Wippli® Privacy Policy

Last updated 15 July 2023

About this Privacy Policy

This Privacy Policy describes how Wippli Pty Ltd ABN 56 645 313 695 (“we”, “us” and “our”) manages personal information about our end users and the individuals whose data is processed by or on their behalf using Wippli (“Wippli”). All such individuals are referred to in this Privacy Policy as “data subjects”.

We are committed to complying with our privacy obligations in accordance with all applicable data protection laws, including the Australian Privacy Principles contained in Schedule 1 to the Privacy Act 1988 (Cth) (“Privacy Act”).

If we decide to change this Privacy Policy, we will post the updated version on this webpage. Our policy is to be completely transparent about our privacy practices.

This Privacy Policy sets out our policy on the collection, use and disclosure of personal information of Wippli end users (“End Users”) in accordance with our statutory obligations under the Privacy Act.

Summary of Key Points

Our identity and contact details Wippli is owned and operated by Wippli Pty Ltd ABN 56 645 313 695, a company incorporated in New South Wales, Australia. Our contact details are set out at the end of this Privacy Policy.
Personal information that we process
  • Subscription/registration, payment and Wippli task data;
  • Data entered into and/or uploaded into Wippli by End Users when accessing Wippli;
  • Data relating to communications between us and End Users;
  • Analytics data;
  • Cookies data;
  • End User information including IP addresses, email addresses, user access logs, usernames, passwords and statistical data entered into or otherwise processed by Wippli;
  • Information included by End Users in technical support tickets, telephone calls to our support team and error messages.
The purposes for the processing We collect personal information to perform our contracts with our End Users, to provide, support, maintain and improve Wippli, to operate and grow our business, to provide Wippli Services, to comply with our legal obligations, for internal business purposes such as billing and invoicing, to identify, contact and communicate with our customers, for marketing purposes, to carry out research on de-identified personal information, to enforce our legal rights, to comply with our legal obligations, and for other reasons set out in our Privacy Policy. We collect personal information when a person provides it to us via Wippli, when it is collected via cookies, via online forms on our website platform, in phone calls and/or emails with us) and when we collect it from third parties and public searches including Google, Facebook and other social network platforms.
Who we disclose personal information to We only disclose personal information to hosting providers and software developers who perform hosting or software development services on our behalf to the extent necessary for them to perform those services and provide technical support. We will not sell personal information to third parties (other than if we decide to sell or merge Wippli or our company).
Security We take our privacy obligations very seriously. This Privacy Policy provides detailed information about the security measures that we take to protect personal information.
Transfer of data to other countries We may transfer your personal information to our hosting providers located in Ukraine in order for them to host Wippli and data stored in Wippli and to our software developers located in Ukraine so that they can provide any necessary maintenance and technical support that we may require. We may also transfer personal information overseas to third parties in connection with a sale or merger referred to above. We comply with the Privacy Act when we transfer personal information overseas.
Cookies We use cookies on Wippli to provide you with Wippli Services. If we request your consent and you consent to our use of a cookie, you may withdraw your consent to our use of the cookie at any time.
Your rights If we collect personal information about you, you may have rights under the Privacy Act in relation to your personal information, where provided for in this Privacy Policy and the Privacy Act.
How long we store personal information for In relation to personal information that we collect through Wippli, unless we are required to retain the data for a longer period under applicable law, we only retain this personal information 30 days after the relevant Wippli Subscriber’s subscription expires or terminates or earlier upon request by the Wippli Subscriber. We will destroy (or de-identify the personal information where we are entitled to do so) or return it to the relevant data subject.

If we decide to change this Privacy Policy, we will post the updated version on this webpage so that you will always know what personal information we gather, how we might use that information, and whether we will disclose it to anyone. If you are a Wippli Subscriber, we will notify you of any changes to our Privacy Policy by sending an email to you using the email address that you provide to us when subscribing to Wippli or any new email address that you specify in your Wippli Account, but only if we have that contact information about you.

Personal information

The Privacy Act defines "personal information" as information or an opinion about an identified individual, or an individual who is reasonably identifiable:

(a) whether the information or opinion is true or not; and

(b) whether the information or opinion is recorded in a material form or not.

In this Privacy Policy, "personal information" has the meaning given to it in the Privacy Act.

Principles relating to the collection of personal information

We rely on our End Users to obtain all relevant privacy consents and authorisations about data subjects whose personal information they enter into Wippli, including any consents required for the information to be collected, disclosed and otherwise processed by us for the purposes set out in this Privacy Policy. We also rely on our End Users to ensure that all personal information about such data subjects held by us is accurate, up to date, complete, relevant and not misleading.

Our policy is to minimise the amount of personal information we collect. Accordingly, we only collect personal information that is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

We collect personal information that you give us, whether by you entering it into Wippli, by email, telephone, in person, via application forms or otherwise. In addition, we may obtain personal information from public sources, where available. However, if it is reasonable and practicable to do so, we will collect personal information about an individual only from that individual.

We do not wish to process any data that is personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. Wippli is not designed to capture those types of personal information. Please do not enter any such personal information into Wippli.

Personal information that we collect and how we use it

The personal information that we collect and how we use it is as follows:

    1. Payment Data and other data entered into and/or uploaded into Wippli by End Users when accessing the Wippli: If you are a End User who has registered or subscribed to Wippli, we will collect and otherwise process the following categories of personal information about your staff: names, telephone numbers, mobile numbers, email addresses, credit card details, bank account details, postal addresses, residential addresses, business addresses and social media accounts. We will process this personal information in order to administer our End User subscriptions, registrations and accounts on Wippli, for the purposes of providing you, as an End User, with access to and use of Wippli, to enforce your obligations to pay Wippli service charges to us and to otherwise enforce compliance with our Terms of Use and the contractual obligations that you, as a Wippli End User, owe to us. We will also process this personal information in order to provide you with information and assistance about Wippli, so that Wippli can issue email notifications to you about Wippli tasks, and to communicate with you in connection with any maintenance notices (that we may issue when Wippli is unavailable), renewal notices, service updates and the like for the purposes of keeping you informed and up to date about Wippli.
    2. Data entered into and/or uploaded into Wippli by End Users: We collect and process any personal information that End Users upload or enter into Wippli. This data includes Wippli task data - we will process this personal information on behalf of our End Users in order to provide them with the functionality provided by Wippli. We will also process this personal information to monitor compliance with our Terms of Use, to maintain backups of our databases and to detect unauthorised use and faults with Wippli (such as, by examining log files and error messages). The personal information will also be used to provide our Wippli End Users with technical support and training with respect to Wippli if and where we agree to do so. We will also collect and process contact, subscription and payment data in order to administer subscriptions to Wippli.
    3. Data relating to communications: When our End Users contact us, we will collect and process personal information including the name of the End User, the IP address of the End User and any other personal information that the End User provides to us during the communications. For example, an End User may contact us to ask questions about Wippli, seek technical support or advice and to express their interest in upgrading or modifying their accounts on Wippli. We will process this personal information in order to provide End Users with information and assistance about Wippli, and to communicate with them in connection with any breach, expiry, termination or suspension of Wippli.
    4. Analytics data: We collect and process personal information known as analytics data for statistical and analytical purposes, designed to measure and monitor how Wippli is being used and to highlight any areas for improvement, optimisation and enhancement, including user location, IP addresses, cookie data, information about devices accessing Wippli (IP address, the type of device used to access Wippli and the operating system), the amount of time a user spent on Wippli and in which parts of Wippli, and the path they navigated through Wippli. We will process this personal information in order to monitor and detect unauthorised use of Wippli and to establish how Wippli is used and to highlight areas for potential improvement of Wippli. We often aggregate this data with other data. However, where the data is classified as personal information, we treat it in accordance with this Privacy Policy.
    5. Cookies: We use cookies on Wippli. Cookies are pieces of information that a web site transfers to a computer's hard disk for record-keeping purposes. This helps us tailor and improve the information we present to you, promoting higher end user satisfaction when you visit our site. The use of cookies is common in the Internet industry, and many major web sites use them to provide useful features to their end users. A cookie may be used to tell when your computer or device has accessed Wippli. Cookies may also be used to personalise your experience with us. You may configure your web browser on your computer or device to reject or block cookies if you wish. If we request your consent to a cookie and you consent to our use of the cookie, you may withdraw your consent to our use of the cookie on your computer or device at any time by configuring your computer or device accordingly.

Who we share personal information with

We only disclose personal information to third parties who perform services for us or where required to provide Wippli Services. We will not sell personal information to third parties (other than if we decide to sell or merge Wippli or our company) and we only disclose the minimum amount of personal information required. We will also disclose and/or transfer your personal information to our personnel, contractors, professional advisors and insurer and as otherwise required by law. We may disclose personal information that we collect to third parties for all or any of the following purposes:

  • To procure hosting of Wippli – in which case we disclose your personal information to our upstream hosting supplier who hosts Wippli and the personal information that you enter into and/or upload in to the Wippli. Our hosting suppliers host that personal information on their computer servers;
  • As required to provide Wippli Services – which may require us to disclose personal information, such as when we disclose transaction data to your customers/suppliers on Wippli that the Wippli Services are designed to disclose;
  • Handling claims and complaints – in which case we may disclose your personal information to our lawyers and insurers;
  • Sending out newsletters and other relevant marketing material (if you have expressed an interest in our products) – in which case we may disclose your personal information to our email, marketing and newsletter service providers;
  • In order to record billing details – in which case we provide your bank account and credit card details to our bank and merchant facility providers;
  • For professional advice - when providing information to our legal, accounting or financial advisors/representatives or debt collectors for debt collection purposes or when we need to obtain their advice, or where we require their representation in relation to a legal dispute;
  • If we sell the whole or part of our business of Wippli or the shares in our company or merge with another entity – in which case we will provide to the purchaser or other entity the personal information that is the subject of the sale or merger;
  • Where required by law.

We may also provide your personal information to our lawyers, insurers and professional advisors and any court or administrative body, for one or more of the following purposes:

  • For the purposes of obtaining professional advice;
  • To obtain or maintain insurance;
  • The prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law;
  • To protect or enforce our rights or defend claims;
  • Enforcement of our claims against you or third parties;
  • The enforcement of laws relating to the confiscation of the proceeds of crime;
  • The protection of the public revenue;
  • The prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct;
  • The preparation for, or conduct of, proceedings before any court or tribunal, or implementation of the orders of the court or tribunal.
  • Where disclosure is required to protect the safety or vital interests of employees, eCommerce customers or property.

Third party platforms

Wippli may include links to, or interface with third party websites and platforms. Our linking to those websites and platforms does not mean that we endorse or recommend them. We do not warrant or represent that any third party website or platform operator complies with applicable data protection laws. You should consider the privacy policies of any relevant third party websites and platforms prior to sending your personal information to them.

You may interact with social media platforms via social media widgets and tools such as the Facebook Like button and the Facebook pixel that may be installed on Wippli. These widgets and tools may collect your IP address and other personal information. Your interaction with such widgets and tools, and any single sign-on services such as Open ID is governed by the privacy policies of the relevant social media operators and single sign-on service providers – please read them so that you are aware of how they process your personal information.

Security

We take our privacy obligations very seriously. Accordingly, we only process personal information in a manner that ensures appropriate security of the personal information, including by protecting the personal information against unauthorised or unlawful processing and against accidental loss, destruction or damage using appropriate technical or organisational measures.

The technical and organisational measures that we have implemented are as follows:

  • We maintain physical security measures in our buildings and offices such as door and window locks and visitor access management, cabinet locks, surveillance systems and alarms.
  • We have data backup processes in place;
  • We have anti-virus and security controls for email and other applicable computer software and systems in place;
  • We maintain electronic (e-security) measures for the purposes of securing personal information, such as passwords and anti-virus management;
  • We implement https encryption protocols, passwords and access control procedures into our computer systems; and
  • We and/or our hosting providers have processes in place to ensure integrity and resilience of systems, servers and personal information.

If you refuse to provide us with personal information

When you subscribe to Wippli, we need to collect personal information from you in order to identify you and setup an account for you on Wippli. We will also collect personal information from you when you use Wippli, when you enter the personal information into Wippli, when you contact us for technical support and assistance with your account and for the other purposes set out above in the Privacy Policy. You have the option of not identifying yourself or using a pseudonym when contacting us to enquire about Wippli, but not if you subscribe to Wippli and contact us about your account. There is no requirement to include personal information in any Wippli task.

Unsubscribing from transactional email

We do not send "junk" or unsolicited e-mails in contravention of the Spam Act 2003 (Cth). We will, however, use notification e-mails in events related to responding to inquiries, confirming purchases, contacting End Users or for transaction and status based notifications between End Users and accounts. We will include an unsubscribe facility to allow you to unsubscribe from commercial electronic messages where required by applicable law. Please note that if you unsubscribe from Wippli’s transation-based emails, you will not receive status notifications about Wipplis and will not be able to receive the full benefit of the Wippli platform.

Contractors and offshore providers

Subject to the provisions of the Australian Privacy Principle 8 (Cross-border disclosure of personal information), we may transfer your personal information to our hosting providers located overseas in order for them to host Wippli and data stored in Wippli and to our software developers located overseas so that they can provide any necessary maintenance and technical support that we may require.

How to access and correct personal information held by us

Please contact us if you wish to access your personal information that we hold about you, using the details set out at the end of this Privacy Policy. We will handle your request for access to your personal information in accordance with our statutory obligations. To ensure that we only obtain, collect, use and disclose accurate, complete and up to date personal information, we invite you to contact us and inform us if any of your personal details we hold change or if any of the personal information held by us is otherwise incorrect or erroneous. In exchange for your payment to us of a reasonable fee, we will provide you with a copy of the personal information that we hold about you.

Notifiable data breaches

Since 22 February 2018, data breaches that are likely to result in serious harm must be reported to affected individuals and the Office of the Australian Information Commissioner (OAIC), except where limited exceptions apply. We will notify you of any data breach that may affect you where we are required to do so in accordance with our legal obligations.

Our contact details

Wippli is owned and operated by Wippli PTY LTD - If you wish to contact us for any reason regarding our privacy practices or the personal information that we hold about you, please contact us at the following address:

Privacy Officer

Wippli Pty Ltd

Email: admin@wippli.com

We will use our best endeavours to resolve any privacy complaint within 10 business days following receipt of your complaint. This may include working with you on a collaborative basis to resolve the complaint or us proposing options for resolution.

If you are not satisfied with the outcome of a complaint you make refer the complaint to the OAIC who can be contacted using the following details:

Call: 1300 363 992

Email: enquiries@oaic.gov.au

Address: GPO Box 5218, Sydney NSW 2001

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us