ish group pty ltd is the Controller of certain Personal Data as described in this document. We offer a wide range of services, including software as a service, websites, ecommerce systems, student and customer management systems and more. We refer to all these products as “Services” in this document.

If you do not agree with this policy, do not access or use our Services or interact with any other aspect of our business.

This Privacy Policy does not apply to the extent that we process Personal Data in the role of a service provider on behalf of our customers. If you are an end user interacting with an organisation using our Services (for example a student, trainer or customer) you should consult that organisation directly to enquire about their own privacy policies. We are not responsible for the privacy or data security practices of our customers, which may differ from those in this Privacy Statement.

Processing activities covered

This Privacy Policy applies to the processing of Personal Data collected by us when you:

  • Visit our websites, social media pages or other online resources controlled by us
  • Visit us in person
  • Receive communications from us
  • Use our Services as a customer (or employee/contractor of our customer) where we act as a controller of your Personal Data, but not if you are a trainer or customer of our customer
  • Register for or take part in our events and webinars
  • Participate in community and open source development

Processing of Personal Data is required for receiving certain products, obtaining support or services.

What information we collect

We collect information about you when you enter it into the Services or otherwise provide it directly to us.

  • Information you enter through our support channels, including screenshots and other information related to your support request. This may include personally identifying information.
  • Payment information when you or your organisation pay for our services.
  • Contact details including name, phone, email and physical addresses which you may provide to us
  • Content you enter into our services, such as account and profile registration details and contact details.
  • Content you enter into our website such as demo requests, webinar signup and other forms.
  • Technical and device data collected through your use of our Services, websites, applications and other resources. This includes information about operating system, IP address, browser, device identifiers, URLs and crash data.
  • Cookies and other tracking. We use tracking technologies in conjunction with advertising and analytics third parties to provide functionality and recognise you across Services and devices.
  • Partners. We collect information from partners about your interest and engagement with our Services.

How we use information we collect

To provide Services

We use the information you provide to authenticate you to our Services and customise your experience once logged in. We use your email domain to link you to an organisation. We use your job description and organisation details to customise your experience of the Services.

To tell you about the Services

We will use your contact information to send you information about service interruptions or planned interruptions, to let you know about upcoming changes or release notes of recent changes. We will send you and your organisation accounting information such as invoices, pricing changes and renewal alerts.

To provide support

We use your contact details, linked to your organisation and service level in order to identify whether you are entitled to support and what level of support should be provided. Technical data such as stacktraces or audit logs might contain specific usage information for us to understand how you have used the Services or encountered difficulties.

For research

As part of our ongoing development processes we use aggregated data from our customers to understand how to make our Services more useful, faster and more secure. For example, we analyse messaging templates and usage to understand how to help you communicate more effectively and more easily. We might also test certain features with a subset of users identified by usage patterns before we deploy those features out more broadly.

We measure Service speed and patterns of usage in order to understand which parts of the Service would benefit from additional development.

To market and promote our Services

We use contact information and information about how you use our Services to send you promotions that might be of interest to you. We use information about you and your usage to increase engagement and ensure you are getting best value out of your usage of the Services.

Security and monitoring

We use information about you and your use of our Services to verify accounts and activity, to detect, prevent and respond to potential or actual security incidents and to monitor and protect against other malicious activity including violations of Service policies.

Where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory and audit functions.

Testimonials and stories

With your explicit consent we might publish testimonials or use your experiences as a reference to promote our Services.

How we share information

Support services

When you log private support requests we might share information you provide us with other members of your organisation who you have nominated to include in those communications. When you log requests (such as feature requests) through our open channels such as Github, those communications and the contact details which you decide to share might be available to anyone who visits those channels.

For collaboration

Your use of the Services may be shared with other users in your organisation and with the students, tutors, customers and other people or companies you choose to share information with. You should read the documentation, understand all parts of the Services and keep up to date with release notes in order to understand what information is shared and in what circumstances. For example, you can decide to keep a document private or share it with the entire internet on your website.

Third parties

We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including appropriate security and confidentiality procedures designed to protect your information.

Integrations

You may decide to integrate your Services with third-party services such as website analytics, mailing list management or learning management systems. Enabling or configuring those services will be done under your direction or control.

Business Transfers

We may share or transfer information we collect under this privacy policy in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the Services if a transaction takes place, as well as any choices you may have regarding your information.

Your choices

Region

When you set up your service you can decide which region your data will be stored in. In addition to the region you choose, certain backups and administrative data such as your billing and account data will be held at our head office in Australia.

Updating your data

You will be able to see and update the data we store within the Service. For example, you can update your profile and other contact information.

Delete your account

You can terminate your entire organisation’s account with us and the data contained there will be expunged from our system in accordance with our data retention and backup rotation policies. Some data will be held for longer periods in accordance with government tax regulations and other compliance requirements. You may not be able to delete an individual element of data within the system without terminating the entire account. For example, invoice data is stored in a way which might identify a user and parts of invoices are not editable once created in order to maintain a proper audit trail.

Opt out

You may opt out of receiving promotional communications from us by using the unsubscribe link within each email or by contacting us as provided below to have your contact information removed from our promotional email list or registration database. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our Services.