Introduction

This notice applies to all personal information we receive from you directly or given to us in other forms, across all websites that we own and operate and all services we provide, including our online and in-person compliance services, and any other services we may offer (for example, events or training). For the purpose of this notice, we’ll just call them our ‘services’. If you are a ComplianceCo. client, this notice applies to you too!

When we say ‘personal information’ we mean information we hold which is identifiable as being about you and your clients. This includes information such as your and your clients’ names, email addresses, identification numbers, or any other type of information that can reasonably identify an individual, either directly or indirectly. If you can’t be identified (for example, when personal data has been aggregated and anonymised) then this notice doesn’t apply. We may need to update this notice from time to time. Where a change is significant, we’ll make sure we let you know – usually by sending you an email.

Who are ‘we’?

When we refer to ‘we’ (or ‘our’ or ‘us’), that means 3Lines Holdings Pty Ltd ACN 642 300 285. We operate within Australia and you can contact us via our Contact Us page on the 3Lines website.

We provide an online compliance platform for AFSLs and their Representatives.

We respect your privacy

We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (Privacy Act).

By providing us with personal information, you consent to the terms of this notice and the types of disclosure covered by this notice. Where we disclose your personal information to third parties, we will request that the third party follow this notice regarding handling your personal information.

How we collect your personal information

When you visit our websites or use our services, we collect and store personal information. The ways we collect it can be broadly categorised into the following:

Information you provide to us directly: When you visit or use some parts of our websites and/or services we might ask you to provide personal information to us. For example, we ask for your contact information when you subscribe to our platform, respond to an email offer, join us on social media, take part in training and events, contact us with questions or request support. If you don’t want to provide us with your personal information, you don’t have to, but it might mean you can’t use some parts of our websites or services.

Information we collect automatically: We collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. We also collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our platform and services so that we can continue to provide the best experience possible (e.g., by personalising the content you see).

Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, take a look at our cookie notice.

Information we get from third parties: The majority of information we collect, we collect directly from you. Sometimes we might collect personal data about you from other sources, such as publicly available materials or trusted third parties like our marketing and research partners. We use this information to supplement the personal information we already hold about you, in order to better inform, personalise and improve our services, and to validate the personal information you provide.

If we don’t collect your personal information, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you.

If you’re someone who doesn’t have a relationship with us but believe that a 3Lines subscriber has entered your personal information into our websites or services, you’ll need to contact that 3Lines subscriber for any questions you have about your personal data (including where you want to access, correct, amend, or request that the user delete, your personal information).

How we use your personal information

First and foremost, we use your personal information to operate our websites and platform and provide you with any services you’ve requested, and to manage our relationship with you. We also use your personal information for other purposes, which may include the following:

To communicate with you: This may include:

• providing you with information you’ve requested from us (like training or education materials) or information we are required to send to you
• operational communications, like changes to our websites and platform, security updates, or assistance with using our websites and services
• marketing communications (about 3Lines or another product or service we think you might be interested in) in accordance with your marketing preferences
• asking you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with).

To support you: This may include assisting with the resolution of technical support issues or other issues relating to the websites or services, whether by email, platform support or otherwise.

To enhance our websites and services and develop new ones: For example, by tracking and monitoring your use of websites and services so we can keep improving, or by carrying out technical analysis of our websites and services so that we can optimise your user experience and provide you with more efficient tools.

To protect: So that we can detect and prevent any fraudulent or malicious activity, and make sure that everyone is using our websites and services fairly and in accordance with our terms of use.

To market to you: In addition to sending you marketing communications, we may also use your personal information to display targeted advertising to you online – through our own websites and services or through third party websites and their platforms.

To analyse, aggregate and report: We may use the personal information we collect about you and other users of our websites and services (whether obtained directly or from third parties) to produce aggregated and anonymised analytics and reports, which we may share publicly or with third parties.

How we can share your personal information

There will be times when we need to share your personal information with third parties. We will only disclose your personal data to:

• any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this notice
• other companies in the 3Lines group of companies
• third party service providers and partners who assist and enable us to use the personal information to, for example, support delivery of or provide functionality on the website or services, or to market or promote our goods and services to you
• regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure
• to the extent permissible by law, an actual or potential buyer (and its agents and advisors) in connection with an actual or proposed purchase, merger or acquisition of any part of our business, This information may be disclosed under an agreement to maintain confidentiality
• other people where we have your consent.

Security of your personal information

When we share personal information, it may be transferred to, and processed in, states other than the state you live in – such as New South Wales, where AWS, our data hosting provider, bases its servers.

We are committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

The transmission and exchange of information is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us, or receive from us. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this notice.

Retention

The length of time we keep your personal information depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal requirements).

We’ll retain your personal information for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it (See ‘Terms and Conditions’). Following that period, we’ll make sure it’s deleted or anonymised.

Your rights

You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act. A small administrative fee may be payable for the provision of information. If you would like a copy of the information, which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at [email protected]

Further information on your rights is available from the Office of the Australian Information Commissioner (OAIC).

If you have any complaints about our privacy practices, please feel free to send in details of your complaints to [email protected]

We will seek to deal with your request without undue delay, and in any event in accordance with the requirements of the Privacy Act. Please note that we may keep a record of your communications to help us resolve any issues which you raise.

We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.

If you remain dissatisfied, you have the right to lodge a complaint with the OAIC at Privacy complaints — OAIC