We may track and collect certain general and non-personal information when You visit the Website, including, without limitation, Your: (a) IP address, mobile device ID or other persistent identifier; (b) referrer information about how You visited the Website (e.g., how You got to the Website – was it by a Google search, by direct navigation, etc.) and how You used the Website (e.g., time of visit, areas of the Website that You visited); (c) Your connection speed and type; (d) type and version of Your web browser or mobile device; and (e) Your operating system and other system parameters and machine configuration (collectively, “Traffic Data”). Traffic Data is information that does not, standing alone, personally identify You but is helpful for marketing purposes or for improving Your experience on the Website. We use Traffic Data to collect information at an aggregate level about the visiting and use of the Website and to make the use of the Website more enjoyable to Our Users. We may combine Traffic Data with Personal Information We obtain from You directly through the Website or otherwise, including from third parties.
CONFIDENTIALITY AND SECURITY OF USER PERSONAL INFORMATION
USE AND DISCLOSURE OF PERSONAL INFORMATION
Provoke Solutions does not disclose personal information except to complete a transaction at your request, for example, to data processing companies, banks and payment gateways. Provoke Solutions will disclose your personal information without notice only if required to do so by law. Provoke Solutions may use or distribute personal information for bona fide market research purposes, but will always ensure that all personal identifiers are removed prior to the use of, or distribution of such information. Provoke Solutions will never sell, rent or lease its customer lists or information to third parties.
You may make a request to access the personal information held about you, and Provoke Solutions will provide it as long as Provoke Solutions has such information and can readily retrieve it. You may also ask Provoke Solutions to correct personal information held about you that is not accurate or up-to-date.
EU Data Subject rights
- Request that we provide you with a copy of Personal Information that we collect. You have the right to be informed of the source of your Personal Information, the purpose of collection and legal basis, as well as the processing methods used by Provoke Solutions, and to whom your Personal Information may be transferred.
- Request that we correct inaccurate Personal Information. We may seek to verify the accuracy of the Personal Information before correcting it.
- Request that we delete your Personal Information when it is no longer needed for the purpose under which it was collected or you withdraw your consent to use (subject to our legal obligations for retaining historic records).
- Ask us to restrict your Personal Information, where the Personal Information is not accurate or unlawfully processed, or it is no longer needed for the purpose under which it was collected. We will only continue to use your Personal Information where we have your consent or to protect the rights of covered individuals or exercise legal rights.
- Ask us to provide your Personal Information to you in a readable format or have it transferred to another party for automated processing under consent or Service Agreement.
- Object to any processing of your Personal Information which has our Legitimate Interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our Legitimate Interests. You can also request that we change the way we contact you for marking purposes or you can remove yourself from our marketing lists.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally required to retain Personal Information, or we are entitled to deal with the request in a different way.
SECURITY OF PERSONAL INFORMATION
Provoke Solutions secures the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure.
DATA BREACH REPORTING
The Privacy Act and General Data Protection Regulation (Regulation (EU) 2016/679) requires that reasonable and appropriate protection is made around information, including personal information and customer data (“Information”), and that certain data breaches are reported to the relevant authorities. Provoke Solutions may collect and store Information to enable Provoke Solutions to provide services to its customers.
In the event a data breach occurs or, a data breach is suspected, Provoke Solutions will follow this Policy and the below Response Plan to contain, assess and respond appropriately:
- Initial notification: If personnel become aware of an actual or suspected data breach they must immediately notify the Privacy Officer with information regarding the data breach.
- Preliminary assessment: The Privacy Officer shall notify the relevant personnel to collate information regarding the data breach.
- Assessment of Risk: The Privacy Officer in conjunction with management will assess the severity of the data breach based on the information received.
- Notification: The Privacy Officer in conjunction with management will consider whether notification to the relevant authority and/or affected individuals is required and, if notification is required, make that notification.
- Review: Provoke Solutions will undertake an internal review of the circumstances to consider if further action is required.
INTERNATIONAL DATA TRANSFERS
As a provider and user of IT Services including cloud services, Provoke Solutions retains Personal Information on servers that may be located in a number of overseas countries.
Provoke Solutions recognizes and respects the varying national laws and obligations and their impact on cross-border data transfers when transferring or processing Personal Information outside of the country of collection for the purposes identified above. Provoke Solutions will take all reasonable steps to ensure that no person or entity, breaches any relevant privacy and data protection laws using a variety of lawful data transfer mechanisms and contractual agreements for privacy and data protection.
CHILD PRIVACY ISSUES
The Website is not intended for children under 13 years of age. We do not knowingly collect Personal Information from children under 13. If You are under 13, do not use or provide any information on this Website or on or through any of its features. If We learn We have collected or received Personal Information from a child under 13 without verification of parental consent, We will delete that information. If You believe We might have any information from or about a child under 13, please contact Us as set forth below in Section 7.
YOUR CALIFORNIA PRIVACY RIGHTS; HOW TO CONTACT US