Probax is committed to providing quality services to you and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information as you interact with Probax.

We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act). The APPs govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information. A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner.

We have also adopted the General Data Protection Regulations (GDPR) for our European MSP clients. This act replaces the Data Protection Directive 1995 and is an important component of EU privacy and human rights law.

What is Personal Information and why do we collect it?

Personal Information is information or an opinion that identifies an individual.  Probax acknowledges APP 2, and asserts it is impractical for Probax to conduct it’s regular business activities with an entity (prospect or customer) who chooses to remain anonymous or use a pseudonym.

1.1 Examples of Personal Information (GDPR Article 4.1) we collect include:

  • Names
  • Addresses
  • Email addresses
  • Business name
  • Phone number
  • Billing details (from signed Customers only).
  • Australian Business Number or international equivalent (from signed customers only).

1.2 This Personal Information is obtained in many ways including:

  • Interviews
  • Correspondence
  • By telephone
  • By email
  • Via our website (www.probax.io)
  • From your website
  • From media and publications, from other publicly available sources and;
  • From third parties. We don’t guarantee website links or policy of authorised third parties.

We collect your Personal Information for the primary purpose of providing our services to you, providing information to our clients and marketing. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing/marketing lists at any time by contacting us in writing.

1.3 Probax acknowledges its obligations as a data controller:

  1. Probax collects the personal data of its employees for internal business purposes and modifies as requested by the employee.
  2. Probax collects the personal data of MSP customers for business sales, billing and marketing purposes and modifies as requested by the MSP.
  3. For its MSP customers, Probax will retain the data for the purposes of business and in case an emergency data restore is required by the MSP.
  4. After the MSP has completed or departed from a contract with Probax, the data will be retained for an appropriate period after to ensure all data is transferred. After a fortnight (or a period agreed in writing) from the contract finish date, Probax will permanently delete and destroy the data.
  5. MSP data uploaded to the Probax platform during a free trial (and do not sign up as a Probax customer), Probax will briefly retain and destroy. After a fortnight (or a period agreed in writing) from the contract finish date, Probax will permanently delete and destroy the data.
  6. The legal basis for collecting this data is a contractual obligation stated in Terms and Conditions section 4 and 16 and is in the legitimate interest of the data controller.

1.4 Probax acknowledges its obligations as a data processor:

  1. Probax implements IT systems or other methods to collect personal data of its MSP customers and prospects.
  2. Probax provides and organises the storage of MSP data provided.
  3. Probax stores some personal data of its MSP customers for business sales, billing and marketing purposes.
  4. Probax stores some personal data of its MSP prospects for sales and marketing purposes, with simple capacity to opt-out in writing at any time.
  5. The legal basis for collecting this data is a contractual obligation stated in Terms and Conditions section 4 and 16 and is in the legitimate interest of the data controller.

When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.

Sensitive Information

Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information. This is similarly outlined in the GDPR as personal data under Article 4 (1).

Sensitive or Personal information will be used by us only:

  1. For the primary purpose for which it was obtained
  2. For a secondary purpose that is directly related to the primary purpose
  3. With your consent; or where required or authorised by law.

By consenting to this Privacy Policy you are giving Probax permission to process your personal data for the purposes identified. Consent is required for Probax to process both types of personal data, but it must be explicitly given. Where we are asking for you for sensitive or personal data Probax will always inform you.

You may withdraw consent at any time in writing, to a Partner Manager, the Chief Executive Officer or the Chief Technology Officer – who will liaise with the Data Protection Officer (appointed in compliance with GDPR Articles 37 to 39) to action the request appropriately.

Third Parties

Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances, we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.

  1. For our MSP clients, we store personal data and billing details in third party software, appropriate for billing and customer communications.
  2. For prospective MSP, we retain personal data for contact purposes in a CRM database, which is reviewed and updated (where necessary) every 3 months. Probax will take direct action to opt-out or cease communications, when requested in writing by the prospective MSP.

Disclosure of Personal Information

Your Personal Information may be disclosed in a number of circumstances including the following:

  1. Third parties where you consent to the use or disclosure; and
  2. Where required or authorised by law.

Security of Personal Information

Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.

When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.

  1. Probax willingly adheres to destroy personal information appropriately by the Australian Privacy Act 1988 (Cth).
  2. Probax willingly adheres to the Right to Erasure, or ‘to be forgotten’ as stated in GDPR Article 17 (1), without undue delay.

Access to your Personal Information

You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing.

Probax will not charge any fee for your access request but may charge an administrative fee for providing a copy of your Personal Information.

In order to protect your Personal Information, we may require identification from you before releasing the requested information.

  1. Probax willingly complies with the rights of European data subjects under GDPR Articles 12 through 23 (inclusive).
  2. Probax willingly complies with the rights of the Australian entity or individuals under Australian Privacy Principle 12.

Maintaining the Quality of your Personal Information

It is important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.

  1. Data retention for the purpose of emergency restores will partly be influenced by the MSP’s choice of backup software. Where possible, Probax will take reasonable steps within their capability to retain data for an agreed period of time, to be outlined and agreed on in the MSP’s contract prior to signing.

Policy Updates

This Policy may change from time to time and a copy is also available on our website. Any significant changes to this policy will warrant a notification to our current customers.

 

Privacy Policy Complaints and Enquiries

If you have any queries or complaints about our Privacy Policy please contact our Data Protection Officer, or a member of the Probax team at:

  • Level 33, 250 St George’s Terrace, Perth, Western Australia, 6000
  • sales@probax.io
  • 1300 776 229 (AU)
  • (888) 877-6229 (US)