Privacy Policy

 

1.               General

1.1              This is the privacy policy governs the way Arresti VPN™ Pty Ltd ACN 658 736 559 (Arresti VPN, we, us) handles personal information. It applies to all personal information we collect in connection with the Arresti VPN software-as-a-service platform (Platform), via our website (www.arresti.com) and the Arresti VPN mobile applications (Arresti VPN Applications).

1.2             The privacy of our Platform users is of the upmost importance to us. We have a strict log-free policy which ensures that none of your activity or connection data whilst using the Arresti VPN Applications will be stored in our system (Log-Free Policy).

2.               Purpose

2.1              We comply with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs), which regulate how we may collect, use, disclose and store personal information. ‘Personal information’ is information or an opinion about you (whether true or not) that identifies you or from which your identity is reasonably identifiable. It does not include data where the identity has been removed and it is not possible to connect the data to the individual.

2.2             The purpose of this privacy policy is to keep you informed of the ways we gather, manage, store, disclose and protect your personal information and help you to understand your rights (and our obligations) under the Privacy Act.

3.               Changes to this privacy policy

3.1              We may change this privacy policy from time to time. The updated privacy policy will be posted on the Website with the date of the update shown.

3.2             We encourage you to periodically review this privacy policy to stay informed about how we collect, handle, store and share your personal information.

4.               What personal information do we collect?

4.1              We collect limited personal information that we reasonably need for our business functions and activities, which primarily involve providing our Platform to our subscribers. In line with our Log-Free Policy, we will not store any of your activity or connection data whilst using the Arresti VPN Applications.

4.2             The personal information that we will collect from you will only be the information that you provide to us directly, such as your email address when you create an account on our Platform, any personal information (including your name and email address) you send us when making an enquiry or complaint or any data you otherwise explicitly permit for us to collect.

5.               How we collect information about you

5.1              The personal information we collect about users of our Platform is very limited. We will generally only collect personal information that you provide to us directly, such as:

  • when you subscribe to our Platform we will collect your email address so that we can set up your account and administer our dealings with you;
  • when you provide us with personal information when communicating with us via telephone, email, or the Platform;
  • when you send us an enquiry through our Website that contains your personal information; or
  • when you explicitly permit us to track your interactions with our Website.

5.2             We delegate the processing of payments to use a trusted third party gateway, such as Stripe, to process payments for your use of the Platform. We will not access, collect or store your credit card or payment details.

5.3             If we collect personal information about you from a third party we will, where appropriate, request that the third party take reasonable steps to inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.

6.              Unsolicited information

6.1             If we receive personal information about you that we have not requested, and if we determine that we could not have lawfully collected that information under the Privacy Act if we had requested it, we will destroy or de-identify the information (if it is lawful and reasonable to do so). If we collect your personal information in an unsolicited manner, we will take reasonable steps to inform you of such collection and also how we use, disclose and secure your personal information. Such reasonable steps may include referring you to this privacy policy.

7.               Do you have to provide us with your personal information?

7.1             You can deal with us anonymously (without giving us your name and contact details) or by using a pseudonym in some circumstances. We will generally not ask for identifying details unless we need those details in order to assist with your enquiry or respond to your request.

7.2            If you choose to deal with us anonymously or by using a nickname, there are some things we cannot do. For example, we may not be able to give you information about your dealings with us as a customer, supplier, or potential employee, or deal with a complaint.  To create an account on our Platform, you will need to provide us with your email address.

8.              Purpose for handling your personal information 

8.1           As a general rule, we only process personal information for purposes that would be considered relevant and reasonable in the circumstances. We may collect, hold, use and disclose your personal information for the purposes of:

  • providing the Platform and its functionality to you;
  • administering our dealings with you, including sending you renewal reminders, invoices, and marketing materials (if you opt in);
  • communicating with you and providing you with relevant information;
  • improve our product and service offering; and
  • otherwise managing our business.

8.2           The legal basis for collecting and using personal information will depend on the specific circumstances in which it is collected. However we will collect personal information from you as follows:

  • Consent: where you have given consent to Arresti VPN’s use of the personal information for one or more purposes;
  • Contract performance: it is necessary for the performance of a contract to which you are party (such as our Platform Terms of Use); or
  • Legal obligation: where we need to use your personal information to comply with a legal obligation (e.g. to defend and exercise legal claims).

8.3           For additional or specific information on our legal basis for processing your information, please contact our Privacy Officer using the contact details at the bottom of this Privacy Policy.

8.4           We may also use your personal information for activities in support of our primary business functions such as processing payments, administration, employment, management, marketing, contracting, IT, legal and customer support.

8.5           We will not use or disclose your personal information for any other purpose unless set out in this privacy policy, permitted under the Privacy Act, or you have otherwise consented to that use or disclosure.

9.              Who do we disclose your personal information to?

9.1           We will not share, sell or trade your personal information with any entity or person, except as set out in this policy or as permitted by the Privacy Act.

9.2           We may disclose your personal information to:

  • to our employees, contractors, and related entities, which provide support for our operations and services to you;
  • our service providers, including providers of accounting, auditing, legal, banking, payment, debt collection, delivery, data processing, data analysis, document management and technology services; and
  • government agencies for reporting and compliance purposes.

9.3           If we disclose information to a third party, we generally require that the third party protect your information to the same extent that we do.

10.           Protection of your personal information 

10.1        We will hold personal information as either secure physical records, electronically on our intranet system, in cloud storage, and in some cases, records on third party servers, which may be located overseas. We maintain appropriate physical, procedural and technical security for our office and information storage facilities to prevent loss, misuse, unauthorised access, disclosure, or modification of personal information.

10.2        We have put in place procedures to deal with personal information breaches and will notify you and any applicable regulator of a breach where we are legally required to do so. We will destroy or de-identify your personal information once it is no longer needed for a valid purpose or required to be kept by law.

11.           Direct Marketing 

11.1        Like most businesses, marketing is important to our continued success. We may use personal information (such as the email address provided by you when you created an account) to provide you with information about our products and services that we consider may be of interest to you. You will have the option to opt in to receiving marketing information from us when creating your User Account.

11.2        You may opt out at any time if you no longer wish to receive marketing information from us. You can do this by contacting our Privacy Officer or by using the ‘unsubscribe’ function included in our marketing emails.

12.           Cookies

12.1        We may track your cookies when using our Website, but only if you opt-in when prompted to do so.

12.2        A cookie is a small text file stored in your computer’s memory or on your hard disk for a pre-defined period of time.  We use cookies to identify specific machines in order to collect aggregate information on how visitors are experiencing our website.  This information will help to better adapt our website to suit personal requirements.  While cookies allow a computer to be identified, they do not permit any reference to a specific individual.  For information on cookie settings of your internet browser, please refer to your browser’s manual.

13.           Overseas disclosures

13.1        We may disclose information to our related entities, who may be located in Australia, the United Arab Emirates and in other countries in which we do business. We may also subcontract certain activities and share your personal information with third parties located outside of these countries for the purposes described in this privacy policy. Such transfers are made in order to provide the services and carry out the activities specified in this privacy policy.

13.2        When we disclose information in accordance with this privacy policy, it may be accessed from, transferred to, and/or stored outside the country in which you are located. The privacy laws in that country may be of a lower standard than those in your own country. In these situations we may not be accountable for the actions of those recipients and you may have limited or no rights under the applicable privacy regime.

14.           Other privacy rights 

14.1        Subject to certain limitations and restrictions (e.g. depending on circumstances such as where you reside) you may have the right to exercise additional rights in relation to your personal information. These may include the right to:

  • request erasure of your personal information;
  • object to processing of your personal information;
  • request restriction of processing of your personal information;
  • transfer your personal information (i.e. the right to data portability);
  • not be subject to automatic decision making; and
  • withdraw consent.

14.2        If you wish to exercise or obtain details of any of the rights set out above, please contact our Privacy Officer via the contact details at the bottom of this privacy policy. The Privacy Officer may require further information in order to assess the applicability of the right to the relevant circumstances.

15.           Accessing and correcting your personal information 

15.1        You may contact our Privacy Officer using the contact details below to request access to, or a correction of, the personal information that we hold about you. We will deal with your request within a reasonable time. On the rare occasion that we refuse access, we will provide you with a written notice setting out the reasons for the refusal and the relevant provisions of the Privacy Act that we rely on to refuse access.  We will also provide you with avenues to complain about our refusal to provide you with access to the information.

15.2        We are not obliged to correct any of your personal information if we do not agree that it requires correction. If we refuse a correction request, we will provide you with a written notice with our reasons for refusing.  We may recover reasonable costs in relation to a request for access to personal information.

16.           Information retention 

17.           We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy and in each case in accordance with applicable legal and regulatory requirements in respect of permitted or required retention periods and limitation periods for taking legal action.

18.           Resolving personal information concerns

18.1        If you have any questions, concerns or complaints about this privacy policy, or how we handle your personal information, please contact our Privacy Officer using the contact details provided below.

Arresti VPN Pty Ltd
[email protected]

18.2        We take all complaints seriously and will respond to your complaint within a reasonable period. You may also lodge a complaint with the Office of the Australian Information Commissioner by telephone: 1300 363 992 or  by submitting an online enquiry form via the following link:  https://forms.business.gov.au/smartforms/servlet/SmartForm.html?formCode=APC_ENQ&tmFormVersion.

This privacy policy was last updated on 25 October 2024.