Burdi is online software management system created by tradies for tradies. Burdi is committed to saving you costs and time. It is a system which intercepts, reviews and reports on wholesaler invoices. This enables Burdi to advise you of any discrepancies contained in an invoice compared to previous orders from the same wholesaler or when comparing budgets and thresholds set by you.
Burdi is the data controller and processor of the personal information we collect about you on this software and website. We encourage users to read this policy carefully, to help make informed decisions about sharing personal information with us.
THE AUSTRALIAN PRIVACY PRINCIPLES
Burdi will treat all personal information in accordance with any and all obligations that are binding upon us under the Privacy Act 1988 (Cth) (“Privacy Act”). The Privacy Act lays down 13 key principles in relation to the collection and treatment of personal information, which are called the “Australian Privacy Principles”.
1. GENERAL PROVISIONS
Burdi, we, us and our means Burdi Pty Ltd (ACN 40 097 190 620) and its affiliates.
Service means our Software as a Service for field service management, available via a native app for iPhone, iPad and Apple Watch, and web browser, as well as all subsidiary or additional services offered and controlled by Burdi through use of an account.
You, your and you means any visitor to our websites, application, and/or a new or existing user of our Service.
2. WHAT IS “PERSONAL INFORMATION”?
- The Privacy Act currently defines “personal information” as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable:
- a) whether the information or opinion is true or not; and
- b) whether the information or opinion is recorded in a material form or not.
3. HOW WE COLLECT YOUR PERSONAL INFORMATION
We only collect personal information that is necessary for us to conduct our business. We may collect personal information that you provide to us about yourself when you:
- register, demo or use our Services;
- communicate with us via this Website, email or through social media;
- use this Website, including (without limitation) when you:
- create an account;
- add information to your account profile;
- make purchases through this Website; or
- complete an online application form;
- provide information to us by telephone or through marketing channels.
This Website may also collect Internet Protocol (“IP”) addresses. IP addresses are assigned to computers on the internet to uniquely identify them within the global network. Burdi collects and manages IP addresses as part of the service of providing internet session management and for security purposes. Burdi may also collect and use web log, computer and connection information for security purposes and to help prevent and detect any misuse of, or fraudulent activities involving, this Website.
4. INFORMATION WE COLLECT
- The personal or sensitive information we may collect includes your:
- a) Contact and personal details (eg: your phone number, home / business / email address);
- b) Business information details (eg: the name and contact information of your business, your field of business, business associations, information about the staff of your business); and
- c) Current and past interactions with us.
- The personal information collected by Burdi is voluntarily provided and can be edited and updated in the settings of your account with Burdi.
- Registration is completely optional, it may include submitting your name, email address, address, telephone numbers, option for receiving updates, promotional material and other information. You may access this information at any time by logging into your account.
- Burdi may also automatically collect non-personal information that your computer or mobile device provides to us in connection with your visit to our Website, communication with us, trial or use of the Service, such as:
- a) Type of computer or mobile device;
- b) Device operating system;
- c) Unique device identifier;
- d) Browser type;
- e) Browsing activity;
- f) IP Address;
- g) MAC address; or
- h) Physical location (including geolocation, beacon-based location, and/or GPS location).
- Burdi may also store usage data such as the date and time the application on your device accesses our servers, and what information and files have been downloaded to the application based on your device number.
- Burdi may collect these types of personal information directly from you or from third parties. This collected information is used to provide an overview of how you are accessing and using the Burdi Website and App to allow us to make automated decisions on how to best serve your needs as well as providing requested services.
- If you use our Website to complete an online application form, or create an account, we will only collect the information you provide as part of that process.
5. WHY WE COLLECT INFORMATION
- Burdi collects business and non-identifiable information about you if it is reasonably necessary for our Services. The purpose for which we collect personal information is to provide you with the best service experience possible on our Website and App.
- Burdi will collect personal information only by fair and lawful means, including from third parties, websites, social media channels, email or personal meetings with you.
- Burdi does not knowingly attempt to solicit or receive special categories of data, such as personal information relating to race, ethnic origin, political association, trade union membership, religious beliefs, criminal records or health information.
- We customarily disclose personal information only to our service providers who assist us in operating the Website and App. Your personal information may also be exposed from time to time to maintenance and support personnel acting in the normal course of their duties.
- By using our Services, you consent to the receipt of direct marketing material. We will only use your personal information for this purpose if we have collected such information directly from you, and if it is material of a type which you would reasonably expect to receive from us. We do not use sensitive personal information in direct marketing activity. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature.
- From time to time we may email our customers with news, information and offers relating to our Services. Your personal information may also be collected so that we can promote and market our product and Services to you. This is to keep you informed of products, Services, and special offers we believe you will find valuable and may continue after you cease acquiring products and Services from us. If you would prefer not to receive promotional or other material from us, please let us know and we will respect your request. You can unsubscribe from such communications at any time if you choose.
6. INFORMATION BURDI USERS COLLECT
- Burdi users are likely to collect information about customers or wholesalers when they interact with the Burdi Service.
- Information about customers and wholesalers is collected to facilitate dealings or transactions associated with Burdi.
- Customers and wholesalers who believe a Burdi user has entered personal information into their Burdi account are required to contact the Burdi user directly regarding any questions or requests around the storage, use and retention of personal information.
7. USE OF PERSONAL INFORMATION
- Burdi collects personal information so that we can provide you with the primary purposes and any related services you request (secondary purposes).
- Burdi may use personal information for the primary purposes of:
- a) providing the Service to you, including any additional features or connections you activate as part of our use of the Service;
- b) responding to your enquiries and requests;
- c) identifying and verifying you as a user in our system;
- d) communicating with you to provide technical support, training, marketing or promotional material which directly associates with the Service;
- e) sending you information pertaining to your use of the Service, such as changes to our terms, conditions and policies;
- f) improving our service to you, such as requesting your feedback or aggregating personal and other information into non-identifiable, anonymous data; and
- g) facilitating our internal business operations, including the enforcing our terms, conditions, policies and facilitating any other legal requirements or procedures.
- Your use of the Service means you consent to the collection, holding and usage of personal and other information for the primary purposes, and any other purpose for which you have provided express permission, on an ongoing basis until termination of your use of the Service, subject to the terms of this policy and our Terms and Conditions.
- If Burdi uses personal information for a secondary purpose or any other purpose which is not the primary purpose for which the information was collected, we will:
- a) ensure the secondary purpose is related to the primary purpose and you would reasonably expect that Burdi would use or disclose your personal information for that purpose; or
- b) ensure you have consented to the use or disclosure of your personal information for the secondary purpose; or
- c) ensure the use or disclosure is required or authorised by an enforcement authority or under law.
- We may retain all personal information that we collect (on both our active systems and our archive systems), for as long as is necessary for us to carry out the purposes for which the information was collected (including for the purpose of providing services to you). For registration and account information, this means that the information is likely to be retained for the period of time that we consider your account to be “active”. An “inactive” account is where the account is not used for a continuous period of two (2) years.
- The location at which we store your personal information will depend on the nature and purpose of the information and the manner in which you supply it to us. Burdi will at its discretion use, process, and store your personal information at our premises and/or storage facilities whether in Australia. You hereby consent to this transfer. You further agree that this agreement and any issues relating to privacy matters is governed by the laws of Australia and each party submits to the jurisdiction of the Courts of Australia and its privacy laws. In the event Burdi decides to store the personal information outside of Australia, you still agree to be bound by the provisions of this clause.
- In order to deliver the Services you require, Burdi may disclose your personal information to third party organisations. Your personal information may be disclosed to these organisations only in relation to our Services, and Burdi takes reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information. These organisations may carry out or provide:
- a) customer enquiries;
- b) mailing systems;
- c) billing and debt-recovery functions;
- d) information technology services;
- e) marketing, telemarketing and sales services;
- f) market research; and
- g) website usage analysis.
- In addition, we may disclose your personal information to:
- a) your authorised representatives or legal advisers (when requested by you to do so);
- b) credit-reporting and fraud-checking agencies;
- c) credit providers (for credit-related purposes such as creditworthiness, credit rating, credit provision and financing);
- d) our professional advisers, including our accountants, auditors and lawyers;
- e) government and regulatory authorities and other organisations, as required or authorised by law;
- f) organisations who manage our business strategies, including those involved in a transfer/sale of all or part of our assets or business (including accounts and trade receivables) and those involved in managing our business risk and funding functions; and
- g) the police or other appropriate persons where your communication suggests possible illegal activity or harm to others.
- This Website uses "cookies" to help personalise your online experience. A cookie is a text file or a packet of information that is placed on your hard disk by a web page server to identify and interact more effectively with your computer. There are two types of cookies that may be used at this Website: a persistent cookie and a session cookie. A persistent cookie is entered by your web browser into the "Cookies" folder on your computer and remains in that folder after you close your browser, and may be used by your browser on subsequent visits to this Website. A session cookie is held temporarily in your computer’s memory and disappears after you close your browser or shut down your computer. Cookies cannot be used to run programs. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. In some cases, cookies may collect and store personal information about you. Burdi extends the same privacy protection to your personal information, whether gathered via cookies or from other sources.
- You can configure your internet browser to accept all cookies, reject all cookies or notify you when a cookie is sent. Please refer to your internet browser’s instructions to learn more about these functions. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of this Website.
- remember your preferences for using this Website;
- manage the signup process when you create an account with us;
- recognise you as logged in while you remain so, this avoids your having to log in again every time you visit a new page;
- facilitate e-commerce transactions, to ensure that your order is remembered between pages during the checkout process;
- show relevant notifications to you; and
- remember details of data that you choose to submit to us (eg, through online forms).
Many of these cookies are removed or cleared when you log out but some may remain so that your preferences are remembered for future sessions.
Third party cookies
In some cases, third parties may place cookies through this Website. For example:
10. ACCESS AND CORRECTION
- You may access your information via your Burdi account. You have the ability to access, alter or correct your personal information within your Burdi account. It is your responsibility to ensure that personal information is complete, accurate and up to date.
- A request can be made to access your personal information or to remove your personal information from any website or forum controlled by Burdi by contacting us. If Burdi determines that it is not practical or appropriate for us to process a request in the manner requested, or we determine it to be frivolous or vexatious, we will advise you accordingly.
- You may close your Burdi account at any time. This will terminate your access to the Service and result in the immediate deletion or anonymisation of your account data, including historic backups, stored in various locations around the world.
- Australian Privacy Principle (APP) 12 permits you to obtain access to the personal information we hold about you in certain circumstances, and APP 13 allows you to correct inaccurate personal information subject to certain exceptions. If you would like to obtain such access, please contact us as set out below. We will handle requests for access to your personal information in accordance with the APP. All requests for access to your personal information must be directed to the Privacy Officer by email using the email address provided above or by writing to us at our postal address. We will deal with all requests for access to personal information as quickly as possible. Requests for a large amount of information, or information that is not currently in use, may require further time before a response can be given. We may charge you a fee for access if a cost is incurred by us in order to retrieve your information, but in no case will we charge you a fee for your application for access.
- In some cases, we may refuse to give you access to personal information that we hold about you. This may include circumstances where giving you access would:
- a) be unlawful (eg, where a record that contains personal information about you is subject to a claim for legal professional privilege by one of our contractual counterparties);
- b) have an unreasonable impact on another person’s privacy; or
- c) prejudice an investigation of unlawful activity.
- We may also refuse access where the personal information relates to existing or anticipated legal proceedings, and the information would not be accessible by the process of discovery in those proceedings.
- If we refuse to give you access, we will provide you with reasons for our refusal.
Correcting your personal information
We will amend any personal information about you that is held by us and that is inaccurate, incomplete or out of date if you request us to do so. If we disagree with your view about the accuracy, completeness or currency of a record of your personal information that is held by us, and you ask us to associate with that record a statement that you have a contrary view, we will take reasonable steps to do so.
11. STORAGE AND SECURITY OF YOUR PERSONAL INFORMATION
- Burdi is committed to maintaining the confidentiality of the information that you provide us and we will take all reasonable precautions to protect your personal information from unauthorised use or alteration. Personal information may be stored both electronically (on our computer systems and with our website hosting provider) and in hard-copy form. Firewalls, anti-virus software and email filters, as well as passwords, protect all of our electronic information. Likewise, we take all reasonable measures to ensure the security of hard-copy information.
- To the extent required by the Privacy Act, Burdi will take reasonable steps to:
- a) protect your personal information from loss, theft, or unauthorised access, alteration or disclosure; and
- b) destroy or permanently de-identify personal information that is no longer needed for any purpose that is permitted by the Privacy Act.
- Burdi assumes no responsibility for the privacy practices of other organisations and websites even if a user accesses or contacts the organisation or website through the Service. Burdi encourages users to review the privacy policies of any website before disclosing personal information. It is your responsibility to protect the security of your own Burdi account.
- Should Burdi become aware of any accidental, unauthorised or unlawful destruction, loss, alteration, disclosure, or breach of personal information, if such a breach represents a risk to the rights and freedoms of natural persons, Burdi will notify you of the breach as soon as possible.
12. THIRD PARTY WEBSITES
- This site also integrates with various other third party sites, functions, and social media including but not limited to:
- a) Google Analytics;
- b) Facebook;
- c) Instagram;
- d) Klaviyo;
- e) Afterpay and PayPal;
- f) Google Ads; and/or
- g) Google Search Console.
- Burdi may also employ third parties to provide services on our behalf, such as handling the bandwidth and storage necessary to perform the site functions, or performing statistical analysis. The access of such parties to your personal information will be limited to the data they need in order to deliver the service.
- You can set preferences for how Google advertises to you using the Google Ads Settings page (https://www.google.com/settings/ads). Facebook has enabled an AdChoices link that enables you to opt out of targeted advertising.
- Whilst Burdi does not currently ship to any country outside of Australia, we do welcome the General Data Protection Regulation (“GDPR”) of the European Union (“EU”) as an important step forward in streamlining data protection globally. Although we do not operate an establishment within the EU and do not target any offering of services towards customers in the EU specifically, we intend to comply with the data handling regime laid out in the GDPR in respect of any personal information of data subjects in the EU that we may obtain.
- The requirements of the GDRP are broadly similar to those set out in the Privacy Act and include the following rights:
- you are entitled to request details of the information that we hold about you and how we process it. For EU residents, we will provide this information for no fee;
- you may also have a right to:
- have that information rectified or deleted;
- restrict our processing of that information;
- stop unauthorised transfers of your personal information to a third party;
- in some circumstances, have that information transferred to another organisation; and
- lodge a complaint in relation to our processing of your personal information with a local supervisory authority; and
- where we rely upon your consent as our legal basis for collecting and processing your data, you may withdraw that consent at any time.
- If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. However, please be aware that:
- such objection or withdrawal of consent could mean that we are unable to provide our services to you, and could unduly prevent us from legitimately providing our services to other customers subject to appropriate confidentiality protections; and
- even after you have chosen to withdraw your consent, we may be able to continue to keep and process your personal information to the extent required or otherwise permitted by law, in particular:
- to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and which does not materially impact on your rights, freedoms or interests; and
- in exercising and defending our legal rights and meeting our legal and regulatory obligations.
Storage and processing by third parties
- Data that we collect about you may be stored or otherwise processed by third party services with data centres based outside the EU, such as Google Analytics, Google Cloud Platform. Apple, etc and online relationship management tools. We consider that the collection and such processing of this information is necessary to pursue our legitimate interests in a way that might reasonably be expected (eg, to analyse how our customers use our services, develop our services and grow our business) and which does not materially impact your rights, freedom or interests.
- Burdi requires that all third parties that act as “data processors” for us provide sufficient guarantees and implement appropriate technical and organisational measures to secure your data, only process personal data for specified purposes and have committed themselves to confidentiality.
Duration of retention of your data
- We will only keep your data for as long as is necessary for the purpose for which it was collected, subject to satisfying any legal, accounting or reporting requirements. At the end of any retention period, your data will either be deleted completely or pseudonymised (for example, by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning). In some circumstances, you can ask us to delete your data.
14. COMPLAINT PROCEDURE
If you have a complaint concerning the manner in which we maintain the privacy of your personal information, please contact us as set out below. All complaints will be considered by our privacy officer and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.
15. OVERSEAS TRANSFER
Your personal information will not be disclosed to recipients outside Australia unless you expressly request us to do so. If you request us to transfer your personal information to an overseas recipient, the overseas recipient will not be required to comply with the Australian Privacy Principles and we will not be liable for any mishandling of your information in such circumstances.
16. HOW TO CONTACT US ABOUT PRIVACY
If you have any queries, or if you seek access to your personal information, or if you have a complaint about our privacy practices, you can contact us on: email@example.com.
17. KEEPING YOUR INFORMATION UP-TO-DATE
To ensure that your personal information is accurate and up to date, please promptly advise us of any changes to your information by contacting our data protection officer by email at firstname.lastname@example.org or by post.
If you require any further information about the Privacy Act and the Australian Privacy Principles, you can visit the Federal Privacy Commissioner’s website (see www.privacy.gov.au).