User means any person who has registered an account on our Services, either through creating a new workspace themselves or being invited to an existing workspace by a Customer.
Personal Information is as defined in the Privacy Act 1988 (Cth) (“Privacy Act”). The Privacy Act defines ‘Personal Information’ as “Information or an opinion about an identified individual, or an individual who is reasonably identifiable: whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.”
Project/Projects means any research project created by a User on the Services.
Customer Data means any content added by a User to the Services.
As a User of the Services, you provide information to us. This includes:
We log information about your access and use of our Services. This includes:
We collect and use your information:
Dovetail is collaborative cloud product built for teams. This means sharing information with others through the Services, and with certain third parties.
We share information we collect about you in the ways discussed below, including in connection with possible business transfers, but we are not in the business of selling information about you to advertisers or other third parties.
Where we disclose your Personal Information to third parties for the purposes listed below, we will confirm that the third party’s privacy policies and procedures are in accordance with the Privacy Act.
Certain information will be shared with other members of your workspace. These people are usually colleagues you work with day-to-day, or clients you have added to your workspace.
The information shared with other users in your workspace includes:
As part of providing our Services, we use third party services to store and process your Personal Information. This includes third parties that store data outside of Australia.
We share your data with third party services in the following ways:
For more information on our use of third parties, including the geographic location of each subprocessor, see our list of Data Subprocessors.
In addition, we may disclose Personal Information to:
If there is a change of control of our business or a sale or transfer of business assets, we reserve the right to transfer our user databases, together with any Personal Information and non-Personal Information contained in those databases, to the extent permissible by law. This information may be disclosed to a potential purchaser. We would seek to only disclose information in good faith.
Your provision of third party information: If you provide us with third party Personal Information then you warrant to us that you have the third party’s consent.
Access: You may request details of Personal Information that we hold about you, in certain circumstances set out in the Privacy Act 1988 (Cth) (Privacy Act). We may refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please edit your Personal Information or contact us. We rely in part upon customers advising us when their Personal Information changes. We will respond to any request within a reasonable time. We will endeavor to promptly correct any information found to be inaccurate, incomplete or out of date.
Complaints: If you wish to make a complaint, please contact us using the details below and provide us with full details of the complaint. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take in response to your complaint. You also have the right to contact the relevant authority in the country in which you are based.
Unsubscribe: You may opt out of non-transactional or non-account related promotional emails by clicking the “unsubscribe” link located at the bottom of our communications.
Dovetail hosts data with hosting service providers in numerous countries including the United States and Australia. We are committed to ensuring that the information you provide is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information and protect it from misuse, interference, loss and unauthorized access, modification and disclosure.
Where data is transferred over the Internet, the data is encrypted using industry standard SSL (HTTPS), with HTTP Strict Transport Security (HSTS) enabled.
Under the GDPR individuals located in the EU have extra rights. Personal Information under the GDPR is referred to as ‘personal data’ and is defined as: “means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” (Personal Data).
This Appendix sets out the additional rights we give to individuals located in the EU, including how we process Personal Data lawfully, transparently and fairly.
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.
Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data, whether we can achieve those purposes through other means and the applicable legal requirements.
In some circumstances you can ask us to delete your data: see ‘access, erasure and data portability’ below for further information.
In some circumstances we may anonymize your Personal Data (so that it can no longer be associated with you) for analytics, research or statistical purposes in which case we may use this anonymized information indefinitely without further notice to you.
Objecting to processing: You have the right to object to processing of your Personal Data that is based on our legitimate interests or public interest. If this is done, we must provide compelling legitimate grounds for the processing which overrides your interests, rights and freedoms, in order to proceed with the processing of your Personal Data.
Restricting processing: You have the right to request that we restrict the processing of your Personal Data if (i) you are concerned about the accuracy of your Personal Data; (ii) you believe your Personal Data has been unlawfully processed; (iii) you need us to maintain the Personal Data solely for the purpose of a legal claim; or (iv) we are in the process of considering your objection in relation to processing on the basis of legitimate interests.
Access, erasure and data portability: You may have the right to request details of the Personal Data we hold about you, or to request that we erase the Personal Data we hold about you, or that we transfer this information to a third party.
Rectification: If you believe that any Personal Data we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to promptly correct any information found to be inaccurate, incomplete, misleading or out of date.
For questions and notices, please email firstname.lastname@example.org.
Use casesUsability testing analysisCustomer interview analysisNet Promoter Score analysisSurvey response analysisSupport ticket analysisRemote user research
© Dovetail Research Pty. Ltd.
Made in Australia