Unbound Systems Privacy Policy
This Privacy Policy explains how Aluminium Industries of Australia Pty Ltd (ABN 38 072 558 500), trading as Unbound Systems ("Unbound Systems", "we", "us" or "our") collects, uses, discloses, stores and protects personal information.
This policy applies to:
- our websites (including www.unboundsystems.com.au and related pages); and
- our software products and services (including Unbound CRM, Customer Hub and related modules), whether hosted by us or deployed on-premise for customers (the "Services").
1) Key privacy roles (Customer vs Unbound Systems)
Unbound Systems provides business software used by organisations to manage their customers, contacts, sales and related activities. When a customer uses the Services, personal information may be uploaded or generated within the Services.
For Customer Data entered into the Services by a customer or their users, the customer is typically the "controller" and Unbound Systems acts as a "processor" (or equivalent roles under applicable privacy laws), handling that data on the customer's instructions and to provide the Services.
For our own business activities (sales, marketing, billing, account management, supplier management and operating our website), Unbound Systems acts as a controller of personal information we collect directly.
If you are an individual whose personal information is held within a customer's Unbound Systems account and you want to exercise privacy rights in relation to that information, we may need to refer you to the relevant customer (as they control that data).
2) Personal information we collect
The personal information we collect depends on how you interact with us.
(a) Website and marketing interactions
- name, email address, phone number, company name, job title;
- information you submit via forms (demo requests, webinar registrations, downloads, enquiries);
- preferences (e.g., communication preferences); and
- website usage data (e.g., IP address, browser type, pages visited, referring pages, approximate location inferred from IP).
(b) Customer / account administration
- account owner/admin details;
- user login identifiers (e.g., name, work email, role, permissions);
- billing and transaction information (e.g., invoicing contact, company address, tax details, payment status);
- support interactions (e.g., support tickets, call notes, emails).
(c) Data processed inside the Services (Customer Data)
Customers may input business-related information such as:
- contact names, business email addresses, business phone numbers, addresses and roles;
- customer/prospect records, interactions and activities;
- sales and service records; and
- documents or files uploaded by users (where enabled).
Unbound Systems generally does not decide what a customer uploads; customers control the content and scope of Customer Data.
(d) Usage and analytics data
We may collect Usage Data about how the Services are used (e.g., feature usage, session activity, performance and diagnostic logs) to operate, secure and improve the Services.
3) How we collect personal information
- directly from you (e.g., when you submit forms, request support, register for a webinar, or use the Services);
- automatically (e.g., cookies and similar technologies on our website; logs generated by use of the Services); and
- from third parties (e.g., authorised resellers/partners, event organisers, public sources, or lead providers), where permitted by law.
4) How we use personal information
(a) To provide and operate the Services
- provision accounts and access for authorised users;
- host and operate the Services;
- provide customer support and respond to enquiries;
- manage subscriptions, renewals, and billing.
(b) To improve and secure the Services
- monitor performance, reliability and security;
- troubleshoot issues and maintain business continuity;
- develop and improve functionality and user experience.
We implement security measures designed to protect Customer Data, including encryption in transit and at rest, access controls, monitoring, and business continuity processes.
(c) Marketing and relationship management
- send product updates, newsletters, event/webinar information, and similar communications where permitted;
- personalise communications and understand engagement.
You can opt out of marketing communications at any time by contacting us.
(d) Compliance and legal
- comply with applicable laws and regulatory obligations;
- prevent fraud and misuse; and
- enforce our agreements.
5) Legal bases (where GDPR / UK GDPR applies)
Where the GDPR or UK GDPR applies to our processing of your personal information, we rely on one or more of the following legal bases:
- performance of a contract;
- legitimate interests;
- consent (where required); and/or
- legal obligations.
6) How we share personal information
We do not sell personal information.
We may share personal information with:
- service providers that help us operate and deliver the Services;
- Microsoft Azure and infrastructure providers;
- partners/resellers where applicable (e.g., where you are introduced to us through a partner);
- professional advisers (e.g., lawyers, auditors, accountants); and
- authorities where required or permitted by law.
7) International transfers
The Services are hosted on Microsoft Azure. Customer Data may be stored in a specific Data Region if agreed, and some operational access (e.g., for support or maintenance) may occur from other locations. Where personal information is transferred internationally, we take steps to ensure appropriate safeguards are in place as required by applicable law.
8) Data retention
We keep personal information only for as long as needed for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. When personal information is no longer needed, we take reasonable steps to destroy or de-identify it.
9) Security
We maintain technical and organisational measures designed to protect personal information against unauthorised access, alteration, disclosure or destruction. These include encryption in transit and at rest, access controls, and monitoring.
No method of transmission or storage is completely secure.
10) Your rights
Depending on your location and applicable law, you may have the right to:
- request access to your personal information;
- request correction of inaccurate information;
- request deletion of your personal information;
- object to or request restriction of processing; and
- request portability of your personal information (where applicable).
To exercise any of these rights, please contact us using the details in Section 14. If you are an individual whose data is held within a customer's account, we may need to refer your request to that customer.
11) Cookies
We use cookies and similar technologies on our website to operate core functionality, analyse usage, and improve performance. You may be able to control cookie settings through your browser or any cookie preference tool we make available. Some cookies are essential for the website to function correctly.
12) Children
Our Services are intended for business use and are not directed to children. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us and we will take steps to delete it.
13) Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this policy. We encourage you to review this policy periodically.
14) Contact
Unbound Systems
Aluminium Industries of Australia Pty Ltd (ABN 38 072 558 500)
160 Ordish Road, Dandenong South VIC 3175, Australia
Email: support@unboundsystems.com.au
Phone: (+61) 3 9798 4433