Privacy Policy

The privacy of your Personal Information is your right. It is important to us that we manage your personal information ethically, securely and in compliance with relevant legislation.

COGSflow Group Pty Ltd ("cogsflow", "we", "our" or "us") ABN 94 646 480 202 is responsible for your personal information (Personal Information) and we take our data protection and privacy responsibilities seriously.

We want to make our policies on managing your data clear and understandable, so we've tried to write our privacy policy in plain English.

This privacy policy explains how we collect, use and share your personal information. If you have any questions about this Privacy Policy or our treatment of your Personal Information, please use this form to contact us or write to us by mail at COGSflow Pty Ltd, The Commons, 10-20 Gwynne Street, Cremorne VIC, 3121, Attn: Privacy and Data Protection Officer.

Important information about cogsflow:

cogsflow is an Australian company. You should be aware that your information may be held in databases which can be accessed by cogsflow employees, partners or service providers. We require that cogsflow that partners and service providers adhere at a minimum to the standards described in this policy, and adhere to, in Australia, the Privacy Act 1988; and in New Zealand, the Privacy Act 2020.

This privacy policy explains how we collect, use and share personal information in the course of our business activities, including:

1. What personal information we collect and when and why we use it
2. How we share personal information within cogsflow and with our service providers, partners and other third parties
3. How we secure and store personal information
4. Cookies
5. Your rights available to help manage your privacy
6. How you can contact us for more support

Updates

We may review or update this privacy policy from time to time to keep it up to date with legal requirements and the way we operate our business. We will place any updates on this webpage, so please check back regularly for those updates. If we make fundamental changes to this privacy policy, we may take additional steps to notify you including by posting on our website(s) or via email. We will not reduce your rights under this Privacy Policy without your explicit consent.

Third-party websites

If there is a link to any third party on any of our websites, their privacy policy applies. We are not responsible for the privacy practices of any third party.

What personal information we collect, and when and why we use it

In this section you can find out more about:

1. the types of personal information we collect;
2. when we collect personal information;
3. the different kinds of personal information we collect for certain services we offer; and
4. how we use personal information

When we collect information

We collect information about you and your business if you use our website, register on our platform, and contract to use cogsflow services. We also collect information about you when you are an individual representative of one of our business partners or our customers’ suppliers with whom we engage in providing our services.

Personal information we collect and use if you visit our websites, or register to use our services

If you visit our website, join our waitlist, or submit a query, personal information that may be collected directly from you includes name, email address, mobile phone number and organisation name. We may also collect personal information such as IP address, device information and log information by using cookies. 

Information we collect where a customer uses cogsflow services and allows us access to their third-party systems data

As part of our risk assessment process, quoting and operating process, cogsflow will collect personal information on a customer and their company. 

For our risk assessment, we will use a third party system to obtain your credit score. Here,  we will do a soft inquiry which will not affect credit scores and will not be visible to potential lenders that may review your credit reports. 

We will ask for your ABN or ACN, and will collect data on your business operating duration. 

When formulating an offer to suit a potential customer, we will ask for access to third-party accounting systems where we will collect invoice and bank transaction information. We will also ask for access to sales systems and collect data on sales volumes.

When customers sign a contract for our services, we will collect the billing address and payment details, such as an account number to set up automated payments. 

Information we collect if you are an employee or a contact at our business partner or sign up to our newsletters

If you are an employee or a contact at one of our business partners (including customers and suppliers), or sign up to one of our newsletters, we may collect your business contact details (including name, work address, work email, work telephone numbers, job title) for the purposes of issuing communications to you under the terms of this privacy policy and in accordance with your marketing and communications' stated preferences.

How do we use the personal information we collect from you?

We use this information to:

1. provide a more granular, tailored inventory-services offer to support a customer’s business growth;
2. evaluate the risk profile of a potential or existing customer;
3. provide insights to our customers to help them grow their business;
4. provide customers with our services and to maintain, manage and improve our services;
5. contact customers at their request to discuss our services;
6. contact customers to let them know about updates to our services or information we feel may be of interest to them;
7. provide customers with sales support or customer support;
8. assess the supply chain of a potential customer, ensuring all parties comply with relevant counter-terrorism financing (CTF), anti-money laundering (AML) regulations
9. conduct analytics and measurement to understand how our services are used;
10. comply with our legal obligations, for example when assisting governments and law enforcement agencies or regulators (as may be required by law);
11. improve the safety and reliability of our services. This includes detecting, preventing, and responding to fraud, abuse, security risks, and technical issues that could harm cogsflow, you, our users, or the general public.

Data insights 

Information about your business may be used in aggregate to drive the AI and ML insights offered to cogslfow customers. We anonymise data before allowing information to be available for delivering insights.

Data analytics

We routinely analyse information to help improve the way we run our business, to provide a better service and to enhance the accuracy of our products and services. We use usage information for data analytics, particularly to understand how our services are used, but this information is not personal information as it is. We anonymise data fields before allowing information to be available for analysis.

Sharing personal information with others

In this section you can find out more about how we share personal information:

1. within cogsflow;
2. with third parties that help us provide our products and services

We may share your personal information in the manner and for the purposes described below:

1. with third parties who help manage our business and deliver services. These include service providers who help manage our systems. Some of these providers use “cloud based” IT applications or systems, which means that your Personal Information will be hosted on their servers, but under our control and direction. We require all our service providers and third parties to respect the confidentiality and security of Personal Information and our contracts with them generally include obligations for them to comply with applicable privacy laws and to use any personal information we share with them solely for the purpose of providing services to us.
2. with your consent or as necessary to complete any transaction or provide any product which you have requested or authorised — for example when linking accounts with another service from cogsflow, or where you direct us to share your personal information with a third-party service provider in order to integrate our services with a service that they may provide. Any personal information which is provided directly by you and received by a third party directly may be stored and will be used by them according to their privacy policy;
   

Explaining your marketing preferences

In this section you can find out more about:

1. how we use personal information to keep you up to date with our products and services;
2. how you can manage your marketing preferences; and
3. when and how we undertake analytics

How we use personal information to keep you up to date with our products and services

We may use your name and email address to send direct marketing communications to you and let you know more about our services or related services that we believe will be of interest to you. We may contact you by email, or through other communication channels that we think you may find helpful. 

How you can manage your marketing preferences

We will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you

You can ask us to stop sending email marketing by following the “unsubscribe” or opt-out links in electronic communications. Alternatively you can contact us and ask to be removed from further marketing communications.  

When and how we use data analytics 

We use HubSpot (“HubSpot”), a marketing tool that provides web analysis. When you visit our websites HubSpot collects information automatically using tracking technologies, like cookies and tracking pixels. We use this information to analyse trends and monitor how visitors navigate around our websites, and to gather demographic information about our user base as a whole. For more information please refer to HubSpot’s privacy policy.

We do not profile you to customise services for you, provide personalised content or show you personalised advertisements based on your individual interests, preferences, or related activities.

Securing and storing information

How we store and secure your personal information 

We store your personal information electronically. We implement and maintain appropriate technical and organisational security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, misuse or interference or the unauthorised disclosure, access or modification to such information appropriate to the nature of the information concerned.

We secure the personal information customers provide on cloud infrastructure in a controlled, secure environment, protected from unauthorised access, use or disclosure. All Personal Information is protected using appropriate physical, technical and organisational measures. 

As the security of information depends in part on the security of the computer and/or device you use to communicate with us and the security you use to protect your user IDs and passwords, please take appropriate measures to protect this information.

How long we retain your personal information 

How long we keep information we collect about you depends on the type of information and how we collect and store it.  After a reasonable period of  time, we will either delete or anonymise your information or, if this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible. 

We retain Personal Information you provide to us where we have an ongoing legitimate business need to do so, for example, to manage your inventory service, comply with our legal obligations, resolve disputes and enforce our agreements.

We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date the information was created. 

When you request that we delete your personal information from our system, we will comply with your request within approximately 7 days. However, in specific limited circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.

How long do we store/retain your personal information

We will store your personal information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this privacy policy. Where your information is no longer needed, we will ensure that it is disposed of in a secure manner.

In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements.

When you request that we delete your account from our system, we will delete it from our severs within approximately 7 days from the date of your request. 

However, in specific limited circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.

Cookies

A cookie is a text file containing small amounts of information which is downloaded to/stored on your computer (or other internet enabled devices, such as a smartphone or tablet) when you visit a website.

Cookies may collect personal information about you. Cookies help us remember information about your visit to our website, like your username, and other settings. Cookies allow us to understand who has seen which webpages, to determine how frequently particular pages are visited and to determine the most popular areas of our website. They can also help us to operate our website more efficiently and make your next visit easier. 

Your rights available to help manage your privacy

You have a number of rights in relation to your personal information.

You may access or request correction of the personal information that we hold about you by contacting us. There are some circumstances in which we are not required to give you access to your personal information.

There is no charge for requesting access to your personal information but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs or costs for time spent on collating large amounts of material).

We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the personal information we hold about you remains accurate, up-to-date and complete.

You can access and control your Personal Information that cogsflow has obtained by contacting COGSflow, described below.

For example:

1. if cogsflow obtained your consent to use your personal information, you can withdraw that consent at any time;
2. you can request access to, erasure of and updates to your personal information; and
3. if you would like to port your data elsewhere you can contact cogsflow for assistance.

You can also object to or restrict cogsflow’s use of your personal information. For example, you can object at any time to our use of your personal information:

1. for direct marketing purposes; or
2. where we are performing a task in the public interest or pursuing our legitimate interests or those of a third party.

You may have these rights under applicable laws, including the EU General Data Protection Regulation (GDPR), but we offer them regardless of your location.

You can access and control your Personal Information that cogsflow has obtained, and exercise your data protection rights, by contacting us.

We may ask you for additional information to confirm your identity and for security purposes, in particular before disclosing personal information to you.

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

Contact us

The primary point of contact for all issues arising from this Policy is our Data Protection Officer. They can be contacted in the following ways:

hello@cogsflow.com

c/o cogsflow
The Commons
10-20 Gwynne Street,
Cremorne
VIC 3121

If you have any questions, concerns or complaints regarding our compliance with this privacy notice, the information we hold about you or if you wish to exercise your rights, we encourage you to first contact our Data Protection Officer. We will investigate and attempt to resolve complaints and disputes and make every reasonable effort to honour your wish to exercise your rights as quickly as possible and in any event, within the timescales provided by applicable data protection laws.

To contact your data protection supervisory authority

You have a right to lodge a complaint with your local data protection supervisory authority (i.e. your place of habitual residence, place or work or place of alleged infringement).

If you are located in Australia, you can contact the Office of the Australian Information Commissioner at oaic.gov.au.

We would however ask that you please attempt to resolve any issues with us before raising with your local supervisory authority.

Glossary

Personal Information

Any information capable of identifying a natural person, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to their his or her physical, physiological, mental, economic, cultural or social identity. Information is considered personal when it enables anyone to link information to a specific person, even if the person or entity holding that data cannot make that link.