New
Myst now supports SOA 12.2.1.4 for both On Premise and Cloud Service versions

Privacy Policy

Updated 20/11/2019
Download
Our Commitment to your Privacy

At MyST Software, we recognise the importance of your privacy and understand your concerns about the security of the Personal Information you provide to Us. We comply with the Australian Privacy Principles (APPs) as contained in the Privacy Act 1988 (Cth). The APPs detail how Personal Information may be collected, used, disclosed, stored and destroyed, and how an individual may gain access to or make complaints about the Personal Information held about them.

In this Privacy Policy:

  • "MyST Software" means both MyST Software Pty Ltd ACN 634 424 990 and Rubicon Red Pty Ltd ACN 634 424 132.
  • “Personal Information” is information or an opinion about an identified individual, or about an individual who is reasonably identifiable.
  • “Sensitive Information”, a sub-set of Personal Information, is information or an opinion about an individual’s racial or ethnic origin, political opinions, political association membership, religious beliefs or affiliations, philosophical beliefs, professional or trade association membership, trade union membership, sexual orientation or practices or criminal record, and includes health information and genetic information.

So that you may understand how MyST Software deals with your Personal Information, we have set out how and why we collect, hold, use, manage and disclose Personal Information in this Privacy Policy.

We will update this Privacy Policy from time to time at Our discretion, so you should visit Our website regularly to see the latest copy of the Privacy Policy.

This Privacy Policy binds all the companies in the Rubicon Red group, including Our related and affiliated companies. We may use any of Our group companies to assist Us perform Our business activities and functions, and this Privacy Policy should be interpreted so that “We/Us/Our” includes any of Our group companies. These group companies include:

  • Rubicon Red Consulting Services Pty Ltd (ACN 138 910 371);
  • Rubicon Red International Pty Ltd (ACN 167 809 770);
  • Rubicon Red Asset Management Pty Ltd (ACN 163 068 362);
  • Rubicon Red LLC;
  • Rubicon Red Software India Private Limited.

Our MyST Software's business activities and functions include:

  • promoting, offering, selling and performing professional services, including consulting, advice and training;
  • promoting, offering, selling and performing managed services;
  • promoting, offering, licensing and providing support for, software products and software as a service offerings;
  • business activities related to any of these activities.
What Personal Information do we Collect and Hold?

The kinds of Personal Information we collect from you or about you depend on the transaction you have entered into with us, the products and services you or your organisation have contracted us to provide, and the products and services you or your organisation are interested in. The kinds of Personal Information that we commonly collect and hold from you or about you include:

  • your name, date of birth and relationship to other individuals (e.g. record of next of kin or emergency contact);
  • your address, phone number, fax number, email address, Skype address and other addresses/contact details/identifiers used in electronic communications or business cards;
  • voicemail recordings left in MyST Software's phone system and images that individuals have made publicly available or provided to us;
  • video and sound recordings from our security systems;
  • demographic information such as postcode, preferences or interests;
  • information about the products or services that you purchase or consider purchasing from MyST Software, its suppliers or business associates;
  • information about enquiries made to MyST Software, our suppliers or business associates;
  • information you provide when you raise a support enquiry or when MyST Software is working with you to resolve a technical or administrative query;
  • information that you provide in response to market research, surveys or competitions that are conducted by or for MyST Software;
  • information that is provided in respect of employment, contract work, work experience or similar, whether solicited or unsolicited;
  • credit card or details of other payment methods used on MyST Software's website or to purchase our products and services.

Generally, we do not collect or hold Sensitive Information. However, we may collect Sensitive Information from you or about you:

  • where there is a legal requirement to do so;
  • 2.2.2 where the Sensitive Information is directly linked to the individual’s employment records and MyST Software's collection, holding and use is permitted by the law for the purpose managing the individual’s employment record;
  • where Sensitive Information is provided to MyST Software in connection with the individual seeking employment, contract work, work experience or similar, whether solicited or unsolicited;
  • where we are otherwise permitted by law; or
  • where we have sought your specific consent.
How do we Collect and Hold Personal Information?

We aim to collect Personal Information only directly from you, unless it is unreasonable or impracticable for us to do so. We may collect Personal Information from you in a number of ways, including:

  • through MyST Software's website;
  • through communications with you, including letters, emails, telephone calls, voicemail recordings, facsimiles, surveys, competitions and via social media applications;
    through communications with others;
  • in the course of providing our products and services to you, including providing support through our support service;
  • in the course of our business functions and activities.

Your Personal Information is stored electronically, on paper, or both. We have physical, electronic and procedural safeguards in place and take reasonable steps to ensure that your information is protected from misuse, interference and loss, and from unauthorised access, modification and disclosure. Where your information is stored electronically, it is protected through the restriction of role based access control, user authentication and authorisation

We otherwise hold your Personal Information in other systems that we use in connection with the MyST Software business, some of which may be owned and operated by our suppliers.

You can be anonymous or use a pseudonym when dealing with us, unless the use of your true identity is a legal requirement or it is impracticable for us to deal with you on such basis.

If you elect not to provide us with your Personal Information, then we may not be able to provide you with the information, products, services or support that you may want.

In some instances we may also receive information about you from third parties, including unsolicited Personal Information in the course of our business. We will deal with this information received from third parties, including unsolicited Personal Information, in accordance with or permitted by law.

The Purposes for which we use Personal Information

We will primarily collect, hold, use and disclose your Personal Information where it is reasonably necessary for us to:

  • carry out our business activities and functions;
  • allow MyST Software's technical support personnel to provide assistance to you (or your employer), if needed in connection with any of our professional services, managed services, software or software as a service;
  • facilitate transactions between you (or other people who you are acting for) and MyST Software or between you (or other people who you are acting for) and other people and organisations who are accessible via our website or other electronic means;
  • facilitate payment for the purchase of products or services through our website or otherwise. In this case you will be directed to (or MyST Software may use to facilitate the transaction) a third party website (a secure internet payment gateway) approved by the relevant financial institution to enter your credit/debit/charge card or other payment mechanism details. This third party may in turn integrate the payment software with a third party payment application provider who assists in managing the payment transaction;
  • perform any of the features on our website, e.g. conducting surveys, market research, mail outs, competitions, using social media or providing information online;
    conduct surveys, market research, mail and competitions offline;
  • directly market to you, to improve the quality of our website, our products and services;
  • develop or add additional products and services from MyST Software or organisations that are accessible via our website;
  • undertake training and quality assurance;
  • conduct administrative purposes;
  • allow MyST Software's technical support personnel to manage our infrastructure, systems, databases other applications or tools;
  • undertake a statistical analysis of the usage of our website or applications or tools that are accessed via the website;
  • comply with applicable laws, including relevant privacy legislation.

We may also use your Personal Information for related purposes which you would reasonably expect, such as providing you with details about other services offered by us, as well as any promotions or offers that may be of interest to you. You can opt out of receiving offers or information at any time by notifying us. Opt out procedures are also included on all of our marketing and promotional communications.

In some cases we may disclose your Personal Information to third parties, such as contractors who assist us to provide you with our products and services. We will ensure that third parties to whom we disclose, are bound by confidentiality and non-disclosure agreements, if they are not otherwise required to adhere to the Privacy Act.

We may also disclose your Personal Information where we have sought your consent or in accordance with the Privacy Act or any other legislation. Otherwise, we may also disclose your Personal Information to third parties (including government departments and enforcement bodies) where required or permitted by law.

If we use a third party source to obtain Personal Information about you for the purpose of direct marketing to you, you may request that we disclose the source of that information. We will respond to any request made under this clause within a reasonable period and at no cost to you.

Destruction and de-identification

MyST Software will retain your Personal Information whilst it is required for any of our business functions, or for any other lawful purpose.

We will take reasonable steps and use secure methods to destroy or de-identify Personal Information that is no longer required for any purpose for which the Personal Information may be used under this Privacy Policy in accordance with the Privacy Act.

Disclosure of Personal Information Overseas

MyST Software works closely with its offices located in the United States of America and India. In the course of doing business with you, we may disclose some of your Personal Information to these overseas entities associated with us. However, we will only do so where:

  • we have a group company assisting us with our business activities and functions;
  • we have a supplier assisting us with providing assistance with our business activities and functions. We often have no control over where these suppliers hold or process their data and it is impractical for us to be able to advise you of the countries where the Personal Information may be held or processed;
  • our website, or any hosting service we use to support our managed services, software or software as a service, is hosted by us or a third party, and the hosting facilities and/or the back-up/disaster recovery sites are located overseas. We have no control over where these third party providers host the website and it is impractical for us to be able to advise you of the countries where the Personal Information may be held or processed;
  • a third party application is being used in connection with our interactions with you, e.g. when we use email or Skype the third party providers of the relevant application have their applications hosted overseas. We have no control over where these third party providers host their applications and it is impractical for us to be able to advise you of the countries where the Personal Information may be held or processed; and
  • you have provided consent; or
  • we believe on reasonable grounds that the overseas recipient is required to deal with your Personal Information by enforceable laws which are similar to the requirements under the Privacy Act; or
  • it is otherwise permitted by law.
Data Breaches

In Australia, if we suspect that a data breach has occurred, we will undertake an assessment into the circumstances of the suspected breach within 30 days after the suspected breach has occurred.

Where it is ascertained that a breach has actually occurred and where required by law, we will notify the Privacy Commissioner and affected individuals as soon as practicable after becoming aware that a data breach has occurred.

Use of Social Media

Our website uses social media includes blogs, Twitter feeds, and links to other social media platforms including but not limited to Facebook, LinkedIn and Twitter.

The nature of social media is that these applications actively enable exchange and disclosure of any information, whether personal or otherwise, that is included within those applications. All information, including Personal Information that you enter in those applications may be used, stored, handled and disclosed in any way that is consistent with the privacy policies of the relevant applications, if any.

All information that is posted in a blog, twitter feed or other social media in connection with a social media platform should be considered as public information that may be used, copied and adapted by any person for any means and should not be posted unless you are prepared to specifically state what restrictions on use there may be with that information or are prepared to accept that it may be used, copied, adapted, stored, handled and disclosed to any other person in any way.

Cookies, Metadata and Site Data Activity

A cookie is a small piece of computer code which remains on your computer and contains information which helps MyST Software identify your browser.

When you visit our website and applications and tools on it, the cookie records the authentication to allow your user id to login. We use the information gathered by cookies to identify your web browser so that when you log in on the next occasion, your use of the website and other applications and tools on it is easier and faster because the website has remembered your details.

If you do not want MyST Software to use cookies then you can easily stop them, or be notified when they are being used, by adopting the appropriate settings on your browser. If you do not allow cookies to be used some or all of the website or other applications or tools on it might not be accessible to you.

Sometimes information that you upload is provided with associated metadata. If you do not want MyST Software to use this metadata, you must remove it before uploading it onto the our website and other applications and tools.

We may collect data that is associated with your visit, including the pages your visit, the activities you do, the preferences you make, the applications and tools you use and the purchases you make and the competitions you enter etc. We may also collect information relating to the computer, mobile phone or other device including the device type, the browser, location, IP address and search words used. We may collect, use, disclose and store this information in any of the ways set out in this Privacy Policy.

Links to other Websites and Applications

Our website includes links to other websites, applications and tools that are not owned or operated by MyST Software.

We are not responsible for the content of those websites, applications or tools, nor for any products, services or information contained in them or offered through them.

You should review the privacy policies and terms and conditions of use of those websites, applications and tools when you visit them. We do not endorse, recommend, condone or represent the companies or any content on any third party linked website and may terminate the link or linking program at any time.

How to Access and Seek Correction of Your Personal Information

In most cases, you will be able to gain access to Personal Information held about you by us. We may provide you with this information verbally or in writing, as may be appropriate. Where we do not agree to provide you with details of Personal Information we will give you written reasons for our decision.

If you want to find out what Personal Information we hold on you or you believe any of your Personal Information that is held by us is inaccurate, out of date, incomplete, irrelevant or misleading or it is not necessary for us to continue to hold it, you can contact us, and we will either provide you with access to the Personal Information (in so far as we are required to do so by law,) or we will correct it, as applicable, within a reasonable period.

We may make a reasonable charge for giving you access to your Personal Information, but we will not charge for you making the request, correcting Personal Information or making a statement as to why we are not correcting your Personal Information. You can contact us by:

  • emailing info@rubiconred.com; or
  • using the contact us web form on our website.

Complaints and Concerns

We have procedures in place for dealing with your complaints and concerns about our practices in relation to the Privacy Act, and any alleged breach of this Policy. We will respond to your complaint in accordance with the relevant provisions of the APPs.

If you wish to complain about a breach of any Privacy Principle that binds us, a registered privacy code that binds us or this Privacy Policy you should contact Us by:

  • emailing info@rubiconred.com; or
  • using the contact us web form on our website.

We will attempt to resolve your complaint to your satisfaction. If you are not satisfied with how we deal with your complaint you may have the right to contact the relevant regulatory body.

In compliance with the US-EU Safe Harbour Framework, MyST Software has agreed to co-operate with the EU Data Protection Authorities and comply with their advice where they take the view that we need to take specific action to comply with the US-EU Safe Harbour Framework, for any disputes that involve Personal Information received by MyST Software that cannot be resolved between MyST Software and the relevant individual. MyST Software has also agreed to provide the Data Protection Authorities with written confirmation that it has taken any such action.

Changes to this Privacy Statement

It may be necessary for us to review and revise our Privacy Policy from time to time. An amended version will be posted on our website at www.myst.rubiconred.com. We suggest that you visit our website regularly to keep up to date with any changes.

How to Contact Us
Privacy Officer
MyST Software
Suite 3, Level 3
340 Adelaide Street
Brisbane QLD 4000 Australia
Phone: 1300 799 959
Email: info@rubiconred.com

Have a question about our Privacy? Get in touch