Zipline Cloud Pty Ltd ACN 613 136 824 trading as Pendula Solutions and affiliates is committed to protecting the personal information we collect from you. We provide intelligent, omni-channel communications solutions that are optimised to integrate with various software platforms. As such, we engage with personal information in two capacities:
Where we act as:
This Privacy Policy explains how we collect and use your personal information in relation to our products, services, events, and websites or applications. It also describes how you can control or exercise your rights related to your personal information.
You consent to us collecting, holding, using and disclosing your personal information in accordance with this policy.
If you are our customer we may collect and hold personal information about you. In particular, we may collect:
If you are our customer’s customer, we may access or receive certain of your personal information as necessary to provide our services. For instance, we may be given your mobile telephone number in order to be able to send you an SMS and be provided with the contents of that SMS which may contain your personal information (e.g. appointment bookings).
We also receive access to the information you include in your communications with our customers (for instance, if you respond to an SMS sent using our platform on behalf of our customer).
If you are our customer we may collect from the following sources:
There may, however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
If you are our customer’s customer we will receive your personal information from your service provider (our customer) or from you (for example, if you reply to a message sent using our platform). We rely on your service provider (our customer) to inform you of the collection and use of your personal information and to obtain your consent where required.
If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.
If you are our customer’s customer, you separately control your privacy settings and arrangement with our corresponding customer, through your direct relationship with them. If you do not provide your information to them, they may not be able to provide their services to you.
The personal information that we collect and hold about you depends on your interaction with us.
If you are our customer we will generally collect, use and hold your personal information if it is reasonably necessary for or directly related to the performance of our functions and activities and/or for the purposes of:
We have set out below, in a table format, a description of all the ways we plan to use your personal information, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.
Purpose/Activity
Type of data
Lawful basis
To provide our products, including registering you as a customer; enabling access; processing messages; operating, maintaining, and improving our services; communicating with you, such as by completing your support requests or updating our terms.
(a) Identity
(b) Commercial
(c) Technical
Contract
For our own business purposes, including maintaining internal business records and conducting internal reporting; collecting payments and performing accounting and similar business functions; auditing and managing projects; performing IT security management and IT-related tasks, such as administration of our technologies and network; and performing research and development of new products and services.
(a) Identity
(b) Commercial
(c) Technical
(d) Geolocation
(e) Audio and Video
Contract, Consent
For legal, safety, or security reasons, including to comply with legal requirements; establish, exercise, or defend against legal claims; protect the safety, security, and integrity of our property and the rights of those who interact with us or others; investigate any content or conduct policy violations; and detect, prevent, and respond to security incidents or other malicious, deceptive, fraudulent, or illegal activity.
(a) Identity
(b) Commercial
(c) Technical
(d) Geolocation
(e) Usage
Contract, Legitimate Interest, Legal Obligation
For marketing our products or those of third parties, such as our business partners; sending you marketing and promotional communications or product recommendations (via email, phone, or other online and offline channels); facilitating your participation in a contest or event; assess ad impressions or engage in contextual ad customization.
(a) Identity
(b) Commercial
(c) Geolocation
(d) Usage
(e) Marketing
(f) Inferences
Legitimate Interest for prospecting activities.
Consent with option to opt out or unsubscribe from marketing.
Opting out of marketing messages does not opt you out of receiving necessary messages around our products and business, or legal and safety reasons.
If you are our customer’s customer, we process your information for the purposes of providing our services to our customer. Typically, this means we use your information for the purpose of sending you messages, analysing the contents of your messages to determine the most appropriate response, and delivering your messages to our customer.
We do not directly process data privacy requests from a customer’s customer (except where required by law). These requests will be referred back to your service provider (our customer) who provided the personal information to us.
We use a limited number of third-party service providers to assist us in processing data for certain purposes. These third-party providers help support certain site features, technical operations and provide data storage services and may process or store personal information while providing their services. We maintain contracts with these third parties restricting their access, use and disclosure of personal information.
We may share your personal information as follows or as otherwise described in this Privacy Policy:
We may also disclose your personal information to others outside our group of companies where:
If you are our customer’s customer, we only use your personal information as necessary to perform our services for our customer. We do not separately process your personal information for our own purposes unless you are separately our customer.
Our website uses cookies. The main purpose of cookies is to identify users and to prepare customised web pages for them. Cookies do not identify you personally, but they may link back to a database record about you. We use cookies to monitor usage of our website and to create a personal record of when you visit our website and what pages you view so that we may serve you more effectively.
We do not track cookies for our customers’ customers and no cookies are used to deliver messages to our customers’ customers.
For our website we track the following cookies.
Cookies and other ad technology such as beacons, pixels, and tags help us to market more effectively to users that may be interested in our services. They also help with aggregated auditing, research, and reporting.
You have the option to disable and delete cookies that may not be necessary for the basic functionality of our website. Please note, blocking categories may impact your experience on our website. You may access the Cookie Manager at the bottom of any page on www.pendula.com.
We do not collect personal information about your online activities over time and across third-party websites or online services. Therefore, “do not track” signals transmitted from web browsers do not apply and we do not alter any data collection and use practices upon receipt of such a signal.
We store your personal information in different ways, including in paper and in electronic form. The security of your personal information is important to us. We take reasonable measures to ensure that your personal information is stored safely to protect it from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. For more information on data retention, please contact us.
Where we anonymise your personal information (so that it can no longer be associated with you) for research or statistical purposes, we may use this information indefinitely without further notice to you.
When interacting with us, you may encounter links to external sites or other online services, including those embedded in third-party advertisements. We do not control and are not responsible for privacy and data collection policies for such third-party sites and services. You should consult such third parties and their respective privacy notices for more information or if you have any questions about their practices.
You may access the personal information we hold about you, by making a written request to us. We will respond to your request within a reasonable period. We may charge you a reasonable fee for processing your request (but not for making the request for access).
We may decline a request for access to personal information in circumstances prescribed by the Privacy Act 1988 (Cth) and if we do, we will give you a written notice that sets out the reasons for the refusal.
If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to. These products and services may be offered by us and our related companies , our other business partners or our service providers.
Where you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt-out instructions provided in the communication or by emailing us to have your contact information removed from our promotional email list or registration database.
Please note opt-out requests are usually processed within 5 business days. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our services.
Subject to applicable law, you have the following rights with respect to your personal information.
You may exercise these rights by contacting us using the details provided in the Contact Information section. Please note that we may refuse to act on requests to exercise data protection rights in certain cases, such as where providing access might infringe someone else’s privacy rights or impact our legal obligations.
If you use an authorised agent we may ask your agent to provide us with additional information to confirm your identity.
We may disclose your personal information to recipients which are located outside Australia. Please refer to our subprocessors page for information of internal transfers outside of Australia.
Due to the global nature of our operations, some of the recipients mentioned on our subcontractors page may be located in countries outside the EEA, Switzerland, or the U.K., which do not provide an adequate level of data protection as defined by data protection laws in the EEA, Switzerland, and the U.K.
Transfers within Zipline Cloud Pty Ltd or to third parties located in such third countries take place using a valid data transfer mechanism, such as the EU Standard Contractual Clauses and/or the U.K. Addendum to such clauses, approved codes of conduct and certifications mechanisms, on the basis of permissible statutory derogations, or any other valid data transfer mechanism issued or approved by the EEA, Swiss, or U.K. authorities. Certain third countries have been officially recognised by the EEA, Swiss, and U.K. authorities as providing an adequate level of protection and no further safeguards are necessary. Please reach out to us using the contact information in the Contact Information of this document if you wish to receive further information about how we transfer personal data or, where available, a copy of the relevant data transfer mechanism.
You may request to exercise your rights by using our webform or by emailing us at privacy@pendula.com. We will not discriminate against you, in any manner prohibited by applicable law, for exercising these rights.
For customers we do not collect or process “sensitive personal information to infer characteristics about you.
For customers’ customers we do not collect or process “sensitive information” unless provided by the customer acting as the data controller.
Complaints for Australia Residents and Citizens
If you have a complaint about the way in which we have handled any privacy issue, including your request for access or correction of your personal information, you should contact us. Our contact details are set out below.
We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.
If you are dissatisfied with our handling of a complaint or do not agree with the resolution proposed by us, you may make a complaint to the Office of the Australian Information Commissioner (“OAIC”) by contacting the OAIC using the methods listed on their website.
Complaints for EEA, UK or Switzerland
You may lodge a complaint with a data protection authority for your country or region where you have your habitual residence, where you work, or where an alleged infringement of applicable data protection law occurs. A list of EEA data protection authorities is available here, and the contact details for the UK Information Commissioner’s Office is available here.
Complaints for US Residents and Citizens
If you submit a request to exercise one of the above rights and you disagree with our decision regarding your request, you may have the right to appeal our decision under applicable law. To do so, please reply to our response.
To view our Data Subject Access Request form, please click here.
We do not sell your personal information, as those terms are defined under the CCPA.
From time to time, we may change our policy on how we handle personal information or the types of personal information which we hold. Any changes to our policy will be published on our website.
You may obtain a copy of our current policy from our website or by contacting us at the contact details below.
Our Affiliates currently include: Pendula UK LTD
If you have questions or complaints regarding this Privacy Policy or about Zipline Cloud Pty Ltd’s privacy practices, please contact us by email at:
or in writing to: