Privacy Policy

POLITIC understands that data privacy is important, particularly in relation to how personal data is used. We are committed to protecting and respecting data privacy in compliance with the various jurisdictions where business is conducted, including but not limited to:

  1. 1988 Privacy Act (Australia)
  2. 2021 UK General Data Protection Regulations (GDPR)
  3. 2018 EU GDPR and
  4. PIPEDA Canada’s Personal Information Protection and Electronic Documents Act
  5. Legislation in all other relevant jurisdictions.

This Privacy Policy explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure. This Privacy Policy applies to the use of our products and to our sales, marketing and customer contract fulfillment activities.

Please read this Privacy Policy carefully and ensure that you understand it.

Who are we?

POLITIC is a digital marketing agency assisting our clients with digital campaigns. Our company’s headquarters is located in Brisbane, Queensland, Australia, and our subsidiary companies are based in the United Kingdom, the United States of America and Singapore.

POLITIC is the data controller and our Data Protection Officer can be contacted by email: hello@politic.com.au

When do we collect and process personal data about you?

When you are providing personal data in our campaigns.

  • When you interact with us in person, through correspondence, by phone, by social media, or through our websites. This also includes when you interact with us as a representative of a company, such as entering into a contract with us, contacting us for support or other issues. Note that we do not transfer personal data from social media without explicit consent from the user.
  • When we collect personal information from other legitimate sources, such as third-party data aggregators, POLITIC marketing partners, public sources or social networks. We only use this data if you have given your consent to them to share your personal data with others.
  • We may collect personal data if it is considered to be of legitimate interest, and if this interest is not overridden by your privacy interests. Before data is collected we make sure an assessment is made, ensuring that there is an established mutual interest between you and POLITIC.

Why do we collect and use personal data?

We collect and use personal data mainly to provide information about our campaigns, gather support in relation to our campaigns, donor support for our campaigns, direct marketing and customer service. We also collect data about suppliers, partners and persons seeking a job or working in our company.

We may use your information for the following purposes:

  • Predicting whether you would be interested in, and contacting you about, donating a particular amount of money to campaigns based on any previous donations you made.
  • Predicting whether you would be interested in, and contacting you about, donating to support a particular campaign because you signed a petition or took some other action concerning that campaign.
  • Analysing the operation of our website and analysing your website behaviour to improve the website and its usefulness.
  • Send you marketing communications which you have requested. These may include information about our, and our charity partner’s campaigns, products and services, events, activities, and promotions of our associated partners’ products and services. This communication requires your consent.
  • Follow up on incoming requests (customer support, emails, chats, or phone calls).
  • Notify you about any disruptions to our services (system messages).

Our legal basis for collecting personal data

Collecting personal data based on consent

The collection of personal data based on consent from the data subject will be done by using “Consent Forms” that will store documentation related to the consent given by the individual. Individual consents will always be stored and documented in our systems. We may send digital marketing to persons which have consented, such as marketing per email, sms or phone.

Collecting personal data based on contracts

We use personal information for fulfilling our obligations related to contracts and agreements with customers, partners and suppliers

Collecting personal data based on legitimate interest

We may use personal data if it is considered to be of legitimate interest, and if the privacy interests of the data subjects do not override this interest. Normally, to establish the legal basis for data collection, an assessment has been made during which a mutual interest between POLITIC and the individual person has been identified. This legal basis is primarily related to our marketing purposes, and we may send information on products and services to our customers based on legitimate interest. We will always inform individuals about their privacy rights and the purpose of collecting personal data.

What type of personal data is collected?

We collect names, phone numbers, postcodes and email addresses. We may also collect feedback, comments and questions received from you in service-related communication and activities, such as phone calls and emails. From our website we may collect IP-address and actions taken on the site.

POLITIC does not collect or process any special categories of personal data, such as public unique identifiers or sensitive personal data.

How long do we keep your personal data?

We store personal data for as long as we find it necessary to fulfil the purpose for which the personal data was collected, while also considering our need to answer your queries or resolve possible problems, to comply with legal requirements under applicable laws, to attend to any legal claims/complaints, and for safeguarding purposes.

This means that we may retain your personal data for a reasonable period of time after your last interaction with us. When the personal data that we have collected is no longer required, we will delete it in a secure manner. We may process data for statistical purposes, but in such cases, data will be anonymised.

Your rights to your personal data

You have the following rights with respect to your personal data:

  • The right to request a copy of your personal data that POLITIC holds about you.
  • The right to request that POLITIC corrects your personal data if inaccurate or out of date.
  • The right to request that your personal data is deleted when it is no longer necessary for POLITIC to retain such data.
  • The right to withdraw any consent to personal data processing at any time. For example, your consent to receive e-marketing communications:
  • If you want to withdraw your consent to e-marketing, please make use of the link to manage your subscriptions included in our communication. Please note that you may still receive system messages and administrative communications from POLITIC, such as order confirmations, system messages and notifications about your account activities.
  • The right to request that POLITIC provides you with your personal data and, if possible, to pass on this information directly (in a portable format) to another data controller when the processing is based on consent or contract.
  • The right to request a restriction on further data processing, in case there is a dispute in relation to the accuracy or processing of your personal data.
  • The right to object to the processing of personal data, in case data processing has been based on legitimate interest and/or direct marketing.

Any query about your Privacy Rights should be sent to hello@politic.com.au

How we protect your personal data

Our products are built with strong security features that continuously protect your information. And if we do detect something risky that we think you should know about, we’ll notify you and help guide you through steps to stay better protected.

We work hard to protect you from unauthorised access, alteration, disclosure, or destruction of information we hold, including:

  • We use encryption to keep your data private while in transit
  • We review our information collection, storage, and processing practices, to prevent unauthorised access to our systems
  • We restrict access to personal information to POLITIC employees, contractors, and agents who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations.

Data breaches

Definitions: Data breaches include both confirmed and suspected incidents.

An incident includes but is not restricted to, the following:

  • Loss or theft of confidential or sensitive data;
  • Unauthorised use of, access to or modification of data or information systems;
  • Human error.

Containment and Recovery: We will firstly determine if the breach is still occurring. If so, the appropriate steps will be taken immediately to minimise the effect of the breach.

The DPO will establish who may need to be notified as part of the initial containment and will inform the police, where appropriate.

Investigation and Risk Assessment: An investigation will be undertaken by us as soon as reasonably possible when the breach is discovered / reported.

The investigation will need to take into account the following:

  • the type of data involved;
  • its sensitivity;
  • the protections are in place (e.g. encryptions);
  • what has happened to the data (e.g. has it been lost or stolen);
  • the data subject(s) affected by the breach, the number of individuals involved and the potential
  • effects on those data subject(s);
  • whether there are wider consequences to the breach.

Notification: Every incident will be assessed on a case-by-case basis; however, the following will need to be considered:

  • whether the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms.
  • whether notification would assist the individual(s) affected (e.g. could they act on the information to mitigate risks?);
  • whether notification would help prevent the unauthorised or unlawful use of personal data;
  • whether there are any legal/contractual notification requirements;

Not every incident warrants notification.

Individuals whose personal data has been affected by the incident, and where it has been considered likely to result in a high risk of adversely affecting that individual’s rights and freedoms, will be informed without undue delay. Notification will include a description of how and when the breach occurred and the data involved. Specific and clear advice will be given on what they can do to protect themselves and include what action has already been taken to mitigate the risks.

The use of cookies

We use cookies to collect information as you navigate the company’s website. Website Navigational Information includes standard information from your web browser, such as browser type and browser language; your Internet Protocol (“IP”) address; and the actions you take on the company’s websites, such as the web pages viewed and the links clicked.

This information is used to make websites work more efficiently, as well as to provide business and marketing information to the owners of the site, and to gather such personal data as browser type and operating system, referring page, path through site, domain of ISP, etc. for the purposes of understanding how visitors use a website. Cookies and similar technologies help us tailor our website to your personal needs, as well as to detect and prevent security threats and abuse. If used alone, cookies do not personally identify you.

If you want to withdraw your acceptance of cookies on our websites, you can go to your web browser and deactivate it.

Tracking: To offer a better customer experience to the people visiting our website, POLITIC uses a number of marketing tools. They allow us to analyze aggregated data, such as visitors’ scrolling patterns or clicks, in order to determine which pages result in the best actions. However, POLITIC does not use your personally identifiable information by employing any of these marketing tools. We use Google Analytics as the third-party service provider: Privacy Policy.

Remarketing: POLITIC uses remarketing tracking cookies and conversion pixels from Facebook in order to present you with information about campaigns you have opted into. This may result in you seeing an ad to support one of our campaigns after you have visited our website. Moreover, POLITC also creates custom audiences based on emails of subscribers to present information about our campaigns via social media. However, POLITC does not use your personally identifiable information by employing any of the remarketing services, other than to present you special offers from us. When using remarketing, some personal data to identify the user, such as name, email and/or phone number, may be transferred to the provider of the advertising or a social media network (such as Facebook). POLITIC uses retargeting to both exclude individual persons from retargeting (such as existing supporters of our charity partners) and to include individual persons (such as potential new supporters of POLITIC or our charity partners).

We use the following third-party service providers for remarketing (see more below under “Use of sub-contractors”):

Facebook: Opt-out of Facebook remarketing here

You can find more information on how to administer cookies in your browser here: http://www.aboutcookies.org.uk/managing-cookies

Do we share your data with anyone?

We may share your data with:

Third party organisations and charities where you have signed a petition they have partnered with us on or where you have signed a petition on a relevant cause that they campaign about.

Third-party Service Providers working on our behalf:

We may pass your information on to our distributors, agents, sub-contractors and other associated organisations with the purpose of them providing services to you on our behalf.

If required by law:

We will disclose your personal information if required by law or if we, as a company, reasonably believe that disclosure is necessary to protect our company’s rights and/or to comply with a judicial proceeding, court order or legal process. However, we will do what we can to ensure that your privacy rights continue to be protected.

Use of sub-contractors (processors and sub-processors)

We may use sub-contractors to process personal data on our behalf, and are responsible for making sure they commit themselves to adhere to this Privacy Policy and applicable data protection legislation by signing a Data Processing Agreement.

If the sub-contractor processes Personal Data outside the UK area, such processing must be in accordance with the UK GDPR , EU Standard Contractual Clauses for transfer to third countries, or another specifically stated lawful basis for the transfer of personal data to a third country.

Changes to this Privacy Policy

POLITIC reserves the right to amend this Privacy Policy at any time. The applicable version will always be found on our websites. We encourage you to check this Privacy Statement occasionally to ensure that you are happy with any changes.

If we make changes that significantly alter our privacy practices, we will notify you by email or post a notice on our websites prior to the change taking effect.

Your right to complain to a supervisory authority

If you are unhappy with the way in which your personal data has been processed, you may, in the first instance, contact hello@politic.com.au

If you remain dissatisfied, then you have the right to apply directly to your national supervisory authority for a decision.