Skip to main content

StackOps Privacy Policy

Thank you for your interest in StackOps! This Privacy Policy describes how and when we, Ngin Pty Limited (ABN 30 662 064 762) (Ngin, we, us, our) collect, hold, use, transfer, disclose and otherwise processes personal information. This Privacy Policy applies to personal information that we collect through our website, online forms, email and telephone and video calls. The StackOps software (StackOps Software) does not collect any personal information. By using our website, you consent to us collecting, maintaining, transferring, using, processing, holding and disclosing your personal information in the manner described in this Privacy Policy.

We are committed to complying with our privacy obligations in accordance with all applicable data protection laws, including the Australian Privacy Principles contained in Schedule 1 to the Privacy Act 1988 (Cth) (each, an APP), the Privacy Act 2020 (New Zealand) (Privacy Act (New Zealand)) and the Information Privacy Principles contained in Part 3 of the Privacy Act (New Zealand) (each, an IPP) and the EU General Data Protection Regulation 2016/679 (GDPR). If we decide to change this Privacy Policy, we will post the updated version on this webpage. Our policy is to always be open and transparent about our privacy practices.

Details about how we collect and process personal information collected from New Zealand and EU data subjects is set out at the end of this Privacy Policy.

  1. What is Personal Information? When used in sections 1-11 of this Privacy Policy, the term “Personal Information” has the meaning given to it in the Privacy Act 1988 (Cth). In general terms, it is any information that can be used to personally identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered Personal Information.

  2. What type of Personal Information does Ngin collect and hold about me? We may collect any of the following information about you if you provide Personal Information to us via our website or make an enquiry with us via another method: contact details (including, name, address and email address).

  3. How does Ngin collect Personal Information about me? Ngin collects your Personal Information directly from you unless it is unreasonable or impracticable to do so. We may collect Personal Information from you in various ways, including when you write to or email us, when you access and use our website and during conversations between you and our representatives.

  4. Why does Ngin collect, hold, use and disclose your Personal Information? Ngin collects this information for a number of purposes including:

    • to enable us to accept and process your payment of licence fees applicable to the StackOps Software;
    • to comply with applicable laws or regulations;
    • for our internal administrative, marketing, planning, product development and research requirements;
    • to update our records and keep your contact details up to date;
    • to deal with your queries or customer service issues promptly, whether by email, telephone or post;
    • to process and respond to any complaint made by you;
    • to accept and process payments made by you via our website or otherwise;
    • to assess the performance of our website and to improve the operation of our website;
    • for Ngin’s marketing purposes;
    • for Ngin’s administrative, planning, product or service development, quality control and research purposes;
    • as set out in paragraph 7;
    • to comply with any legal, contractual or statutory obligations; and
    • for any other purpose you would reasonably expect Ngin to use or disclose that Personal Information for that other purpose where that other purpose is related to the purpose for which the information is collected.

    Your Personal Information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy.

  5. What happens if we can’t collect your Personal Information? If you do not provide us with your Personal Information, you can only have limited interaction with us. For example, you can browse our website without providing us with Personal Information, such as the pages that generally describe the StackOps Software that we make available, and our Contact Us page. However, when you submit a form on our website or deploy, operate or use the StackOps Software, we need to collect Personal Information from you in order to identify who you are, so that we can supply you with the StackOps Software and for the other purposes described in this Privacy Policy. You have the option of not identifying yourself or using a pseudonym when contacting us to enquire about the StackOps Software but not if you wish to actually use the StackOps Software or any part thereof. It is not practical for us to provide you with access and/or use of the StackOps Software (or any part thereof) if you refuse to provide us with Personal Information.

  6. What about direct marketing? We may send you direct marketing communications and information about our products and services that we consider may be of interest to you. These may include:

    • offering to provide you with products or services provided by us and third party business partners; or
    • sending you news and other information about Ngin’s activities and general promotional material which Ngin believes may be of interest to you.

    These communications may be sent in various forms, including mail, SMS and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). When Ngin does this, Ngin will provide you with an express opportunity to decline receiving any further communication of this type via an opt-out mechanism. If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. You may at any time request not to receive direct marketing from Ngin by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your details are removed from our mailing list.

  7. Offshore disclosure We may transfer Personal Information to our contractors and service providers who assist us with the supply and provision of the StackOps Software and/or our website, and to assist us with the operation of our business generally, where we consider it necessary for them to provide that assistance. We will take reasonable steps to ensure that such recipients do not breach the APPs in relation to Personal Information or other relevant State and Territory laws (as applicable).

  8. What happens if I want to access or correct the Personal Information held about me? You may request access to your Personal Information held by Ngin at any time by contacting us. We will handle all requests for access to Personal Information in accordance with our statutory obligations. You can request to receive a copy of your Personal Information by emailing dataprivacy@ngin.com.au. Ngin may charge you a reasonable fee to cover its administrative and other reasonable costs in providing the information to you. We will not charge for simply making the request and will not charge for making any corrections to your Personal Information. We will endeavour to provide a response to any request for access to Personal Information within 72 hours from the time a request is made. There may be instances where we cannot grant you access to the Personal Information about you that we hold. For example, we may not be able to provide access to information in the following situations:

    • where in Ngin’s opinion providing your access may create a serious threat to the life or health of any individual or may be an unreasonable intrusion into the privacy of another individual;
    • where your request for access is, in Ngin’s opinion, frivolous or vexatious; or
    • where providing access would be unlawful, may prejudice an investigation of possible unlawful activity, may prejudice enforcement of law, or denying access is specifically authorised by law.

    If for any reason Ngin does not allow you to access your Personal Information, we will provide you with reasons in writing for its decision. We rely on you to ensure that all Personal Information collected and held by us about you is accurate, up to date, complete, relevant and not misleading. If you believe that Personal Information that Ngin holds about you is incorrect, incomplete, inaccurate or misleading, then you may request that we update, modify or correct such Personal Information by contacting our Privacy Officer using the details set out below. Ngin will consider if the information requires amendment. If Ngin does not agree that there are grounds for amendment, then we will will add a note to the Personal Information stating that you disagree with it.

  9. Who does Ngin disclose my Personal Information to? We may disclose your Personal Information:

    • to personnel of Ngin for the purposes of operating our business, fulfilling requests by you, and to otherwise provide products and services to you;
    • to potential acquirers, joint venture partners, business partners and other similar third parties where we or a member of our corporate group undergo a potential or actual merger, corporate restructure or acquisition;
    • where it is brought to our attention that specific Personal Information needs to be disclosed to protect the safety or vital interests of any person;
    • if we are contacted by any person who represents to us that they are our customer. For security purposes, we will discuss the Personal Information that we hold about them with them but only if they verify their identity;
    • governmental authorities, bodies and regulators for the enforcement of a law imposing a pecuniary penalty or to avoid prejudice to the maintenance of the law by any public sector agency;
    • to our accountants, lawyers and other advisors where we engage them to assist us with any matter;
    • to any court or tribunal for the conduct of proceedings (being proceedings that have been commenced or are reasonably in contemplation);
    • to suppliers and other third parties with whom we have commercial relationships, for business, marketing, and related purposes;
    • to any third party such as financial institutions for any authorised purpose with your express consent; and
    • to any persons, entities or bodies where required by law.

    Ngin does not sell your Personal Information to third parties.

  10. How does Ngin keep my Personal Information secure? Ngin will take reasonable steps to ensure Personal Information Ngin collects, uses or discloses is stored in a secure environment that is accessed only by persons authorised by Ngin so as to prevent interference, misuse, loss, unauthorised access, modification or disclosure. We hold and store Personal Information that we collect in the following locations:

    • our offices, computer systems and third party owned and operated hosting facilities;
    • third party owned cloud-based email providers;
    • third party owned cloud-based customer relationship management and email marketing providers; and
    • on electronic devices at our offices and at the premises of our personnel.

    We implement the following technical and organisational security measures in our organisation:

    • we only use reputable hosting providers to host Personal Information;
    • passwords, other access control procedures and antivirus software in our computer systems;
    • antivirus software; and
    • physical security measures in our buildings and offices such as door and window locks and visitor access management, cabinet locks, use of access cards and alarms.

    It is our policy to retain Personal Information in a form which permits identification of any person only as long as is necessary for the purposes for which the Personal Information was collected; and for any other related, directly related or compatible purposes if and where permitted by applicable law. We will only process Personal Information that you provide to us for the minimum length of time permitted by applicable law and only thereafter for the purposes of deleting or returning that Personal Information to you (except where we also need to retain the data in order to comply with our legal obligations, or to retain the data to protect your or any other person's vital interests). Where you require Personal Information to be returned, it will be returned to you at that time, and we will thereafter delete all then remaining existing copies of that Personal Information in our possession or control as soon as reasonably practicable thereafter, unless applicable law requires us to retain the Personal Information, in which case we will notify you of that requirement and only use such retained data for the purposes of complying with those applicable laws. We may require payment of a reasonable fee by any person who requires access to their Personal Information that we hold, except where such a fee would be contrary to applicable law. We will not charge you for the making of any such request. We will endeavour to provide a response to any request for access to Personal Information within 72 hours from the time a request is made.

  11. Our contact details Any person who wishes to contact us for any reason regarding our privacy practices or the Personal Information that we hold about them, or make a privacy complaint, may contact us as follows: Contact: Privacy Officer Email: dataprivacy@ngin.com.au We endeavour to resolve any privacy complaint with the complainant within a reasonable time frame given the circumstances. This may include working with the complainant on a collaborative basis or otherwise resolving the complaint. If the complainant is not satisfied with the outcome of a complaint or they wish to make a complaint about a breach of the Australian Privacy Principles, they may refer the complaint to the Office of the Australian Information Commissioner who can be contacted using the following details: Telephone: 1300 363 992 Email: enquiries@oaic.gov.au Address: GPO Box 5218, Sydney NSW 2001

  12. NEW ZEALAND CURRENT AND POTENTIAL CUSTOMERS AND USERS OF THE STACKOPS SOFTWARE This section of our Privacy Policy applies to Personal Information about individuals whose data is collected and processed by us that is governed by the Privacy Act 2020 (New Zealand). When used in sections 12-17 of this Privacy Policy, the term “Personal Information” has the meaning given to it in the Privacy Act 2020 (New Zealand).

  13. Collection of Personal Information For information about the categories of Personal Information that we collect about current and potential customers and users of the StackOps Software, and how and why we collect it, and how we use it, please see sections 2, 3 and 4 of this Privacy policy above.

  14. Provision of Personal Information to third parties Where it is necessary for Personal Information to be given to a third party in connection with the provision of services that they provide to us, we will do everything reasonably within our power to prevent unauthorised use or unauthorised disclosure of the information by them. The specific Personal Information that we collect, how we collect it, how we use it and who we disclose it to, is set out above in this Privacy Policy.

  15. Storage and security of Personal Information If we hold Personal Information about you, we will ensure that the information is protected by such security safeguards as are reasonable in the circumstances to take against loss, access, use, modification, unauthorised disclosure and other misuse. If it is necessary for the information to be given to a person in connection with the provision of a service to us, everything reasonably within our power is done to prevent unauthorised use or unauthorised disclosure of the information.

  16. Requests for access to and correction of Personal Information Individuals whose Personal Information is governed by the Privacy Act (New Zealand) are entitled to seek access to and correction of it in accordance with that legislation. We rely on you to ensure that all Personal Information collected and held by us about you is accurate, up to date, complete, relevant and not misleading. You may request urgent access to your Personal Information in accordance with section 41 of the Privacy Act (New Zealand) and state why the request should be treated as urgent. We will on receipt of such request, consider the request and reasons, determine the priority given to it and ensure that we provide reasonable assistance to a person who makes such a request. In the event that a person wishes to access their Personal Information and it is readily retrievable by us, they can also request from us any of the following:

    1. to obtain confirmation from us as to whether or not we hold such Personal Information;
    2. access to the Personal Information; and
    3. be advised if they are able to correct such Personal Information.

    We will as soon as possible and in any event no later than 20 working days from the date on which the request is made, decide to grant or refuse the request and provide the person who made the request with or post to them, our decision. We may in our discretion charge a reasonable fee for making information available in compliance with the request or for correcting any information in compliance with a request (in whole or in part) or for attaching a statement of any correction sought but not made, subject to our compliance with the IPPs. If a person submits a request to access their Personal Information to us, we may refuse their request on one or more of the grounds set out in the Privacy Act (New Zealand). If we refuse to comply with a request to access their Personal Information, we will provide the individual who made the request with our reasons for our denial and an opportunity to file a complaint with the Commissioner, to seek an investigation and a review of the refusal. Where we hold Personal Information governed by the Privacy Act (New Zealand) about an individual, they are entitled to request correction of the information and request that there be attached to the information a statement of the correction sought but not made. We will only hold Personal Information for as long as is required for the purposes for which the information may lawfully be used.

  17. Complaints If you are not satisfied with our response to any privacy-related concern that you may have, you can contact the Privacy Commissioner: Office of the Privacy Commissioner PO Box 10-094, Wellington, New Zealand Phone: 04 474 7590 / Fax: 04 474 7595 Enquiries Line (from Auckland): 302 8655 / Enquiries Line (from outside Auckland): 0800 803 909 Email: enquiries@privacy.org.nz

  18. EUROPEAN CURRENT AND POTENTIAL CUSTOMERS AND USERS OF THE STACKOPS SOFTWARE This section of our Privacy Policy applies to Personal Data about individuals whose data is collected and processed by us that is governed by the GDPR. When used in sections 18-27 of this Privacy Policy, the term “Personal Data” has the meaning given to it in the GDPR. We are ‘controllers’ in respect of Personal Data processed by us about current and potential customers and users of the StackOps Software. We are committed to complying with our obligations under the GDPR.

  19. Collection of Personal Data For information about the categories of Personal Data that we collect about current and potential customers and users of the StackOps Software, and how and why we collect it, and how we use it, please see sections 2, 3 and 4 of this Privacy Policy above. This applies equally to Personal Data governed by the GDPR.

  20. Purpose for processing Personal Data about current and potential customers and users of the StackOps Software, and our legal basis for doing so Detailed information about the purpose of processing Personal Data about current and potential customers and users of the StackOps Software, and our legal basis for doing so, is set out at section 4 of this Privacy Policy above. This applies equally to Personal Data governed by the GDPR.

  21. Who will receive Personal Data about current and potential customers and users of the StackOps Software Detailed information about who we disclose Personal Data to is set out in section 9 of this Privacy Policy above. This applies equally to Personal Data governed by the GDPR.

  22. International transfers We only transfer Personal Data about current and potential customers and users of the StackOps Software governed by the GDPR internationally in compliance with the GDPR. We will only engage new third parties to process Personal Data governed by the GDPR in compliance with the requirements of the GDPR. We have legally binding agreements in place that govern the receipt and processing of Personal Data transferred offshore. Information about other appropriate or suitable safeguards is available from us for current and potential customers and users of the StackOps Software whose Personal Data is governed by the GDPR, on request. We will not transfer Personal Data that originates in the EEA outside of the EEA.

  23. Retention of Personal Data about current and potential customers and users of the StackOps Software It is our policy to retain Personal Data in a form which permits identification of any person only as long as is necessary for the purposes for which the Personal Data was collected for the minimum length of time permitted by applicable law and only thereafter for the purposes of deleting or returning that Personal Data (except where we also need to retain the data in order to comply with our legal obligations, or to retain the data to protect any other person's vital interests).

  24. Requirement to provide Personal Data about current and potential customers and users of the StackOps Software Please see section 5 of this Privacy Policy above for information about the requirement to provide Personal Data to us and the limitations that apply where Personal Data is not provided. Those requirements and limitations apply equivalently to Personal Data governed by the GDPR.

  25. Automated decision-making Ngin does not employ functionality that uses automated decision-making.

  26. Further processing activities by us We will not carry out any further processing activities on Personal Data about current and potential customers and users of the StackOps Software, other than as set out in this Privacy Policy.

  27. Rights under the GDPR Under the GDPR, if the GDPR applies to you, you have a number of rights, including:

    1. The right to be informed;
    2. The right of access;
    3. The right to rectification;
    4. The right to erasure;
    5. The right to restrict processing;
    6. The right to data portability; and
    7. The right to object to processing.

    If the GDPR applies to you, you also have the right to lodge a complaint with any relevant supervisory authority.

28th November 2023