Privacy Policy

bigimage_02.jpg

Privacy Policy

Last Updated: 10 June 2020

Potentiate Pty Ltd. (“Potentiate”, “us” or “we”), describe in this privacy policy (the “Policy”) our practices regarding the use and processing of personal information that we collect via our websites located at www.potentiate.com, and other Potentiate websites that directly link to this Policy (collectively the “Site”).

We use the terms “personal information” and “personal data” to mean any information relating to an identified or identifiable individual.  If you are located in the European Economic Area (“EEA”), please also see our Supplemental EEA Privacy Statement below. If you are a resident of California, please also see our Supplemental California Consumer Privacy Act Disclosures.

Should you have any questions regarding this Policy, you can contact our Data Protection Officer by email at privacyofficer@potentiate.com.

What Types of Personal Information Do We Collect?
Information You Actively Submit on our Site: If you create an account, fill out a form, send an email to our team, or otherwise send us information through the Site, we collect personal information about you.  The Site has webpages that allow you to submit a variety of personal information to us, including contact information such as your name, email address and physical address, social media information such as your social media account name, login information such as a user name and password, and other information such as survey responses, photo uploads, and forum posts.  In each instance, you will know what personal information we collect because you will actively submit it.

Information Automatically, Passively Submitted on our Site: When you visit the Site, your browser and computer automatically provide to us certain technical information about your computer or device and how you arrived at the Site, including the URL that referred you, your browser type and version, your device type, your internet protocol (IP) address, your location, the pages you visit as you navigate through the Site (clickstream data), how long you stay on those pages, and the hyperlinks you click on. This information is collected using various technologies including server logs, cookies, web beacons, and other tracking technologies which are described in greater detail in our Cookie Policy.

Information from Other Sources: We collect personal information through other sources such as third party data providers, social media platforms and joint marketing partners to help us offer our services to you. This personal information generally consists of business contact information such as email address, title, phone number and similar information.  

Combined: We may link information that you automatically provide with information that we collect from other sources and/or information you actively submit. When such a linkage occurs, we treat all of the combined data as personal information.

How Do We Use Your Personal Information?
We use personal information that we collect about you as follows:
• Upon request, to create an account for you;
• To enable you to use online interactive forums that we may offer;
• To provide requested services and information;
• To respond appropriately to your inquiries and requests;
• To discharge our contractual obligations to you;
• To send you invites and service emails if you become a member of our communities as part of your ongoing membership;
• To contact you to administer rewards such as sweepstakes/contests;
• To comply with any legal obligations that apply to us;
• If you submit an employment application, to administer and evaluate your application and comply with legal obligations we have in relation to your application; and
• To secure, optimize and customize your experience on the Site.
To the extent permitted by applicable law, we may use your personal information to contact you with sales and marketing communications. You may at any time choose to stop receiving marketing emails from us by using one of the unsubscribe options we provide.  Please see the Your Choices section of this Policy for more information about opting-out of communications. Service-related communications that Potentiate sends to our own customers are covered in the Our Clients section of this Policy.

For How Long Do We Keep Your Personal Information?
We generally retain your personal information for as long as you have a business relationship with us and for 3 years thereafter, unless we are required to delete or anonymize it sooner. If you do not have a direct business relationship with us, for example where we have received your personal information from a third party data provider, we shall retain your personal information for 3 years following our last communication with you unless we are required to delete or anonymize it sooner. In some cases, we may be required to retain personal information for a longer period of time based on laws or regulations that apply to our business or for other necessary business purposes. Where possible, we aim to anonymize the information or remove unnecessary identifiers from records that we may need to keep for periods beyond the original retention period.

To Whom Do We Disclose Your Personal Information?
We do not share your personal information with third parties, except in the following cases:
• with your consent;
• with affiliated and unaffiliated services providers that act on our behalf and under our instructions to help us operate our business (data processors);
• in redacted or aggregated form that cannot be used to identify you individually;
• if required or permitted by law, including as necessary to comply with the law, to protect the rights or safety of Site users, other users, or third parties (e.g., for fraud protection and credit risk reduction purposes; for protecting and defending the rights or property of Potentiate, its customers, other users, or members of the public); or
• with a buyer of all or substantially all of our assets relating to a particular business line or division, or in connection with a merger, acquisition, reorganization or restructuring.

Your Choices
You have a variety of choices regarding which personal information we may collect, process and use and for what purposes. Wherever reasonably practical, we will provide you with the ability to use the features of the Site without submitting personal information to us or to use a pseudonym. Some areas of the Site however, such as registration forms, questionnaires and submissions to our Careers section require you to provide accurate and up to date personal information and your choice is to not use such areas and features.

You can contact us to request that we correct or stop using your personal information, or to find out what personal information we have collected about you:
• Email Communications – You may opt-out of receiving marketing and other promotional emails from us at any time by clicking the unsubscribe links embedded within the emails we send, or by contacting us directly at privacyofficer@potentiate.com. Members of communities we own can opt-out of participating by using the unsubscribe links embedded in emails, or by using the subscription preference options in the Profile / Settings section of the member hub. Some emails are transactional in nature, including emails we send to our clients regarding the services they have purchased. These emails do not provide the ability to opt-out.
• Web Monitoring – If you wish to browse the Site without being tracked by cookies, there are a number of options available to you depending on the specific type of opt-out you wish to perform. To learn more about your options, please visit our cookie policy.
• Data Access, Correction & Deletion – You may request access to your personal information to confirm that it is in our possession, to ensure that it is accurate and to make corrections, or to request that it be removed/anonymized. We will respond to your request as quickly as possible and will need to verify your identity before providing you with access to the personal information we hold about you.

In some cases, we may be unable to accommodate your request if we are unable to verify your identity, if we are prohibited by law, if disclosure would result in the disclosure of the personal information of others, or if the request is unreasonable or impractical. If we are unable to process your request for these or any other reasons, we will provide you with an explanation of the reason for denial, and you will be permitted to request a review.

All requests for information should be sent by email to privacyofficer@potentiate.com or to the mailing address listed above.

International Considerations and Data Transfers
Information collected on this Site may be processed outside of the country you are visiting from. We process personal information in the United States, Australia, the European Union, the United Kingdom, Malaysia and Japan. Occasionally, we use service providers located in these and other jurisdictions including Thailand, Israel and India to process data on our behalf and under our instructions. When transferring your personal information, we take appropriate measures to protect it in accordance with applicable laws and this Policy.

Links
The Site contains links to websites not affiliated with us (“external websites”). Your use of an external website or any information or other content found on an external website is subject to and governed only by the terms and conditions of such website. We do not endorse or make any representations or warranties concerning, and will not in any way be liable for any content, products, services, or other materials available on or through an external website. Potentiate encourages you to review the privacy policies and terms of use of external websites before you submit any personal information to them.

Security
We have implemented commercially reasonable safeguards and precautions to protect your personal information, including technical and organizational measures against unauthorized access, improper use, alteration, unlawful or accidental destruction, and accidental loss. These measures include utilizing secure Transport Layer Security (“TLS”) connections for data collected via our platform, employee training, policies, and secure facilities. Access to personal information is restricted to employees and contractors who have a need to know and who are required to maintain the confidentiality and security of information. Please note that despite our use of the safeguards described above, we cannot guarantee that personal information you submit to us will never be accessed, disclosed, altered, or destroyed in a manner that is inconsistent with this Policy.

Our Clients
This Policy does not apply to our collection, use and other processing of information for our clients under separate service agreements. Potentiate builds and utilizes an industry-leading software that allows our clients to gain valuable insight from their customers. Our clients maintain direct relationships with their customers, and any data they collect via our platform is governed solely by their own privacy policies. If you have any questions or concerns about our client’s use of your personal information, please contact them directly using the contact information provided within their privacy policy. If you prefer to contact us directly, you may email us at privacyofficer@potentiate.com.
• AUP / Reporting Abuse – Potentiate has a comprehensive Acceptable Use Policy (“AUP”), available upon request outlining the acceptable use of our services and our clients are required to abide by the terms of the AUP at all times. Potentiate disclaims any responsibility for clients who use our services to engage in illegal or unethical behavior and will take any action we deem necessary should we discover such activity is taking place including suspension or termination of service. If you suspect a breach of the AUP, or have concerns with the manner in which our clients are using our services, please immediately contact us at privacyofficer@potentiate.com. If you have general questions including requesting to opt-out of our client’s use of your data, please use the support link provided within your member hub.
• Potentiates Communications with our Clients – When we are required to do so in order to provide services to our clients, we may send service-related emails such as maintenance notifications, responses to support inquiries, billing notices, account management emails, and password reset emails. Generally, you may not opt-out of these types of communications as they are not promotional in nature. We will occasionally send promotional emails as well, which do provide you the ability to opt-out of similar communications. We may also communicate with you by phone or postal mail.

Children’s Data
This site is not intended for or directed at children and we do not knowingly collect personal information from any person under the age of 13. If we discover that we have inadvertently collected personal information from a person under 13 years of age, we will promptly take commercially reasonable measures to delete such information from our systems.

Changes to This Policy
We may change the terms of this Policy at any time at our sole discretion so please review it periodically.

Supplemental EEA Privacy Statement
European Union Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“EU GDPR”), requires Potentiate as the data controller to provide additional and different information about its data processing practices to data subjects in the EEA. If you are accessing the Site from a member state of the EEA, this Supplemental EEA Online Privacy Statement applies to you in addition to the Policy above.
Our GDPR-specific representative is Potentiate GmbH.  Our Data Protection Officer may be contacted at privacyofficer@potentiate.com.

What Are Our Legal Bases for Processing Personal Data?
We process the personal data of users of our Site on several different legal bases, as follows:
• Contract Performance: Use of our Site and various features thereof (such as our forum boards) is subject to our Terms of Use and other applicable terms and conditions. We process the personal data of users of our Site as necessary to perform contractual obligations in respect of such users or take steps at such users’ request prior to entering into a contract, as may be applicable, pursuant to Article 6(1)(b) of the EU GDPR.
• Legitimate Interests: We process the personal data of users of our Site as necessary to pursue the following legitimate interests, pursuant to Article 6(1)(f) of the EU GDPR: To provide a good user experience, to maintain, secure and improve our Site and products, to tailor our communications and services to our users, to market and promote our products and services and to support and provide requested services.
• Legal Obligations: If we are subject to a lawful access request, engaged in a legal proceeding or suspect a user of illegal conduct, we may need to process your personal data to comply with relevant laws, regulatory requirements and to respond to lawful requests, court orders, and legal process, pursuant to Article 6(1)(c) of the EU GDPR.
• Consent:  If we are required to obtain your consent to send you marketing communications, place certain cookies on your device, or engage in other processing activities associated with the Site, we may perform such processing on the basis of your consent if you have provided it, pursuant to Article 6(1)(a) of the EU GDPR. In such cases, you may withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. Providing your consent is voluntary, however we will not be able to provide you with a service for which we require your consent unless it is provided.
• Vital Interests: In extenuating circumstances, we may need to process your personal data to protect the vital interests of you or another natural person, pursuant to Article 6(1)(d) of the EU GDPR.

Where Do We Transfer Personal Data and How Do We Protect Such Transfers?
We disclose your personal data to recipients in the following jurisdiction or jurisdictions outside of the EEA which provide adequate protection to personal data according to the European Commission: Canada, Israel, and the United States (limited to the Privacy Shield framework). In each case, the transfer is thereby recognized as providing an adequate level of data protection from a European data protection law perspective (see Article 45 of the EU GDPR).

We disclose your personal data to recipients in the following jurisdiction or jurisdictions outside of the EEA which do not provide adequate protection to personal data according to the European Commission: Australia, the United States (where the Privacy Shield framework has not been applied), South Africa, Singapore, Hong Kong, Japan and India. By entering into appropriate data transfer agreements based on Standard Contractual Clauses (2010/87/EU and/or 2004/915/EC) as referred to in Article 46(5) of the EU GDPR or other adequate means, we have established that all such recipients will provide an adequate level of data protection and that appropriate technical and organizational security measures are in place to protect personal data against accidental or unlawful destruction, loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing. Any onward transfer (including to our affiliates outside the EEA) is subject to appropriate onward transfer requirements as required by the applicable contract or applicable law. You can ask for a copy of such appropriate data transfer agreements by contacting privacyofficer@potentiate.com.

What Data Subject Rights Do You Have?
Under the conditions set out under the EU GDPR and any other national data protection laws in the EEA, you have the following rights:
• Right of access: You have the right to obtain from us confirmation as to whether your personal data is being processed, and, where that is the case, to request access to the personal data. The access information includes, among other things, the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data have been or will be disclosed. You have the right to obtain a copy of the personal data undergoing processing. Subject to applicable law, we may charge a reasonable fee for copies, based on administrative costs.
• Right to rectification: You have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
• Right to erasure: You have the right to ask us to erase your personal data to the extent it is not required for legally required purposes.
• Right to restriction of processing: You have the right to request restriction of processing of your personal data, in which case, it would be marked and processed by us only for certain purposes.
• Right to data portability: You have the right to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit the personal data to another entity without hindrance from us.
• Right to object: You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data by us and we can be required to no longer process your personal data. If you have a right to object and you exercise this right, your personal data will no longer be processed for such purposes by us. Exercising this right will not incur any cost. Such a right to object may not exist, in particular, if the processing of your personal data is necessary to take steps prior to entering into a contract or to perform a contract already concluded.
• Right to Submit Complaints: You have a right to lodge a complaint with a supervisory authority.
Please note that these rights may be limited under the applicable national data protection law. To exercise your rights please contact us at privacyofficer@potentiate.com.

Are You Required to Provide Personal Data?
You are not required to provide any personal data to us, but if you do not provide any personal data to us, you may not be able to use certain features of the Site, such as those available to account holders, such as participants on our platform, job applicants, among others. You can use the Site without consenting to cookies that are not strictly necessary; which will mean that your experience on the Site will be less tailored to you and certain features of the Site may not function as intended. You can also use the Site without consenting to receiving marketing communications from us; which will mean that you may not receive marketing communications that you may be interested in.

Cookie Policy

Last Updated: 10 June 2020

This Cookie Policy (the ”Policy”) describes how Potentiate Pty Ltd. (“Potentiate”, “us” or “we”) uses cookies and similar technologies to collect and store information when you visit this website (the “Site”). For additional information on our privacy practices, please visit our privacy policy.

Should you have any questions regarding this Policy, you can contact our Privacy Officer by email at privacyofficer@potentiate.com

What are Cookies? 
When you visit the Site, Potentiate or a third party may send you a cookie. Cookies are small text files that may be placed in your browser directory on your computer or mobile device. When a website is accessed, a cookie that is placed on a device will send information to the party that has placed the cookie. Cookies are extremely common and used on most websites. Each cookie will typically contain the name of the domain from which the cookie has come, the "lifetime" of the cookie, and a value (usually a unique number). For a more thorough explanation of what cookies are and how they operate, please visit www.aboutcookies.org or www.allaboutcookies.org.

Why are Cookies useful? 
In general, the purpose of cookies is to improve the performance of the Site and your experience while visiting the Site. Cookies help make your visits easier by recognizing you upon return and providing a customized experience. Cookies also allow us to do useful things; for example, cookies allow us to find out whether you have visited the Site previously. Cookies help us make the Site work more efficiently, enable extra functionality, and provide us with additional information about your visit. Cookies also allow us to track overall Site usage and determine areas that users prefer.

First Party and Third Party Cookies 
Our Site may place first party cookies and allow third parties to place cookies on your device. The difference between a first party cookie and a third party cookie relates to the control of the party who serves the cookie. First party cookies are cookies that are specific to the website that created them. Their use enables us to operate an efficient service and to track the patterns of behavior of visitors to the Site. Third party cookies, on the other hand, are placed on your device by a third party (i.e., not by Potentiate). While we may allow third parties access to the Site to place these cookies on users’ devices, for example by embedding functionality such as Social Media widgets, we do not retain control over the information supplied by the cookies, nor do we retain access to that data in many cases. Some third party cookies have the ability to track your browsing activity across sites, such as ad networks which are intended to deliver relevant, targeted ads to you including ads for Potentiate products and services delivered on external websites. This information is controlled wholly by those third parties in accordance with their respective privacy policies.

Session and Persistent Cookies  
Our Site may place session and persistent cookies on your device. Whereas the difference between a first party and third party cookie relates to the party controlling the initial placement of the cookie on your device, the difference between a session and a persistent cookie relates to the length of time the cookie lasts. Session cookies are cookies that typically last for as long as you are using your browser, also known as a browser session. When you end your browser session, the cookie expires. Persistent cookies, as the name implies, are persistent and will last after you close your browser. This allows for quicker and often more convenient access to our Site among other functionality.

Sparq Cookies 
Potentiate utilizes software platform build by Vision Critical called the Sparq platform which sets a number of cookies in order to function properly and to facilitate authentication, remember preferences, and maintain sessions. Vision Critical clients who use the Sparq platform, their community members, and Potentiate’s own community members will receive these cookies when interacting with the platform. Generally, users and community members may not opt-out of these cookies directly, and we recommend that they do not delete or block these cookies to ensure a proper user experience. Most of these cookies are proprietary, although a small number are generated by third parties. For more information on Sparq cookies, please see the help article located here

Linking of Cookie data with other data
Information gathered through usage of a cookie is not generally linked to any direct personal identifiers (e.g., your name or e-mail address). Once you submit personal data on our sites however (e.g., by signing up to receive information from us, becoming a customer, etc.), we may link such personal data with cookies or other data that are associated with your visit(s) to our Site. This linkage allows us to create a ‘profile’ of your preferences so that we may tailor Site content, offers, and promotions to your interests.

Google Analytics
This Site uses Google Analytics, a popular website analytics service of Google Inc. (“Google”) which sets its own cookies. Google uses this information on behalf of the Site in order to analyze the use of the Site, to compile reports on Site activities, and to provide further services in connection with the Site. The IP address transmitted by your browser within the context of Google Analytics will not be combined with other Google data.

Disabling, Deleting, or Opting Out of Cookies  
If you do not want to have cookies placed on your device by third parties, many of them offer ways to opt-out.

You may prevent the collection of your data by Google Analytics by downloading and installing the Browser Plugin located here: https://tools.google.com/dlpage/gaoptout.

Information on opting-out of ad networks can be found at www.aboutads.info. If you are in the European Union, please visit www.youronlinechoices.eu.

In addition, most web browsers allow you to view and control most cookies through browser settings. You may refuse the use of cookies by selecting the appropriate settings on your browser to decline cookies. You may also delete existing cookies through your browser. Information on deleting/controlling cookies for specific browsers can be found at www.aboutcookies.org or www.allaboutcookies.org. Please note that if you delete cookies, or visit from another browser or device, you may need to set your preferences again including opt-out preferences. If you disable cookies, you may not be able to use the full functionality of the Site. In particular, you may have limited access to some areas or be transitioned to a different experience.

Similar Technologies
There are other technologies that perform a similar function to cookies. These include web beacons and clear gifs, local shared objects (also known as “LSOs” or “Flash cookies”), and digital fingerprints. These technologies may be used in conjunction with cookies to help us generate additional functionality and data:
• Web beacons/clear gifs - When we send you newsletters or other messages we use these technologies so that we can track email open and click rates, which in conjunction with cookies helps us understand your interests and send you more relevant, targeted messages.
• Digital fingerprinting – We may use "digital fingerprinting" technology to help us uniquely identify you, to aid in retargeting, to ensure the integrity of survey results by suppressing duplicate/fraudulent accounts and responses, and for other, similar purposes. To create the digital fingerprint, we use third party technology to collect data points about your computer and to generate a unique identifier by combining those data points. Such data points include, but are not limited to your location. The digital fingerprint cannot reveal your personal identity on its own.
• Local shared objects (“LSO’s” or “Flash cookies”) – When you interact with certain functions of the site such as viewing videos, LSOs may be used by third parties to store information on your computer. LSO’s differ from regular cookies in a number of ways, including their storage location, which means that they cannot be deleted using any of the instructions described previously. More information about LSO’s and how you can remove them is here.

Do Not Track Signal
Some browsers allow you to send a ‘Do Not Track’ request when you visit a website. Aside from the cookie related settings listed above, this Site does not process Do Not Track signals sent by your browser.

Changes to This Policy
We may change the information contained in this Policy at any time at our sole discretion so please review it periodically.

 Our Privacy Officer can be contacted by via:

If you feel that Potentiate is not complying with this Privacy Policy or the Australian Privacy Principles, please put your concerns in writing and send them to our Privacy Officer by one of the methods set out above.

We will always endeavour to investigate your complaint and respond to you as soon as practicable after receipt, generally within 30 days. If you are not satisfied with our response, you may refer the matter to the Office of the Australian Information Commissioner.

Potentiate Australia Data Security Statement