Capitalised words and phrases are defined in the section of the document entitled "Definitions".

Provider means Informatio Pty Ltd (ACN 162 135 864) of New South Wales, Australia, contactable on pat@treescribe.com

Individual means individuals using the Services

1. Introduction

While providing the Services, Provider collects Personal Information about Individuals. This document describes how the Provider collects, stores, uses and discloses Personal Information.

Provider cannot reasonably provide the Service without processing Personal Information as contemplated by this document.

Specific information relevant to Individuals in the European Union is set out at the end of this policy.

2. Types of information collected

Provider may collect the following types of Personal Information about Individuals:

• names;
• addresses;
• email addresses;
• telephone numbers;
• dates of birth;
• computer device information;
• location information;
• IP addresses;
• details of products or services that Provider has provided to Individuals;
• records of, or notes on communications between Provider and Individuals; and
• whatever personal information is included in content Individuals posts on the Service or on the website of Provider.

Provider may collect the following additional types of Personal Information about Users:

• information about Users found on Users' publicly available social media pages, such as LinkedIn; and
• information about Users and Users' businesses posted on the websites of Users or Users' businesses.

3. How information is collected

Provider may collect Personal Information about Individuals using the following methods:

• from Provider's website;
• from Individuals' communications with Provider;
• automated analysis of Individuals' use of Provider's services;
• from job applications made to Provider;
• from Provider's app;
• from referrals by partner businesses; and
• through market research.

4. How information is held and secured

Provider may hold Personal Information about Individuals using digital storage.

Provider ensures that Personal Information is protected from unauthorised access by:

• SSL encryption;
• passwords;
• maintaining a high level of awareness of privacy among key personnel; and
• the use of reputable electronic infrastructure providers.

5. Deletion of Personal Information

Provider deletes Personal Information when:

• it is no longer needed by Provider; or
• Individuals request its deletion and it is reasonable to comply.

6. How Provider uses Personal Information

Provider may collect, use, hold and disclose Personal Information in order to:

• enable Individuals to use Provider's services;
• perform analysis of the typical use of the Service;
• ascertain the nature and needs of Users' businesses in order to improve the Service;
• communicate with Individuals;
• send marketing and promotional messages to Individuals who have joined Provider's mailing list;
• consider employment applications;
• comply with the law;
• enforce agreements with third parties; and
• process payments.

7. Disclosures of information

Provider may disclose Personal Information to:

• Provider's employees;
• professional advisors;
• third party service providers;
• payment systems operators;
• regulatory bodies, upon a lawful request for the information; and
• courts of law, upon a lawful court order.

8. Disclosing information internationally

Provider is an Australian company. Provider processes perosnal information in Australia and in the United Kingdom, but may disclose personal information to organisations outside of these countries such as:

• cloud storage providers located in the United States; and
• cloud storage providers located in Ireland; and
• service providers in Germany.

By registering for the Service, Individuals consent to the disclosure of their Personal Information to international recipients in accordance with this privacy policy.

Provider will make a good faith effort to ensure that international recipients deal with Personal Information in a way that is consistent with the Australian Privacy Principles, but:

• Individuals will not have the same rights in relation to recipients outside Australia as they would with Australian recipients; and
• Personal Information of European Union Individuals may not have same safeguards outside the European Union as it would within the European Union.

9. Privacy contact

Questions or complaints from Individuals relating to Provider's use of Personal Information should be directed to Provider's privacy officer, contactable via email at pat@treescribe.com.

When Individuals communicate a complaint to Provider, Provider will respond within 10 days, and seek to resolve the complaint entirely within 3 weeks if the nature of the complaint permits it.

Provider's privacy officer will make a reasonable effort to address complaints or questions of Individuals, and where the privacy officer is unable to do so, the privacy officer will attempt to explain why it is unable to do so.

If Individuals are unsatisfied with the outcome of the complaints process, Individuals may complain to the OAIC.

10. Accessing information

Under privacy law, Individuals have the right to contact the Provider to modify or obtain information held about them by the Provider.

11. Hosting personal information

The Service permits Individuals or Organisations to collect, store, process, or disclose Personal Information. It does so, for example, by:

• providing a tool or gateway for Individuals to collect, store, process or share information;
• providing a tool or gateway for Organisations to collect, store, process or share information; and
• allowing people to give credit card details to payment processors.

In these cases, the processing of Personal Information may occur without Provider's direct knowledge or control.

12. Changes to this policy

Provider reserves the right to make changes to this document in the future, either to comply with changes in Australian privacy law, or to reflect changing business practices. It is the responsibility of Individuals to regularly check this document for such changes.

13. European Union

Provider's service is available in the European Union, so Provider takes steps to comply with the GDPR. The information below covers key matters under the GDPR.

Lawful bases for processing Personal Information of Individuals in the European Union

Activity	Lawful basis	GDPR reference
Collection, use and disclosure of Users' information as described by this privacy policy	Necessary in order to provide the Service in accordance with the Service terms	Art 6(1)(b)
Mailing list	User consent	Art 6(1)(a)
International disclosures / processing	User consent	Art 6(1)(a)
Handling Personal Information of non-users whose details are included in agreements created by Users	Necessary in order to protect Users' vital interests in having effective contracts	Art 6(1)(d)

Consent and withdrawing consent

• Individuals in the European Union have a right to object, or withdraw their consent, to Provider's processing of Personal Information.
• To withdraw consent to Provider's processing of Personal Information to provide the Services, Individuals should follow the procedure set out under the heading, Close account on their profile page. This will result in the Individual's account being closed and all information on it being deleted.
• Individuals can unsubscribe from Provider's mailing list at any time.

Cookies

Provider's cookie policy is available via www.treescribe.com/signup

Definitions

GDPR

means the Regulation (EU) 2016/679 (General Data Protection Regulation)

Organisation, Organisations

means an organisation using the Services.

Personal Information

means any information that is categorised as "personal information" under privacy law.

Service, Services

means www.treescribe.com, a web-based application for creating legal agreements, and includes the landed pages at www.treescribe.com/signup.

User, Users

means Individuals with an account on the Service.