1. Introduction

CloudLoop Pty. Ltd. ABN 26 662 088 682 (“CloudLoop”) respects your privacy and is committed to the protection of it. This CloudLoop Privacy Policy ( “Privacy Policy”) applies to data collected by CloudLoop through the majority of its web sites and services. This policy also includes data collected by CloudLoop in offline venues. This policy does not apply to CloudLoop sites, services, products or other entities that do not display or link to this Privacy Policy or that have their own privacy statements.

Most private sector organisations in Australia are required by law to comply with Australian Privacy Principles (“APPs”) and are subject to the Privacy Act 1988 (Cth). CloudLoop is bound by these APPs and the Privacy Act 1988 (Cth).

2. Information Collected via the CloudLoop Websites

We may collect information about your visits to our websites, including the pages you view, the links you click and other actions taken in connection with CloudLoop websites and services. We also collect certain standard information that your web browser sends to every website you visit, such as your IP address, browser type and language, access times and referring web site addresses. In most occasions, except when investigating security-related issues or when required to do so by law or legal process, this information is kept apart from and will not be correlated or combined with any information that we may hold elsewhere that could personally identify you.

We may, at times, contract out functions pertaining to marketing-related activities that utilise this data. At all times such data is shared, it is divorced from any information that may be used by third parties to determine the identity of the individuals accessing the website.

3. Collection of Personal Information

Information can be collected as follows:

(a) Directly from you;
(b) Through your visits to our websites;
(c) From third parties acting on your behalf.

You warrant that personal information you provide is accurate, up to date and complete.

4. What information does CloudLoop’ collect?

CloudLoop collects personal information which may include, based on the type of interaction: (a) Contact of CloudLoop via E-Mail or Fax (and via eSupport / Secure Helpdesk)

In the case of CloudLoop Subscribers and former Subscribers, the Subscriber’s Name, E- Mail Address, Facsimiles sent to us, and other information that clients may provide in their course of communication with us. This information can sometimes include the Subscriber’s Telephone Number, Mail Address, financial information pertaining to our Subscriber’s accounts (such as last four digits of their credit card number, or details regarding invoice payments), digital copies of clients’ photo identification (in the case of Secure Shell access requests) and information pertaining to third parties ( e.g. reseller / VPS clients seeking assistance with one of their own subscriber’s accounts).

In the case of individuals who do not subscribe and have not subscribed to CloudLoop’ services, Name, E-Mail Address, Facsimiles sent to us, and other information that may be provided in the course of those individuals’ communication with us.

(b) Interactions Pertaining to Account Billing (including information stored in our Secure Billing System)

In the case of CloudLoop Subscribers and former Subscribers, the Subscriber’s Name; E- Mail Address; Telephone Number; Standard Mail Address; Financial information pertaining to the subscriber’s account(s) such as their credit card number, payment method, billing address, credit card expiry date, and details regarding all invoice payments; sometimes information pertaining to third parties ( e.g. information on the account administrator, in the case of accounts maintained by third parties); Usernames and Passwords assigned to the account(s); Other additional information they clients may provide in their course of communication with us.

In the case of individuals who do not subscribe and have not subscribed to CloudLoop’ services, we do not store any of their personal information in our Secure Billing System.

(c) Interactions With CloudLoop via the Telephone

In the case of individuals who contact us via telephone, the only personal information always collected is their telephone number. Those wishing to preserve anonymity in their contact of CloudLoop may do so if they contact us for lawful purposes ( e.g. product inquiries), and if they use lawful means to un-identify their telephone number (such as “number blocking”). Our telephone representatives reserve the right, however, to request additional information that is required to ensure quality of service. Our telephone representatives will always request additional information to verify your identity before disclosing any personal information about you.

Some calls may be recorded for quality assurance and training purposes. We will always inform you before recording a call.

(d) Generally

Personal information may be collected in other interactions you may have with CloudLoop. Regardless of the source of such interactions, this Privacy Policy will apply to both protect this personal information, and to inform you of the ways in which and the purposes for which that personal information may be used.

In order to access some CloudLoop services via the internet, you will be asked to sign in with an e-mail address and/or username, as well as a password (hereinafter,”your credentials”). As part of creating your credentials, you may also be requested to provide

questions and secret answers and/or an alternative e-mail address. This information is collected to help verify your identity and assist in resetting your password, should such ever become necessary. Some CloudLoop services may require additional security; in these cases, you may be asked to provide additional personal information in order for us to provide you access to those services.

Wherever lawful and practicable, in accordance with Australian Privacy Principle 2, we provide options for you to interact with us anonymously.

Usually, this information is not of a sensitive nature.

4. Use of Personal Information

CloudLoop collects and uses your personal information to operate and improve its websites, and to deliver the services or carry out the transactions you have requested. In particular, this information is used to: provide you with accurate, secure support, sales, and other services; provide you with more effective customer service; make our sites or services easier to use; perform research and analysis aimed at improving our products, services and technologies; display content and advertising that are customised to your interests and preferences; maintain the security of our network and ensuring quality-of-service for all CloudLoop customers.

If CloudLoop received unsolicited information that is irrelevant and/or would not have access to if solicited, and is not public information, CloudLoop will, as soon as is reasonably practicable destroy or de-identify the information.

5. Sharing of Your Personal Information

Except as described in this Privacy Policy, we will not disclose your personal information outside of CloudLoop and its controlled subsidiaries, affiliates, agents and suppliers, without your consent.

Some CloudLoop Services may be co-branded and offered in conjunction with other companies or entities. If you utilise such services, both CloudLoop and the other company may receive information collected in conjunction with the co-branded services. This also includes products or services, such as domain registration and SSL certificates, which although possibly not formally co- branded, involve the transfer of personal information to the entities that provide those services. In all such instances, any personal information we share will be limited to only that which is necessary to provide the aforesaid products or services, and we will make our best efforts to ensure that the use of such data is consistent with the purposes set out in this Privacy Policy.

(a)With respect to SSL Certificates, we are required by our providers of those certificates to collect personal information from you to give to that provider.

(b) With respect to Domain Registration, we are required by our domain providers/registrars to provide accurate personal information with respect to domain ownership. Although it is sometimes an option that such information (normally referred to as “WHOIS” information) to be ”guarded” or “protected,” we cannot make any guarantees with the availability, validity, continued validity of any such arrangements. Because Domain Registration records fall outside of our direct control, we cannot make any guarantees as to the privacy of such information, and highly recommend that you seek independent advice if such matters are of concern to you.

(c) On occasion, we hire or contract with other companies to provide limited services on our behalf, such as providing customer support, processing transactions, or performing statistical analysis of our services. Any personal information we share will be limited to only that which is necessary to provide the aforesaid services. Any such companies are required to maintain the confidentiality of the information and are prohibited from using it for any other purpose.

CloudLoop may also disclose any or all of your personal information to:

(a) Parties which CloudLoop work with;
(b) To a debt collection agency, if required;
(c) Solicitors; or
(d) Any other third parties required for legal obligations and other privacy exceptions.

Without limiting any of your rights under the APPs, we further reserve the right to access and/or disclose your personal information if we believe such action is necessary to: comply with the law or legal process served on CloudLoop; protect and defend the rights or property of CloudLoop (including the enforcement of our agreements); or act in urgent circumstances to protect the personal safety of users of CloudLoop services or members of the public. These rights specifically extend to any subsidiaries, companies or contractors which we retain on our behalf.

6. Security and Storage of Your Personal Information

Although the transfer of information across any media, including the internet, may involve some degree of risk, we carry out the maximum reasonable steps possible to maintain the security and integrity of your personal information. This includes, but is not limited to:

Ensuring all web servers involving financial information or involved in carrying out e- commerce transactions are accessible by Secure Socket Layer (SSL) encryption;

Ensuring all CloudLoop’ servers and systems that contain personal information are protected by passwords;

Maintaining tight access control policies that ensure that personal information is limited to only those individuals that require it, and under the circumstances that are relevant to their employment or contracts;

Ensuring all CloudLoop staff utilise passwords when accessing any system that may contain clients’ personal information;

Engaging in both scheduled and random auditing of our security procedures and privacy compliance;

Other security methods, including storing most personal information on servers located in secured datacenters; and

Carrying out identity-assurance procedures before we reveal personal information to you.

7. Accessing Your Personal Information

Under the APPs, you are typically entitled to any personal information we hold about you, subject to certain exceptions as therein set out. You may have the ability to view or edit some of your personal information on-line, using methods that will require you to utilise your credentials. The appropriate methods for accessing your personal information will depend on which sites and services you have used. In cases that you do not know how to access information by those methods, or that data is not normally accessible on-line, you are able to access that information through alternative means of access; if you wish to do so, please write us at privacy@cloudloop.com.au, and we will contact you within 30 days regarding your request.

You also have specific rights under the APPs to assure the accuracy of the data we hold about you. If you believe any personal data we hold about you may be inaccurate, please write us at privacy@cloudloop.com.au, and we will contact you within 30 days regarding your request.

8. Accuracy of Personal Information

CloudLoop endeavours to maintain a high standard of records, including the accurancy and completeness of client’s information. CloudLoop may contact its clients to ensure that their records are up to date. If your details have changed, kindly notify CloudLoop.

9. International (Cross-border) Data Flows

Personal and other information collected by CloudLoop may be stored and processed in countries other than Australia, in which CloudLoop or its affiliates, subsidiaries, agents or suppliers maintain facilities. Any cross-border data flows are made in compliance with Australian Privacy Principle 8. Moreover, CloudLoop maintains a policy of obtaining and enforcing, wherever practicable, a comprehensive agreement from any non-Australian affiliates, subsidiaries, agents or suppliers who may have access to personal information. This agreement ensures that the aforesaid entities: are aware of the APPs; are aware of this policy; and will uphold both the APPs and this policy to the maximum extent possible.

Although CloudLoop is based in Alexandria, New South Wales, Australia, we also have international subsidiary companies and/or contractors with offices operating in:

• Phillipines • India

Any information which you supply to CloudLoop or any of its international subsidiaries or contractors may be shared within the internal company group, but only in a manner consistent with this Privacy Policy.

10. Use of Cookies

CloudLoop web sites sometimes utilise “cookies” to enable you to log into our services, and/or to help personalise your on-line experience. A cookie is a small text file that is placed on your computer by a web server. Cookies contain information that is later read by a web server in the same domain that issued the cookie to you. Cookies cannot be used to run programs, deliver viruses, or carry-out any malicious tasks on your computer.

We utilise cookies to store your preferences and other information on your computer, for your convenience (i.e. to save time by avoiding, for example, the need to repeatedly enter commonly- provided data or your credentials). We may also sometimes utilise cookies to customise the display of information in terms of showing personalised content or appropriate advertising on your later visits to our websites.

Other cookies may be used to manage “sessions,” for example to assist our web server software and e-commerce packages in tracking your progress through some portions of our website (i.e. when ordering products or services).

You typically have the ability to accept or decline our cookies. Most web browsers will automatically accept cookies, but you can usually modify your web browser settings to decline cookies. Please be aware that if you choose to decline cookies, you may not be able to sign-in or use features of our websites or related systems that depend on cookies.

11. Privacy Policy Changes

CloudLoop reserves the right to alter and update this Privacy Policy at its sole discretion. It is recommended that you check this policy for updates on a regular basis. Use of the services provided by CloudLoop constitutes acceptance of this Privacy Policy.

To access or update your information, or if you have any queries, please contact CloudLoop directly.

12. Privacy Practices and our Privacy Officer

If you require any additional information about this policy or its implementation, or if you have a complaint regarding privacy-related issues at CloudLoop, please contact our Privacy Officer. You may do so using the following contact information:

E-mail: privacy@cloudloop.com.au
Telephone: +61 2 9060 0200

If we cannot resolve your concerns to your satisfaction within a reasonable time, you are entitled to lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

Information regarding this process is published by the OAIC here:

http://www.oaic.gov.au/privacy/privacy-complaints

13. Relevant Links

Privacy Act (1988): http://www.comlaw.gov.au/Series/C2004A03712
APP Fact Sheet: http://www.oaic.gov.au/images/documents/privacy/privacy-resources/privacy-fact-

sheets/privacy-fact-sheet-17-australian-privacy-principles_2.pdf
AuDA Privacy Policy: http://www.auda.org.au/assets/Policies/2014-01.pdf AuDA WHOIS Policy: http://www.auda.org.au/pdf/auda-2010-06.pdf