the provisions of this Policy at any time. We will alert You of changes that have been made by indicating on the Policy the date it was last updated. We encourage You to review this Policy from time to time to make sure that You understand how any Personal Information You provide will be used.
Actionstep processes personal data in two general contexts:
1) as a business engaging with clients, suppliers, prospects, and other stakeholders through a number of channels including its website, email, phone, webinars, advertising, and social media (“Actionstep as a Business”), and
2) as a provider of an online business and practice management services (“Actionstep as a Service Provider”).
For clarity the privacy considerations are presented in each of these contexts.
1. Actionstep as a Service Provider
As a service provider Actionstep allows You to store Your business data in a dedicated database and operate on the data via the Actionstep online application.
You own Your Data
The Data entered, or imported on instruction, by You remains Your property and Actionstep will not use nor make available for use any of this information without Your permission.
You control who has access to Your Data
The Data entered, or imported on instruction, by You is stored securely in a database, or electronic file system, and is only accessible to any person You have authorised to use the Service.
It is Your responsibility to delete login credentials when they are no longer needed.
Actionstep monitors system usage
The Data entered, or imported on instruction, by You is stored securely in a database and is only accessible to persons You have authorised to use the Service. It is Your responsibility to keep Your password safe. Actionstep, Actionstep’s staff and Actionstep’s partners do not have access to Your password.
Actionstep may need to access some of Your Data to resolve system errors or to recreate scenarios to resolve support requests, however this will not be done without first obtaining permission from You.
Actionstep will need to access Your data as a whole for backup, system maintenance, integrity checking, and load-balancing purposes.
Actionstep staff and key commercial partners can access non-identifying and aggregated usage information and transaction volumes in order to better understand how our customers are using the Service so we can improve the system design and where appropriate have the system prompt users with suggestions on ways to improve their own use of the system.
Your Data is sent securely across the Internet
Actionstep’s servers have SSL Certificates so all Data transferred between users and the Service is encrypted. However, the Internet is not in itself a secure environment. Users should only enter, or instruct the importation of, Data to the database within a secure environment. This means that Your browser must support the encryption security used in connection with the Service.
Actionstep does not store Your credit card details
Your credit card details are encrypted and securely stored by payment processors to enable Actionstep to automatically bill Your credit card on a recurring basis. Your credit card details are not stored by the Service and cannot be accessed by Actionstep staff.
Privacy policies of any optional third-party applications the service links to
Breaches and complaints
If Actionstep becomes aware that Your Data has been accessed by, or disclosed to, an unauthorised party, then Actionstep will notify You as soon as possible.
Actionstep will cooperate with investigations conducted by the Privacy Commissioner or other duly-authorised government privacy bodies.
If You suspect a breach of privacy please contact Actionstep via email to firstname.lastname@example.org.
2. Actionstep as a Business
When You visit our website or engage in marketing activities such as events and webinars we may collect personal information from You.
What personal information do we collect?
We may collect certain information You voluntarily provide to us which may contain Personal Information. For example, when You fill out a form, submit a comment, or contact us by e-mail or other means.
When You visit our website, some information is also automatically collected, such as Your Internet Protocol (IP) address, Your operating system, the browser type, the address of a referring web site, and Your activity on the Sites. We treat this information as personal information if we combine it with or link it to any of the identifying information mentioned above. Otherwise, it is used in the aggregate only (non-identifying).
You can unsubscribe from any marketing communication by following the unsubscribe instructions contained in the communication (usually in the footer section), or send Your request to email@example.com.
Under the European General Data Protection Regulation (also know as “GDPR”) You also have rights which include:
- knowing what personal data we hold about You;
- asking us to correct any personal data we hold about You; and
- asking us to delete or restrict any personal data we hold about You.
You can exercise these rights by sending an email to firstname.lastname@example.org.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about You may be linked to the information stored in and obtained from cookies.
- authentication: to identify You when You visit our website and as You navigate our website;
- personalisation: to store information about Your preferences and to personalise the website for You;
- analysis: to help us to analyse the use and performance of our website and services; and
Cookies used by our service providers
Last updated: 22-May-2018
- Separated content into “Actionstep as a Service Provider” and “Actionstep as a Business” to make it easier for You to understand the two contexts in which we process personal data.
- Clarified Your rights under GDPR