Effective: May 25, 2018
FOR THE AVOIDANCE OF DOUBT, ALL INFORMATION STORED IN YOUR FILLR PROFILE IS ENCRYPTED ON YOUR DEVICE USING MILITARY-GRADE 256-BIT AES ENCRYPTION. OUR TECHNOLOGY (INCLUDING OUR SERVERS) CANNOT ACCESS ANY OF YOUR INFORMATION STORED WITHIN YOUR FILLR PROFILE, AND WE CANNOT, AND DO NOT, COLLECT ANY OF YOUR INFORMATION STORED WITHIN YOUR FILLR PROFILE, OTHER THAN YOUR EMAIL AND THE LIMITED, NON-PERSONALLY IDENTIFIABLE INFORMATION DETAILED BELOW.
How is your information stored in your Fillr Profile?
Depending on which Fillr Product you use, when you sign up for a Fillr Profile, you will be asked:
- for your first and last name and your email address; and
- to set up a PIN (when you set up your Fillr Profile by installing the Fillr extension within your mobile or desktop browser).
Once your Fillr Profile is registered, the rest of your information may be stored in your Fillr Profile when you:
- manually input those details into the relevant field in your Fillr Profile so it’s ready for when you use the Fillr Product to autofill an online form;
- authorize us to copy your information from your Google account to your Fillr Profile (if applicable); or
- input new information into an online form and sign up for, or use, your Fillr Profile on that form.
All information input into your Fillr Profile is encrypted and stored on your device using military-grade 256-bit AES encryption.
Once registered, your Fillr Profile is assigned an anonymized unique user ID for our internal purposes, which is the name we give to your Fillr Profile – sorry, it’s not very personal, but that’s the whole point! We can’t tell who you are based on the information we can see! This unique user ID is not connected with your email address or any information stored in your Fillr Profile.
What information we collect and how we collect it
We need to be able to communicate with you about your Fillr Product, so, we collect your email address when you register your Fillr Profile (if it’s given at that time), or when you first store it in your Fillr Profile. Your email is not linked to your unique user ID.
Other non-personal information we may obtain from your use of the Fillr Product, and link to your unique user ID, is:
(a) the type of mobile or desktop device you are using, the operating system and version and your mobile or desktop device token/identifier which are collected when you download and install a Fillr Product;
(b) your date of birth, gender, credit card type (for example, VISA, Mastercard or AMEX) and personal title, each of which may be collected when those details are input into the relevant field in an online form; and
(c) any personal information you voluntarily disclose to us in the course of any direct contact or other interaction with us (for example, if you contact us with feedback or to seek technical assistance).
The above information is not linked to, or stored in connection with, your email address. Accordingly, we are unable to personally identify you on the basis of this information.
Obviously, the Fillr Product was born to interact with third party websites, so we may also collect some non-personal information about you when you visit those websites including (without limitation):
- clickstream data such as the type of browser and operating system you are using, the URL of the site you have come from and move to after your visit, data relating to your activities on third party websites (including IP addresses and URLs) via tracking technologies (such as cookies and measurement software), the date and time of your visit and your server's IP address;
- the geo-location of your device when you populate an online form using a Fillr Product; and
- the type of payment you use to transact with third parties (ie type of credit card or PayPal).
Further, in order to provide the fastest form filling experience possible, the Fillr Product scans every webpage viewed on a browser on which the Fillr Product is enabled to check if form fields are present. The Fillr Product will then send some metadata derived from the webpage to our servers in the format provided by the webpage. This metadata includes (amongst other things) the URL and the form fields detected on the webpage. The Fillr Product then prepares so that it can fill the form fields as fast as possible when you request the Fillr Product to do so.
We collect this information for statistical purposes to find out how our website and the Fillr Products are being used and navigated, including the number of hits, the frequency and duration of visits, most popular session times. We may use this information to evaluate and, hopefully, improve your experience with the Fillr Products and the products and services we may provide.
We do not ask for, or collect, sensitive information as defined under the Australian Privacy Act 1988 (Cth) (“Privacy Act“), such as racial or ethnicity information, political opinions or associations, criminal records or health information. The Fillr Products are not designed for, or intentionally targeted at, children 16 years of age or younger. Accordingly, it is not our policy to intentionally collect or maintain information about anyone under the age of 16. If a child has provided us with personally identifiable information a parent or guardian of that child may contact us via email at firstname.lastname@example.org if they want this information deleted from our records. We will then make reasonable efforts to delete the child’s information from the database that stores information for this site.
You may at any time refuse to provide the personal information that we request. However, this may limit or prohibit our ability to provide our services to you.
When we collect any information about you, we will ensure such collection is fair and will comply with the law.
We need to collect information about you to the extent that it is reasonably necessary for the conduct of our business, which includes:
(a) to provide you with the services and functionality of the Fillr Products;
(b) to develop, promote and expand the Fillr Products, functionality and associated products and services; and
(c) to help you facilitate and troubleshoot the use of the Fillr Products on your devices and to use the Fillr Products to populate online forms and databases.
How we use the information we collect.
In most cases, we collect and record your information for the primary purpose of supplying you with the products and/or services provided by the Fillr Products. If we can’t collect the information we need, we may not be able to supply you with those products or services, or the products or services supplied may not be as great as what they should be. For example, we may use your information to:
- link your device to websites containing forms which you wish to populate using the Fillr Product;
- improve the accuracy, quality, relevance or level of services or functions provided by a Fillr Product, including to identify the websites through which you use a Fillr Product to enhance the functionality of the Fillr Product in respect of those websites;
- personalize and customize your service and experience with a Fillr Product or the websites of our service providers and business partners;
- contact you to conduct surveys, research and feedback about our products and services; and
- notify you about changes to our products and services or to provide you with information about offers, promotions, goods or services, which we believe may be of interest to you.
We may also use or disclose your information:
- for any other purpose that you may reasonably expect, such as technical support or to verify that you’ve complied with any terms and conditions that may apply to your use of a Fillr Product; or
- to avoid, lessen or prevent a serious emergency or crime (hopefully this is unlikely). If we use or disclose personal information about you in those circumstances we will make a written record of such use or disclosure.
We will not disclose information about you other than for the purposes outlined above, or for any other purpose authorized or required by law or any purpose which we have disclosed to you, or which you have authorized.
Some information submitted to us online (ie. via an email enquiry) may need to be processed by a third party (for example, an independent contractor providing customer support services). If you give us information in this manner, you’ll be taken to have given consent to us disclosing that information to that third party (who may be located overseas) but only for the purpose of enabling that third party to process that information.
Sharing the information with third parties.
The Fillr Product does its best work when it’s working with third party services, for example:
- downloading the Fillr Product to your device from software and app stores, such as the iTunes App Store and Google Play Store;
- populating your Fillr Profile with your information from your Google account or new information you submit to an online form which isn’t already in your Fillr Profile;
- using the Fillr Product to populate third party’s online forms with information stored in your Fillr Profile.
We may disclose your personal information without your prior permission when we have reason to believe that the disclosure of this information is required to establish the identity of, to contact or to initiate legal proceedings against a person or persons who are suspected of infringing rights or property belonging to us or to others who could be harmed by the person’s activities or of persons who could (deliberately or otherwise) transgress upon these rights and property. We are permitted to disclose personal information when we have good reason to believe that this is legally required.
How we protect the information we collect
We will take all reasonable steps to protect the information we hold about you from misuse, loss and unauthorized access, modification or disclosure. However, by using a Fillr Product, you acknowledge that there is the possibility that, despite our efforts, circumstances may occur which are not reasonably foreseeable (and therefore, we are unable to prevent) which may result in the limited information linked to your unique user ID (not any other information stored in your Fillr Profile) being accessed without authority (for example, a breach of the AWS servers we use to store this limited information).
If your device is stolen (or lost), hacked into or you allow someone to use it without your supervision, others may be able to access and use your personal information stored within your Fillr Profile. To minimize the risk of this happening, we strongly recommend that you use our PIN protection function so that thieves or hackers can’t access your Fillr Profile to see your personal information, or use the Fillr Product to populate online forms on your device (unless they know your PIN or got very, very lucky).
You are responsible for protecting the PIN you select to access your Fillr Profile on your device in order to prevent unauthorized access to the information stored in your Fillr Profile on your device.
As your information in your Fillr Profile is stored on your device, we do not (and cannot) back it up for you. Therefore, we recommend that you back up your device regularly, or at least your Fillr Profile (ie to Dropbox), so that it can be quickly and easily restored if your device is stolen or lost.
Data access and correction
We are happy to delete, correct and/or give you access at any time to the personal information that we hold about you. To do so, please send a written request addressed to the Privacy Officer, Pop Tech Pty Limited, by mail at Studio 6 / 249-251 Chapel Street, Prahran, Victoria, 3181 or by sending an email to email@example.com .
Cookies, Links and other Tracking Technologies.
Some of our Fillr Products use various technologies to collect information about your use of the Fillr Product, and this may include sending cookies to your computer or mobile device. Cookies are small data files stored on your hard drive or in your device memory that helps us to improve our Services and your experience, see which areas and features of our Services are popular and count visits.
A cookie also helps us to recognize you when you re-visit our website and to co-ordinate your access to different pages on the website. With most internet browsers, you can erase cookies from your computer hard drive, block all cookies, or receive a warning before a cookie is stored. If you want to do this, refer to your browser instructions or help screen to learn more.
Please be aware that while using a Fillr Product, you can follow links to other sites that are beyond our sphere of influence. We are not responsible for the content, conduct or privacy policies of these other sites.
We use analytics software to allow us to better understand the functionality of the Fillr Products on your devices and customize and improve the Fillr Product, and your experience with it. This software may record information such as how often you use the Fillr Product, the events that occur within the Fillr Product, aggregated usage, performance data, where the Fillr Product was downloaded from and various other clickstream data. Your non-personally identifiable information and clickstream data about your activities may be shared with any third party companies whose analytics software we use to help us with this. Our agreement with these companies restricts them from sharing this information with third parties or using it for any other purpose. Clickstream and demographic information may also be shared with our advertisers and business partners.
Transfer of information outside Australia
You expressly agree that we may transfer and store the information we collect about you on servers and equipment located anywhere outside Australia and, therefore, it may be subject to the privacy policies of other countries or third party providers. As mentioned above, this only applies to the information we collect about you, which is limited to the information we link to your unique user ID (described above) and NOT your information stored in your Fillr Profile.
Pop Tech Pty Ltd
Address: Studio 6 / 249-251 Chapel Street, Prahran, Victoria, 3181 AUSTRALIA
ADDITIONAL CALIFORNIA PRIVACY DISCLOSURES
Do Not Track
We do not track our customers over time and across third party websites to provide targeted advertising and therefore we do not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you.
Notice for Minors
If you have questions about how to remove content in a specific service or if you would like additional assistance with deletion you can contact our support team at firstname.lastname@example.org . Although we offer deletion capability for our services, you should be aware that the removal of content may not ensure complete or comprehensive removal of that content or information posted through the services.
If you are a California resident and Fillr customer you have the right to request information from us regarding the manner in which we share certain categories of your personal information with third parties, for the third parties’ direct marketing purposes. California law provides that you have the right to submit a request to us at our designated address and receive the following information:
- The categories of information we disclosed to third parties for the third parties’ direct marketing purposes during the preceding calendar year;
- The names and addresses of third parties that received such information; and
- If the nature of a third party’s business cannot be reasonably determined from the third party’s name, examples of the products or services marketed.
You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. Our email address for such requests is email@example.com .
ADDITIONAL GENERAL DATA PROTECTION REGULATION (“GDPR”) DISCLOSURES FOR OUR PRODUCTS AND SERVICES OFFERED TO CITIZENS OF THE EEA, UK AND SWITZERLAND
In addition to all of the above, the following privacy rights and disclosures are made in further compliance with GDPR and apply to all data collected from or about citizens of the European Economic Area (“EEA”), the UK and Switzerland (“EU Users”).
For EU Users with accounts located in the EEA, Switzerland or the UK the processing of information relating to an identified or identifiable natural person who is an EU User (“Personal Data”) is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the “Directive”), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive was replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (“GDPR”), and processing of EU Users’ data by us will take place in accordance with the GDPR.
EU data protection law makes a distinction between organizations that process Personal Data for their own purposes (known as "Controllers") and organizations that process Personal Data on behalf of other organizations (known as "Processors"). If an EU User has a question or complaint about how their Personal Data is handled, these should always be directed to our Data Protection Officer identified in Section 2 below.
We process Personal Data both as a Processor and as a Controller, as defined in the Directive and the GDPR. Pop Tech Pty Ltd, being the entity with which the EU User entered into an agreement when using a Fillr Product, will be the Controller for all of the EU User’s Personal Data.
We adhere to the Directive of 1995 and the GDPR from May 25th, 2018. We have a data processing agreement in place with our third party service providers, ensuring compliance with all applicable laws and directives.
2. Data Protection Officer
We have a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address:
Pop Tech Pty Ltd
Attn: Data Protection Officer
Studio 6 / 249-251 Chapel Street, Prahran, Victoria, 3181 AUSTRALIA
3. International Privacy Laws
If you are using the Fillr Products from outside the United States, please be aware that you may be sending information (including Personal Data) to the United States or other countries outside of the EEA, Switzerland and the UK (“Destination Countries”) where our servers are located. That information may then be transferred within the Destination Country or back out of the Destination Country to other countries outside of your country of residence, depending on the type of information and how it is stored by us. These countries (including the United States) may not necessarily have data protection laws as comprehensive or protective as those in your country of residence; however, when transferring your Personal Data outside of the EEA, we will (and will ensure that service providers acting on our behalf agree to) protect it from improper use or disclosure and ensure the same levels of protection are in place as are applied within the EEA.
4. Legal grounds for processing your Personal Data
- you provided your consent;
- it is necessary for our contractual relationship;
- the processing is necessary for us to comply with our legal or regulatory obligations; and/or
- the processing is in our legitimate interest in providing you with use of a Fillr Product.
5. Transfers of Personal Data
As we are a global company, we may need to transfer your Personal Data outside of the country from which it was originally provided. This may be intra-group or to third parties that we work with who may be located in jurisdictions outside the EEA, Switzerland and the UK which have no data protection laws or laws that are less strict compared with those in the EEA.
Whenever we transfer Personal Data outside of the EEA, Switzerland or the UK, we take legally required steps to make sure that appropriate safeguards are in place to protect your Personal Data. For example, we ensure the third parties to which we transfer Personal Data are bound by European Commission-approved standard contractual clauses, which require those third parties to adhere to certain privacy and security standards. You may obtain a copy of the standard contractual clauses we use by contacting our Data Protection Officer.
When we transfer Personal Data intra-group, we rely on your consent to such transfers. If you later wish to withdraw your consent to such transfers, you can request that we delete your account by contacting our Data Protection Officer. In certain circumstances, we also rely on our legitimate business interests to effect transfers of Personal Data, such as intra-group transfers for internal administrative purposes.
6. Personal Data retention
We retain your Personal Data for as long as necessary to provide you with our Services, or for other important purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements.
If you delete or close your Fillr account, we will retain:
- any non-personal information we collected in the course of your use of a Fillr Product. Such information is retained in aggregate form for the purposes of business and product analytics; and
- your email address in order to contact you with respect to various matters which may be of interest to you, or to enforce our rights in respect of your use of the Fillr Products. You may opt-out of receiving such communications by contacting firstname.lastname@example.org .
7. Your rights.
If you live in the EEA, UK or Switzerland, your rights are protected under the GDPR. Amongst other things this means you have:
- the right to access and receive your data: you can ask us for a copy of your Personal Data and we will provide you with a copy (in a commonly used file format) of all the Personal Data you have given to us;
- the right to object: you can ask us to stop using all or some of your Personal Data or to limit our use of it to certain circumstances;
- the right to erasure: you can ask us to erase or delete all or some of your Personal Data;
- the right of rectification: we allow you to correct or complete your Personal Data if it is inaccurate or incomplete.
You can learn how to make one of these requests or exercise your rights by contacting our Data Protection Officer.
If you have a complaint about how we handle your Personal Data, please get in touch with us as set forth in Section 2 above (ie, contact our Data Protection Officer) to explain. If you are not happy with our privacy practices, you also have the right to contact your local supervisory authority.