Privacy Policy of idcare.org

Idcare.org collects some Personal Data from its Users.

Personal Data collected for the following purposes and using the following services:

    • Analytics

      • Google Analytics and HubSpot Analytics

        Personal Data: Cookies; Usage Data

    • Connecting Data

      • Zapier

        Personal Data: company name; email address; first name; phone number

    • Contacting the User

      • Contact form

        Personal Data: company name; country; email address; first name; phone number; ZIP/Postal code

      • Mailing list or newsletter

        Personal Data: company name; Cookies; country; email address; first name; phone number; ZIP/Postal code

      • Integration of Freshsales with Freshchat and/or Freshdesk

        Personal Data: company name; email address; first name; geography/region; phone number

      • Phone contact

        Personal Data: phone number

    • Content commenting

      • Facebook Comments

        Personal Data: Cookies; Usage Data

    • Displaying content from external platforms

      • Adobe Fonts and Google Fonts

        Personal Data: Usage Data; various types of Data as specified in the privacy policy of the service

      • YouTube video widget and Google Site Search

        Personal Data: Cookies; Usage Data

      • Font Awesome

        Personal Data: Usage Data

    • Handling payments

      • Stripe and PayPal

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Hosting and backend infrastructure

      • Microsoft Azure and Amazon Web Services (AWS)

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Interaction with data collection platforms and other third parties

      • Mailchimp widget

        Personal Data: Cookies; email address; first name; phone number

    • Interaction with external social networks and platforms

      • Facebook Like button and social widgets, Twitter Tweet button and social widgets and LinkedIn button and social widgets

        Personal Data: Cookies; Usage Data

      • YouTube button and social widgets

        Personal Data: Usage Data

    • Managing contacts and sending messages

      • Mailchimp

        Personal Data: company name; Cookies; country; email address; first name; phone number; various types of Data

      • HubSpot Email

        Personal Data: email address; Usage Data

    • Managing landing and invitation pages

      • Mailchimp Landing Page

        Personal Data: company name; email address; first name; phone number

    • Managing support and contact requests

      • Case Management

    • Platform services and hosting

      • Webflow

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Registration and authentication provided directly by idcare.org

      • Direct registration

        Personal Data: company name; country; email address; first name; phone number; state; username; ZIP/Postal code

    • SPAM protection

      • Google reCAPTCHA

        Personal Data: Cookies; Usage Data

    • Tag Management

      • Google Tag Manager

        Personal Data: Usage Data

    • Traffic optimization and distribution

      • Cloudflare

        Personal Data: Cookies; various types of Data as specified in the privacy policy of the service

    • User database management

      • Freshsales and HubSpot Lead Management

        Personal Data: various types of Data as specified in the privacy policy of the service

      • Client Portal

      • HubSpot CRM

        Personal Data: email address; phone number; various types of Data as specified in the privacy policy of the service

Further information about Personal Data

    • Technical Network and device remediation services and “eDiscovery”

      Some of the services we provide individuals and organisations involve technical network and device remediation support. In other words, if a computer or business computer network has been impacted by a cybercrime, we can help and deliver services to fix this (this is called network and device remediation). These Services are subject to separate Terms & Conditions, which are also consistent where privacy is concerned with the provisions of this Policy. Such services may collect the following attributes:·

      Device security settings;·
      Application security settings (such as email and social media);·
      Device identification / serial numbers;·
      Browser security settings and usage;·
      Anti-virus and anti-malware.
      We also provide a unique service identifier and may provide a Certificate of Completion. These, along with the attributes collected, may be shared with third-parties that have;

      requested IDCARE perform these services for the individual or organisation on their behalf; and/or
      would benefit from being informed about new malware, application or related service delivery vulnerabilities.

    • Identity Protection and alerting services

      Third-parties may search against IDCARE’s verification holdings where agreements are in place between IDCARE and the third party and such searching is conducted in a manner consistent with this Privacy Policy and the Terms & Conditions of any relevant IDCARE service the individual has provided consent to use. Specifically searching by third-parties occurs where the information retained by IDCARE may assist with the investigation by third-parties of alleged indicatable offences (Cwth,States and Territory) or in the case of New Zealand, a Category 3 offence as defined by the Criminal Procedure Act 2011 (NZ). Access is provided on the basis that the subscribing organisation is seeking to detect and/or confirm that an indictable offence may have occurred, including fraud, identity crime and cybercrime related offences.

    • Collection and usage of facial imagery

      IDCARE captures facial imagery as part of the verification process because the very nature of most identity theft reported by clients to IDCARE involves the compromise of common identity credential information (such as driver licences and passports). Therefore, the collection of facial imagery is an important addition to the verification process and is matched against third-party templates in a manner that does not involve the retention by that third-party of the templated biometric (ie. the measure of an individual’s face). We do this level of verification to reduce risks relating to criminals impersonating identity theft victims in order to access further information about their victim via IDCARE services(something we know impacts other organisations). This information is collected where individuals provide consent for IDCARE to act on their behalf to protect and respond to the theft of their identity information.

      Verification involves requesting of third parties whether the biometric template IDCARE has collected about a person is consistent with the biometric template and the related personally identifiable information that is held by the third-party (such as name, date of birth, driver licence or passport number and address). Third parties that may receive such requests from IDCARE include Government identity credential issuers, financial institutions, telecommunications providers, and digital identity issuers and verifiers. IDCARE may deny access to specific services or request an individual to provide alternative information to assist the verification assessment if inconsistencies are found and cannot be resolved.

    • Cost recovered services

      Services that are cost recovered are subject to their own Terms & Conditions consistent, where privacy is concerned, with this Policy. Cost recovered services may be delivered solely by IDCARE or in conjunction with a third party, and requires such users to make payment and provide personally identifiable information to IDCARE in order for IDCARE to perform this service, such as name, contact details, and payment information.Payment is made via a third-party payment processing platform. 128-bit encryption is used in the processing of such payments and at no point does IDCARE collect, store or share such payment information. Users of this service must agree to the terms and conditions of the third-party payment platform including their own Privacy Policy (a relevant link has been provided on this payment gateway).

    • Selling goods and services online

      The Personal Data collected are used to provide the User with services or to sell goods, including payment and possible delivery.
      The Personal Data collected to complete the payment may include the credit card, the bank account used for the transfer, or any other means of payment envisaged. The kind of Data collected by idcare.org depends on the payment system used.

    • Push notifications for direct marketing

      Idcare.org may send push notifications to the User for the purpose of direct marketing (to propose services and products provided by third parties or unrelated to the product or service provided by idcare.org).

      Users may in most cases opt-out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then changing those settings for idcare.org or all of the apps on the particular device.

      Users must be aware that disabling push notifications may negatively affect the utility of idcare.org.

      Besides applicable device settings, the User may also make use of the rights described under User rights in the relevant section of this privacy policy.

    • Push notifications based on the User's geographic location

      Idcare.org may use the User's geographic location to send push notifications for the purposes outlined in this privacy policy.

      Users may in most cases opt-out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then changing those settings for some or all of the apps on the particular device.

      Users must be aware that disabling push notifications may negatively affect the utility of idcare.org.

    • Push notifications

      Idcare.org may send push notifications to the User to achieve the purposes outlined in this privacy policy.

      Users may in most cases opt-out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then change those settings for idcare.org, some or all of the apps on the particular device.
      Users must be aware that disabling push notifications may negatively affect the utility of idcare.org.

    • Analysis and predictions based on the User’s Data (“profiling”)

      The Owner may use the Personal and Usage Data collected through idcare.org to create or update User profiles. This type of Data processing allows the Owner to evaluate User choices, preferences and behaviour for the purposes outlined in the respective section of this document.
      User profiles can also be created through the use of automated tools like algorithms, which can also be provided by third parties. To find out more about the profiling activities performed, Users can check the relevant sections of this document.
      The User always has a right to object to this kind of profiling activity. To find out more about the User's rights and how to exercise them, the User is invited to consult the section of this document outlining the rights of the User.

    • CCPA: Collection of personal information about consumers aged 13 to 16

      We collect personal information of consumers between the age of 13 and 16 and won't sell their data unless those consumers have opted-in.

    • CCPA: Collection of personal information about consumers below the age of 13

      We collect personal information of consumers below the age of 13 and won't sell their data unless their parents or guardians have opted-in on behalf of those minors.

    • CCPA: Collection of personal information about minors

      We do not knowingly collect personal information of consumers who are below the age of 16.

    • Personal Data collected through sources other than the User

      The Owner of idcare.org may have legitimately collected Personal Data relating to Users without their knowledge by reusing or sourcing them from third parties on the grounds mentioned in the section specifying the legal basis of processing.
      Where the Owner has collected Personal Data in such a manner, Users may find specific information regarding the source within the relevant sections of this document or by contacting the Owner.

Contact information

    • Owner and Data Controller

      Identity Care Australia & New Zealand Ltd (IDCARE), PO Box 412 Caloundra, QLD, 4551

      Owner contact email: privacy@idcare.org