TGS Leadership Pty Ltd (ABN 78 649 058 499) ("we", "us" or the "Company") is committed to privacy protection. At https://thegreyscale.info ("this site"), we understand the importance of keeping personal information private and secure. This privacy policy ("Privacy Policy") describes generally how we manage personal information and safeguard privacy. If you would like more information, please don't hesitate to contact us.
This Privacy Policy forms part of, and is subject to the provisions of, our Website Terms of Use (https://thegreyscale.info/privacy).
The Australian Privacy Principles
We will treat all personal information in accordance with any and all obligations that are binding upon us under the Privacy Act 1988 (Cth) (“Privacy Act”). The Privacy Act lays down 13 key principles in relation to the collection and treatment of personal information, which are called the “Australian Privacy Principles”.
What is "personal information"?
Personal information held by the Company may include your:
- name and date of birth;
- residential and business postal addresses, telephone/mobile/fax numbers and email addresses;
- bank account and/or credit card details for agreed billing purposes;
- any information that you provided to us by you during your account creation process or added to your user profile;
- preferences and password for using this site and your computer and connection information; and
- any information that you otherwise share with us.
All purchases that are made through this site are processed securely and externally by Stripe. Unless you expressly consent otherwise, we do not see or have access to any personal information that you may provide to Stripe, other than information that is required in order to process your order and deliver your purchased items to you (eg, your name, email address and billing address).
How we may collect your personal information
At this site, we only collect personal information that is necessary for us to conduct our business as TGS Leadership Pty Ltd.
Information that you provide to usWe may collect personal information that you provide to us about yourself when you:
- Use this site, including (without limitation) when you:
- create a user account;
- add information to your user profile;
- purchase any services through this site;
- add reviews, forum or chat room messages or comments in any elements of this site that permit user-generated content;
- register for access to premium content or request certain premium features; or
- complete an online contact form to contact us;
- Provide information to us by telephone or through marketing or competition application forms; or
- Send us an email or other communication.
This site may also collect Internet Protocol (IP) addresses. IP addresses are assigned to computers on the internet to uniquely identify them within the global network. The Company collects and manages IP addresses as part of the service of providing internet session management and for security purposes. The Company may also collect and use web log, computer and connection information for security purposes and to help prevent and detect any misuse of, or fraudulent activities involving, this site.
Cookies
This site uses "cookies" to help personalise your online experience. A cookie is a text file or a packet of information that is placed on your hard disk by a web page server to identify and interact more effectively with your computer. There are two types of cookies that may be used at this site: a persistent cookie and a session cookie. A persistent cookie is entered by your web browser into the "Cookies" folder on your computer and remains in that folder after you close your browser, and may be used by your browser on subsequent visits to this site. A session cookie is held temporarily in your computer’s memory and disappears after you close your browser or shut down your computer. Cookies cannot be used to run programs. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. In some cases, cookies may collect and store personal information about you. The Company extends the same privacy protection to your personal information, whether gathered via cookies or from other sources.
You can configure your internet browser to accept all cookies, reject all cookies or notify you when a cookie is sent. Please refer to your internet browser’s instructions to learn more about these functions. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of this site.
Why we use cookiesThis site uses cookies in order to:
- remember your preferences for using this site;
- manage the signup process when you create an account with us;
- recognise you as logged in while you remain so. This avoids your having to log in again every time you visit a new page;
- facilitate e-commerce transactions, to ensure that your order is remembered between pages during the checkout process;
- show relevant notifications to you (eg, notifications that are relevant only to users who have, or have not, created an account or subscribed to newsletters or email or other subscription services); and
- remember details of data that you choose to submit to us (eg, through online contact forms or by way of comments, forum posts, chat room messages, reviews, ratings, etc).
Many of these cookies are removed or cleared when you log out but some may remain so that your preferences are remembered for future sessions.
Third party cookiesIn some cases, third parties may place cookies through this site. For example:
- Google Analytics, one of the most widespread and trusted website analytics solutions, may use cookies de-identified data about how long users spend on this site and the pages that they visit;
- Google AdSense, one of the most widespread and trusted website advertising solutions, may use cookies to serve more relevant advertisements across the web and limit the number of times that a particular advertisement is shown to you; and
- third party social media applications (eg, Facebook, Twitter, LinkedIn, Pinterest, YouTube, Instagram, etc) may use cookies in order to facilitate various social media buttons and/or plugins in this site.
How we may use your personal information
Your personal information may be used in order to:
- verify your identity;
- assist you to place orders through this site;
- process any purchases of services that you may make through this site, including charging, billing and collecting debts;
- make changes to your account;
- respond to any queries or feedback that you may have;
- conduct appropriate checks for credit-worthiness and for fraud;
- prevent and detect any misuse of, or fraudulent activities involving, this site;
- conduct research and development in respect of our services;
- gain an understanding of your information and communication needs or obtain your feedback or views about our services in order for us to improve them; and/or
- maintain and develop our business systems and infrastructure, including testing and upgrading of these systems,
and for any other purpose reasonably considered necessary or desirable by the Company in relation to the operation of our business.
From time to time we may email our customers with news, information and offers relating to our own services or those of selected partners. Your personal information may also be collected so that the Company can promote and market products and services to you. This is to keep you informed of products, services, and special offers we believe you will find valuable and may continue after you cease acquiring products and services from us. If you would prefer not to receive promotional or other material from us, please let us know and we will respect your request. You can unsubscribe from such communications at any time if you choose.
When we may disclose your personal information
In order to deliver the services you require or for the purposes set out above, the Company may disclose your personal information to organisations outside the Company. Your personal information may be disclosed to these organisations only in relation to this site, and the Company takes reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information. These organisations may carry out or provide:
- customer enquiries;
- mailing systems;
- billing and debt-recovery functions;
- information technology services;
- marketing, telemarketing and sales services;
- market research; and
- website usage analysis.
In addition, we may disclose your personal information to:
- your authorised representatives or legal advisers (when requested by you to do so);
- credit-reporting and fraud-checking agencies;
- credit providers (for credit-related purposes such as creditworthiness, credit rating, credit provision and financing);
- our professional advisers, including our accountants, auditors and lawyers;
- government and regulatory authorities and other organisations, as required or authorised by law;
- organisations who manage our business strategies, including those involved in a transfer/sale of all or part of our assets or business (including accounts and trade receivables) and those involved in managing our business risk and funding functions; and
- the police or other appropriate persons where your communication suggests possible illegal activity or harm to others.
Contacting us about privacy
If you would like more information about the way we manage personal information that we hold about you, or are concerned that we may have breached your privacy, please contact us by email or by post.
Access to your personal informationIn most cases, you may have access to personal information that we hold about you. We will handle requests for access to your personal information in accordance with the Australian Privacy Principles. All requests for access to your personal information must be directed to the Privacy Officer by email or by writing to us at our postal address. We will deal with all requests for access to personal information as quickly as possible. Requests for a large amount of information, or information that is not currently in use, may require further time before a response can be given. We may charge you a fee for access if a cost is incurred by us in order to retrieve your information, but in no case will we charge you a fee for your application for access.
In some cases, we may refuse to give you access to personal information that we hold about you. This may include circumstances where giving you access would:
- be unlawful (eg, where a record that contains personal information about you is subject to a claim for legal professional privilege by one of our contractual counterparties);
- have an unreasonable impact on another person’s privacy; or
- prejudice an investigation of unlawful activity.
We may also refuse access where the personal information relates to existing or anticipated legal proceedings, and the information would not be accessible by the process of discovery in those proceedings.
If we refuse to give you access, we will provide you with reasons for our refusal.
Correcting your personal informationWe will amend any personal information about you that is held by us and that is inaccurate, incomplete or out of date if you request us to do so. If we disagree with your view about the accuracy, completeness or currency of a record of your personal information that is held by us, and you ask us to associate with that record a statement that you have a contrary view, we will take reasonable steps to do so.
Storage and security of your personal information
We are committed to maintaining the confidentiality of the information that you provide us and we will take all reasonable precautions to protect your personal information from unauthorised use or alteration. In our business, personal information may be stored both electronically (on our computer systems and with our website hosting provider) and in hard-copy form. Firewalls, anti-virus software and email filters, as well as passwords, protect all of our electronic information. Likewise, we take all reasonable measures to ensure the security of hard-copy information.
Third party websites
You may click-through to third party websites from this site, in which case we recommend that you refer to the privacy statement of the websites you visit. This Privacy Policy applies to this site only and the Company assumes no responsibility for the content of any third party websites.
Re-marketingWe may use the Google AdWords and/or Facebook re-marketing services to advertise on third party websites to previous visitors to this site based upon their activity on this site. This allows us to tailor our marketing to better suit your needs and to only display advertisements that are relevant to you. Such advertising may be displayed on a Google search results page or a website in the Google Display Network or inside Facebook. Google and Facebook may use cookies and/or pixel tags to achieve this. Any data so collected by Google and/or Facebook will be used in accordance with their own respective privacy policies. None of your personal Google and/or Facebook information is reported to us.
You can set preferences for how Google advertises to you using the Google Ads Settings page (https://www.google.com/settings/ads). Facebook has enabled an AdChoices link that enables you to opt out of targeted advertising.
Changes to this Privacy Policy
From time to time, it may be necessary for us to revise this Privacy Policy. Any changes will be in accordance with any applicable requirements under the Privacy Act and the Australian Privacy Principles. We may notify you about changes to this Privacy Policy by posting an updated version on this site.
GDPR
The Company welcomes the General Data Protection Regulation (“GDPR”) of the European Union (“EU”) as an important step forward in streamlining data protection globally. We intend to comply with the data handling regime laid out in the GDPR in respect of any personal information of data subjects in the EU that we may obtain.
The requirements of the GDPR are broadly similar to those set out in the Privacy Act. Please see the GDPR addendum.
California Data Addendum
If you are based in California, you may have additional rights. Please see the California addendum.
If you require any further information about the Privacy Act and the Australian Privacy Principles, you can visit the Federal Privacy Commissioner’s website (see www.privacy.gov.au).
GDPR Privacy Addendum
This GDPR Privacy Addendum ("Addendum") is made part of and incorporated into the Privacy Policy Of TGS Leadership Pty Ltd and you ("Client" or "Data Subject"), collectively referred to as the "Parties." This Addendum outlines the obligations and responsibilities of the Parties with respect to the processing of Personal Data under the General Data Protection Regulation (EU) 2016/679 ("GDPR").
1.Definitions
For the purposes of this Addendum, the following definitions apply:
- Personal Data: Any information relating to an identified or identifiable natural person as defined in Article 4 of the GDPR.
- Data Subject: An identified or identifiable natural person to whom the Personal Data relates.
- Processing: Any operation or set of operations performed on Personal Data, whether or not by automated means, including but not limited to collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, or destruction.
- Controller: The entity that determines the purposes and means of the processing of Personal Data.
- Processor: The entity that processes Personal Data on behalf of the Controller.
2.Roles and Responsibilities
- Company as Controller: The Company shall act as a Data Controller when it determines the purposes and means of the Processing of Personal Data.
- Company as Processor: The Company shall act as a Data Processor when it processes Personal Data on behalf of the Client. In such cases, the Company shall only process Personal Data based on documented instructions from the Client, unless otherwise required by applicable law.
3.Lawful Basis for Processing
- The Company warrants that it will only process Personal Data where there is a lawful basis for doing so, in accordance with Article 6 of the GDPR. This may include the necessity of processing for the performance of a contract, compliance with a legal obligation, protection of vital interests, consent of the Data Subject, performance of a task carried out in the public interest, or legitimate interests pursued by the Company or a third party.
4.Data Subject Rights
- The Company shall assist the Client in ensuring that Data Subjects can exercise their rights under the GDPR, including the right to access, rectify, erase, restrict, or object to the processing of their Personal Data, as well as the right to data portability.
- The Company shall respond to any requests from Data Subjects to exercise their rights under the GDPR without undue delay and within the timeframes required by law.
5.Data Security
- The Company shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk associated with the processing of Personal Data, including measures to protect against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
- The Company shall promptly notify the Client of any personal data breach that may affect the Personal Data processed under this Addendum and shall provide reasonable assistance in managing and mitigating the breach.
6.Data Transfers
- The Company shall ensure that any transfer of Personal Data to a third country or an international organization is carried out in compliance with Chapter V of the GDPR. The Company shall not transfer Personal Data outside the European Economic Area (EEA) without the prior written consent of the Client and ensuring adequate safeguards are in place.
7.Sub-Processing
- The Company shall not engage any third-party processor (sub-processor) to process Personal Data on behalf of the Client without the prior written consent of the Client. The Company shall ensure that any sub-processor complies with the same data protection obligations as set out in this Addendum.
8.Data Retention and Deletion
- The Company shall retain Personal Data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable law. Upon termination of the [Agreement/Services] or upon the Client's request, the Company shall securely delete or return all Personal Data in its possession, except where retention is required by law.
9.Audit Rights
- The Client has the right to audit the Company’s compliance with this Addendum, including the security measures implemented to protect Personal Data. Such audits shall be conducted during normal business hours, with reasonable notice, and in a manner that does not disrupt the Company’s business operations.
10.Indemnification
- The Company agrees to indemnify and hold the Client harmless from any claims, damages, or penalties arising out of the Company's breach of its obligations under this Addendum or the GDPR.
11.Amendments
- This Addendum may be amended or modified only in writing signed by authorized representatives of both Parties.
12.Governing Law and Jurisdiction
- This Addendum shall be governed by and construed in accordance with the laws of New South Wales and any disputes arising under this Addendum shall be subject to the exclusive jurisdiction of the courts of New South Wales.
California Data Addendum
This California Data Addendum ("Addendum") forms part of the TGS Privacy Policy This Addendum reflects the Parties' commitment to comply with the California Consumer Privacy Act of 2018 ("CCPA") and the California Privacy Rights Act of 2020 ("CPRA") as applicable to the processing of Personal Information.
For the purposes of this Addendum, the following definitions apply:
- Personal Information: Information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Consumer or household, as defined in the CCPA/CPRA.
- Consumer: A natural person who is a California resident as defined under the CCPA/CPRA.
- Business: The entity that determines the purposes and means of the processing of Personal Information, as defined in the CCPA/CPRA.
- Service Provider: The entity that processes Personal Information on behalf of the Business and to which the Business discloses a Consumer's Personal Information for a business purpose pursuant to a written contract, as defined in the CCPA/CPRA.
- Sale: Selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating a Consumer's Personal Information to another business or a third party for monetary or other valuable consideration.
- The Company is a [Service Provider/Sub-Processor] for the Client, and the Client is a [Business/Controller]. The Company agrees to process Personal Information on behalf of the Client in accordance with the terms of this Addendum and the Agreement.
- The Client is responsible for ensuring that it has obtained all necessary consents and provided all required notices to Consumers regarding the collection, use, and disclosure of their Personal Information.
- The Company shall process Personal Information only for the specific purpose of performing the services outlined in the Agreement and in accordance with the Client's documented instructions.
- The Company shall not sell, retain, use, or disclose Personal Information for any purpose other than for the specific purpose of performing the services specified in the Agreement, or as otherwise permitted by the CCPA/CPRA. The Company shall not further collect, retain, use, or disclose Personal Information except as necessary to perform the services or as otherwise permitted by the CCPA/CPRA.
- The Company shall assist the Client in responding to verified Consumer requests made under the CCPA/CPRA, including requests to access, delete, correct, or opt out of the sale or sharing of Personal Information, and requests to limit the use of Sensitive Personal Information.
- Upon receiving a request directly from a Consumer regarding their Personal Information, the Company shall promptly notify the Client and shall not respond to the Consumer request unless expressly authorized by the Client.
- The Company shall implement and maintain reasonable and appropriate technical and organizational security measures to protect Personal Information against unauthorized or unlawful processing and against accidental loss, destruction, damage, or disclosure.
- The Company shall retain Personal Information only for as long as necessary to fulfill the purposes outlined in the Agreement, or as required by law. Upon termination of the Agreement, or upon the Client's written request, the Company shall securely delete or return all Personal Information in its possession, except where retention is required by law.
- The Company shall not engage any third party to process Personal Information on behalf of the Client without the Client's prior written consent. The Company shall ensure that any authorized sub-processor agrees in writing to the same restrictions and obligations that apply to the Company under this Addendum.
- The Company shall not transfer Personal Information outside of the United States without the prior written consent of the Client and ensuring that such transfer complies with applicable data protection laws.
- The Company shall not discriminate against any Consumer for exercising their rights under the CCPA/CPRA.
- The Company shall make available to the Client, upon request, all information necessary to demonstrate compliance with the obligations set forth in this Addendum and shall allow for and contribute to audits, including inspections, conducted by the Client or another auditor mandated by the Client.
- The Company agrees to indemnify, defend, and hold harmless the Client from and against any and all claims, damages, losses, or expenses arising out of or in connection with the Company's breach of its obligations under this Addendum or the CCPA/CPRA.
- This Addendum may be amended or modified only in writing signed by authorized representatives of both Parties. Any amendments required to comply with changes in the CCPA/CPRA or other applicable data protection laws will be made promptly upon the effective date of such changes.
- This Addendum shall be governed by and construed in accordance with the laws of the State of California, without regard to its conflict of law principles. Any disputes arising under this Addendum shall be subject to the exclusive jurisdiction of the courts of California.