Privacy Policy
Effective date: April 4, 2024
This Privacy Policy (Policy) applies to all websites, applications, and other services by Corto Pty Ltd (ACN 670 818 292) that link to this Policy (our Services).
Who we are:
In this Policy, Corto means Corto Pty Ltd (ACN 670 818 292) and any of our parents, subsidiaries, affiliates or related bodies corporate, and LEAP North America Pty Ltd and its subsidiaries, affiliates or related bodies corporate (collectively, we, us, our).
Full details of each of our global subsidiaries and affiliates can be found at https://www.leaplegalsoftware.com/subsidiaries-and-affiliates/
This Policy:
This Policy explains how we collect, use, maintain, and disclose information collected about you, including when you visit our website or use our Services, attend one of our events, or otherwise interact with us. This Policy also describes your choices regarding use, access, deletion, and correction of your personal information. By submitting your personal information to us, interacting with our website, or using our Services, you acknowledge and agree to the processing of your personal information as set out in this Policy. If you do not agree to this Policy, you should not use the Services or interact with our website.
If you use our Services as part of an entity or organization that has an agreement with us (such as your employer), the terms of that organization’s contract with us for the Services apply to our collection or use of your personal information through the Services and may restrict processing further than as set out in this Policy.
Contact Us
If you have questions about this Policy, or how we collect, use, or otherwise process your personal information, including the transfer or onward transfer of your personal information outside your jurisdiction of residence, please contact us at:
Privacy Officer, ATI Global
privacy@ati-global.com
For Australia: 1800 007 709
For Europe: (44) 845 683 2517
For Canada: (437) 900 2140
For the US: (844) 702 5327
Level 8, 207 Kent Street Sydney
NSW, Australia 2000
Information we collect, how we use it, and the legal basis we rely on to do so:
When you use or access our Services or otherwise interact with us, we may collect a variety of information about you that contains information that identifies you or may be combined with other information to identify you (your personal information). We may collect this personal information from you or others acting on your behalf (e.g., your employer), from third parties, or automatically through use of the Services.
1. From you or someone acting on behalf of you (e.g., your employer):
2. From others:
3. Automatically:
Where permitted by applicable law and our obligations in contracts with our clients, we may aggregate your non-personally identifiable data and use this data to analyze or improve our Services.
When we act as a service provider, or a sub-processor, we will process personal information in compliance with the instructions of the client, or the processor, as the case may be, who act as either data controller or processor of such personal information.
Who do we share your personal information with?
Where permitted by applicable law, we share your personal information for third parties to deliver the Services or in our legitimate interest. These third parties include:
- Our affiliated companies and offices, which are generally located in the United States, Canada, United Kingdom, Ireland, Poland, Australia, and New Zealand.
- Our professional advisors, such as our auditors, accountants, and lawyers.
- Third-party service providers who perform services on our behalf in connection with our Services. The services provided by such third parties include:
- software suppliers that provide elements of our Services;
- billing and processing payments;
- marketing communications providers;
- maintenance and support of the Services;
- hosting and backup of the Services;
- security of the Services;
- improvement of the Services; and
- analytics and reports on the Services.
- Any other third party where you have provided your consent.
- Other third parties in connection with corporate activities such as a mergers or acquisitions or refinancing.
We may disclose personal information to regulatory authorities and other third parties to comply with a regulatory or legal obligation, to enforce our rights, or where we have a good faith belief that it is necessary for the protection of a legitimate or vital interest such as the safety of a person or property, to the extent permitted by applicable law.
Changes to this Policy
We may update this Policy from time to time for reasons such as operational or regulatory changes. If we make any changes, we will notify you by posting the revised Policy on this page, revising the “Effective Date” at the top of this Policy and, in some cases, we may provide you with additional notice such as within our Services or by sending an email. We encourage you to review our Policy regularly for any changes.
Children
Our website and Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from individuals under the age of 18. If you become aware that an individual under the age of 18 has provided us with personal information, please contact us using the contact details contained in the “Contact Us” section at the beginning of this Policy. If we become aware that an individual under the age of 18 has provided us with personal information, we will take steps to delete such information. We may process the personal information of children in the course of delivering Services when information is provided by a user of the Services.
International transfers
Our Service is hosted and operated in Australia, Canada, the United States and the United Kingdom through Corto and our service providers. By using our Services you acknowledge that your personal information may be accessed by us or transferred to us in those jurisdictions, and accessed by or transferred to our personnel, affiliates, partners, and service providers who are located around the world.
As required by applicable laws, we take appropriate measures to ensure adequate protection of your personal information when it is transferred internationally and, if necessary, seek your prior consent.
Please note that your personal information may be subject to the laws of the jurisdiction in which you or your personal information are situated.
How we protect your personal information while processing, transferring or sharing it
We are committed to ensuring that your information is secure. To prevent unauthorized access or disclosure of personal information we have put in place suitable physical, electronic, and managerial procedures to ensure the security of personal information we hold and process. Some examples of the measures we take include:
- the use of suitable password protection measures and access privileges to monitor and control access to our IT systems;
- we do not generate paper files;
- requiring any third parties engaged by Corto to provide appropriate assurances to handle personal information in a manner consistent with applicable law; and
- taking reasonable steps to securely destroy or de-identify personal information after it is no longer required.
However, the internet is not a secure environment and we cannot warrant that the personal information you share will be completely secure. When you share personal information with us, you do so at your own risk and we recommend that you take security precautions to protect your personal information on the internet. It is your responsibility to keep your password to our Services safe. You should notify us as soon as possible using the “Contact us” section at the beginning of this Policy if you become aware of any misuse of your password, or compromise of the security of the Services, and immediately change your password within the Services.
Storage of personal information
When you cease engaging with us or using the Services, we will store your personal information in identifiable form for the period permitted by applicable laws while we have a legitimate purpose for doing so.
Links to other websites or third-party applications
Our website may contain links to other websites of interest. You should note that we do not have any control over external websites or their privacy procedures. You should exercise caution and review the privacy statement of any website before providing your personal information.
Your rights in relation to your personal information
You have the option to not share information with us. If you choose not to share your personal information with us this may mean you are unable to create a user account or take advantage of some features in our Services. Please note, some information may still be collected about you automatically through your use of our Services.
For personal information that we process on behalf of our clients, we do so on the instructions of the client as a controller. If we process your information on behalf of a client and you wish to exercise any of your data protection rights under applicable law, please contact the relevant client directly.
You have rights under applicable laws regarding your personal information, including to access or request correction of your personal information under applicable privacy laws including but not limited to the Privacy Act 1988 (Cth) or the Personal Information Protection and Electronic Documents Act (Canada).
You may have also have rights under data protection laws in relation to the personal information we hold about you, depending on which laws are applicable (e.g. the European General Data Protection Regulation (GDPR) or the UK Data Protection Act 2018) such as:
- Access: the right to request information regarding our processing of your personal information and access to the personal information which we hold about you.
- Correction: the right to request that we correct the personal information we hold about you if it is inaccurate or incomplete.
- Erasure: the right to request the deletion of your personal information in certain circumstances.
- Restriction: the right to object to, and requesting that we restrict, our processing of your personal information in certain circumstances.
- Transfer: the right to request transfer of your personal information directly to a third party where this is technically feasible.
To submit a request regarding our processing of your personal information, please contact us via the details outlined in “Contact Us” above.
For us to facilitate your request, please ensure that your request specifies the type of request in the subject line and contains the information we need to investigate the request. We may require additional information from you to verify your identity or understand your request before providing additional information or actioning your request.
We will grant your request to exercise the above-mentioned rights to the extent required or permitted (as the case may be) by applicable law and in accordance with the timeframes (if any) in that applicable law.
Marketing communications
You can opt-out of receiving certain marketing communications from us at any time, by clicking the unsubscribe link in the email communications we send, or by contacting us using the details contained in the “Contact Us” section. We may continue to send you non-promotional communications, such as service-related emails, billing information, and certain product updates via email.
How to make a complaint
If you believe that we have not complied with our obligations under this Policy or applicable data protection law, please contact us via the details outlined in the “Contact Us” section above.
We would appreciate the opportunity to help you resolve any concerns you may have regarding our processing of your personal information, but if we are unable to assist you with your issue or you wish to make a complaint, you may have the right to make a complaint to an authority responsible for data protection in your jurisdiction.