Privacy Policy

Who We Are

MyRisk Management Pty Ltd ABN 57 659 328 720 (MyRISK®) takes your privacy seriously and is committed to responsible privacy practices. We seek to comply with relevant laws, including the Privacy Act 1988 (Cth) (Privacy Act) and the EU General Data Protection Regulation (GDPR), where applicable. This policy describes how MyRISK® manages your personal information including details of what types of personal information MyRISK® collects, how MyRISK® collects your personal information, the purposes for which MyRISK® uses your personal information and to whom your personal information is disclosed.

What Data We Collect

The types of personal information MyRISK® collects about you will depend on the purpose for which the information is collected. MyRISK® may collect first name, last name, email address, and telephone number on this website. MyRISK® also collects general analytics and other technical information (such as your IP address, device type, unique device identification numbers, browser types, Internet Service Provider details, geolocation data, browsing preferences, searches, and usage of MyRISK® websites or products) arising from your use of MyRISK® websites or products. In addition to the types of personal information identified above, MyRISK® may collect personal information as otherwise permitted or required by law.

How We Collect It

MyRISK® may collect personal information directly from you, including when you:

  • use the MyRISK® website, products or services;
  • apply to work with MyRISK® or are engaged by MyRISK® as a contractor;
  • communicate with MyRISK® by email, by telephone, in person, via a website or otherwise.

In some cases MyRISK® may also collect personal information from:

  • publicly available sources;
  • entities with which MyRISK® conducts business; and
  • other third parties (for example, from referees if you apply for a position as an employee or contractor with us).

MyRISK® also uses cookies and similar technologies to recognise you and/or your devices across our website, products or services.

Why We Collect And Use It

In general MyRISK® collects, uses and discloses your personal information for purposes connected with its business operations.MyRISK® will only collect, use, and disclose personal information about you if it has lawful basis to do so, for example:

  • where you have given MyRISK® your consent;
  • where processing of your personal information is necessary for the performance of a contract with you;
  • to meet MyRISK® legal obligations; and
  • to pursue MyRISK® legitimate business interests.

MyRISK® may use or disclose your personal information:

  • for the purposes for which MyRISK® collected it (and related purposes which would be reasonably expected by you);
  • for other purposes to which you have consented; and
  • as otherwise authorised or required by law.

Some of the specific purposes for which MyRISK® collects, uses and discloses personal information are as follows:

  • to provide its products and services to its users;
  • to enable the proper operation and functionality of its products and services;
  • to improve its products and services;
  • to verify your identity (for example, if you request access to the personal information MyRISK® holds about you);
  • to consider you for a job at MyRISK® (whether as an employee or contractor) or other relationships with MyRISK®;
  • to provide goods or services to you or to receive goods or services from you;
  • to address any issues or complaints that MyRISK® has or you have regarding our relationship;
  • to comply with its legal obligations;
  • to develop and improve the quality of its websites and products and customise its websites and products according to your preferences, tailor search results, and show relevant advertising;
  • for direct marketing purposes; and
  • to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.

If MyRISK® is unable to collect your personal information then MyRISK® may not be able to provide you with the products, services and opportunities that depend on the collection of that information.

Who Else Gets It

MyRISK® may disclose your personal information to third parties in connection with the purposes described above.

This may include disclosing your personal information to the following types of third parties:

  • its related companies;
  • any potential third party acquirer of MyRISK® or its business or assets, and advisors to that third party;
  • its professional advisers (such as lawyers, accountants or auditors) and insurers;
  • its employees, contractors and third party service providers who assist MyRISK® in performing its functions and activities e.g. payment systems operators and financial institutions, cloud service providers, data storage providers, telecommunications providers and IT support services providers;
  • organisations authorised by MyRISK® to conduct promotional, research or marketing activities;
  • third parties to whom you have authorised MyRISK® to disclose your information (e.g. referees); andany other person as required or permitted by law.
  • If MyRISK® discloses your personal information to third parties it will use reasonable commercial efforts to ensure that such third parties only use your personal information as reasonably required for the purpose of disclosure and in a manner consistent with applicable laws, for example by (where commercially practical) including suitable privacy and confidentiality clauses in MyRISK® agreement with a third party service provider to which MyRISK® discloses your personal information.
Where It Is Stored

MyRISK® stores personal information in servers in Australia and USA, operated by its service providers including Google, Microsoft and Oracle.
Except where an exception applies under the Privacy Act or other relevant legislation, MyRISK® will take reasonable steps to ensure that overseas recipients to whom MyRISK® discloses personal information do not breach the Australian Privacy Principles stated in the Privacy Act, and any other relevant legislation relating to privacy and data security, in relation to such information.

How Personal Information Is Protected

MyRISK® engages service providers to store your personal information, including Google, Microsoft, and Oracle. MyRISK® recommends that you review these companies’ privacy policies to understand how they use and store your personal information.

MyRISK® will take reasonable steps to keep any personal information it holds about you secure.

However, you acknowledge that the security of personal information transmitted over the internet cannot be guaranteed. MyRISK® cannot guarantee that any personal information you disclose to MyRISK® will not become publicly available. Except to the extent liability cannot be excluded due to the operation of statute, MyRISK® excludes all liability (including in negligence) for the consequences of any unauthorised access to, disclosure of, misuse of or loss or corruption of your personal information.

Nothing in this policy restricts, excludes or modifies or purports to restrict, exclude or modify MyRISK® obligations under the Privacy Act and any other applicable legislation or any statutory consumer rights you may have under any applicable law including the Competition and Consumer Act 2010 (Cth).
Please notify MyRISK® immediately if you become aware of any breach of security.

How Long We Keep It

Generally, MyRISK® will retain your personal information for the period necessary for the purposes for which your personal information was collected (as outlined in this policy) unless a longer retention period is required by law.

This means that MyRISK® will store your personal information for the following periods:

  • if your personal information is provided to MyRISK® by a subscriber or re-seller: only for so long as MyRISK® requires it for the purpose of its agreement with the subscriber or re-seller;
  • if you unsuccessfully apply for a job at MyRISK® (whether as an employee or contractor): up to 6 months;
  • if you work at MyRISK® (whether as an employee or contractor): up to 6 years after you cease working with MyRISK®;
  • if MyRISK® processes your personal information in connection with you being a supplier to MyRISK®(or an employee or contractor of a supplier) or in connection with you being a subscriber or re-seller (or an employee or contractor of a subscriber or re-seller): up to 6 years from your last interaction with MyRISK®; and
  • if MyRISK® processes your personal information for direct marketing purposes or processes your personal information based on your consent, MyRISK® may process the information until you ask MyRISK® to stop and for a short period after that (to allow MyRISK® to implement your request). MyRISK® will indefinitely keep a record of the fact that you have asked MyRISK® not to send you direct marketing or to process your information so that MyRISK® can respect your request in future.
How To Access Or Correct Personal Information

You may seek access to personal information MyRISK® holds about you by contacting MyRISK® as described in the “How to contact us” section below.
MyRISK® will provide access to that information in accordance with applicable legal requirements, subject to certain exemptions which may apply. MyRISK® may require that the person requesting access provide suitable identification and where permitted by law MyRISK® may charge a fee for giving access to your personal information.

If the personal information was provided to MyRISK® by any of MyRISK® subscribers or re-sellers, MyRISK® may advise the relevant subscribers or re-sellers of your request and liaise with them about it.

If you become aware that any personal information MyRISK® holds about you is incorrect or if you wish to update your information, please contact MyRISK® as described in the “How to contact us” section below.

How To Complain

You may make a privacy complaint in relation to personal information MyRISK® holds about you by contacting MyRISK® as described in the “How to contact us” section below.

If you make a privacy complaint, MyRISK® Privacy Officer or another suitable staff member of MyRISK® will investigate the matter and attempt to resolve it as soon as reasonably possible.

If you consider your privacy concerns have not been resolved satisfactorily by MyRISK®, or you wish to obtain more information on privacy requirements:

you can contact the Office of the Australian Information Commissioner on 1300 363 992 or visit their website at oaic.gov.au; and
if you are located in the European Union you can contact your local data protection authority: https://edpb.europa.eu/about-edpb/board/members_en.

Your Rights In The EU

If you are located in the European Union, you may have the following rights:

  • The right to access, rectify or update the personal information MyRISK® holds about you.
  • The right to request erasure of personal information MyRISK® holds about you, for example if the personal information is no longer necessary to provide services to you.
  • The right to require MyRISK® to stop using all or some of your personal information (for example, if MyRISK® no longer has a legal right to keep using it) or to restrict its use of your personal information (for example, if you consider that the personal information MyRISK® holds about you is inaccurate or if it is unlawfully held).
  • The right to data portability. In some circumstances you have the right to be provided with a copy of the personal information MyRISK® has about you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You may withdraw your consent at any time where MyRISK® relied on your consent to process your personal information.

MyRISK® may ask you to provide suitable identification when you seek to exercise any of these rights.

Compliance With Laws

Where local laws allow for an exemption to compliance with certain legal obligations (for example, the employee records exemption in Australia), MyRISK® may rely on such an exemption.

This policy will not apply to the extent that it is inconsistent with any applicable law.

Changes To This Policy

MyRISK® may change this policy from time to time at its discretion. This policy was last updated in August 2022.

If MyRISK® makes further updates to this policy, MyRISK® will post the amended policy on its websites. Your continued dealings with MyRISK®, for example use of its websites, products or services, will signify your agreement to this policy as amended.

How To Contact Us

If you have a query, concern or complaint about the manner in which your personal information has been collected or handled by MyRISK® or would like to request access to or correction of the personal information MyRISK® holds about you please contact MyRISK® Privacy Officer via email to support@myrisk.io

Request a Demo (or other action)