This Privacy Statement describes how Synx Group Pty Ltd (“Synx”) processes the personal data of the natural persons who use its services in their own activities. This Privacy Statement applies to all of Synx business processes and websites, areas of operation, mobile solutions, cloud services, and other services offered by Synx. Unless otherwise separately stated, this Privacy Statement also applies to the processing of personal data carried out by other companies belonging to Synx.
Synx websites and other services may furthermore, from time to time, include links to the social networks of third parties. Such social networks of third parties, and any processing of personal data occurring through them, are subject to the privacy statements of the third parties in question.
This Privacy Statement pertains to the processing of personal data carried out by Synx when Synx – or a company belonging to the Synx – is the controller. We always process your personal data only to the extent necessary for the delivery of our services, and always in accordance with the applicable legislation.
By providing us with your personal data, you indicate that you have read and are aware of the processing methods and terms applicable to the processing of personal data pursuant to this Privacy Statement. If you do not accept the processing principles described in this Privacy Statement, please do not provide us with your personal data.
Unless otherwise separately stated, the controller with regard to the personal data processed pursuant to this Privacy Statement is:
Synx Group Pty Ptd
Charles McKay CEO
ABN 82 613 373 881
Level 2/696 Bourke St, Melbourne VIC 3000
And/or (on a case-by-case basis):
The company belonging to Synx to which you have disclosed your personal data or from which you have received marketing communications.
If you are unsure who the controller is in terms of your personal data, you can contact Synx by using the contact details provided in this Privacy Statement.
Person responsible for the processing of personal data
Synx Group Pty Ltd
Level 2/696 Bourke St, Melbourne VIC 3000
Purpose of and legal basis for personal data processing
Synx processes personal data for the following purposes:
Customer relationship management
Synx processes the personal data it collects primarily for the purpose of delivering and producing those Synx services which the person has subscribed to or ordered, or which the person has registered for as a user. The personal data is processed for the management and analysis of the relationship with the customer – or some other appropriate connection – along with the production of services, business development and planning, as well as opinion and market research and customer communication, which may also be implemented digitally and in a targeted manner.
Synx may also process the personal data it collects for marketing purposes, provided that the person in question has given their consent to this or, in certain cases, has not separately forbidden it. The person has, at any time, the right to withdraw their consent for the use of their data in marketing purposes either by using the contact details provided in this Privacy Statement or by exercising the opt-out possibility given in the marketing communications (such as a ‘Unsubscribe’ link).
Synx does not sell or disclose the personal data it processes to third parties for the marketing purposes of these parties, unless the person in question has given their separate consent to this. Synx’s marketing measures carried out on behalf of other controllers in its capacity as a processor for these controllers are described below.
Legal basis for processing
Synx processes your personal data on varying legal bases, depending on whether Synx is the controller or processor with regard to your personal data. When Synx itself is the controller, the processing of your personal data is based on either a) the implementation of the agreement on the Synx services which the data subject has ordered from Synx, b) the implementation of Synx’s legitimate interests related to the data subject’s customer relationship, or c) the consent provided by the data subject. When Synx serves as a processor to its corporate customer which is the controller, Synx’s processing of your personal data is based on the agreement between Synx and the controller on the order of services.
The provision of personal data to Synx is not primarily a condition for the agreement or the delivery of services. If this is nevertheless the case and Synx cannot, for instance, implement the services you have ordered without your personal data, the provision of this data is separately indicated as being required. A failure to provide such data, indicated as required, may prevent Synx from delivering the services you have ordered or limit their delivery to a considerable degree.
Personal data subject to processing
Synx may process the following personal data, among others, for the purposes of customer relationship management and marketing:
- first and last name
- contact details (postal address, telephone number, email address)
- the start and end date of the customer relationship and/or appropriate connection as well as the method by which it started and ended
- direct marketing opt-ins and opt-outs
- business ID (businesses)
- information pertaining to the use of digital services and contents (e.g. subscriptions to newsletters)
- information related to marketing and sales promotion, such as marketing measures targeted at the data subject and participation in them
In addition, Synx may process, in connection to the management of customer relationships, the following data on persons who have bought a product and/or service:
- customer number
- business ID
- invoicing details
- contact people (name, phone number, email)
- information related to the management of the customer relationship or other appropriate connection and communication as well as categorisation (e.g. information on the products and services bought or cancelled, delivery information, feedback, complaints and the recording of customer service events such as phone calls, emails and support messages)
Regular information sources
The personal data of data subjects is collected primarily directly from the data subjects themselves when, for instance, data subjects themselves disclose their personal data in connection to subscribing to a newsletter, through various Synx services used by the data subjects, and in connection to different marketing measures, such as marketing prize draws or competitions and events.
Furthermore, personal data may be collected and updated from the registries of our partners and from companies providing services pertaining to personal data, to whom a data subject has given their consent for the disclosure of their personal data. Third parties of this kind, from whom Synx may collect data related to the data subjects, can include various companies providing credit references and address data.
Regular disclosure of data
Synx discloses personal data only in cases and to the extent to which is necessary for the proper delivery of services. Synx always complies with appropriate protective measures to ensure the protection of personal data in connection to disclosures.
Synx may occasionally have to disclose the personal data it processes to competent authorities or other equivalent parties in the manner required by said competent authorities or other parties pursuant to valid legislation.
In the event that we dispose of, merge or otherwise reorganise our business operations, or acquire new ones, the personal data of users may be disclosed to the buyer or potential buyers and their advisers.
Data can be disclosed to partners selected by Synx and to service providers who process the data on behalf of the controller on the basis of a cooperation agreement between the parties. In such cases, Synx always ensures that the partners and service providers participating in the processing of personal data are contractually bound to comply with confidentiality and data protection and that the personal data is processed solely for Synx’s purposes described in this Privacy Statement.
In addition, Synx regularly discloses data internally, within the companies belonging to Synx group. Some of the companies belonging to Synx group are also located outside Finland, due to which the data may also be disclosed and processed beyond the borders of Finland. The companies belonging to Synx group are not, however, located outside the EU or the EEA.
Protection of personal data
We use any necessary and appropriate technological and organisational information security measures to protect personal data against unauthorised access, disclosure, destruction or other unauthorised use. Such measures include the use of firewalls and secure hardware facilities, appropriate physical access control, the managed granting of access rights and the monitoring of their use, the employment of encryption technologies, training the personnel participating in the processing of personal data, and the careful selection of subcontractors.
Storage period of personal data
Synx stores your personal data only for as long as they are needed for the aforementioned purposes of use or the fulfilment of statutory obligations. When the personal data we have collected is no longer needed, we destroy or erase it in a secure manner.
Data subject’s rights and exercising them
Data protection legislation guarantees data subjects several rights with regard to their personal data, which Synx has also undertaken to implement. Among other things, the user of Synx’s services has the right to check the personal data stored on them and to request a copy of the personal data collected on them. When the processing of the personal data of an Synx user is based on the user’s consent, the user has the right to withdraw the consent they have given at any time.
At the request of a user, we will rectify, erase or complete any personal data erroneous, unnecessary, incomplete or outdated in terms of the processing purpose. Users also have the right to request the erasure of their personal data (what is referred to as the right to be forgotten) if the processing has been based on the user's consent and the user withdrawn their consent; the user’s personal data has been processed illegally; or if the user objects to the processing of their personal data and there are no legitimate grounds for the processing.
In some cases, the user also has the right to request the restriction of processing, object to the processing, and to request the data’s transmission from one system to another, or to another controller. Users may have this right in a situation where there is no longer a legal basis for the processing, but in which, in lieu of the data’s erasure, the user merely wants to restrict the processing, or when the processing has been based on consent and has been automatic.
Users have the right to file a complaint with a competent supervisory authority concerning the processing of a user’s personal data carried out by Synx, should the user perceive Synx not to have processed the user’s data as required by the applicable data protection legislation, or if the user’s requests related to their rights guaranteed by law have not been implemented appropriately.
If you wish to exercise one of the aforementioned rights guaranteed to you by law, you can do so by contacting Synx (or, depending on the case, the company belonging to Synx group serving as the controller) through the contact details provided in this Privacy Statement. In some cases, Synx may have to request further information from you to ensure that you are the person you claim to be. In the event that Synx serves merely as the processor of another controller in respect of your personal data, Synx will instruct you to contact the controller in question in relation to your requests. In terms of some services, Synx also offers you the possibility to check, modify, and erase your own data by signing in to Synx’s user portal. If you are provided with such an opportunity, Synx recommends that you primarily update your data through the user portal in question.
Automated data collection
Synx employs widely used digital marketing methods and tools to gather data on your movements on our websites. This data is collected to improve the usability and content of our website, target advertising, and marketing as well as to investigate the interests of visitors. For the most part, such data is gathered with the help of cookies (see below) and does not allow for attribution to a person.
Cookies used by Synx
Cookies and other equivalent technologies are used for the purposes of analysing our services and their further development in a direction that better serves users. Among other things, these technologies make it possible for a user not to have to enter their user ID, password, and personal preferences again every time they visit a page.
We use both session-specific cookies, which are stored only for the duration of your visit at the time in question, and permanent cookies, which are stored for longer periods of time and across a number of browsing occasions. Some of these cookies are the cookies of the operator which controls the website you are visiting (such as Synx), while others are the cookies of third parties offering their services on the website (such as analytics companies). You can find further information on the cookies used on Synx’s website through your browser’s cookies settings.
Changes to Privacy Statement
Synx develops its business continuously and therefore reserves the right to change this Privacy Statement by notifying users of such changes via its services. The changes may also be based on changes in legislation. If we make changes to the Privacy Statement, we will publish the amended statement and the date of the changes on this website. Because of this, we advise our users to check for an up-to-date Privacy Statement on our website on a regular basis.
Should we make material changes to the Privacy Statement, in which case our privacy protection policy changes in a material way, we can also announce the matter in other ways, such as via email or by publishing a bulletin on our Group’s website and/or social media pages prior to the changes’ entry into force.
This Privacy Statement was updated on 1 January 2020.
If you have any comments or questions regarding our Privacy Statement or if you are concerned about the protection of your privacy or the use of your personal data, or if you suspect that your privacy has been infringed, please send a message to firstname.lastname@example.org. You can also send us a letter to the address Synx Group Pty Ltd, Data protection, Level 2/696 Bourke St, Melbourne VIC 3000
We will handle your request confidentially and, if necessary, our representative will contact the address you have indicated. We aim to process all comments promptly and in the manner required.