Last updated at: 20 June 2024
Version: 2.4
Introduction
Swiped On Limited NZ Company No. 655878 (we, us, our, SwipedOn) complies with the Privacy Act 2020 (New Zealand) (the NZ Privacy Act) and other applicable laws when dealing with personal information. Personal information is information about an identifiable individual (a natural person).
This policy sets out how we will collect, use, disclose and protect your personal information.
If you are based in the European Union and use our website, products and/or services the additional terms in the addendum to this policy apply to you.
This policy does not limit or exclude any of your rights under the NZ Privacy Act and other applicable laws. If you wish to seek further information on the NZ Privacy Act, see www.privacy.org.nz.
Changes to this policy
We may change this policy by uploading a revised policy onto our website (www.swipedon.com) (the website). Unless stated otherwise, the change will apply from the date that we upload the revised policy.
What personal information do we collect
We collect, hold and process two categories of personal information
Account and Marketing Data is personal information that we collect about you:
in connection with the creation or administration of a customer account
if you ask to receive information about us or our services and products or sign up for our newsletter
when you contact us directly (e.g. telephone call, email or through the user dashboard) or visit our website.
The Account and Marketing Data we collect may include company/personal names, usernames, phone numbers, email addresses, your location, billing information, information about how you use our website or the Services (for example, traffic volumes, time spent on pages), your IP address and/or other device identifying data, and other information required to provide a service or information you have requested from us.
Visitor or Employee Data is personal information about a customer’s visitors or employees that is input into the SwipedOn Service (as defined in the SwipedOn Terms of Service). Visitor and Employee Data may include visitors’ and employees’ names, phone numbers, email addresses, locations and photos, times of visit, visitors’ employers’ names, the signed visitor agreement, and any other information that a customer decides to capture about its visitors and employees. Any data deletion queries or requests can be made by contacting support@swipedon.com.
Visitor and employee photos are collected when the user is prompted to take a photo on sign in or sign out. Employee profile photos are uploaded by either an account admin or the employee to their profile. These photos are used to verify company visitors and employees and they are stored in the company visitor and employee timelines, and employee profile, when a visitor or an employee signs into a business using the SwipedOn application.
This data is stored until the customer deletes it or within six months of termination of their SwipedOn subscription, whichever comes first.
We will not disclose, move, access, process or use Visitor or Employee Data except as provided in our Terms of Service (including, if applicable, the SwipedOn Data Processing Addendum) and we require our customers to comply with applicable privacy and data protection laws.
The remainder of this privacy policy sets out how we will collect, use, disclose and protect Account and Marketing Data and does not apply to Visitor or Employee Data.
Who do we collect your personal information from
We collect personal information about you from:
- you, when you provide that personal information to us, including via our website and the Service, through any registration process, through any contact with us (e.g. telephone call, email or through the user dashboard)
- third parties where you have authorised this or the information is publicly available.
If possible, we will collect personal information from you directly.
When you visit or use our website or the Service, we may collect information about you:
- by recording
clickstream data, which is non-personal information that is recorded when you click anywhere in a webpage or the Service and is used for the purposes of collecting, analysing and reporting data about how you use our website and the Service; and
- through the use of cookies, pixel tags (also known as web beacons or clear gifs) and similar storage technologies. Please refer to our
Cookie Policy for further information, including information on how you can disable these technologies.
Some provision of personal information is optional. However, if you do not provide us with certain types of personal information, you may be unable to enjoy the full functionality of our website or the Services.
We may also conduct user surveys to collect information about your preferences. These surveys are optional and if you choose to respond, your responses will be kept anonymous. Similarly, we may offer contests to qualifying users in which we ask for contact and demographic information such as name, email address and mailing address. None of this information is shared with third parties, except in summary form, if at all. Information we gather through a contest may also be disclosed to third parties as necessary for prize fulfilment and other aspects of any contest or similar offering.
How we use your personal information
We will use your personal information:
to verify your identity
to provide services and products to you
to market our services and products to you, including contacting you electronically (e.g. by text or email for this purpose)
to tailor content or advertisements to you;
to improve the services and products that we provide to you
to bill you and to collect money that you owe us, including authorising and processing credit card transactions
to respond to communications from you, including a complaint
to conduct research and statistical analysis (on an anonymised basis)
to protect and/or enforce our legal rights and interests, including defending any claim
for any other purpose authorised by you, the NZ Privacy Act or other applicable law.
How do we store your personal information
We have the option of data storage in either the United States, Canada, Singapore, Australia, United Kingdom or Germany. Whichever location you choose your data to be stored in on set up of your account with SwipedOn is where it will remain. This cannot be changed.
Disclosing your personal information
We may disclose your personal information to:
any other company within our group for the purposes described in this policy
any business that supports our services and products, including any person that hosts or maintains any underlying IT system or data centre that we use to provide the website or other services and products or that assists us with our marketing and customer care activities described in this policy
other third parties (for anonymised statistical information)
a person who can require us to supply your personal information (e.g. a regulatory authority)
any other person authorised by the Act or another law (e.g. a law enforcement agency)
any other person authorised by you
any other company in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition.
A business that supports our services and products may be located outside New Zealand. This may mean your personal information is held and processed outside New Zealand.
We also share information about your use of our website with our trusted social media, advertising and analytics partners through the use of cookies, pixel tags and similar storage technologies. Please refer to our cookie Policy for further information.
Protecting your personal information
We will take reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse.
Accessing and correcting your personal information
Subject to certain grounds for refusal set out in the NZ Privacy Act or other applicable law, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
If you want to exercise either of the above rights, email us at support@swipedon.com. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).
Internet use
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
If you follow a link on our website or in the Service to another site, the owner of that site will have its own privacy policy relating to your personal information. We suggest you review that site’s privacy policy before you provide personal information.
Contact us
If you have any questions about this privacy policy or our privacy practices, you can contact us at privacy@swipedon.com
SwipedOn privacy policy - GDPR addendum
If you are based in the European Union (EU) and use our website and/or our services, these additional terms (GDPR Addendum) form part of our privacy policy.
The General Data Protection Regulation (GDPR) regulates the collection, processing and transfer of EU individuals’ personal data (as defined in the GDPR). The personal information described in our privacy policy is personal data under the GDPR. We are committed to complying with the GDPR when dealing with Account and Marketing Data (as defined in the privacy policy) about our website visitors and service users based in the EU.
For the purposes of the GDPR:
- we are the data controller (as defined in the GDPR) when processing Account and Marketing Data; and
- our customers are the data controller when processing Visitor and Employee Data (as defined in the privacy policy)
We will not process Visitor or Employee Data except as provided in our Terms of Service (including, if applicable, the SwipedOn Data Processing Addendum) and we require our customers to comply with applicable privacy and data protection laws.
The remainder of this GDPR Addendum applies to Account and Marketing Data only, and does not apply to Visitor or Employee Data.
This GDPR Addendum was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal data. However, we are happy to provide any additional information or explanation needed. Any requests for further information should be sent to privacy@swipedon.com
Processing personal data
The Account and Marketing Data we may process is described in our privacy policy. This Account and Marketing Data may be processed for the purposes outlined in our privacy policy.
The legal basis for our processing of Account and Marketing Data is your consent and, for certain Account and Marketing Data, processing is necessary for the performance of a contract to which you are a party.
Despite the above, we may process any of your personal data where such processing is necessary for compliance with applicable laws.
You do not have to provide us with your name or contact information to access and use the website. However, you must provide us with your name and contact information when using the Service and some of our other services. The consequence of not providing your name and contact information is that we will not be able to provide all of our services to you.
Your Rights
Your rights in relation to your personal data under the GDPR include:
right of access - if you ask us, we will confirm whether we are processing your personal data and provide you with a copy of that personal data.
right to rectification - if the personal data we hold about you is inaccurate or incomplete, you have the right to have it rectified or completed. We will take every reasonable step to ensure personal data which is inaccurate is rectified. If we have shared your personal data with any third parties, we will tell them about the rectification where possible.
right to erasure - we delete your personal data when it is no longer needed for the purposes for which you provided it. You may request that we delete your personal data and we will do so if deletion does not contravene any applicable laws. If we have shared your personal data with any third parties, we will take reasonable steps to inform those third parties to delete such personal data.
right to withdraw consent - if the basis of our processing of your personal data is consent, you can withdraw that consent at any time.
right to restrict processing - you may request that we restrict or block the processing of your personal data in certain circumstances. If we have shared your personal data with third parties, we will tell them about this request where possible.
right to object to processing - you may request that we stop processing your personal data at any time and we will do so to the extent required by the GDPR.
right to data portability - you may obtain your personal data from us that you have consented to give us or that is necessary to perform a contract with you. We will provide this personal data in a commonly used, machine-readable and interoperable format to enable data portability to another data controller. Where technically feasible, and at your request, we will transmit your personal data directly to another data controller.
the right to complain to a supervisory authority - you can report any concerns you have about our privacy practices to the relevant data protection supervisory authority.
Where personal data is processed for the purposes of direct marketing, you have the right to object to such processing, including profiling related to direct marketing.
If you would like to exercise any of your above rights, please contact us at privacy@swipedon.com. If you are not satisfied by the way your query is dealt with by our data protection officer, you may refer your query to your local data protection supervisory authority e.g. in the United Kingdom, this is the Information Commissioner’s Office.
Children
We do not intend to collect personal data from children aged under 16. If you have reason to believe that a child under the age of 16 has provided personal data to us through our website and/or by using our services, please contact us at privacy@swipedon.com
Cookies
We use cookies, pixel tags (also known as web beacons or clear gifs) and similar storage technologies. Please refer to our Cookie Policy for further information, including information on how you can disable these technologies.
International transfer of data
The Account and Marketing Data may be transferred to, and stored in, a country operating outside the European Economic Area (EEA). Under the GDPR, the transfer of personal data to a country outside the EEA may take place where the European Commission has decided that the country ensures an adequate level of protection. In the absence of an adequacy decision, we may transfer personal data provided appropriate safeguards are in place.
Some of the Account and Marketing Data we collect is processed in New Zealand (where our registered office is located). New Zealand is recognised by the European Commission as a country that ensures an adequate level of data protection and we rely on this decision in transferring personal data to New Zealand.
Some of the Account and Marketing Data we collect is processed by third party data processors in other countries, including the United States. These countries are not subject to an adequacy decision by the European Commission and instead, in transferring your personal data to these countries, we take other appropriate safeguards as prescribed by the GDPR. We have verified that our data processors in the United States have self-certified under the EU-US Privacy Shield framework.
Data retention policy
Account and Marketing Data that we collect and process will not be kept longer than necessary for the purposes for which it is collected, or for the duration required for compliance with applicable law, whichever is longer.
Contact us
You can contact us at privacy@swipedon.com
EU Representative
The nominated Representative for data protection matters within the European Union, pursuant to Art. 27 of Regulation (EU) 2016/679 (the General Data Protection Regulation, or GDPR), is:
Rickert Rechtsanwaltsgesellschaft mbH
- Swiped On Limited-
Colmantstraße 15
53115 Bonn
Germany
Email art-27-rep-swipedon@rickert.law
UK Representative
The nominated Representative for data protection matters within the United Kingdom, pursuant to Art. 27 of Regulation (EU) 2016/679 (the General Data Protection Regulation, or GDPR), is:
Rickert Services Ltd UK
- Swiped On Limited-
PO Box 1487
Peterborough
PE1 9XX
United Kingdom
Email art-27-rep-swipedon@rickert-services.uk
SwipedOn cookie policy
Your continued use of our website or the Service, including the SwipedOn App, (both as defined in the SwipedOn Terms of Service) will signify your acceptance of this Policy. We may modify this Policy without notifying you, so we encourage you to check this Policy from time to time.
By using the website or the Service, you are agreeing that we can use the cookies described in this Cookie Policy. You can stop cookies by changing the settings on your browser.
Changes to this policy
We may change this policy by uploading a revised policy onto our website (www.swipedon.com) (the website). Unless stated otherwise, the change will apply from the date that we upload the revised policy.
What are cookies?
Cookies are text files containing small amounts of information which are downloaded to your browsing device, e.g. a computer or smartphone, when you visit a website. Cookies can be recognised by the website that downloaded them, or other websites that use the same cookies. This helps websites know if the browsing device has visited them before.
Cookies do lots of functions, like helping us understand how the website is being used, letting users navigate between pages effectively, remembering your preferences, and generally improving your browsing experience. Cookies can also help ensure marketing you see online is more relevant to you and your interests.
In this policy, we also use the term cookie to refer to similar technologies such as pixel tags. A pixel tag (also known as a web beacon) is a small string of code that represents a clear graphic image and is used in conjunction with a cookie. In contrast to cookies, which are stored on a user's computer hard drive, pixel tags are embedded invisibly on web pages or in emails. A pixel tag allows us to capture certain additional types of information about a visitor's actions on a web site, such as a visitor's cookie number, the time, date, duration and number of page views, a description of the page where the tag is placed and details about any items that were purchased. Pixel tags help us analyse our customers' online behaviour and measure the effectiveness of our website and our advertising. We work with service providers that help us track, collect and analyse this information.
What types of cookies does SwipedOn use?
The types of cookies used by most websites can generally be put into five categories: Strictly Necessary, Performance, Functionality, Tailored Content and Targeting. You can see what cookies we use.
Strictly necessary cookies
These cookies are essential for the full functionality of our website and the Service. They enable you to navigate around our website and the Service and use their features, such as accessing secure areas. Without these cookies, you may not be able to access all the functions of our website or the Service.
Performance cookies
These cookies collect information about how you use our website or the Service, e.g. which pages are the most visited and if you receive any error messages from any pages. These cookies do not gather information that identifies you. All information these cookies collect is anonymous and only used to improve how our website and the Service works.
Functionality cookies
These cookies allow our website and the Service to remember the choices you make, e.g. your user name, language or your region. These cookies can also be used to remember the changes you made to text size, font, and other parts of pages that you can customise. They may also be used to provide services you have requested, e.g. watching a video or commenting on a post. The information these cookies collect may be anonymous and they cannot track your browsing activity on other websites.
Tailored content cookies
These cookies help our website and the Service provide enhance features and display content in a way that is relevant to you. They help determinate what information is shown on our website and the Service based on how you have used our website and the Service previously. These cookies also track your browsing activity on other websites.
Targeting cookies
These cookies are used to deliver advertisements that are more relevant to you and your interests. They are also used to limit the number of times you seen an advertisement as well as help measure the effectiveness of the advertising campaign. They remember that you have visited a website and this information may be shared with other organisations such as advertisers. This means that after you have been to our website, you may see some advertisements about our services elsewhere on the Internet.
You may opt-out or targeted advertising at http://www.youronlinechoices.eu/. Please note this does not opt you out of being served advertising. You will continue to receive generic ads.
How long will cookies stay on my browsing device?
The length of time a cookie will stay on your browsing device depends on whether it is a persistent or session cookie. Session cookies will only stay on your browsing device until you stop browsing.
Persistent cookies will stay on your browsing device until they expire or are deleted.
First and third party cookies
First party cookies are cookies that belong to SwipedOn, while third party cookies are cookies that another party places on your browsing device through our website or the Service.
We use Google Analytics, which may use Google’s own cookies. Information about Google’s cookies is available from: https://www.google.com.au/policies/technologies/types/. Google’s applicable privacy policy for Google Analytics cookies is available at: https://www.google.com/policies/privacy/partners/
We also use Facebook pixels. These allow third parties, including Facebook, to collect or receive information from our website and elsewhere on the internet and use that information to provide measurement services and target ads. Facebook’s privacy policy is at: https://www.facebook.com/about/privacy/
How to control and delete cookies through your browser
The browser you are using to view the website or use the Service can enable, disable or delete cookies. To do this, please follow the instructions provided for your browser.
Please note that if you set your browser to disable cookies, you may not be able to access certain parts of the website or the Service. Other parts of the website or the Service may also not work properly. You can find out more information about how to change your browser cookie settings at http://www.aboutcookies.org.uk.
Third party website cookies
Other websites may use different cookies from those SwipedOn uses. You acknowledge and agree that SwipedOn is not responsible for any third party websites or applications and you access third party websites and applications at your own risk. Please understand other websites and applications are independent from SwipedOn so you must inform yourself of their separate cookie policies.