Background

We're GridScout Pty Ltd (ACN 689 881 392) — referred to below as GridScout, we, our or us. This Policy (Policy) explains how we look after your personal information when you use our platform, which helps you visualise, analyse, model and forecast electricity grid and market data (GridScout), along with any other agreements we may form with you.

When we say Personal Information, we mean information or an opinion about an identifiable individual (not a company), whether or not it's true and whether or not it's written down.

Disclaimer

While your privacy matters to us, nothing in this Policy constitutes a voluntary opt-in to any privacy laws, anywhere in the world, that we're not statutorily bound to comply with.

Collection of Personal Information

How GridScout collects Personal Information

We collect Personal Information in the ordinary course of running GridScout. That generally happens when you:

• contact or correspond with us via email, phone or our website;
• give us feedback about GridScout;
• subscribe to our newsletters or fill out surveys and online forms;
• subscribe to, use or enquire about GridScout; and/or
• ask us for support.

We only collect information directly from you, unless you've authorised someone else to provide it on your behalf.

What Personal Information is collected?

The types of Personal Information we collect include your name, address, telephone number, email, IP address, device identification and any additional information you provide to us.

Where you contact us on behalf of your employer, the information you share often includes details about your employment, position and your employer's contact details — so some employment information ends up being collected too.

How GridScout uses Personal Information

Why we collect Personal Information

We collect your Personal Information for the primary purpose of providing GridScout to you. We may also use it for secondary purposes closely related to that primary purpose, in circumstances where you'd reasonably expect such use or disclosure.

Examples of when we may use your Personal Information include:

• informing you about GridScout;
• providing you with access to, and support for, GridScout;
• improving GridScout;
• administration related to providing you with GridScout, including managing your account;
• handling requests, enquiries or complaints, and other customer-care activities; and
• carrying out any activity in connection with a legal, governmental or regulatory requirement imposed on us, or in connection with legal proceedings, crime or fraud prevention, detection or prosecution.

Direct marketing

If you've given us consent (for example, by subscribing to our email list or telling us you'd like to hear from us), we may send you marketing communications about products and services we think you'll find interesting.

You can opt out at any time using the "unsubscribe" link in any of our emails.

Surveys or market research

We (or an appointed third party) may also run surveys or market research from time to time. These help us improve the type, quality and delivery of our products and services. You can opt out of any of these using the facilities provided.

Cookies and browser analytics

What are cookies

Cookies are small text files that websites place on your computer. Your browser stores them and reads them when you come back. Most of the information cookies collect is anonymous and doesn't reveal who you are. Cookies are harmless on their own and serve important functions — they're widely used to make websites work properly and to understand how a site is being used.

Why we use cookies

By storing some information about your use of our website, we can make your visit more productive — for example, remembering your language or display preferences so you don't have to set them every time.

We use the following types of cookies:

• Required cookies. These are needed for our website to work — for example, to pass information from one page to another or to power online forms.
• Analytical cookies. These let us count visitors and see how people move around our website, so we can improve it. We also use third-party cookies such as Google Analytics; the information passed back to those providers is anonymous.
• Marketing cookies. These help us recognise you when you return, personalise content, and remember your preferences. They also record the pages you've visited and links you've followed, so we can make the site and our communications more relevant.

How can I remove cookies

Your browser decides whether to accept cookies, and most are set to accept them by default. If you'd rather not, you can manage cookies through your browser settings — including clearing them from your browser history when you leave the site. Heads up: rejecting cookies may break parts of our website.

Data retention and security

Security mechanisms we employ

We generally store your Personal Information on secure servers protected from unauthorised access, modification and disclosure. Like most businesses, we also hold some information on staff computers (such as emails from you) and, where necessary, in hard-copy files (such as printed invoices).

Our systems are located in Australia and managed by us and our service providers. Personal Information that we store or transmit is protected by security and access controls — including username and password authentication, multi-factor authentication, and data encryption (such as SSL) where appropriate.

When working with third-party service providers, we take care to choose subcontractors and suppliers who maintain an acceptable standard of data security.

How long we keep your Personal Information

We keep your Personal Information for as long as we need it to provide our platform, run our internal business operations, and meet our legal obligations.

If we hold Personal Information about you that we no longer need, we'll take reasonable steps to destroy or de-identify it in line with the Australian Privacy Principles (APP), unless we're prevented from doing so by law.

Under Australian law, financial records (such as those relating to financial transactions) must be kept for 7 years after the related transactions are completed.

If you'd like us to stop using your Personal Information, you can ask us to erase it and — if you have an account with us — close your account. Where possible, we'll do so in line with the APPs. That said, when you ask us to erase your Personal Information, we'll keep information from deleted accounts where it's necessary for our legitimate business interests, to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations or requests by government (including the Australian Energy Market Operator, AEMO), a court of law or law enforcement authorities, enforce our terms of service, and take other actions permitted by law. Anything we keep will still be handled in accordance with this Policy.

Disclosure of your Personal Information

Who we share your Personal Information with?

Your Personal Information may be disclosed to:

• our employees, a related company and our professional advisers (lawyers, accountants, financial advisers, etc.);
• regulators and government authorities, including:
  • AEMO, in connection with our contractual obligations; and
  • law enforcement agencies to assist with the investigation and prevention of criminal activities;
• a third party, in order to enforce or defend our rights, or to address financial or reputational risks;
• third-party contractors, suppliers and service providers we work with, including:
  • payment gateway providers, such as PayPal Holdings Inc. or Stripe Inc.;
  • administration service providers;
  • marketing service providers; and
  • information technology service providers, including cloud application providers.

We won't disclose your Personal Information other than in accordance with this Policy without your consent.

Offshore transfers

We may store or transfer your Personal Information to third-party contractors, service providers and suppliers we work with who use data offshore. We rely solely on reputable organisations and prefer those with operations in Australia, such as Amazon Web Services.

Anonymity and use of pseudonyms

If you contact us with a general enquiry, you're welcome to do so anonymously or under a pseudonym. That said, you'll need to provide accurate details when requesting goods or services from us, and you agree to provide accurate information whenever we need it.

Access to Personal Information and corrections

We try to only hold Personal Information that's accurate, complete and up to date. You have the right to ask to see the Personal Information we hold about you, and to ask us to correct anything that's wrong. To make an access or correction request, just reach out using the contact details at the end of this Policy.

If you have an account with us, you can also see and update some of your information by logging in.

To protect your Personal Information, we may need to verify your identity before releasing information or making a correction.

Communications and privacy concerns

Your privacy is important to us. If you have any complaints, concerns or questions about how we handle your Personal Information, please get in touch with our privacy officer first using the contact details below. We'll investigate your complaint and reply in writing if you give us your contact details and ask us to.

Email: director@gridscout.com.au
Online: https://gridscout.com.au/contact
Post: 1 Wellington Pde, Shelly Beach, QLD 4551

If you're still not satisfied after we've looked into things, you can take the matter to the Office of the Australian Information Commissioner:

Email: enquiries@oaic.gov.au
Telephone: 1300 363 992 (from overseas +61 2 9284 9749)
Post: GPO Box 5218, Sydney NSW 2001

Variations to this Policy

We'll need to update this Policy from time to time to keep it in line with the latest legal requirements and any changes to how we manage privacy.

When we do, we'll let you know where required. The latest version will always live on this page.