Welcome to the OpenSC Privacy Policy. We are committed to protecting the privacy of your personal information while using the website and services. This Privacy Policy (the “Policy”) explains how OpenSC (collectively “OpenSC”, “we”, “us”, or “our”) is processing your personal information when you access the website available at www.opensc.org (the “Site”) or our subdomains, the integrated contact form or make use of the services offered as part of the OpenSC portal. For convenience, the Site and our services are collectively referred to as the “Service”.
By partnering with us as a client, or visiting the Site as a consumer and/or otherwise using the OpenSC Services, you confirm that you accept this Privacy Policy and that you agree to comply with it.
OpenSC has its legal entity registered at the following address:
OpenSC Pty Ltd
1/80 George Street, The Rocks
NSW, AUSTRALIA 2000
You can reach our DPO at: dpo@opensc.org
In providing our website and services, we process personal data from a variety of sources for a variety of purposes.
On the one hand, it is data that we process automatically for technical reasons when each visitor accesses the website or services, regardless of whether that visitor uses our services, contacts us or not.
On the other hand, we only process certain data if you decide to contact us or use certain functions of the website or services offered through it. We may also process personal data provided to us by third parties.
Finally, we also process your data for marketing purposes in connection with our business relationship or if you have expressly consented to this in advance. You have the right to object to this processing or to withdraw your consent at any time. For more information have a closer look at “Your choices and rights”.
When you visit our Site, we automatically collect aggregate information about your use of our site such as the IP address of the requesting device; data and time of access; the length of time that you are logged into or using our Site; name and URL of the retrieved file; the website from which access is made (referrer URL); the website to which you go after leaving our Site; browser type; device type; the operating system type, name, and version; and the links you click on our Site.
Aggregate Information is data we collect about a group of users, from which individual identities have been removed. In other words, information about how you use the Site, or the result of such use, may be collected and combined with similar information from others, but no personal information will be included in the resulting aggregate data. Aggregate data helps us to better understand our user population such as what features of the Site are most popular to our visitors, trends, and user needs so that we can better consider new services, enhance our Site and tailor existing services to customer desires.
We process this data to enable you to use the Services and to ensure the functionality of the Services. We may process data to analyze the performance of our services, to continuously improve and to correct errors or to personalize the content of our Services for you. However, mainly, we process this data to ensure IT security and the operation of our systems and to prevent or detect misuse, in particular fraud. The legal basis for the processing of this data is Article 6 (1) lit. f) GDPR, the protection and functionality of our Services are legitimate interests in this sense.We also process this data for internal business and compliance purposes, which include analytics and our core operational activities.
The legal basis for the processing of this data is Article 6 (1) lit. f) GDPR and constitutes our legitimate interest to facilitate and enable us to fulfil our internal business purposes, and to protect our legal rights and interests.
Cookies and Similar Technologies: We also use cookies and similar technologies to automatically process usage data for these purposes. For more information about cookies and their use on the Site, please see the information about “Information on cookies and other technologies” at the end of this Privacy Policy.
In addition to the aggregated information, we process about all visitors to the Site and users of our services, we process personal information about you when you actively provide it to us voluntarily in connection with our services, for example, by using our contact form, creating an account to access certain information or features, or registering for information, updates or newsletters. The personal information we collect includes your first and last name and your email address. You may also choose to provide additional optional information such as your contact number and the name of the company you work for.
In most cases, we obtain personal information as it relates to our current or prospective clients and business partners.
In the case that we receive personal information, we use this information only in ways related to the purpose for which it was collected, such as to provide customer support, respond to questions, respond to recruitment inquiries and facilitate registration for OpenSC Services where applicable.
We also use your personal information to communicate with you through one of our partners for marketing, research, surveys, and promotional purposes.
The data processing is carried out at your request and is necessary for the fulfilment of the contract and pre-contractual measures in accordance with Art. 6 (1) lit. b) GDPR for the stated purposes.
We may also disclose your data to third parties if this is necessary to fulfil our contractual obligations, if you request it or if we are legally obliged to do so, and in rare cases also to assert our legal claims or to defend against legal disputes. In these cases, the legal basis is either a legal obligation (Art. 6 (1) lit. c) GDPR) or our legitimate interests, Art. 6 (1) lit. f) GDPR.
If you have expressly consented in accordance with Art. 6 (1) lit. a) GDPR, we will process the data you provide during registration in order to send you our newsletter, information or updates on a regular basis. Where our use of your Personal Information is based upon your consent, you have the right to change your mind and withdraw it at any time, though this will not affect any processing that has already taken place. You must notify us of your withdrawal of consent by contacting us at contact@opensc.org, however, in the case of withdrawal where we are using your information because we have a legitimate interest to do so, in some cases, this may result in no longer being able to use the Services.
If you ask to hear from us or request information from us, we may send periodic informational emails to you. You may opt-out of such communications by following the opt-out instructions contained in the email. Please note that due to our legal interest in Art. 6 (1) lit. f) GDPR, if you opt out of receiving emails about recommendations or other information we think may be of interest to you, we may still send you emails about services you have requested or received from us.
As part of the Service, OpenSC enables you to register for a restricted password area where relevant information such as our analysis can be provided to and accessed by you.
In this context, we process access data, subsequent information in connection with your company, as well as information on your authorizations. To complete registration, it is necessary to select a personal password. In conjunction with your email address (collectively, "access data"), this allows you to login to your OpenSC user account after the account is activated via authorisation by your employer or your customer as our contractual partners. For more information about the account activation please contact OpenSC.
The processing of personal data in connection with the provision of the OpenSC portal by us is necessary for the fulfilment of contractual obligations with you based on our legitimate economic interests, Article 6 (1) lit. b) and lit. f) of the GDPR.
At times, we may also obtain personal data from third party services. We may allow you to sign in to our Services using third-party accounts such as Google, LinkedIn, or Facebook accounts. When you log in through such third-party accounts, we ask you to grant us permission to access and use certain information from these accounts, including your name, email address, and public profile information. Please note, any third-party social networking or other site controls the information it collects from you and what information is disclosed to third-parties.
The following links will show you exactly which data is collected by our other sources and how you can exercise your data subject rights in connection with the user insights:
Google Privacy Policy
LinkedIn Privacy Policy
Meta Privacy Policy
OpenSC uses this information in connection with operating the Service and other purposes outlined below, and to enforce our rights and resolve disputes. We may use your information for the following purposes:
The information you provide allows us to provide and improve our website and associated services. For example, it enables us to authenticate you when you log into your account or send us an inquiry, and perform technical operations such as updating software and resolving technical issues you encounter. Where you use OpenSC services, we may combine information about you and your activities to provide an integrated experience.
Please see “Your Choices and Rights” for more information on how to change your communications preferences.
We use the information you provide to us via the Site contact form to respond to your queries and concerns.
In principle, we will only contact you when you have first contacted us. This may be to respond to your questions, to respond to recruitment inquiries, if you have signed up to receive promotional communications, newsletters, and other information that may be of specific interest to you, and in relation to a contract or project. In addition, we will send you technical notices, updates, and security alerts as required by law.
Please see “Your Choices and Rights” for more information on how to change your communications preferences.
To protect the safety, rights, property, or security of OpenSC and its Services. This includes to detect, prevent, or address fraud, security and technical issues, to prevent or stop activity that we consider to be or to pose a risk of being an illegal, unethical, or legally actionable activity, to use as evidence in litigation, and to enforce this Policy.
To comply with applicable legal or regulatory obligations, including judicial proceeding, as part of an audit function, to respond to a subpoena, warrant, court order, or other legal processes, or as part of law enforcement or a governmental investigation/request whether formal or informal.
We may share information with third parties that help us operate, provide, and support our Services. OpenSC will not sell, rent, share, or otherwise disclose the personal information you provide or we collect through your use of the services to any unaffiliated organisation without your permission.
We may share the information you provide through our Site to our service providers and others who perform services and functions on our behalf. This includes functions such as website hosting, data storage, or other services of an administrative or technical nature, solely for the purpose of providing such services.
Our Website is hosted by Amazon Web Services (AWS), 410 Terry Avenue North, Seattle, WA 98109-5210, USA. For this reason, the data that we collect from you and process is stored by AWS. AWS is processing you personal data as data processors. This means they are only allowed to process your personal data under our instructions and have no claims whatsoever to process your personal data for their own, independent purposes. Our processors are strictly monitored and we only engage processors who meet our high data protection standards.
We only share non-personal information (aggregated information) with third-party analytics providers such as Google Analytics to monitor, analyse and understand usage and activity trends and for other research, analytical and statistical purposes. For more information see the end of this Policy under “Information on cookies and other technologies”.
The Site includes links that direct you to other websites or services whose privacy practices may differ from ours. Please be aware that your activities and any information you submit on these third-party sites is governed by their privacy policies.
We will only share information about you with third parties when you provide us with consent to do so. For example, we only display personal testimonials of satisfied customers with consent, and would therefore ask for your permission to post this on our website.
We may disclose your information to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; in response to a subpoena, warrant, court order or other legal processes or for tax purposes; or as part of an investigation or request, whether formal or informal, from law enforcement or a government official.
California residents who provide us with their personal information are entitled to request and obtain from us, once per calendar year, certain information about how we have shared their personal information (if any) to third parties for their own direct marketing use, over the preceding 12 months. If you are a California resident and would like to make such a request, please submit your request in writing by emailing us at contact@opensc.org using the subject line “California Privacy Request”. In your request, please attest to the fact that you are a California resident and provide a current California address. We will reply to valid requests by sending a response to the email address from which you submitted your request.
The OpenSC office is currently based in NSW, Australia. However, as we grow, we may expand our operations in multiple countries. Therefore, your personal information may be transferred to countries other than the country in which the information was originally collected, and where privacy laws may not be as protective as those in your jurisdiction. OpenSC will ensure any transfer of your personal information is compliant with the APP regulations.
We do not transfer your personal data to countries outside the EEA without implementing appropriate safeguards. However, there is a remaining risk that authorities may gain access to personal data. As an EU citizen you may not have effective legal protection against this in the third country or the EU.
When data is transferred to third countries, we ensure that either
*Guarantees according to Article 46 of the GDPR may be so-called Standard Contractual Clauses, as implemented by the European Commission on 4 June 2021, available here: Standard contractual clauses for international transfers (europa.eu). In these standard contractual clauses, the recipient assures to sufficiently protect the data and thus to guarantee a level of protection comparable to the GDPR.
OpenSC has put into place security measures in an effort to protect Personal Information from loss, misuse, or alteration while it is under our control. We use technical, contractual, administrative, and physical measures in an effort to protect against unauthorised access. We limit access to your personal data to those who have a genuine business to need to know it. Those processing your information will do so only in an authorised manner. Please note, however, that security breaches can occur even if reasonable steps are taken to prevent such breaches and therefore we cannot guarantee the security of your data transmitted to the website. In the case of a suspected breach, OpenSC has procedures in place to deal with such issues and we will notify you of a suspected data breach where OpenSC is legally required to do so.
We store Personal Information only as long as we are required to do so in order to provide our service and the processing purpose is not eliminated and there are no objections. Personal Information and log file data will be stored and retained for 3 months. After this deadline, the corresponding data will be routinely deleted or permanently de-identified, if it is no longer needed for the purpose for which it was obtained.
You have certain choices and rights regarding your personal information. Please note that some of the following rights may not be applicable to your situation:
If you have any further privacy concerns or if you wish to exercise your rights regarding your personal information, please contact our customer support team by email at contact@opensc.org.
Please note that we may also retain certain information about you as required by law or as permitted by law for legitimate business purposes.
You must be 18 years of age or older in order to use the Service. OpenSC is concerned about the safety and privacy of children online. Our Services are not targeted to children under eighteen (18) years of age and we do not knowingly collect Personal Information from children under 18. If we discover that a child under 18 has provided us with Personal Information, we will promptly delete such Personal Information from our systems.
This Privacy Policy is currently valid as of 10 July 2023. As a result of further developments of our website and services, as well as any changed legal or official requirements, it may be necessary to change this Policy, so please check back periodically. You can determine whether this Policy has been modified since your last visit by checking the “Last Updated” legend at the top of the Policy. We will post any changes to this Policy on our Site, and will take steps to notify you of material changes, such as via email or prominent notice on the Services.
If you have questions about this Policy or the privacy aspects of our Services, please submit our contact form.
In order to design, improve and personalise our services and to optimise the display of advertising, we evaluate the behaviour of certain users on a pseudonymous basis during use. We do this through the use of “Cookies” and other similar technologies.
What are Cookies? Cookies are small text files containing information that are stored on your access device. They are usually used to associate a user with a particular action or preference on a website, but do not identify the user as a person or reveal their identity. Cookies are not automatically good or bad, but it is worth understanding what you can do about them and making your own choices about your information.
In addition to cookies, we use other technologies to track users. These include pixel tags (also known as "web beacons", "GIFs" or "bugs").
What are pixel tags? Pixel tags are transparent, single-pixel images placed on a web page. They track, for example, whether a particular area of the website has been clicked on. When triggered, the pixel tag logs a user interaction and may read or set cookies. Because pixels often rely on cookies to work, turning off cookies may interfere with their operation. However, even if you turn off cookies, pixels can still recognize a website visit. Pixels send your IP address, the referrer URL of the website you visited, the time you viewed the pixel, the browser you are using, and any cookie information that was previously set to a web server. This enables us to measure reach and other statistical analyses that help us to optimize our services.
One of the purposes of using these technologies is to make your use of our site more convenient. For example, we use session cookies to recognize that you have already visited individual pages of our site, that you have already logged into your user account or to display your shopping basket. These are automatically deleted when you leave our site.
We also use temporary cookies to improve the user experience, which are stored on your device for a fixed period. If you visit our site again to use our services, it will automatically recognize that you have been to our site before and what entries and settings you have made, so that you do not have to enter them again. The data processed by these cookies are necessary for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Article 6 (1) lit. f) of the GDPR.
On the other hand, we use these technologies - subject to your consent - to statistically record the use of our website and to evaluate it for the purpose of optimizing our services as well as to provide you with advertising on third party websites. This requires that you have previously given us your consent according to § 25 TTDSG and Article 6 (1) lit. a) of the GDPR via the cookie management tool. You can withdraw your consent at any time with effect for the future via the cookie management tool. You can access the tool at any time via the "Cookie Settings" button at the bottom of the website to review and adjust your consent settings.
Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC., for the purpose of designing and continuously optimising our Site. In this context, pseudonymised usage profiles are created and cookies are used. The information generated by the cookie about your use of this website includes:
In addition, our website uses third party cookies from Google Analytics for Display Advertisers, including the following features:
Cookies are used to analyse your use of our website and to serve ads outside of our website. The information we collect and share with third parties through cookies is aggregated and therefore anonymous (it does not include personal information which is likely to identify you). The information may be used to serve you ads in relation to our products when you visit third party websites. You can access information about Google's Privacy Policy here.
All information is transmitted and stored on Google servers in the US. For the US, there is a European Commission adequacy decision (EU/US Privacy Shield) under which Google is certified. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and tailor-made website design. This information may also be transferred to third- parties if required by law or if third- parties process this data in the order. Under no circumstances will your IP address be merged with any other data provided by Google. The IP addresses are anonymised so that an assignment is not possible (IP masking).
You can prevent the installation of cookies by setting the browser software accordingly; however, we point out that in this case not all features of this website may be fully exploited. In addition, you may prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on. Since tracking at Google Analytics is cross-device. You may need to declare your objection on all systems used so that no cross-device assignment of your use to the created user ID takes place. For information on how to disable tracking, please refer to this link - https://developers.google.com/analytics/devguides/collection/gajs/?hl=de#disable
For further information about privacy related to Google Analytics, see the Google Analytics Help Centre and/or visit https://www.google.com.au/analytics/terms/us.html