This page and its sub-pages tell you everything you need to know about how Wollemi Solutions and/or its affiliates, subsidiaries ("Wollemi"; "we") protect the personal data we process and control relating to you ("your data") and which rights you have about the processing of your data. We shall use your personal information only in the manner set out in this Privacy Policy. We act per applicable data protection legislation.

• You can visit the website and browse without having to provide personal information. During your visit to the website, you remain anonymous, and at no time can we identify you unless you provide any personal information to us or have an account on the website and log on with your account information.
• We shall not sell/use/redistribute or rent your personal information for marketing purposes without your explicit consent.
• Wollemi and its affiliates will be responsible for your data provided to or collected by us for providing you customized services.

If you are using our website, you consent to the collection, use, and sharing of your data under this Privacy Policy (including Cookie Policy and other documents referred to in the privacy policy).

We attach great importance to your right to privacy and the protection of your data. We want you to feel secure that when you deal with Wollemi, your data are in good hands.

We protect your data per applicable laws and our data privacy policies. Also, we maintain the appropriate technical and organizational measures to protect your data against unauthorized or unlawful processing and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage thereto. However, no internet site can fully eliminate security risks.

• Direct information provided by the user: We collect personal information that you provide when you use the website or services offered by Wollemi. We also collect personal information when you voluntarily upload information, send us emails, complete customer surveys, provide feedback, and participate in competitions. Examples of personal information that we collect from you are your name, telephone number, professional email address, password, username, or any other information that you freely supply to us.
• Information collected using web services: When you contact us or send us an email, we may collect such personal information that you freely supply to us. We also collect personal information that you post publicly on the website. Our server logs automatically collect information, such as your IP address, your browser type, and language, the pages on the website visited, and the date and time of your visit, which helps us gather statistics on the website and to track users’ movements around the website to customize and improve the website. We may use standard internet tools, such as web beacons and cookies, which collect information that tracks your use of the website and enable us to customize our services and advertisements.
• Information Collected from Public Domain: We may use the information available in the public domain such as social media platforms or other public repositories of data as part of the research process. Information so gathered in such research exercises is treated as information made available by the data subject in the public domain.

Wollemi uses your data only where required for specific purposes. Please view the table below for (i) a list of the purposes for which We use your data and (ii) an overview of the legal basis for each such purpose.

Where the above table states that we rely on our legitimate interests for a given purpose, we believe that our legitimate interests are not overridden by your interests, rights, or freedoms, given (i) the transparency we provide on the processing activity, (ii) our privacy by design approach, (iii) our regular privacy reviews and (iv) the rights you have concerning the processing activity. If you wish to obtain further information on this balancing test approach, please contact the Wollemi Information Office (details at bottom of the page).

To the extent you are asked to click on/check "I accept", "I agree" or similar buttons/checkboxes/functionalities concerning a privacy statement, doing so will be considered as providing your consent to process your data, only in the countries where such consent is required by mandatory law. In all other countries, such action will be considered as a mere acknowledgment and the legal basis of the processing of your data will not be your consent but any other applicable legal basis.

We will not use your data for purposes that are incompatible with the purposes of which you have been informed unless it is required or authorized by law, or it is in your vital interest (e.g. in case of a medical emergency) to do so.

We maintain organizational, physical, and technical security arrangements for all the personal data we hold. We have protocols, controls, and relevant policies, procedures, and guidance to maintain these arrangements taking into account the risks associated with the categories of personal data and the processing we undertake.

• We regularly review our compliance with our privacy practices. We also adhere to regulatory frameworks including GDPR (General Data Protection Regulation) and other applicable regulations around private data protection.
• We use pseudonyms to encrypt sensitive & special categories of personal data.
• We maintain ongoing confidentiality, integrity, availability, and resilience of processing systems and services.
• We have a dedicated process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of processing your data.
• In case if your data is being shared with any third party then you would specifically be made aware of the names of such third party to whom your data is being shared after receiving explicit consent from you.
• Where we have given you (or where you have chosen) a password that enables you to access all or certain parts of our website, you are responsible for keeping this password confidential. We strongly suggest that you do not share your passwords with anyone.
• We have implemented security safeguards that ensure the protection of your data, such as HTTPS. We regularly monitor our systems to mitigate possible vulnerabilities and attacks.

However, you acknowledge that no company can fully prevent security risks and we do not under any circumstances represent that the website is free from any harmful elements including but not limited to viruses, spyware, cancelbots, Trojans and such application which may be placed on the website without the knowledge of the Company; however the Company shall take all necessary and reasonable steps mentioned below to ensure that the website is free from the above-mentioned programs.

We comply with the privacy requirements as set forth by the European Union’s data protection regulation GDPR (General Data Protection Regulation) regarding the collection, use, and retention of personal information. We ensure adherence to the principles listed below:

• Personal information is processed lawfully, fairly, and transparently with the data subjects (“Lawfulness, fairness and transparency”)
• Personal Information is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes (“Purpose limitation”)
• Personal information is adequate, relevant, and limited to what is necessary concerning the purpose for which it is processed (“data minimization”)
• Information is accurate and where necessary, kept up to date; every reasonable step is taken to provide that inaccurate personal information, having regard to the purpose for which it is processed, is erased or rectified without delay (“accuracy”)
• Information is kept in a form that permits identification of data subjects for no longer that is necessary for the purpose for which personal data is processed (“storage limitation”)
• Information is processed in a manner that ensures appropriate security of the personal data, including protection against the unauthorized or unlawful processing and accidental loss, destruction, or damage, using appropriate technical or organization measures (“Integrity and confidentiality”)

We may transfer personal data to our service providers, professional advisors, public and governmental authorities, or third parties in connection with a (potential) corporate or commercial transaction. Such third parties may be located in other countries. Before we do so, we shall take the necessary steps to ensure that your data will be given adequate protection as required by relevant data privacy laws and Wollemi internal policies. For example, we may disclose personal information to third parties for other business purposes as follows:

• We share your information with third-party service providers that provide services to us, including billing, payment processing, customer service, email deployment, advertising and marketing, security and performance monitoring, maintaining or servicing accounts, processing or fulfilling orders and transactions, verifying customer information, research, data hosting, auditing, and data processing;
• To protect and defend the legal rights, safety, and security of Wollemi, our affiliates, users, or the public, including to protect against fraud and malicious activity; and
• For other business purposes described in this privacy statement or for any other purpose disclosed to you at the time we collect the information or pursuant to your consent.

We may also share your information in connection with a substantial corporate transaction, such as the sale of a website, a merger, consolidation, asset sale, initial public offering, or in the unlikely event of a bankruptcy.

Unless you are otherwise notified, any transfers of your data from within the European Economic Area (EEA) to third parties outside the EEA will be based on an adequacy decision or are governed by the standard contractual clauses. Any other non-EEA-related transfers of your data will take place per the appropriate international data transfer mechanisms and standards.

We do not generally seek to collect sensitive data (also known as special categories) through this site or otherwise. In the limited cases where we do seek to collect such data, we will do this with your consent.

The term "sensitive data" refers to the various categories of personal data identified by data privacy laws as requiring special treatment, including in some circumstances the need to obtain explicit consent from you. These categories include racial or ethnic origin, political opinions, religious, philosophical, or other similar beliefs, membership of a trade union, physical or mental health, biometric or genetic data, sexual life or orientation, or criminal convictions and offenses (including information about suspected criminal activities).

Your data will, depending on the purposes of the processing, be disclosed to different individuals and organizations, including:

• Employees and contractors of Wollemi whose roles require access to your data. Our personnel is bound to confidentiality terms that cover their obligations to protect personal data.
• Service providers who process personal data on our behalf (“processors”); for example, Cloud computing providers and web analytics services like AWS. Such vendors are contractually bound to protect your data to the same standard as set out in this privacy policy.
• Business partners with whom we may deliver co-branded services or host events; or whose content or technology we make available through our services.
• Professional advisors such as legal counsel and information security professionals were reasonably required to protect our rights, users, systems, and our services.
• Prospective and actual buyers, sellers, advisers, or partners concerning any sale merger, acquisition, or similar corporate event involving Wollemi.
• Government agencies, law enforcement, courts, and other public authorities where we have to disclose your data by law.

Our retention policy and schedule ensure that we meet the ‘data minimization and ‘storage limitation’ principles and that personal data is stored, archived, and destroyed compliantly and ethically. We have dedicated erasure procedures in place to meet the ‘Right to Erasure’ obligation and are aware of when this and other data subject’s rights apply; along with any exemptions, response timeframes, and notification responsibilities.

Given that our business operates across global markets, the data that we collect from you may be transferred to and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by our staff or staff at one of our suppliers operating outside the EEA. By submitting your data, you agree to this transfer, storing, or processing.

We will take all appropriate and proportionate steps necessary to secure your data and make sure it is treated per this privacy policy. We ensure that our third-party contractors and service providers follow similar standards of security and confidentiality.

Unfortunately, the transmission of information across the internet is not completely secure. Although we will do our best to protect your data by using technical measures like encryption, we cannot guarantee the security of your data transmitted to our site and therefore any transmission is at your own risk. Once we have received your information, we will use strict procedures and security measures to protect your data from unauthorized access or disclosure.

We believe in being open, honest, and transparent with our clients and suppliers and want you to feel comfortable about your decision to give us your personal information and how we use it. We will use the details you provide to us to communicate with you about how we can help you in your role and help your company achieve its objectives.

We promise that we will only communicate with you in the way you wish us to and we will always respect your privacy. You can change your mind at any time and it’s quick and easy to let us know that you no longer want to hear from us by contacting our Data Information Office (contact details at the bottom of the page).

Please be assured that we will take appropriate measures to keep your personal information safe and secure and we promise not to over contact.

• Right to be informed: You are entitled to know whether we hold your personal information and the purpose your data is processed for.
• Right of access: You are entitled to obtain a copy of your data, together with an explanation of the categories of data being processed, the purposes of such processing, and the details of third parties to whom the data may have been disclosed to.
• Right to rectification: You are entitled to correct/update your information available with us.
• Right to erasure: You are entitled to get your data erased from our customer relationship management (CRM) databases.
• Right to data portability: You are entitled to obtain and reuse your data. You can either obtain the data from us or, in turn, provide it to a third party (if you so wish), or ask us to transfer your data directly to a third party.
• Right to object/restrict processing or both: You have a right to object/restrict the processing/sharing of your data in some circumstances, including where the data is inaccurate (for the period during which we are verifying the data), the data is no longer required in light of the purpose of processing, or in connection with direct marketing (you can prevent/discontinue marketing communications to you by checking certain boxes on the forms we use to collect your data), or by utilizing opt-out mechanisms in the emails we send you.
• Right to complain and obtain redressal: You have a right to complain with the competent supervisory authority to obtain redressal, and, where appropriate, compensation for a breach of the applicable data protection regulation.
• In the above cases, we will retain minimum personal data to note that you opted out from being contacted again.

For the exercise of any of the above-mentioned rights, please contact us.

We recognize the need to provide additional privacy protections concerning the information we may collect from children. We do not target children with our products and services. Notifying parents about our information practices regarding personal data about children, including the types of personal information we will collect, the uses to which we may put that information, and whether and with whom we may share that information.

Per applicable law, obtaining consent from parents for the collection of personal information from their children. Giving parents the ability to request access to the personal information we have collected from their children and the ability to request that the personal information be changed or deleted.

SALE OF PERSONAL INFORMATION

We do not sell any personal information under any condition.

DATA INFORMATION OFFICE

Wollemi has a ‘Data Information Office’ who is responsible for matters related to privacy and data protection. This Data Protection Officer can be reached at the following address. To exercise the rights described above or if you have any questions related to the policy, please submit a verifiable consumer request to us: technical@wollemisolution.com

Or you could write to: